hrr_rb_ssh 0.3.0.pre3 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +61 -3
- data/demo/client.rb +58 -0
- data/hrr_rb_ssh.gemspec +2 -2
- data/lib/hrr_rb_ssh/authentication/method/keyboard_interactive.rb +34 -0
- data/lib/hrr_rb_ssh/authentication/method/none.rb +13 -0
- data/lib/hrr_rb_ssh/authentication/method/password.rb +18 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb +22 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey.rb +49 -0
- data/lib/hrr_rb_ssh/authentication.rb +47 -1
- data/lib/hrr_rb_ssh/client.rb +198 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/direct_tcpip.rb +6 -3
- data/lib/hrr_rb_ssh/connection/channel/channel_type/forwarded_tcpip.rb +6 -3
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session.rb +7 -1
- data/lib/hrr_rb_ssh/connection/channel.rb +308 -79
- data/lib/hrr_rb_ssh/connection.rb +99 -38
- data/lib/hrr_rb_ssh/logger.rb +5 -5
- data/lib/hrr_rb_ssh/server.rb +3 -3
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman.rb +37 -32
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange.rb +80 -46
- data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman.rb +37 -32
- data/lib/hrr_rb_ssh/transport.rb +46 -10
- data/lib/hrr_rb_ssh/version.rb +1 -1
- data/lib/hrr_rb_ssh.rb +1 -0
- metadata +9 -8
data/lib/hrr_rb_ssh/transport.rb
CHANGED
@@ -24,6 +24,7 @@ module HrrRbSsh
|
|
24
24
|
|
25
25
|
attr_reader \
|
26
26
|
:io,
|
27
|
+
:mode,
|
27
28
|
:supported_encryption_algorithms,
|
28
29
|
:supported_server_host_key_algorithms,
|
29
30
|
:supported_kex_algorithms,
|
@@ -167,6 +168,8 @@ module HrrRbSsh
|
|
167
168
|
case @mode
|
168
169
|
when Mode::SERVER
|
169
170
|
verify_service_request
|
171
|
+
when Mode::CLIENT
|
172
|
+
send_service_request
|
170
173
|
end
|
171
174
|
|
172
175
|
@closed = false
|
@@ -235,7 +238,7 @@ module HrrRbSsh
|
|
235
238
|
end
|
236
239
|
|
237
240
|
def start_kex_algorithm
|
238
|
-
@kex_algorithm.start self
|
241
|
+
@kex_algorithm.start self
|
239
242
|
end
|
240
243
|
|
241
244
|
def verify_service_request
|
@@ -398,6 +401,18 @@ module HrrRbSsh
|
|
398
401
|
message = Message::SSH_MSG_NEWKEYS.decode payload
|
399
402
|
end
|
400
403
|
|
404
|
+
def send_service_request
|
405
|
+
message = {
|
406
|
+
:'message number' => Message::SSH_MSG_SERVICE_REQUEST::VALUE,
|
407
|
+
:'service name' => 'ssh-userauth',
|
408
|
+
}
|
409
|
+
payload = Message::SSH_MSG_SERVICE_REQUEST.encode message
|
410
|
+
send payload
|
411
|
+
|
412
|
+
payload = @receiver.receive self
|
413
|
+
message = Message::SSH_MSG_SERVICE_ACCEPT.decode payload
|
414
|
+
end
|
415
|
+
|
401
416
|
def receive_service_request
|
402
417
|
payload = @receiver.receive self
|
403
418
|
message = Message::SSH_MSG_SERVICE_REQUEST.decode payload
|
@@ -406,12 +421,12 @@ module HrrRbSsh
|
|
406
421
|
end
|
407
422
|
|
408
423
|
def send_service_accept service_name
|
409
|
-
|
410
|
-
|
411
|
-
|
412
|
-
|
413
|
-
|
414
|
-
|
424
|
+
message = {
|
425
|
+
:'message number' => Message::SSH_MSG_SERVICE_ACCEPT::VALUE,
|
426
|
+
:'service name' => service_name,
|
427
|
+
}
|
428
|
+
payload = Message::SSH_MSG_SERVICE_ACCEPT.encode message
|
429
|
+
send payload
|
415
430
|
end
|
416
431
|
|
417
432
|
def update_remote_algorithms message
|
@@ -430,14 +445,14 @@ module HrrRbSsh
|
|
430
445
|
when Mode::SERVER
|
431
446
|
kex_algorithm_name = @remote_kex_algorithms.find{ |a| @local_kex_algorithms.include? a } or raise
|
