RubyGems - hrr_rb_ssh - Versions diffs - 0.3.0.pre1 → 0.4.2 - Mend

hrr_rb_ssh 0.3.0.pre1 → 0.4.2

Files changed (139) hide show

data/lib/hrr_rb_ssh/authentication/method/keyboard_interactive/context.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 require 'hrr_rb_ssh/authentication/method/keyboard_interactive/info_request'
 require 'hrr_rb_ssh/authentication/method/keyboard_interactive/info_response'
@@ -10,24 +10,31 @@ module HrrRbSsh
     class Method
       class KeyboardInteractive
         class Context
+          include Loggable
           attr_reader \
             :username,
             :submethods,
-            :info_response
+            :info_response,
+            :variables,
+            :vars,
+            :authentication_methods
-          def initialize transport, username, submethods
+          def initialize transport, username, submethods, variables, authentication_methods, logger: nil
+            self.logger = logger
             @transport = transport
             @username = username
             @submethods = submethods
-            @logger = Logger.new self.class.name
+            @variables = variables
+            @vars = variables
+            @authentication_methods = authentication_methods
           end
           def info_request name, instruction, language_tag, prompts
-            @logger.info { "send userauth info request" }
-            @transport.send InfoRequest.new(name, instruction, language_tag, prompts).to_payload
-            @logger.info { "receive userauth info response" }
-            @info_response = InfoResponse.new @transport.receive
+            log_info { "send userauth info request" }
+            @transport.send InfoRequest.new(name, instruction, language_tag, prompts, logger: logger).to_payload
+            log_info { "receive userauth info response" }
+            @info_response = InfoResponse.new @transport.receive, logger: logger
           end
         end
       end

data/lib/hrr_rb_ssh/authentication/method/keyboard_interactive/info_request.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 require 'hrr_rb_ssh/message'
 module HrrRbSsh
@@ -9,13 +9,14 @@ module HrrRbSsh
     class Method
       class KeyboardInteractive
         class InfoRequest
-          def initialize name, instruction, language_tag, prompts
+          include Loggable
+          def initialize name, instruction, language_tag, prompts, logger: nil
+            self.logger = logger
             @name         = name
             @instruction  = instruction
             @language_tag = language_tag
             @prompts      = prompts
-            @logger = Logger.new self.class.name
           end
           def to_message
@@ -30,13 +31,13 @@ module HrrRbSsh
               [
                 [:"prompt[#{i+1}]", prompt],
                 [:"echo[#{i+1}]",   echo],
-              ].to_h
+              ].inject(Hash.new){ |h, (k, v)| h.update({k => v}) }
             }.inject(Hash.new){ |a, b| a.merge(b) }
             message.merge(message_prompts)
           end
           def to_payload
-            Message::SSH_MSG_USERAUTH_INFO_REQUEST.encode self.to_message
+            Message::SSH_MSG_USERAUTH_INFO_REQUEST.new(logger: logger).encode self.to_message
           end
         end
       end

data/lib/hrr_rb_ssh/authentication/method/keyboard_interactive/info_response.rb CHANGED Viewed

@@ -8,14 +8,17 @@ module HrrRbSsh
     class Method
       class KeyboardInteractive
         class InfoResponse
+          include Loggable
           attr_reader \
             :num_responses,
             :responses
-          def initialize payload
+          def initialize payload, logger: nil
+            self.logger = logger
             case payload[0,1].unpack("C")[0]
             when Message::SSH_MSG_USERAUTH_INFO_RESPONSE::VALUE
-              message = Message::SSH_MSG_USERAUTH_INFO_RESPONSE.decode payload
+              message = Message::SSH_MSG_USERAUTH_INFO_RESPONSE.new(logger: logger).decode payload
               @num_responses = message[:'num-responses']
               @responses = Array.new(message[:'num-responses']){ |i| message[:"response[#{i+1}]"] }
             else

data/lib/hrr_rb_ssh/authentication/method/none.rb CHANGED Viewed

@@ -1,26 +1,42 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Authentication
     class Method
       class None < Method
+        include Loggable
         NAME = 'none'
         PREFERENCE = 0
-        def initialize transport, options
-          @logger = Logger.new(self.class.name)
-          @authenticator = options.fetch( 'authentication_none_authenticator', Authenticator.new { false } )
+        def initialize transport, options, variables, authentication_methods, logger: nil
+          self.logger = logger
+          @transport = transport
+          @authenticator = options.fetch( 'authentication_none_authenticator', Authenticator.new{ false } )
+          @variables = variables
+          @authentication_methods = authentication_methods
         end
         def authenticate userauth_request_message
-          @logger.info { "authenticate" }
-          @logger.debug { "userauth request: " + userauth_request_message.inspect }
-          context = Context.new(userauth_request_message[:'user name'])
+          log_info { "authenticate" }
+          context = Context.new(userauth_request_message[:'user name'], @variables, @authentication_methods, logger: logger)
           @authenticator.authenticate context
         end
+        def request_authentication username, service_name
+          message = {
+            :'message number' => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
+            :"user name"      => username,
+            :"service name"   => service_name,
+            :"method name"    => NAME,
+          }
+          payload = Message::SSH_MSG_USERAUTH_REQUEST.new(logger: logger).encode message
+          @transport.send payload
+          payload = @transport.receive
+        end
       end
     end
   end

