hrr_rb_ssh 0.3.0.pre3 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +61 -3
- data/demo/client.rb +58 -0
- data/hrr_rb_ssh.gemspec +2 -2
- data/lib/hrr_rb_ssh/authentication/method/keyboard_interactive.rb +34 -0
- data/lib/hrr_rb_ssh/authentication/method/none.rb +13 -0
- data/lib/hrr_rb_ssh/authentication/method/password.rb +18 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb +22 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey.rb +49 -0
- data/lib/hrr_rb_ssh/authentication.rb +47 -1
- data/lib/hrr_rb_ssh/client.rb +198 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/direct_tcpip.rb +6 -3
- data/lib/hrr_rb_ssh/connection/channel/channel_type/forwarded_tcpip.rb +6 -3
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session.rb +7 -1
- data/lib/hrr_rb_ssh/connection/channel.rb +308 -79
- data/lib/hrr_rb_ssh/connection.rb +99 -38
- data/lib/hrr_rb_ssh/logger.rb +5 -5
- data/lib/hrr_rb_ssh/server.rb +3 -3
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman.rb +37 -32
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange.rb +80 -46
- data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman.rb +37 -32
- data/lib/hrr_rb_ssh/transport.rb +46 -10
- data/lib/hrr_rb_ssh/version.rb +1 -1
- data/lib/hrr_rb_ssh.rb +1 -0
- metadata +9 -8
data/lib/hrr_rb_ssh/transport.rb
CHANGED
@@ -24,6 +24,7 @@ module HrrRbSsh
|
|
24
24
|
|
25
25
|
attr_reader \
|
26
26
|
:io,
|
27
|
+
:mode,
|
27
28
|
:supported_encryption_algorithms,
|
28
29
|
:supported_server_host_key_algorithms,
|
29
30
|
:supported_kex_algorithms,
|
@@ -167,6 +168,8 @@ module HrrRbSsh
|
|
167
168
|
case @mode
|
168
169
|
when Mode::SERVER
|
169
170
|
verify_service_request
|
171
|
+
when Mode::CLIENT
|
172
|
+
send_service_request
|
170
173
|
end
|
171
174
|
|
172
175
|
@closed = false
|
@@ -235,7 +238,7 @@ module HrrRbSsh
|
|
235
238
|
end
|
236
239
|
|
237
240
|
def start_kex_algorithm
|
238
|
-
@kex_algorithm.start self
|
241
|
+
@kex_algorithm.start self
|
239
242
|
end
|
240
243
|
|
241
244
|
def verify_service_request
|
@@ -398,6 +401,18 @@ module HrrRbSsh
|
|
398
401
|
message = Message::SSH_MSG_NEWKEYS.decode payload
|
399
402
|
end
|
400
403
|
|
404
|
+
def send_service_request
|
405
|
+
message = {
|
406
|
+
:'message number' => Message::SSH_MSG_SERVICE_REQUEST::VALUE,
|
407
|
+
:'service name' => 'ssh-userauth',
|
408
|
+
}
|
409
|
+
payload = Message::SSH_MSG_SERVICE_REQUEST.encode message
|
410
|
+
send payload
|
411
|
+
|
412
|
+
payload = @receiver.receive self
|
413
|
+
message = Message::SSH_MSG_SERVICE_ACCEPT.decode payload
|
414
|
+
end
|
415
|
+
|
401
416
|
def receive_service_request
|
402
417
|
payload = @receiver.receive self
|
403
418
|
message = Message::SSH_MSG_SERVICE_REQUEST.decode payload
|
@@ -406,12 +421,12 @@ module HrrRbSsh
|
|
406
421
|
end
|
407
422
|
|
408
423
|
def send_service_accept service_name
|
409
|
-
|
410
|
-
|
411
|
-
|
412
|
-
|
413
|
-
|
414
|
-
|
424
|
+
message = {
|
425
|
+
:'message number' => Message::SSH_MSG_SERVICE_ACCEPT::VALUE,
|
426
|
+
:'service name' => service_name,
|
427
|
+
}
|
428
|
+
payload = Message::SSH_MSG_SERVICE_ACCEPT.encode message
|
429
|
+
send payload
|
415
430
|
end
|
416
431
|
|
417
432
|
def update_remote_algorithms message
|
@@ -430,14 +445,14 @@ module HrrRbSsh
|
|
430
445
|
when Mode::SERVER
|
431
446
|
kex_algorithm_name = @remote_kex_algorithms.find{ |a| @local_kex_algorithms.include? a } or raise
|
