jayniz-net-ssh 2.0.15

data/lib/net/ssh/verifiers/lenient.rb

@@ -0,0 +1,30 @@
+require 'net/ssh/verifiers/strict'
+
+module Net; module SSH; module Verifiers
+
+  # Basically the same as the Strict verifier, but does not try to actually
+  # verify a connection if the server is the localhost and the port is a
+  # nonstandard port number. Those two conditions will typically mean the
+  # connection is being tunnelled through a forwarded port, so the known-hosts
+  # file will not be helpful (in general).
+  class Lenient < Strict
+    # Tries to determine if the connection is being tunnelled, and if so,
+    # returns true. Otherwise, performs the standard strict verification.
+    def verify(arguments)
+      return true if tunnelled?(arguments)
+      super
+    end
+
+    private
+
+      # A connection is potentially being tunnelled if the port is not 22,
+      # and the ip refers to the localhost.
+      def tunnelled?(args)
+        return false if args[:session].port == Net::SSH::Transport::Session::DEFAULT_PORT
+        
+        ip = args[:session].peer[:ip]
+        return ip == "127.0.0.1" || ip == "::1"
+      end
+  end
+
+end; end; end

data/lib/net/ssh/verifiers/null.rb

@@ -0,0 +1,12 @@
+module Net; module SSH; module Verifiers
+
+  # The Null host key verifier simply allows every key it sees, without
+  # bothering to verify. This is simple, but is not particularly secure.
+  class Null
+    # Returns true.
+    def verify(arguments)
+      true
+    end
+  end
+
+end; end; end

data/lib/net/ssh/verifiers/strict.rb

@@ -0,0 +1,53 @@
+require 'net/ssh/errors'
+require 'net/ssh/known_hosts'
+
+module Net; module SSH; module Verifiers
+
+  # Does a strict host verification, looking the server up in the known
+  # host files to see if a key has already been seen for this server. If this
+  # server does not appear in any host file, this will silently add the
+  # server. If the server does appear at least once, but the key given does
+  # not match any known for the server, an exception will be raised (HostKeyMismatch).
+  # Otherwise, this returns true.
+  class Strict
+    def verify(arguments)
+      options = arguments[:session].options
+      host = options[:host_key_alias] || arguments[:session].host_as_string
+      matches = Net::SSH::KnownHosts.search_for(host, arguments[:session].options)
+
+      # we've never seen this host before, so just automatically add the key.
+      # not the most secure option (since the first hit might be the one that
+      # is hacked), but since almost nobody actually compares the key
+      # fingerprint, this is a reasonable compromise between usability and
+      # security.
+      if matches.empty?
+        ip = arguments[:session].peer[:ip]
+        Net::SSH::KnownHosts.add(host, arguments[:key], arguments[:session].options)
+        return true
+      end
+
+      # If we found any matches, check to see that the key type and
+      # blob also match.
+      found = matches.any? do |key|
+        key.ssh_type == arguments[:key].ssh_type &&
+        key.to_blob  == arguments[:key].to_blob
+      end
+
+      # If a match was found, return true. Otherwise, raise an exception
+      # indicating that the key was not recognized.
+      found || process_cache_miss(host, arguments)
+    end
+
+    private
+
+      def process_cache_miss(host, args)
+        exception = HostKeyMismatch.new("fingerprint #{args[:fingerprint]} does not match for #{host.inspect}")
+        exception.data = args
+        exception.callback = Proc.new do
+          Net::SSH::KnownHosts.add(host, args[:key], args[:session].options)
+        end
+        raise exception
+      end
+  end
+
+end; end; end