data/lib/hrr_rb_ssh/authentication/method/none/context.rb CHANGED Viewed

@@ -1,24 +1,32 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Authentication
     class Method
       class None
         class Context
-          attr_reader :username
+          include Loggable
-          def initialize username
-            @username = username
+          attr_reader \
+            :username,
+            :variables,
+            :vars,
+            :authentication_methods
-            @logger = Logger.new self.class.name
+          def initialize username, variables, authentication_methods, logger: nil
+            self.logger = logger
+            @username = username
+            @variables = variables
+            @vars = variables
+            @authentication_methods = authentication_methods
           end
           def verify username
-            @logger.info { "verify username" }
-            @logger.debug { "username is #{username}, @username is #{@username}" }
+            log_info { "verify username" }
+            log_debug { "username is #{username}, @username is #{@username}" }
             username == @username
           end
         end

data/lib/hrr_rb_ssh/authentication/method/password.rb CHANGED Viewed

@@ -1,28 +1,49 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Authentication
     class Method
       class Password < Method
+        include Loggable
         NAME = 'password'
         PREFERENCE = 10
-        def initialize transport, options
-          @logger = Logger.new(self.class.name)
-          @authenticator = options.fetch( 'authentication_password_authenticator', Authenticator.new { false } )
+        def initialize transport, options, variables, authentication_methods, logger: nil
+          self.logger = logger
+          @transport = transport
+          @authenticator = options.fetch( 'authentication_password_authenticator', Authenticator.new{ false } )
+          @options = options
+          @variables = variables
+          @authentication_methods = authentication_methods
         end
         def authenticate userauth_request_message
-          @logger.info { "authenticate" }
-          @logger.debug { "userauth request: " + userauth_request_message.inspect }
+          log_info { "authenticate" }
           username = userauth_request_message[:'user name']
           password = userauth_request_message[:'plaintext password']
-          context = Context.new(username, password)
+          context = Context.new(username, password, @variables, @authentication_methods, logger: logger)
           @authenticator.authenticate context
         end
+        def request_authentication username, service_name
+          password = @options['client_authentication_password']
+          message = {
+            :'message number'     => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
+            :"user name"          => username,
+            :"service name"       => service_name,
+            :"method name"        => NAME,
+            :"FALSE"              => false,
+            :"plaintext password" => password,
+          }
+          payload = Message::SSH_MSG_USERAUTH_REQUEST.new(logger: logger).encode message
+          @transport.send payload
+          payload = @transport.receive
+        end
       end
     end
   end

data/lib/hrr_rb_ssh/authentication/method/password/context.rb CHANGED Viewed

@@ -1,25 +1,34 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Authentication
     class Method
       class Password
         class Context
-          attr_reader :username, :password
+          include Loggable
-          def initialize username, password
+          attr_reader \
+            :username,
+            :password,
+            :variables,
+            :vars,
+            :authentication_methods
+          def initialize username, password, variables, authentication_methods, logger: nil
+            self.logger = logger
             @username = username
             @password = password
-            @logger = Logger.new self.class.name
+            @variables = variables
+            @vars = variables
+            @authentication_methods = authentication_methods
           end
           def verify username, password
-            @logger.info { "verify username and password" }
-            @logger.debug { "username is #{username}, @username is #{@username}, and password is #{password}, @password is #{@password}" }
+            log_info { "verify username and password" }
+            log_debug { "username is #{username}, @username is #{@username}, and password is #{password}, @password is #{@password}" }
             username == @username and password == @password
           end
         end

