hrr_rb_ssh 0.3.0.pre2 → 0.3.0.pre3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2a478983b765002a5277ac63e5ae06e4eccde19d35394b762c13760c33a9cf4b
-  data.tar.gz: d541edd1bd30026919fbf0b4d47369d6853a7ad9f9705b00a43054eaf85d41bd
+  metadata.gz: e5758ec1e3457a1aaa41ec25677bd85711eb176fa9478d786c70c885e2206c58
+  data.tar.gz: 37e411ed657bceca996dcaf71c4b36c706984738005dce48043649a55d6ba022
 SHA512:
-  metadata.gz: e7c09c9e54fa096de5b2417490860e0e80f5ac3c73e2d8fda28b53bdf77fbc7233bede1ecc961bc31cdc817be39fc32bb2b72708d266a4fd46138bdae980e439
-  data.tar.gz: 536e9e52e0eaa7d88449f740ae379d9c2bb0a7c9e29bde06762da14d7220fcc89178cc8f835afc63e1bf9f28c23a7ca876826d219364f4fa7b7dab94a7d1f989
+  metadata.gz: a2ebfcb6fad617c0c8201ff30815e03d28e9e688f43fedbb14e3dd67d83426f3d9c06145392c1d84f4bb3e16d7daf78adf83fc57ba1d152136070b74cb0b93ba
+  data.tar.gz: 9dcc34deaca035e461c98a9891f4e1d0876fcdf379e08438cc01e97e9965526dbf7a6306f0bbd87b090ce815e079a7f407aca3a3c9c5138c4d4ac5707b24be3e

data/README.md

@@ -19,10 +19,13 @@ With hrr_rb_ssh, it is possible to write an SSH server easily, and also possible
         - [Logging](#logging)
         - [Registering pre\-generated secret keys for server host key](#registering-pre-generated-secret-keys-for-server-host-key)
         - [Defining authentications](#defining-authentications)
-            - [Password authentication](#password-authentication)
-            - [Publickey authentication](#publickey-authentication)
-            - [Keyboard-interactive authentication](#keyboard-interactive-authentication)
-            - [None authentication (NOT recomended)](#none-authentication-not-recomended)
+            - [Single authentication](#single-authentication)
+                - [Password authentication](#password-authentication)
+                - [Publickey authentication](#publickey-authentication)
+                - [Keyboard-interactive authentication](#keyboard-interactive-authentication)
+                - [None authentication (NOT recomended)](#none-authentication-not-recomended)
+            - [Multi\-step authentication](#multi-step-authentication)
+            - [More flexible authentication](#more-flexible-authentication)
         - [Handling session channel requests](#handling-session-channel-requests)
             - [Reference request handlers](#reference-request-handlers)
             - [Custom request handlers](#custom-request-handlers)
@@ -138,7 +141,13 @@ EOB
 
 By default, any authentications get failed. To allow users to login to the SSH service, at least one of the authentication methods must be defined and registered into the instance of HrrRbSsh::Authentication through `options` variable.
 
-##### Password authentication
+The library defines a sort of strategies to implement handling authentication.
+
+##### Single authentication
+
+Each authenticator returns `true` (or `HrrRbSsh::Authentication::SUCCESS`) or `false` (or `HrrRbSsh::Authentication::FAILURE`). When it is true, the user is accepted. When it is false, the user is not accepted and a subsequent authenticator is called.
+
+###### Password authentication
 
 Password authentication is the most simple way to allow users to login to the SSH service. Password authentication requires user-name and password.
 
@@ -165,7 +174,7 @@ The `context` variable in password authentication context provides the following
 - `#vars` : The same object that `#variables` returns
 - `#verify(username, password)` : Returns `true` when username and password arguments match with the context's username and password. Or returns `false` when username and password arguments don't match.
 
-##### Publickey authentication
+###### Publickey authentication
 
 The second one is public key authentication. Public key authentication requires user-name, public key algorithm name, and PEM or DER formed public key.
 
@@ -186,7 +195,7 @@ The `context` variable in public key authentication context provides the `#verif
 
 And public keys that is in OpenSSH public key format is now available. To use OpenSSH public keys, it is easy to use $USER_HOME/.ssh/authorized_keys file.
 
-##### Keyboard-interactive authentication
+###### Keyboard-interactive authentication
 
 The third one is keyboard-interactive authentication. This is also known as challenge-response authentication.
 