data/lib/net/ssh/version.rb

@@ -0,0 +1,62 @@
+module Net; module SSH
+  # A class for describing the current version of a library. The version
+  # consists of three parts: the +major+ number, the +minor+ number, and the
+  # +tiny+ (or +patch+) number.
+  #
+  # Two Version instances may be compared, so that you can test that a version
+  # of a library is what you require:
+  #
+  #   require 'net/ssh/version'
+  #
+  #   if Net::SSH::Version::CURRENT < Net::SSH::Version[2,1,0]
+  #     abort "your software is too old!"
+  #   end
+  class Version
+    include Comparable
+
+    # A convenience method for instantiating a new Version instance with the
+    # given +major+, +minor+, and +tiny+ components.
+    def self.[](major, minor, tiny)
+      new(major, minor, tiny)
+    end
+
+    attr_reader :major, :minor, :tiny
+
+    # Create a new Version object with the given components.
+    def initialize(major, minor, tiny)
+      @major, @minor, @tiny = major, minor, tiny
+    end
+
+    # Compare this version to the given +version+ object.
+    def <=>(version)
+      to_i <=> version.to_i
+    end
+
+    # Converts this version object to a string, where each of the three
+    # version components are joined by the '.' character. E.g., 2.0.0.
+    def to_s
+      @to_s ||= [@major, @minor, @tiny].join(".")
+    end
+
+    # Converts this version to a canonical integer that may be compared
+    # against other version objects.
+    def to_i
+      @to_i ||= @major * 1_000_000 + @minor * 1_000 + @tiny
+    end
+
+    # The major component of this version of the Net::SSH library
+    MAJOR = 2
+
+    # The minor component of this version of the Net::SSH library
+    MINOR = 0
+
+    # The tiny component of this version of the Net::SSH library
+    TINY  = 15
+
+    # The current version of the Net::SSH library as a Version instance
+    CURRENT = new(MAJOR, MINOR, TINY)
+
+    # The current version of the Net::SSH library as a String
+    STRING = CURRENT.to_s
+  end
+end; end