432
447
|
server_host_key_algorithm_name = @remote_server_host_key_algorithms.find{ |a| @local_server_host_key_algorithms.include? a } or raise
|
448
|
+
server_secret_host_key = @options.fetch('transport_server_secret_host_keys', {}).fetch(server_host_key_algorithm_name, nil)
|
433
449
|
when Mode::CLIENT
|
434
450
|
kex_algorithm_name = @local_kex_algorithms.find{ |a| @remote_kex_algorithms.include? a } or raise
|
435
451
|
server_host_key_algorithm_name = @local_server_host_key_algorithms.find{ |a| @remote_server_host_key_algorithms.include? a } or raise
|
452
|
+
server_secret_host_key = nil
|
436
453
|
end
|
437
|
-
|
438
|
-
server_secret_host_key = @options.fetch('transport_server_secret_host_keys', {}).fetch(server_host_key_algorithm_name, nil)
|
439
|
-
@kex_algorithm = KexAlgorithm[kex_algorithm_name].new
|
440
454
|
@server_host_key_algorithm = ServerHostKeyAlgorithm[server_host_key_algorithm_name].new server_secret_host_key
|
455
|
+
@kex_algorithm = KexAlgorithm[kex_algorithm_name].new
|
441
456
|
end
|
442
457
|
|
443
458
|
def update_encryption_mac_compression_algorithms
|
@@ -458,6 +473,15 @@ module HrrRbSsh
|
|
458
473
|
outgoing_crpt_iv = @kex_algorithm.iv_s_to_c self, outgoing_encryption_algorithm_name
|
459
474
|
incoming_crpt_key = @kex_algorithm.key_c_to_s self, incoming_encryption_algorithm_name
|
460
475
|
outgoing_crpt_key = @kex_algorithm.key_s_to_c self, outgoing_encryption_algorithm_name
|
476
|
+
when Mode::CLIENT
|
477
|
+
encryption_algorithm_s_to_c_name = @local_encryption_algorithms_server_to_client.find{ |a| @remote_encryption_algorithms_server_to_client.include? a } or raise
|
478
|
+
encryption_algorithm_c_to_s_name = @local_encryption_algorithms_client_to_server.find{ |a| @remote_encryption_algorithms_client_to_server.include? a } or raise
|
479
|
+
incoming_encryption_algorithm_name = encryption_algorithm_s_to_c_name
|
480
|
+
outgoing_encryption_algorithm_name = encryption_algorithm_c_to_s_name
|
481
|
+
incoming_crpt_iv = @kex_algorithm.iv_s_to_c self, incoming_encryption_algorithm_name
|
482
|
+
outgoing_crpt_iv = @kex_algorithm.iv_c_to_s self, outgoing_encryption_algorithm_name
|
483
|
+
incoming_crpt_key = @kex_algorithm.key_s_to_c self, incoming_encryption_algorithm_name
|
484
|
+
outgoing_crpt_key = @kex_algorithm.key_c_to_s self, outgoing_encryption_algorithm_name
|
461
485
|
end
|
462
486
|
@incoming_encryption_algorithm = EncryptionAlgorithm[incoming_encryption_algorithm_name].new Direction::INCOMING, incoming_crpt_iv, incoming_crpt_key
|
463
487
|
@outgoing_encryption_algorithm = EncryptionAlgorithm[outgoing_encryption_algorithm_name].new Direction::OUTGOING, outgoing_crpt_iv, outgoing_crpt_key
|
@@ -472,6 +496,13 @@ module HrrRbSsh
|
|
472
496
|
outgoing_mac_algorithm_name = mac_algorithm_s_to_c_name
|
473
497
|
incoming_mac_key = @kex_algorithm.mac_c_to_s self, incoming_mac_algorithm_name
|
474
498
|
outgoing_mac_key = @kex_algorithm.mac_s_to_c self, outgoing_mac_algorithm_name
|
499
|
+
when Mode::CLIENT
|
500
|
+
mac_algorithm_s_to_c_name = @local_mac_algorithms_server_to_client.find{ |a| @remote_mac_algorithms_server_to_client.include? a } or raise
|
501
|
+
mac_algorithm_c_to_s_name = @local_mac_algorithms_client_to_server.find{ |a| @remote_mac_algorithms_client_to_server.include? a } or raise
|
502
|
+
incoming_mac_algorithm_name = mac_algorithm_s_to_c_name
|
503
|
+
outgoing_mac_algorithm_name = mac_algorithm_c_to_s_name
