RubyGems - hrr_rb_ssh - Versions diffs - 0.3.0.pre1 → 0.4.2 - Mend

hrr_rb_ssh 0.3.0.pre1 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (139) hide show

data/lib/hrr_rb_ssh/authentication/method/keyboard_interactive/context.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 require 'hrr_rb_ssh/authentication/method/keyboard_interactive/info_request'
 require 'hrr_rb_ssh/authentication/method/keyboard_interactive/info_response'
@@ -10,24 +10,31 @@ module HrrRbSsh
     class Method
       class KeyboardInteractive
         class Context
+          include Loggable
           attr_reader \
             :username,
             :submethods,
-            :info_response
+            :info_response,
+            :variables,
+            :vars,
+            :authentication_methods
-          def initialize transport, username, submethods
+          def initialize transport, username, submethods, variables, authentication_methods, logger: nil
+            self.logger = logger
             @transport = transport
             @username = username
             @submethods = submethods
-            @logger = Logger.new self.class.name
+            @variables = variables
+            @vars = variables
+            @authentication_methods = authentication_methods
           end
           def info_request name, instruction, language_tag, prompts
-            @logger.info { "send userauth info request" }
-            @transport.send InfoRequest.new(name, instruction, language_tag, prompts).to_payload
-            @logger.info { "receive userauth info response" }
-            @info_response = InfoResponse.new @transport.receive
+            log_info { "send userauth info request" }
+            @transport.send InfoRequest.new(name, instruction, language_tag, prompts, logger: logger).to_payload
+            log_info { "receive userauth info response" }
+            @info_response = InfoResponse.new @transport.receive, logger: logger
           end
         end
       end

data/lib/hrr_rb_ssh/authentication/method/keyboard_interactive/info_request.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 require 'hrr_rb_ssh/message'
 module HrrRbSsh
@@ -9,13 +9,14 @@ module HrrRbSsh
     class Method
       class KeyboardInteractive
         class InfoRequest
-          def initialize name, instruction, language_tag, prompts
+          include Loggable
+          def initialize name, instruction, language_tag, prompts, logger: nil
+            self.logger = logger
             @name         = name
             @instruction  = instruction
             @language_tag = language_tag
             @prompts      = prompts
-            @logger = Logger.new self.class.name
           end
           def to_message
@@ -30,13 +31,13 @@ module HrrRbSsh
               [
                 [:"prompt[#{i+1}]", prompt],
                 [:"echo[#{i+1}]",   echo],
-              ].to_h
+              ].inject(Hash.new){ |h, (k, v)| h.update({k => v}) }
             }.inject(Hash.new){ |a, b| a.merge(b) }
             message.merge(message_prompts)
           end
           def to_payload
-            Message::SSH_MSG_USERAUTH_INFO_REQUEST.encode self.to_message
+            Message::SSH_MSG_USERAUTH_INFO_REQUEST.new(logger: logger).encode self.to_message
           end
         end
       end

data/lib/hrr_rb_ssh/authentication/method/keyboard_interactive/info_response.rb CHANGED Viewed

@@ -8,14 +8,17 @@ module HrrRbSsh
     class Method
       class KeyboardInteractive
         class InfoResponse
+          include Loggable
           attr_reader \
             :num_responses,
             :responses
-          def initialize payload
+          def initialize payload, logger: nil
+            self.logger = logger
             case payload[0,1].unpack("C")[0]
             when Message::SSH_MSG_USERAUTH_INFO_RESPONSE::VALUE
-              message = Message::SSH_MSG_USERAUTH_INFO_RESPONSE.decode payload
+              message = Message::SSH_MSG_USERAUTH_INFO_RESPONSE.new(logger: logger).decode payload
               @num_responses = message[:'num-responses']
               @responses = Array.new(message[:'num-responses']){ |i| message[:"response[#{i+1}]"] }
             else

data/lib/hrr_rb_ssh/authentication/method/none.rb CHANGED Viewed

@@ -1,26 +1,42 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Authentication
     class Method
       class None < Method
+        include Loggable
         NAME = 'none'
         PREFERENCE = 0
-        def initialize transport, options
-          @logger = Logger.new(self.class.name)
-          @authenticator = options.fetch( 'authentication_none_authenticator', Authenticator.new { false } )
+        def initialize transport, options, variables, authentication_methods, logger: nil
+          self.logger = logger
+          @transport = transport
+          @authenticator = options.fetch( 'authentication_none_authenticator', Authenticator.new{ false } )
+          @variables = variables
+          @authentication_methods = authentication_methods
         end
         def authenticate userauth_request_message
-          @logger.info { "authenticate" }
-          @logger.debug { "userauth request: " + userauth_request_message.inspect }
-          context = Context.new(userauth_request_message[:'user name'])
+          log_info { "authenticate" }
+          context = Context.new(userauth_request_message[:'user name'], @variables, @authentication_methods, logger: logger)
           @authenticator.authenticate context
         end
+        def request_authentication username, service_name
+          message = {
+            :'message number' => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
+            :"user name"      => username,
+            :"service name"   => service_name,
+            :"method name"    => NAME,
+          }
+          payload = Message::SSH_MSG_USERAUTH_REQUEST.new(logger: logger).encode message
+          @transport.send payload
+          payload = @transport.receive
+        end
       end
     end
   end