432
447
|
server_host_key_algorithm_name = @remote_server_host_key_algorithms.find{ |a| @local_server_host_key_algorithms.include? a } or raise
|
448
|
+
server_secret_host_key = @options.fetch('transport_server_secret_host_keys', {}).fetch(server_host_key_algorithm_name, nil)
|
433
449
|
when Mode::CLIENT
|
434
450
|
kex_algorithm_name = @local_kex_algorithms.find{ |a| @remote_kex_algorithms.include? a } or raise
|
435
451
|
server_host_key_algorithm_name = @local_server_host_key_algorithms.find{ |a| @remote_server_host_key_algorithms.include? a } or raise
|
452
|
+
server_secret_host_key = nil
|
436
453
|
end
|
437
|
-
|
438
|
-
server_secret_host_key = @options.fetch('transport_server_secret_host_keys', {}).fetch(server_host_key_algorithm_name, nil)
|
439
|
-
@kex_algorithm = KexAlgorithm[kex_algorithm_name].new
|
440
454
|
@server_host_key_algorithm = ServerHostKeyAlgorithm[server_host_key_algorithm_name].new server_secret_host_key
|
455
|
+
@kex_algorithm = KexAlgorithm[kex_algorithm_name].new
|
441
456
|
end
|
442
457
|
|
443
458
|
def update_encryption_mac_compression_algorithms
|
@@ -458,6 +473,15 @@ module HrrRbSsh
|
|
458
473
|
outgoing_crpt_iv = @kex_algorithm.iv_s_to_c self, outgoing_encryption_algorithm_name
|
459
474
|
incoming_crpt_key = @kex_algorithm.key_c_to_s self, incoming_encryption_algorithm_name
|
460
475
|
outgoing_crpt_key = @kex_algorithm.key_s_to_c self, outgoing_encryption_algorithm_name
|
476
|
+
when Mode::CLIENT
|
477
|
+
encryption_algorithm_s_to_c_name = @local_encryption_algorithms_server_to_client.find{ |a| @remote_encryption_algorithms_server_to_client.include? a } or raise
|
478
|
+
encryption_algorithm_c_to_s_name = @local_encryption_algorithms_client_to_server.find{ |a| @remote_encryption_algorithms_client_to_server.include? a } or raise
|
479
|
+
incoming_encryption_algorithm_name = encryption_algorithm_s_to_c_name
|
480
|
+
outgoing_encryption_algorithm_name = encryption_algorithm_c_to_s_name
|
481
|
+
incoming_crpt_iv = @kex_algorithm.iv_s_to_c self, incoming_encryption_algorithm_name
|
482
|
+
outgoing_crpt_iv = @kex_algorithm.iv_c_to_s self, outgoing_encryption_algorithm_name
|
483
|
+
incoming_crpt_key = @kex_algorithm.key_s_to_c self, incoming_encryption_algorithm_name
|
484
|
+
outgoing_crpt_key = @kex_algorithm.key_c_to_s self, outgoing_encryption_algorithm_name
|
461
485
|
end
|
462
486
|
@incoming_encryption_algorithm = EncryptionAlgorithm[incoming_encryption_algorithm_name].new Direction::INCOMING, incoming_crpt_iv, incoming_crpt_key
|
463
487
|
@outgoing_encryption_algorithm = EncryptionAlgorithm[outgoing_encryption_algorithm_name].new Direction::OUTGOING, outgoing_crpt_iv, outgoing_crpt_key
|
@@ -472,6 +496,13 @@ module HrrRbSsh
|
|
472
496
|
outgoing_mac_algorithm_name = mac_algorithm_s_to_c_name
|
473
497
|
incoming_mac_key = @kex_algorithm.mac_c_to_s self, incoming_mac_algorithm_name
|
474
498
|
outgoing_mac_key = @kex_algorithm.mac_s_to_c self, outgoing_mac_algorithm_name
|
499
|
+
when Mode::CLIENT
|
500
|
+
mac_algorithm_s_to_c_name = @local_mac_algorithms_server_to_client.find{ |a| @remote_mac_algorithms_server_to_client.include? a } or raise
|
501
|
+
mac_algorithm_c_to_s_name = @local_mac_algorithms_client_to_server.find{ |a| @remote_mac_algorithms_client_to_server.include? a } or raise
|
502
|
+
incoming_mac_algorithm_name = mac_algorithm_s_to_c_name
|
503
|
+
outgoing_mac_algorithm_name = mac_algorithm_c_to_s_name