data/lib/net/ssh.rb

@@ -0,0 +1,215 @@
+# Make sure HOME is set, regardless of OS, so that File.expand_path works
+# as expected with tilde characters.
+ENV['HOME'] ||= ENV['HOMEPATH'] ? "#{ENV['HOMEDRIVE']}#{ENV['HOMEPATH']}" : "."
+
+require 'logger'
+
+require 'net/ssh/config'
+require 'net/ssh/errors'
+require 'net/ssh/loggable'
+require 'net/ssh/transport/session'
+require 'net/ssh/authentication/session'
+require 'net/ssh/connection/session'
+
+module Net
+
+  # Net::SSH is a library for interacting, programmatically, with remote
+  # processes via the SSH2 protocol. Sessions are always initiated via
+  # Net::SSH.start. From there, a program interacts with the new SSH session
+  # via the convenience methods on Net::SSH::Connection::Session, by opening
+  # and interacting with new channels (Net::SSH::Connection:Session#open_channel
+  # and Net::SSH::Connection::Channel), or by forwarding local and/or
+  # remote ports through the connection (Net::SSH::Service::Forward).
+  #
+  # The SSH protocol is very event-oriented. Requests are sent from the client
+  # to the server, and are answered asynchronously. This gives great flexibility
+  # (since clients can have multiple requests pending at a time), but it also
+  # adds complexity. Net::SSH tries to manage this complexity by providing
+  # some simpler methods of synchronous communication (see Net::SSH::Connection::Session#exec!).
+  #
+  # In general, though, and if you want to do anything more complicated than
+  # simply executing commands and capturing their output, you'll need to use
+  # channels (Net::SSH::Connection::Channel) to build state machines that are
+  # executed while the event loop runs (Net::SSH::Connection::Session#loop).
+  #
+  # Net::SSH::Connection::Session and Net::SSH::Connection::Channel have more
+  # information about this technique.
+  #
+  # = "Um, all I want to do is X, just show me how!"
+  #
+  # == X == "execute a command and capture the output"
+  #
+  #   Net::SSH.start("host", "user", :password => "password") do |ssh|
+  #     result = ssh.exec!("ls -l")
+  #     puts result
+  #   end
+  #
+  # == X == "forward connections on a local port to a remote host"
+  #
+  #   Net::SSH.start("host", "user", :password => "password") do |ssh|
+  #     ssh.forward.local(1234, "www.google.com", 80)
+  #     ssh.loop { true }
+  #   end
+  #
+  # == X == "forward connections on a remote port to the local host"
+  #
+  #   Net::SSH.start("host", "user", :password => "password") do |ssh|
+  #     ssh.forward.remote(80, "www.google.com", 1234)
+  #     ssh.loop { true }
+  #   end
+  module SSH
+    # This is the set of options that Net::SSH.start recognizes. See
+    # Net::SSH.start for a description of each option.
+    VALID_OPTIONS = [
+      :auth_methods, :compression, :compression_level, :config, :encryption,
+      :forward_agent, :hmac, :host_key, :kex, :keys, :key_data, :languages,
+      :logger, :paranoid, :password, :port, :proxy, :rekey_blocks_limit,
+      :rekey_limit, :rekey_packet_limit, :timeout, :verbose,
+      :global_known_hosts_file, :user_known_hosts_file, :host_key_alias,
+      :host_name, :user, :properties, :passphrase
+    ]
+
+    # The standard means of starting a new SSH connection. When used with a
+    # block, the connection will be closed when the block terminates, otherwise
+    # the connection will just be returned. The yielded (or returned) value
+    # will be an instance of Net::SSH::Connection::Session (q.v.). (See also
+    # Net::SSH::Connection::Channel and Net::SSH::Service::Forward.)
+    #
+    #   Net::SSH.start("host", "user") do |ssh|
+    #     ssh.exec! "cp /some/file /another/location"
+    #     hostname = ssh.exec!("hostname")
+    #
+    #     ssh.open_channel do |ch|
+    #       ch.exec "sudo -p 'sudo password: ' ls" do |ch, success|
+    #         abort "could not execute sudo ls" unless success
+    #
+    #         ch.on_data do |ch, data|
+    #           print data
+    #           if data =~ /sudo password: /
+    #             ch.send_data("password\n")
+    #           end
+    #         end
+    #       end
+    #     end
+    #
+    #     ssh.loop
+    #   end
+    #
+    # This method accepts the following options (all are optional):
+    #
+    # * :auth_methods => an array of authentication methods to try
+    # * :compression => the compression algorithm to use, or +true+ to use
+    #   whatever is supported.
+    # * :compression_level => the compression level to use when sending data
+    # * :config => set to +true+ to load the default OpenSSH config files
+    #   (~/.ssh/config, /etc/ssh_config), or to +false+ to not load them, or to
+    #   a file-name (or array of file-names) to load those specific configuration
+    #   files. Defaults to +true+.
+    # * :encryption => the encryption cipher (or ciphers) to use
+    # * :forward_agent => set to true if you want the SSH agent connection to
+    #   be forwarded
+    # * :global_known_hosts_file => the location of the global known hosts