data/lib/hrr_rb_ssh/authentication/method/none/context.rb CHANGED Viewed

@@ -1,24 +1,32 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Authentication
     class Method
       class None
         class Context
-          attr_reader :username
+          include Loggable
-          def initialize username
-            @username = username
+          attr_reader \
+            :username,
+            :variables,
+            :vars,
+            :authentication_methods
-            @logger = Logger.new self.class.name
+          def initialize username, variables, authentication_methods, logger: nil
+            self.logger = logger
+            @username = username
+            @variables = variables
+            @vars = variables
+            @authentication_methods = authentication_methods
           end
           def verify username
-            @logger.info { "verify username" }
-            @logger.debug { "username is #{username}, @username is #{@username}" }
+            log_info { "verify username" }
+            log_debug { "username is #{username}, @username is #{@username}" }
             username == @username
           end
         end

data/lib/hrr_rb_ssh/authentication/method/password.rb CHANGED Viewed

@@ -1,28 +1,49 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Authentication
     class Method
       class Password < Method
+        include Loggable
         NAME = 'password'
         PREFERENCE = 10
-        def initialize transport, options
-          @logger = Logger.new(self.class.name)
-          @authenticator = options.fetch( 'authentication_password_authenticator', Authenticator.new { false } )
+        def initialize transport, options, variables, authentication_methods, logger: nil
+          self.logger = logger
+          @transport = transport
+          @authenticator = options.fetch( 'authentication_password_authenticator', Authenticator.new{ false } )
+          @options = options
+          @variables = variables
+          @authentication_methods = authentication_methods
         end
         def authenticate userauth_request_message
-          @logger.info { "authenticate" }
-          @logger.debug { "userauth request: " + userauth_request_message.inspect }
+          log_info { "authenticate" }
           username = userauth_request_message[:'user name']
           password = userauth_request_message[:'plaintext password']
-          context = Context.new(username, password)
+          context = Context.new(username, password, @variables, @authentication_methods, logger: logger)
           @authenticator.authenticate context
         end
+        def request_authentication username, service_name
+          password = @options['client_authentication_password']
+          message = {
+            :'message number'     => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
+            :"user name"          => username,
+            :"service name"       => service_name,
+            :"method name"        => NAME,
+            :"FALSE"              => false,
+            :"plaintext password" => password,
+          }
+          payload = Message::SSH_MSG_USERAUTH_REQUEST.new(logger: logger).encode message
+          @transport.send payload
+          payload = @transport.receive
+        end
       end
     end
   end

data/lib/hrr_rb_ssh/authentication/method/password/context.rb CHANGED Viewed

@@ -1,25 +1,34 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Authentication
     class Method
       class Password
         class Context
-          attr_reader :username, :password
+          include Loggable
-          def initialize username, password
+          attr_reader \
+            :username,
+            :password,
+            :variables,
+            :vars,
+            :authentication_methods
+          def initialize username, password, variables, authentication_methods, logger: nil
+            self.logger = logger
             @username = username
             @password = password
-            @logger = Logger.new self.class.name
+            @variables = variables
+            @vars = variables
+            @authentication_methods = authentication_methods
           end
           def verify username, password
-            @logger.info { "verify username and password" }
-            @logger.debug { "username is #{username}, @username is #{@username}, and password is #{password}, @password is #{@password}" }
+            log_info { "verify username and password" }
+            log_debug { "username is #{username}, @username is #{@username}, and password is #{password}, @password is #{@password}" }
             username == @username and password == @password
           end
         end