@@ -215,7 +224,7 @@ The `#info_request` method takes four arguments: name, instruction, language tag
 
 The responses are listed in the same order as request prompts.
 
-##### None authentication (NOT recomended)
+###### None authentication (NOT recomended)
 
 The last one is none authentication. None authentication is usually NOT used.
 
@@ -234,6 +243,73 @@ options['authentication_none_authenticator'] = auth_none
 
 In none authentication context, `context` variable provides the `#username` method.
 
+##### Multi-step authentication
+
+In this strategy that conbines single authentications, it is possible to implement multi-step authentication. In case that the combination is a publickey authentication method and a password authentication method, it is so-called two-factor authentication.
+
+A return value of each authentication handler can be `HrrRbSsh::Authentication::PARTIAL_SUCCESS`. The value means that the authentication method returns success and another authenticatoin method is requested (i.e. the authentication method is deleted from the list of authentication that can continue, and then the server sends USERAUTH_FAILURE message with the updated list of authentication that can continue and partial success true). When all preferred authentication methods returns `PARTIAL_SUCCESS` (i.e. there is no more authentication that can continue), then the user is treated as authenticated.
+
+```ruby
+auth_preferred_authentication_methods = ["publickey", "password"]
+auth_publickey = HrrRbSsh::Authentication::Authenticator.new { |context|
+  is_verified = some_verification_method(context)
+  if is_verified
+    HrrRbSsh::Authentication::PARTIAL_SUCCESS
+  else
+    false
+  end
+}
+auth_password = HrrRbSsh::Authentication::Authenticator.new { |context|
+  is_verified = some_verification_method(context)
+  if is_verified
+    HrrRbSsh::Authentication::PARTIAL_SUCCESS
+  else
+    false
+  end
+}
+options['authentication_preferred_authentication_methods'] = auth_preferred_authentication_methods
+options['authentication_publickey_authenticator'] = auth_publickey
+options['authentication_password_authenticator'] = auth_password
+```
+
+##### More flexible authentication
+
+A `context` variable in an authenticator gives an access to remaining authentication methods that can continue. In this strategy, an implementer is able to control the order of authentication methods and to control which authentication methods are used for the user.
+
+The below is an example. It is expected that any user must be verified by publickey and then another authentication is requested for the user accordingly.
+
+```ruby
+auth_preferred_authentication_methods = ['none']
+auth_none = HrrRbSsh::Authentication::Authenticator.new{ |context|
+  context.authentication_methods.push 'publickey'
+  HrrRbSsh::Authentication::PARTIAL_SUCCESS
+}
+auth_publickey = HrrRbSsh::Authentication::Authenticator.new{ |context|
+  if some_verification(context)
+    case context.username
+    when 'user1'
+      context.authentiation_methods.push 'keyboard-interactive'
+      HrrRbSsh::Authentication::PARTIAL_SUCCESS
+    else
+      false
+    end
+  else
+    false
+  end
+}
+auth_keyboard_interactive = HrrRbSsh::Authentication::Authenticator.new{ |context|
+  if some_verification(context)
+    true # or HrrRbSsh::Authentication::PARTIAL_SUCCESS; both will accept the user because remaining authentication method is only 'keyboard-interactive' in this case
+  else
+    false
+  end
+}
+options['authentication_preferred_authentication_methods'] = auth_preferred_authentication_methods
+options['authentication_none_authenticator'] = auth_none
+options['authentication_publickey_authenticator'] = auth_publickey
+options['authentication_keyboard_interactive_authenticator'] = auth_keyboard_interactive
+```
+
 #### Handling session channel requests
 
 By default, any channel requests belonging to session channel are implicitly ignored. To handle the requests, defining request handlers are required.