data/lib/hrr_rb_ssh/authentication/method/publickey.rb CHANGED Viewed

@@ -1,36 +1,42 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Authentication
     class Method
       class Publickey < Method
+        include Loggable
         NAME = 'publickey'
         PREFERENCE = 20
-        def initialize transport, options
-          @logger = Logger.new(self.class.name)
+        def initialize transport, options, variables, authentication_methods, logger: nil
+          self.logger = logger
+          @transport = transport
+          @options = options
           @session_id = options['session id']
-          @authenticator = options.fetch( 'authentication_publickey_authenticator', Authenticator.new { false } )
+          @authenticator = options.fetch( 'authentication_publickey_authenticator', Authenticator.new{ false } )
+          @variables = variables
+          @authentication_methods = authentication_methods
         end
         def authenticate userauth_request_message
           public_key_algorithm_name = userauth_request_message[:'public key algorithm name']
           unless Algorithm.list_preferred.include?(public_key_algorithm_name)
-            @logger.info { "unsupported public key algorithm: #{public_key_algorithm_name}" }
+            log_info { "unsupported public key algorithm: #{public_key_algorithm_name}" }
             return false
           end
           unless userauth_request_message[:'with signature']
-            @logger.info { "public key algorithm is ok, require signature" }
+            log_info { "public key algorithm is ok, require signature" }
             public_key_blob = userauth_request_message[:'public key blob']
             userauth_pk_ok_message public_key_algorithm_name, public_key_blob
           else
-            @logger.info { "verify signature" }
+            log_info { "verify signature" }
             username = userauth_request_message[:'user name']
-            algorithm = Algorithm[public_key_algorithm_name].new
-            context = Context.new(username, algorithm, @session_id, userauth_request_message)
+            algorithm = Algorithm[public_key_algorithm_name].new logger: logger
+            context = Context.new(username, algorithm, @session_id, userauth_request_message, @variables, @authentication_methods, logger: logger)
             @authenticator.authenticate context
           end
         end
@@ -41,7 +47,54 @@ module HrrRbSsh
             :'public key algorithm name from the request' => public_key_algorithm_name,
             :'public key blob from the request'           => public_key_blob,
           }
-          payload = Message::SSH_MSG_USERAUTH_PK_OK.encode message
+          payload = Message::SSH_MSG_USERAUTH_PK_OK.new(logger: logger).encode message
+        end
+        def request_authentication username, service_name
+          public_key_algorithm_name, secret_key = @options['client_authentication_publickey']
+          send_request_without_signature username, service_name, public_key_algorithm_name, secret_key
+          payload = @transport.receive
+          case payload[0,1].unpack("C")[0]
+          when Message::SSH_MSG_USERAUTH_PK_OK::VALUE
+            send_request_with_signature username, service_name, public_key_algorithm_name, secret_key
+            @transport.receive
+          else
+            payload
+          end
+        end
+        def send_request_without_signature username, service_name, public_key_algorithm_name, secret_key
+          algorithm = Algorithm[public_key_algorithm_name].new logger: logger
+          public_key_blob = algorithm.generate_public_key_blob(secret_key)
+          message = {
+            :'message number'            => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
+            :"user name"                 => username,
+            :"service name"              => service_name,
+            :"method name"               => NAME,
+            :"with signature"            => false,
+            :'public key algorithm name' => public_key_algorithm_name,
+            :'public key blob'           => public_key_blob,
+          }
+          payload = Message::SSH_MSG_USERAUTH_REQUEST.new(logger: logger).encode message
+          @transport.send payload
+        end
+        def send_request_with_signature username, service_name, public_key_algorithm_name, secret_key
+          algorithm = Algorithm[public_key_algorithm_name].new logger: logger
+          public_key_blob = algorithm.generate_public_key_blob(secret_key)
+          signature = algorithm.generate_signature(@session_id, username, service_name, 'publickey', secret_key)
+          message = {
+            :'message number'            => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
+            :"user name"                 => username,
+            :"service name"              => service_name,
+            :"method name"               => NAME,
+            :"with signature"            => true,
+            :'public key algorithm name' => public_key_algorithm_name,
+            :'public key blob'           => public_key_blob,
+            :'signature'                 => signature,
+          }
+          payload = Message::SSH_MSG_USERAUTH_REQUEST.new(logger: logger).encode message
+          @transport.send payload
         end
       end
     end

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm.rb CHANGED Viewed

@@ -23,4 +23,3 @@ require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa'
 require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256'
 require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384'
 require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_ed25519'

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 require 'hrr_rb_ssh/algorithm/publickey'
 module HrrRbSsh
@@ -10,16 +10,18 @@ module HrrRbSsh
       class Publickey
         class Algorithm
           module Functionable
-            def initialize
-              @logger = Logger.new(self.class.name)
+            include Loggable
+            def initialize logger: nil
+              self.logger = logger
             end
             def verify_public_key public_key_algorithm_name, public_key, public_key_blob
               begin
-                publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new public_key
+                publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new public_key, logger: logger
                 public_key_algorithm_name == self.class::NAME && public_key_blob == publickey.to_public_key_blob
               rescue => e
-                @logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
+                log_error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
                 false
               end
             end
@@ -36,14 +38,36 @@ module HrrRbSsh
                   :'public key algorithm name' => message[:'public key algorithm name'],
                   :'public key blob'           => message[:'public key blob'],
                 }
-                signature_blob = SignatureBlob.encode signature_blob_h
-                publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new message[:'public key blob']
+                signature_blob = SignatureBlob.new(logger: logger).encode signature_blob_h
+                publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new message[:'public key blob'], logger: logger
                 publickey.verify message[:'signature'], signature_blob
               rescue => e
-                @logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
+                log_error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
                 false
               end
             end
+            def generate_public_key_blob secret_key
+              publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new secret_key, logger: logger
+              publickey.to_public_key_blob
+            end
+            def generate_signature session_id, username, service_name, method_name, secret_key
+              publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new secret_key, logger: logger
+              publickey_blob = publickey.to_public_key_blob
+              signature_blob_h = {
+                :'session identifier'        => session_id,
+                :'message number'            => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
+                :'user name'                 => username,
+                :'service name'              => service_name,
+                :'method name'               => method_name,
+                :'with signature'            => true,
+                :'public key algorithm name' => self.class::NAME,
+                :'public key blob'           => publickey_blob
+              }
+              signature_blob = SignatureBlob.new(logger: logger).encode signature_blob_h
+              publickey.sign signature_blob
+            end
           end
         end
       end