|
504
|
+
incoming_mac_key = @kex_algorithm.mac_s_to_c self, incoming_mac_algorithm_name
|
505
|
+
outgoing_mac_key = @kex_algorithm.mac_c_to_s self, outgoing_mac_algorithm_name
|
475
506
|
end
|
476
507
|
@incoming_mac_algorithm = MacAlgorithm[incoming_mac_algorithm_name].new incoming_mac_key
|
477
508
|
@outgoing_mac_algorithm = MacAlgorithm[outgoing_mac_algorithm_name].new outgoing_mac_key
|
@@ -484,6 +515,11 @@ module HrrRbSsh
|
|
484
515
|
compression_algorithm_s_to_c_name = @remote_compression_algorithms_server_to_client.find{ |a| @local_compression_algorithms_server_to_client.include? a } or raise
|
485
516
|
incoming_compression_algorithm_name = compression_algorithm_c_to_s_name
|
486
517
|
outgoing_compression_algorithm_name = compression_algorithm_s_to_c_name
|
518
|
+
when Mode::CLIENT
|
519
|
+
compression_algorithm_s_to_c_name = @local_compression_algorithms_server_to_client.find{ |a| @remote_compression_algorithms_server_to_client.include? a } or raise
|
520
|
+
compression_algorithm_c_to_s_name = @local_compression_algorithms_client_to_server.find{ |a| @remote_compression_algorithms_client_to_server.include? a } or raise
|
521
|
+
incoming_compression_algorithm_name = compression_algorithm_s_to_c_name
|
522
|
+
outgoing_compression_algorithm_name = compression_algorithm_c_to_s_name
|
487
523
|
end
|
488
524
|
@incoming_compression_algorithm.close
|
489
525
|
@outgoing_compression_algorithm.close
|
data/lib/hrr_rb_ssh/version.rb
CHANGED
data/lib/hrr_rb_ssh.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hrr_rb_ssh
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.0
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- hirura
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-07-
|
11
|
+
date: 2019-07-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: ed25519
|
@@ -66,7 +66,7 @@ dependencies:
|
|
66
66
|
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
68
|
version: '0.16'
|
69
|
-
description: Pure Ruby SSH 2.0 server implementation
|
69
|
+
description: Pure Ruby SSH 2.0 server and client implementation
|
70
70
|
email:
|
71
71
|
- hirura@gmail.com
|
72
72
|
executables: []
|
@@ -81,6 +81,7 @@ files:
|
|
81
81
|
- LICENSE
|
82
82
|
- README.md
|
83
83
|
- Rakefile
|
84
|
+
- demo/client.rb
|
84
85
|
- demo/echo_server.rb
|
85
86
|
- demo/more_flexible_auth.rb
|
86
87
|
- demo/multi_step_auth.rb
|
@@ -132,6 +133,7 @@ files:
|
|
132
133
|
- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_ed25519.rb
|
133
134
|
- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa.rb
|
134
135
|
- lib/hrr_rb_ssh/authentication/method/publickey/context.rb
|
136
|
+
- lib/hrr_rb_ssh/client.rb
|
135
137
|
- lib/hrr_rb_ssh/codable.rb
|
136
138
|
- lib/hrr_rb_ssh/compat.rb
|
137
139
|
- lib/hrr_rb_ssh/compat/openssh.rb
|
@@ -304,13 +306,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
304
306
|
version: 2.0.0
|
305
307
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
306
308
|
requirements:
|
307
|
-
- - "
|
309
|
+
- - ">="
|
308
310
|
- !ruby/object:Gem::Version
|
309
|
-
version:
|
311
|
+
version: '0'
|
310
312
|
requirements: []
|
311
|
-
|
312
|
-
rubygems_version: 2.7.6
|
313
|
+
rubygems_version: 3.0.3
|
313
314
|
signing_key:
|
314
315
|
specification_version: 4
|
315
|
-
summary: Pure Ruby SSH 2.0 server implementation
|
316
|
+
summary: Pure Ruby SSH 2.0 server and client implementation
|
316
317
|
test_files: []
|