data/demo/more_flexible_auth.rb

@@ -0,0 +1,99 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'logger'
+require 'socket'
+
+
+def start_service io, logger=nil
+  require 'etc'
+
+  begin
+    require 'hrr_rb_ssh'
+  rescue LoadError
+    $:.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+    require 'hrr_rb_ssh'
+  end
+
+  HrrRbSsh::Logger.initialize logger if logger
+
+  auth_none = HrrRbSsh::Authentication::Authenticator.new { |context|
+    context.authentication_methods.push 'publickey'
+    HrrRbSsh::Authentication::PARTIAL_SUCCESS
+  }
+  auth_publickey = HrrRbSsh::Authentication::Authenticator.new { |context|
+    users = ['user1', 'user2']
+    is_verified = users.any?{ |username|
+      passwd = Etc.getpwnam(username)
+      homedir = passwd.dir
+      authorized_keys = HrrRbSsh::Compat::OpenSSH::AuthorizedKeys.new(File.read(File.join(homedir, '.ssh', 'authorized_keys')))
+      authorized_keys.any?{ |public_key| context.verify username, public_key.algorithm_name, public_key.to_pem }
+    }
+    if is_verified
+      context.authentication_methods.push 'password'
+      HrrRbSsh::Authentication::PARTIAL_SUCCESS
+    else
+      HrrRbSsh::Authentication::FAILURE
+    end
+  }
+  auth_password = HrrRbSsh::Authentication::Authenticator.new { |context|
+    user_and_pass = [
+      ['user1',  'password1'],
+      ['user2',  'password2'],
+    ]
+    is_verified = user_and_pass.any? { |user, pass| context.verify user, pass }
+    if is_verified
+      HrrRbSsh::Authentication::SUCCESS # or HrrRbSsh::Authentication::PARTIAL_SUCCESS
+    else
+      HrrRbSsh::Authentication::FAILURE
+    end
+  }
+
+  auth_preferred_authentication_methods = ["none"]
+
+
+  options = {}
+
+  options['authentication_none_authenticator']      = auth_none
+  options['authentication_publickey_authenticator'] = auth_publickey
+  options['authentication_password_authenticator']  = auth_password
+
+  options['authentication_preferred_authentication_methods'] = auth_preferred_authentication_methods
+
+  options['connection_channel_request_pty_req']       = HrrRbSsh::Connection::RequestHandler::ReferencePtyReqRequestHandler.new
+  options['connection_channel_request_env']           = HrrRbSsh::Connection::RequestHandler::ReferenceEnvRequestHandler.new
+  options['connection_channel_request_shell']         = HrrRbSsh::Connection::RequestHandler::ReferenceShellRequestHandler.new
+  options['connection_channel_request_exec']          = HrrRbSsh::Connection::RequestHandler::ReferenceExecRequestHandler.new
+  options['connection_channel_request_window_change'] = HrrRbSsh::Connection::RequestHandler::ReferenceWindowChangeRequestHandler.new
+
+  server = HrrRbSsh::Server.new options
+  server.start io
+end
+
+
+logger = Logger.new STDOUT
+logger.level = Logger::INFO
+
+server = TCPServer.new 10022
+loop do
+  Thread.new(server.accept) do |io|
+    begin
+      pid = fork do
+        begin
+          start_service io, logger
+        rescue => e
+          logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
+          exit false
+        end
+      end
+      logger.info { "process #{pid} started" }
+      io.close rescue nil
+      pid, status = Process.waitpid2 pid
+    rescue => e
+      logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
+    ensure
+      status ||= nil
+      logger.info { "process #{pid} finished with status #{status.inspect}" }
+    end
+  end
+end