+    #   file. Set to an array if you want to specify multiple global known
+    #   hosts files. Defaults to %w(/etc/ssh/known_hosts /etc/ssh/known_hosts2).
+    # * :hmac => the hmac algorithm (or algorithms) to use
+    # * :host_key => the host key algorithm (or algorithms) to use
+    # * :host_key_alias => the host name to use when looking up or adding a
+    #   host to a known_hosts dictionary file
+    # * :host_name => the real host name or IP to log into. This is used
+    #   instead of the +host+ parameter, and is primarily only useful when
+    #   specified in an SSH configuration file. It lets you specify an 
+    #   "alias", similarly to adding an entry in /etc/hosts but without needing
+    #   to modify /etc/hosts.
+    # * :kex => the key exchange algorithm (or algorithms) to use
+    # * :keys => an array of file names of private keys to use for publickey
+    #   and hostbased authentication
+    # * :key_data => an array of strings, with each element of the array being
+    #   a raw private key in PEM format.
+    # * :logger => the logger instance to use when logging
+    # * :paranoid => either true, false, or :very, specifying how strict
+    #   host-key verification should be
+    # * :passphrase => the passphrase to use when loading a private key (default
+    #   is +nil+, for no passphrase)
+    # * :password => the password to use to login
+    # * :port => the port to use when connecting to the remote host
+    # * :properties => a hash of key/value pairs to add to the new connection's
+    #   properties (see Net::SSH::Connection::Session#properties)
+    # * :proxy => a proxy instance (see Proxy) to use when connecting
+    # * :rekey_blocks_limit => the max number of blocks to process before rekeying
+    # * :rekey_limit => the max number of bytes to process before rekeying
+    # * :rekey_packet_limit => the max number of packets to process before rekeying
+    # * :timeout => how long to wait for the initial connection to be made
+    # * :user => the user name to log in as; this overrides the +user+
+    #   parameter, and is primarily only useful when provided via an SSH
+    #   configuration file.
+    # * :user_known_hosts_file => the location of the user known hosts file.
+    #   Set to an array to specify multiple user known hosts files.
+    #   Defaults to %w(~/.ssh/known_hosts ~/.ssh/known_hosts2).
+    # * :verbose => how verbose to be (Logger verbosity constants, Logger::DEBUG
+    #   is very verbose, Logger::FATAL is all but silent). Logger::FATAL is the
+    #   default. The symbols :debug, :info, :warn, :error, and :fatal are also
+    #   supported and are translated to the corresponding Logger constant.
+    def self.start(host, user, options={}, &block)
+      invalid_options = options.keys - VALID_OPTIONS
+      if invalid_options.any?
+        raise ArgumentError, "invalid option(s): #{invalid_options.join(', ')}"
+      end
+
+      options[:user] = user if user
+      options = configuration_for(host, options.fetch(:config, true)).merge(options)
+      host = options.fetch(:host_name, host)
+
+      if !options.key?(:logger)
+        options[:logger] = Logger.new(STDERR)
+        options[:logger].level = Logger::FATAL
+      end
+
+      if options[:verbose]
+        options[:logger].level = case options[:verbose]
+          when Fixnum then options[:verbose]
+          when :debug then Logger::DEBUG
+          when :info  then Logger::INFO
+          when :warn  then Logger::WARN
+          when :error then Logger::ERROR
+          when :fatal then Logger::FATAL
+          else raise ArgumentError, "can't convert #{options[:verbose].inspect} to any of the Logger level constants"
+        end
+      end
+
+      transport = Transport::Session.new(host, options)
+      auth = Authentication::Session.new(transport, options)
+
+      user = options.fetch(:user, user)
+      if auth.authenticate("ssh-connection", user, options[:password])
+        connection = Connection::Session.new(transport, options)
+        if block_given?
+          yield connection
+          connection.close
+        else
+          return connection
+        end
+      else
+        raise AuthenticationFailed, user
+      end
+    end
+
+    # Returns a hash of the configuration options for the given host, as read
+    # from the SSH configuration file(s). If +use_ssh_config+ is true (the
+    # default), this will load configuration from both ~/.ssh/config and
+    # /etc/ssh_config. If +use_ssh_config+ is nil or false, nothing will be
+    # loaded (and an empty hash returned). Otherwise, +use_ssh_config+ may
+    # be a file name (or array of file names) of SSH configuration file(s)
+    # to read.
+    #
+    # See Net::SSH::Config for the full description of all supported options.
+    def self.configuration_for(host, use_ssh_config=true)
+      files = case use_ssh_config
+        when true then Net::SSH::Config.default_files
+        when false, nil then return {}
+        else Array(use_ssh_config)
+        end
+      
+      Net::SSH::Config.for(host, files)
+    end
+  end
+end