|
504
|
+
incoming_mac_key = @kex_algorithm.mac_s_to_c self, incoming_mac_algorithm_name
|
505
|
+
outgoing_mac_key = @kex_algorithm.mac_c_to_s self, outgoing_mac_algorithm_name
|
475
506
|
end
|
476
507
|
@incoming_mac_algorithm = MacAlgorithm[incoming_mac_algorithm_name].new incoming_mac_key
|
477
508
|
@outgoing_mac_algorithm = MacAlgorithm[outgoing_mac_algorithm_name].new outgoing_mac_key
|
@@ -484,6 +515,11 @@ module HrrRbSsh
|
|
484
515
|
compression_algorithm_s_to_c_name = @remote_compression_algorithms_server_to_client.find{ |a| @local_compression_algorithms_server_to_client.include? a } or raise
|
485
516
|
incoming_compression_algorithm_name = compression_algorithm_c_to_s_name
|
486
517
|
outgoing_compression_algorithm_name = compression_algorithm_s_to_c_name
|
518
|
+
when Mode::CLIENT
|
519
|
+
compression_algorithm_s_to_c_name = @local_compression_algorithms_server_to_client.find{ |a| @remote_compression_algorithms_server_to_client.include? a } or raise
|
520
|
+
compression_algorithm_c_to_s_name = @local_compression_algorithms_client_to_server.find{ |a| @remote_compression_algorithms_client_to_server.include? a } or raise
|
521
|
+
incoming_compression_algorithm_name = compression_algorithm_s_to_c_name
|
522
|
+
outgoing_compression_algorithm_name = compression_algorithm_c_to_s_name
|
487
523
|
end
|
488
524
|
@incoming_compression_algorithm.close
|
489
525
|
@outgoing_compression_algorithm.close
|
data/lib/hrr_rb_ssh/version.rb
CHANGED
data/lib/hrr_rb_ssh.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hrr_rb_ssh
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.0
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- hirura
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-07-
|
11
|
+
date: 2019-07-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: ed25519
|
@@ -66,7 +66,7 @@ dependencies:
|
|
66
66
|
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
68
|
version: '0.16'
|
69
|
-
description: Pure Ruby SSH 2.0 server implementation
|
69
|
+
description: Pure Ruby SSH 2.0 server and client implementation
|
70
70
|
email:
|
71
71
|
- hirura@gmail.com
|
72
72
|
executables: []
|
@@ -81,6 +81,7 @@ files:
|
|
81
81
|
- LICENSE
|
82
82
|
- README.md
|
83
83
|
- Rakefile
|
84
|
+
- demo/client.rb
|
84
85
|
- demo/echo_server.rb
|
85
86
|
- demo/more_flexible_auth.rb
|
86
87
|
- demo/multi_step_auth.rb
|
@@ -132,6 +133,7 @@ files:
|
|
132
133
|
- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_ed25519.rb
|
133
134
|
- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa.rb
|
134
135
|
- lib/hrr_rb_ssh/authentication/method/publickey/context.rb
|
136
|
+
- lib/hrr_rb_ssh/client.rb
|
135
137
|
- lib/hrr_rb_ssh/codable.rb
|
136
138
|
- lib/hrr_rb_ssh/compat.rb
|
137
139
|
- lib/hrr_rb_ssh/compat/openssh.rb
|
@@ -304,13 +306,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
304
306
|
version: 2.0.0
|
305
307
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
306
308
|
requirements:
|
307
|
-
- - "
|
309
|
+
- - ">="
|
308
310
|
- !ruby/object:Gem::Version
|
309
|
-
version:
|
311
|
+
version: '0'
|
310
312
|
requirements: []
|
311
|
-
|
312
|
-
rubygems_version: 2.7.6
|
313
|
+
rubygems_version: 3.0.3
|
313
314
|
signing_key:
|
314
315
|
specification_version: 4
|
315
|
-
summary: Pure Ruby SSH 2.0 server implementation
|
316
|
+
summary: Pure Ruby SSH 2.0 server and client implementation
|
316
317
|
test_files: []
|