data/demo/multi_step_auth.rb

@@ -0,0 +1,93 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'logger'
+require 'socket'
+
+
+def start_service io, logger=nil
+  require 'etc'
+
+  begin
+    require 'hrr_rb_ssh'
+  rescue LoadError
+    $:.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+    require 'hrr_rb_ssh'
+  end
+
+  HrrRbSsh::Logger.initialize logger if logger
+
+  auth_publickey = HrrRbSsh::Authentication::Authenticator.new { |context|
+    users = ['user1', 'user2']
+    is_verified = users.any?{ |username|
+      passwd = Etc.getpwnam(username)
+      homedir = passwd.dir
+      authorized_keys = HrrRbSsh::Compat::OpenSSH::AuthorizedKeys.new(File.read(File.join(homedir, '.ssh', 'authorized_keys')))
+      authorized_keys.any?{ |public_key| context.verify username, public_key.algorithm_name, public_key.to_pem }
+    }
+    if is_verified
+      HrrRbSsh::Authentication::PARTIAL_SUCCESS
+    else
+      HrrRbSsh::Authentication::FAILURE
+    end
+  }
+  auth_password = HrrRbSsh::Authentication::Authenticator.new { |context|
+    user_and_pass = [
+      ['user1',  'password1'],
+      ['user2',  'password2'],
+    ]
+    is_verified = user_and_pass.any? { |user, pass| context.verify user, pass }
+    if is_verified
+      HrrRbSsh::Authentication::PARTIAL_SUCCESS
+    else
+      HrrRbSsh::Authentication::FAILURE
+    end
+  }
+
+  auth_preferred_authentication_methods = ["publickey", "password"]
+
+
+  options = {}
+
+  options['authentication_publickey_authenticator'] = auth_publickey
+  options['authentication_password_authenticator']  = auth_password
+
+  options['authentication_preferred_authentication_methods'] = auth_preferred_authentication_methods
+
+  options['connection_channel_request_pty_req']       = HrrRbSsh::Connection::RequestHandler::ReferencePtyReqRequestHandler.new
+  options['connection_channel_request_env']           = HrrRbSsh::Connection::RequestHandler::ReferenceEnvRequestHandler.new
+  options['connection_channel_request_shell']         = HrrRbSsh::Connection::RequestHandler::ReferenceShellRequestHandler.new
+  options['connection_channel_request_exec']          = HrrRbSsh::Connection::RequestHandler::ReferenceExecRequestHandler.new
+  options['connection_channel_request_window_change'] = HrrRbSsh::Connection::RequestHandler::ReferenceWindowChangeRequestHandler.new
+
+  server = HrrRbSsh::Server.new options
+  server.start io
+end
+
+
+logger = Logger.new STDOUT
+logger.level = Logger::INFO
+
+server = TCPServer.new 10022
+loop do
+  Thread.new(server.accept) do |io|
+    begin
+      pid = fork do
+        begin
+          start_service io, logger
+        rescue => e
+          logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
+          exit false
+        end
+      end
+      logger.info { "process #{pid} started" }
+      io.close rescue nil
+      pid, status = Process.waitpid2 pid
+    rescue => e
+      logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
+    ensure
+      status ||= nil
+      logger.info { "process #{pid} finished with status #{status.inspect}" }
+    end
+  end
+end

data/lib/hrr_rb_ssh/authentication.rb

@@ -4,12 +4,13 @@
 require 'hrr_rb_ssh/logger'
 require 'hrr_rb_ssh/message'
 require 'hrr_rb_ssh/error/closed_authentication'
+require 'hrr_rb_ssh/authentication/constant'
 require 'hrr_rb_ssh/authentication/authenticator'
 require 'hrr_rb_ssh/authentication/method'
 
 module HrrRbSsh
   class Authentication
-    SERVICE_NAME = 'ssh-userauth'
+    include Constant
 
     def initialize transport, options={}
       @transport = transport
@@ -69,27 +70,44 @@ module HrrRbSsh
     end
 
     def authenticate
+      authentication_methods = (@options['authentication_preferred_authentication_methods'].dup rescue nil) || Method.list_preferred # rescue nil.dup for Ruby version < 2.4
+      @logger.info { "preferred authentication methods: #{authentication_methods}" }
       loop do
         payload = @transport.receive
         case payload[0,1].unpack("C")[0]
         when Message::SSH_MSG_USERAUTH_REQUEST::VALUE
           userauth_request_message = Message::SSH_MSG_USERAUTH_REQUEST.decode payload
           method_name = userauth_request_message[:'method name']
-          method = Method[method_name].new(@transport, {'session id' => @transport.session_id}.merge(@options), @variables)
+          @logger.info { "authentication method: #{method_name}" }
+          method = Method[method_name].new(@transport, {'session id' => @transport.session_id}.merge(@options), @variables, authentication_methods)
           result = method.authenticate(userauth_request_message)
           case result
-          when TrueClass
+          when true, SUCCESS
             @logger.info { "verified" }
             send_userauth_success
             @username = userauth_request_message[:'user name']
             @closed = false
             break
-          when FalseClass
-            @logger.info { "verify failed" }
-            send_userauth_failure
+          when PARTIAL_SUCCESS
+            @logger.info { "partially verified" }
+            authentication_methods.delete method_name
+            @logger.debug { "authentication methods that can continue: #{authentication_methods}" }
+            if authentication_methods.empty?
+              @logger.info { "verified" }
+              send_userauth_success
+              @username = userauth_request_message[:'user name']
+              @closed = false
+              break
+            else
+              @logger.info { "continue" }
+              send_userauth_failure authentication_methods, true
+            end
           when String
             @logger.info { "send method specific message to continue" }
             send_method_specific_message result
+          else # when false, FAILURE
+            @logger.info { "verify failed" }
+            send_userauth_failure authentication_methods, false
           end
         else
           @closed = true
@@ -98,11 +116,11 @@ module HrrRbSsh
       end
     end
 