data/net-ssh.gemspec

@@ -0,0 +1,131 @@
+@spec = Gem::Specification.new do |s|
+	s.name = "net-ssh"
+  s.rubyforge_project = 'net-ssh'
+	s.version = "2.0.15"
+	s.summary = "Net::SSH: a pure-Ruby implementation of the SSH2 client protocol."
+	s.description = s.summary
+	s.authors = ["Jamis Buck", "Delano Mandelbaum"]
+	s.email = ["net-ssh@solutious.com", "net-ssh@solutious.com"]
+	s.homepage = "http://rubyforge.org/projects/net-ssh/"
+  
+  s.extra_rdoc_files = %w[README.rdoc THANKS.rdoc CHANGELOG.rdoc]
+  s.has_rdoc = true
+  s.rdoc_options = ["--line-numbers", "--title", s.summary, "--main", "README.rdoc"]
+  s.require_paths = %w[lib]
+  s.rubygems_version = '1.3.2'
+  
+  s.executables = %w[]
+  
+  # = MANIFEST =
+  s.files = %w(
+  CHANGELOG.rdoc
+  Manifest
+  README.rdoc
+  Rakefile
+  Rudyfile
+  THANKS.rdoc
+  lib/net/ssh.rb
+  lib/net/ssh/authentication/agent.rb
+  lib/net/ssh/authentication/constants.rb
+  lib/net/ssh/authentication/key_manager.rb
+  lib/net/ssh/authentication/methods/abstract.rb
+  lib/net/ssh/authentication/methods/hostbased.rb
+  lib/net/ssh/authentication/methods/keyboard_interactive.rb
+  lib/net/ssh/authentication/methods/password.rb
+  lib/net/ssh/authentication/methods/publickey.rb
+  lib/net/ssh/authentication/pageant.rb
+  lib/net/ssh/authentication/session.rb
+  lib/net/ssh/buffer.rb
+  lib/net/ssh/buffered_io.rb
+  lib/net/ssh/config.rb
+  lib/net/ssh/connection/channel.rb
+  lib/net/ssh/connection/constants.rb
+  lib/net/ssh/connection/session.rb
+  lib/net/ssh/connection/term.rb
+  lib/net/ssh/errors.rb
+  lib/net/ssh/key_factory.rb
+  lib/net/ssh/known_hosts.rb
+  lib/net/ssh/loggable.rb
+  lib/net/ssh/packet.rb
+  lib/net/ssh/prompt.rb
+  lib/net/ssh/proxy/errors.rb
+  lib/net/ssh/proxy/http.rb
+  lib/net/ssh/proxy/socks4.rb
+  lib/net/ssh/proxy/socks5.rb
+  lib/net/ssh/ruby_compat.rb
+  lib/net/ssh/service/forward.rb
+  lib/net/ssh/test.rb
+  lib/net/ssh/test/channel.rb
+  lib/net/ssh/test/extensions.rb
+  lib/net/ssh/test/kex.rb
+  lib/net/ssh/test/local_packet.rb
+  lib/net/ssh/test/packet.rb
+  lib/net/ssh/test/remote_packet.rb
+  lib/net/ssh/test/script.rb
+  lib/net/ssh/test/socket.rb
+  lib/net/ssh/transport/algorithms.rb
+  lib/net/ssh/transport/cipher_factory.rb
+  lib/net/ssh/transport/constants.rb
+  lib/net/ssh/transport/hmac.rb
+  lib/net/ssh/transport/hmac/abstract.rb
+  lib/net/ssh/transport/hmac/md5.rb
+  lib/net/ssh/transport/hmac/md5_96.rb
+  lib/net/ssh/transport/hmac/none.rb
+  lib/net/ssh/transport/hmac/sha1.rb
+  lib/net/ssh/transport/hmac/sha1_96.rb
+  lib/net/ssh/transport/identity_cipher.rb
+  lib/net/ssh/transport/kex.rb
+  lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb
+  lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb
+  lib/net/ssh/transport/openssl.rb
+  lib/net/ssh/transport/packet_stream.rb
+  lib/net/ssh/transport/server_version.rb
+  lib/net/ssh/transport/session.rb
+  lib/net/ssh/transport/state.rb
+  lib/net/ssh/verifiers/lenient.rb
+  lib/net/ssh/verifiers/null.rb
+  lib/net/ssh/verifiers/strict.rb
+  lib/net/ssh/version.rb
+  net-ssh.gemspec
+  setup.rb
+  support/arcfour_check.rb
+  test/authentication/methods/common.rb
+  test/authentication/methods/test_abstract.rb
+  test/authentication/methods/test_hostbased.rb
+  test/authentication/methods/test_keyboard_interactive.rb
+  test/authentication/methods/test_password.rb
+  test/authentication/methods/test_publickey.rb
+  test/authentication/test_agent.rb
+  test/authentication/test_key_manager.rb
+  test/authentication/test_session.rb
+  test/common.rb
+  test/configs/eqsign
+  test/configs/exact_match
+  test/configs/multihost
+  test/configs/wild_cards
+  test/connection/test_channel.rb
+  test/connection/test_session.rb
+  test/test_all.rb
+  test/test_buffer.rb
+  test/test_buffered_io.rb
+  test/test_config.rb
+  test/test_key_factory.rb
+  test/transport/hmac/test_md5.rb
+  test/transport/hmac/test_md5_96.rb
+  test/transport/hmac/test_none.rb
+  test/transport/hmac/test_sha1.rb
+  test/transport/hmac/test_sha1_96.rb
+  test/transport/kex/test_diffie_hellman_group1_sha1.rb
+  test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb
+  test/transport/test_algorithms.rb
+  test/transport/test_cipher_factory.rb
+  test/transport/test_hmac.rb
+  test/transport/test_identity_cipher.rb
+  test/transport/test_packet_stream.rb
+  test/transport/test_server_version.rb
+  test/transport/test_session.rb
+  test/transport/test_state.rb
+  )
+
+  
+end