data/lib/hrr_rb_ssh/authentication/method/publickey.rb CHANGED Viewed

@@ -1,36 +1,42 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Authentication
     class Method
       class Publickey < Method
+        include Loggable
         NAME = 'publickey'
         PREFERENCE = 20
-        def initialize transport, options
-          @logger = Logger.new(self.class.name)
+        def initialize transport, options, variables, authentication_methods, logger: nil
+          self.logger = logger
+          @transport = transport
+          @options = options
           @session_id = options['session id']
-          @authenticator = options.fetch( 'authentication_publickey_authenticator', Authenticator.new { false } )
+          @authenticator = options.fetch( 'authentication_publickey_authenticator', Authenticator.new{ false } )
+          @variables = variables
+          @authentication_methods = authentication_methods
         end
         def authenticate userauth_request_message
           public_key_algorithm_name = userauth_request_message[:'public key algorithm name']
           unless Algorithm.list_preferred.include?(public_key_algorithm_name)
-            @logger.info { "unsupported public key algorithm: #{public_key_algorithm_name}" }
+            log_info { "unsupported public key algorithm: #{public_key_algorithm_name}" }
             return false
           end
           unless userauth_request_message[:'with signature']
-            @logger.info { "public key algorithm is ok, require signature" }
+            log_info { "public key algorithm is ok, require signature" }
             public_key_blob = userauth_request_message[:'public key blob']
             userauth_pk_ok_message public_key_algorithm_name, public_key_blob
           else
-            @logger.info { "verify signature" }
+            log_info { "verify signature" }
             username = userauth_request_message[:'user name']
-            algorithm = Algorithm[public_key_algorithm_name].new
-            context = Context.new(username, algorithm, @session_id, userauth_request_message)
+            algorithm = Algorithm[public_key_algorithm_name].new logger: logger
+            context = Context.new(username, algorithm, @session_id, userauth_request_message, @variables, @authentication_methods, logger: logger)
             @authenticator.authenticate context
           end
         end
@@ -41,7 +47,54 @@ module HrrRbSsh
             :'public key algorithm name from the request' => public_key_algorithm_name,
             :'public key blob from the request'           => public_key_blob,
           }
-          payload = Message::SSH_MSG_USERAUTH_PK_OK.encode message
+          payload = Message::SSH_MSG_USERAUTH_PK_OK.new(logger: logger).encode message
+        end
+        def request_authentication username, service_name
+          public_key_algorithm_name, secret_key = @options['client_authentication_publickey']
+          send_request_without_signature username, service_name, public_key_algorithm_name, secret_key
+          payload = @transport.receive
+          case payload[0,1].unpack("C")[0]
+          when Message::SSH_MSG_USERAUTH_PK_OK::VALUE
+            send_request_with_signature username, service_name, public_key_algorithm_name, secret_key
+            @transport.receive
+          else
+            payload
+          end
+        end
+        def send_request_without_signature username, service_name, public_key_algorithm_name, secret_key
+          algorithm = Algorithm[public_key_algorithm_name].new logger: logger
+          public_key_blob = algorithm.generate_public_key_blob(secret_key)
+          message = {
+            :'message number'            => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
+            :"user name"                 => username,
+            :"service name"              => service_name,
+            :"method name"               => NAME,
+            :"with signature"            => false,
+            :'public key algorithm name' => public_key_algorithm_name,
+            :'public key blob'           => public_key_blob,
+          }
+          payload = Message::SSH_MSG_USERAUTH_REQUEST.new(logger: logger).encode message
+          @transport.send payload
+        end
+        def send_request_with_signature username, service_name, public_key_algorithm_name, secret_key
+          algorithm = Algorithm[public_key_algorithm_name].new logger: logger
+          public_key_blob = algorithm.generate_public_key_blob(secret_key)
+          signature = algorithm.generate_signature(@session_id, username, service_name, 'publickey', secret_key)
+          message = {
+            :'message number'            => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
+            :"user name"                 => username,
+            :"service name"              => service_name,
+            :"method name"               => NAME,
+            :"with signature"            => true,
+            :'public key algorithm name' => public_key_algorithm_name,
+            :'public key blob'           => public_key_blob,
+            :'signature'                 => signature,
+          }
+          payload = Message::SSH_MSG_USERAUTH_REQUEST.new(logger: logger).encode message
+          @transport.send payload
         end
       end
     end

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm.rb CHANGED Viewed

@@ -23,4 +23,3 @@ require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa'
 require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256'
 require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384'
 require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_ed25519'

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 require 'hrr_rb_ssh/algorithm/publickey'
 module HrrRbSsh
@@ -10,16 +10,18 @@ module HrrRbSsh
       class Publickey
         class Algorithm
           module Functionable
-            def initialize
-              @logger = Logger.new(self.class.name)
+            include Loggable
+            def initialize logger: nil
+              self.logger = logger
             end
             def verify_public_key public_key_algorithm_name, public_key, public_key_blob
               begin
-                publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new public_key
+                publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new public_key, logger: logger
                 public_key_algorithm_name == self.class::NAME && public_key_blob == publickey.to_public_key_blob
               rescue => e
-                @logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
+                log_error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
                 false
               end
             end
@@ -36,14 +38,36 @@ module HrrRbSsh
                   :'public key algorithm name' => message[:'public key algorithm name'],
                   :'public key blob'           => message[:'public key blob'],
                 }
-                signature_blob = SignatureBlob.encode signature_blob_h
-                publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new message[:'public key blob']
+                signature_blob = SignatureBlob.new(logger: logger).encode signature_blob_h
+                publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new message[:'public key blob'], logger: logger
                 publickey.verify message[:'signature'], signature_blob
               rescue => e
-                @logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
+                log_error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
                 false
               end
             end
+            def generate_public_key_blob secret_key
+              publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new secret_key, logger: logger
+              publickey.to_public_key_blob
+            end
+            def generate_signature session_id, username, service_name, method_name, secret_key
+              publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new secret_key, logger: logger
+              publickey_blob = publickey.to_public_key_blob
+              signature_blob_h = {
+                :'session identifier'        => session_id,
+                :'message number'            => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
+                :'user name'                 => username,
+                :'service name'              => service_name,
+                :'method name'               => method_name,
+                :'with signature'            => true,
+                :'public key algorithm name' => self.class::NAME,
+                :'public key blob'           => publickey_blob
+              }
+              signature_blob = SignatureBlob.new(logger: logger).encode signature_blob_h
+              publickey.sign signature_blob
+            end
           end
         end
       end