-    def send_userauth_failure
+    def send_userauth_failure authentication_methods, partial_success
       message = {
         :'message number'                    => Message::SSH_MSG_USERAUTH_FAILURE::VALUE,
-        :'authentications that can continue' => Method.list_preferred,
-        :'partial success'                   => false,
+        :'authentications that can continue' => authentication_methods,
+        :'partial success'                   => partial_success,
       }
       payload = Message::SSH_MSG_USERAUTH_FAILURE.encode message
       @transport.send payload

data/lib/hrr_rb_ssh/authentication/constant.rb

@@ -0,0 +1,14 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+module HrrRbSsh
+  class Authentication
+    module Constant
+      SERVICE_NAME = 'ssh-userauth'
+
+      SUCCESS         = :success
+      PARTIAL_SUCCESS = :partial_success
+      FAILURE         = :failure
+    end
+  end
+end

data/lib/hrr_rb_ssh/authentication/method/keyboard_interactive.rb

@@ -10,11 +10,12 @@ module HrrRbSsh
         NAME = 'keyboard-interactive'
         PREFERENCE = 30
 
-        def initialize transport, options, variables
+        def initialize transport, options, variables, authentication_methods
           @logger = Logger.new(self.class.name)
           @transport = transport
           @authenticator = options.fetch( 'authentication_keyboard_interactive_authenticator', Authenticator.new { false } )
           @variables = variables
+          @authentication_methods = authentication_methods
         end
 
         def authenticate userauth_request_message
@@ -22,7 +23,7 @@ module HrrRbSsh
           @logger.debug { "userauth request: " + userauth_request_message.inspect }
           username = userauth_request_message[:'user name']
           submethods = userauth_request_message[:'submethods']
-          context = Context.new(@transport, username, submethods, @variables)
+          context = Context.new(@transport, username, submethods, @variables, @authentication_methods)
           @authenticator.authenticate context
         end
       end

data/lib/hrr_rb_ssh/authentication/method/keyboard_interactive/context.rb

@@ -15,14 +15,16 @@ module HrrRbSsh
             :submethods,
             :info_response,
             :variables,
-            :vars
+            :vars,
+            :authentication_methods
 
-          def initialize transport, username, submethods, variables
+          def initialize transport, username, submethods, variables, authentication_methods
             @transport = transport
             @username = username
             @submethods = submethods
             @variables = variables
             @vars = variables
+            @authentication_methods = authentication_methods
 
             @logger = Logger.new self.class.name
           end

data/lib/hrr_rb_ssh/authentication/method/none.rb

@@ -10,16 +10,17 @@ module HrrRbSsh
         NAME = 'none'
         PREFERENCE = 0
 
-        def initialize transport, options, variables
+        def initialize transport, options, variables, authentication_methods
           @logger = Logger.new(self.class.name)
           @authenticator = options.fetch( 'authentication_none_authenticator', Authenticator.new { false } )
           @variables = variables
+          @authentication_methods = authentication_methods
         end
 
         def authenticate userauth_request_message
           @logger.info { "authenticate" }
           @logger.debug { "userauth request: " + userauth_request_message.inspect }
-          context = Context.new(userauth_request_message[:'user name'], @variables)
+          context = Context.new(userauth_request_message[:'user name'], @variables, @authentication_methods)
           @authenticator.authenticate context
         end
       end

data/lib/hrr_rb_ssh/authentication/method/none/context.rb

@@ -11,12 +11,14 @@ module HrrRbSsh
           attr_reader \
             :username,
             :variables,
-            :vars
+            :vars,
+            :authentication_methods
 
-          def initialize username, variables
+          def initialize username, variables, authentication_methods
             @username = username
             @variables = variables
             @vars = variables
+            @authentication_methods = authentication_methods
 
             @logger = Logger.new self.class.name
           end

data/lib/hrr_rb_ssh/authentication/method/password.rb

@@ -10,10 +10,11 @@ module HrrRbSsh
         NAME = 'password'
         PREFERENCE = 10
 
-        def initialize transport, options, variables
+        def initialize transport, options, variables, authentication_methods
           @logger = Logger.new(self.class.name)
           @authenticator = options.fetch( 'authentication_password_authenticator', Authenticator.new { false } )
           @variables = variables
+          @authentication_methods = authentication_methods
         end
 
         def authenticate userauth_request_message
@@ -21,7 +22,7 @@ module HrrRbSsh
           @logger.debug { "userauth request: " + userauth_request_message.inspect }
           username = userauth_request_message[:'user name']
           password = userauth_request_message[:'plaintext password']
-          context = Context.new(username, password, @variables)
+          context = Context.new(username, password, @variables, @authentication_methods)
           @authenticator.authenticate context
         end
       end

data/lib/hrr_rb_ssh/authentication/method/password/context.rb

@@ -12,13 +12,15 @@ module HrrRbSsh
             :username,
             :password,
             :variables,
-            :vars
+            :vars,
+            :authentication_methods
 
-          def initialize username, password, variables
+          def initialize username, password, variables, authentication_methods
             @username = username
             @password = password
             @variables = variables
             @vars = variables
+            @authentication_methods = authentication_methods
 
             @logger = Logger.new self.class.name
           end

data/lib/hrr_rb_ssh/authentication/method/publickey.rb

@@ -10,11 +10,12 @@ module HrrRbSsh
         NAME = 'publickey'
         PREFERENCE = 20
 
-        def initialize transport, options, variables
+        def initialize transport, options, variables, authentication_methods
           @logger = Logger.new(self.class.name)
           @session_id = options['session id']
           @authenticator = options.fetch( 'authentication_publickey_authenticator', Authenticator.new { false } )
           @variables = variables
+          @authentication_methods = authentication_methods
         end
 
         def authenticate userauth_request_message
@@ -31,7 +32,7 @@ module HrrRbSsh
             @logger.info { "verify signature" }
             username = userauth_request_message[:'user name']
             algorithm = Algorithm[public_key_algorithm_name].new
-            context = Context.new(username, algorithm, @session_id, userauth_request_message, @variables)
+            context = Context.new(username, algorithm, @session_id, userauth_request_message, @variables, @authentication_methods)
             @authenticator.authenticate context
           end
         end

data/lib/hrr_rb_ssh/authentication/method/publickey/context.rb

@@ -13,6 +13,7 @@ module HrrRbSsh
             :session_id,
             :variables,
             :vars,
+            :authentication_methods,
             :message_number,
             :service_name,
             :method_name,
@@ -21,13 +22,14 @@ module HrrRbSsh
             :public_key_blob,
             :signature
 
-          def initialize username, algorithm, session_id, message, variables
+          def initialize username, algorithm, session_id, message, variables, authentication_methods
             @username   = username
             @algorithm  = algorithm
             @session_id = session_id
             @message    = message
             @variables  = variables
             @vars       = variables
+            @authentication_methods = authentication_methods
 
             @message_number            = message[:'message number']
             @service_name              = message[:'service name']

data/lib/hrr_rb_ssh/version.rb

@@ -2,5 +2,5 @@
 # vim: et ts=2 sw=2
 
 module HrrRbSsh
-  VERSION = "0.3.0.pre2"
+  VERSION = "0.3.0.pre3"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hrr_rb_ssh
 version: !ruby/object:Gem::Version
-  version: 0.3.0.pre2
+  version: 0.3.0.pre3
 platform: ruby
 authors:
 - hirura
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-06-20 00:00:00.000000000 Z
+date: 2019-07-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ed25519
@@ -82,6 +82,8 @@ files:
 - README.md
 - Rakefile
 - demo/echo_server.rb
+- demo/more_flexible_auth.rb
+- demo/multi_step_auth.rb
 - demo/server.rb
 - demo/subsystem_echo_server.rb
 - hrr_rb_ssh.gemspec
@@ -109,6 +111,7 @@ files:
 - lib/hrr_rb_ssh/algorithm/publickey/ssh_rsa/signature.rb
 - lib/hrr_rb_ssh/authentication.rb
 - lib/hrr_rb_ssh/authentication/authenticator.rb
+- lib/hrr_rb_ssh/authentication/constant.rb
 - lib/hrr_rb_ssh/authentication/method.rb
 - lib/hrr_rb_ssh/authentication/method/keyboard_interactive.rb
 - lib/hrr_rb_ssh/authentication/method/keyboard_interactive/context.rb