jayniz-net-ssh 2.0.15

data/lib/net/ssh/ruby_compat.rb

@@ -0,0 +1,43 @@
+require 'thread'
+
+class String
+  if RUBY_VERSION < "1.9"
+    def getbyte(index)
+      self[index]
+    end
+  end
+end
+
+module Net; module SSH
+  
+  # This class contains miscellaneous patches and workarounds
+  # for different ruby implementations.
+  class Compat
+    
+    # A workaround for an IO#select threading bug in certain versions of MRI 1.8.
+    # See: http://net-ssh.lighthouseapp.com/projects/36253/tickets/1-ioselect-threading-bug-in-ruby-18
+    # The root issue is documented here: http://redmine.ruby-lang.org/issues/show/1993
+    if RUBY_VERSION >= '1.9' || RUBY_PLATFORM == 'java'
+      def self.io_select(*params)
+        IO.select(*params)
+      end
+    else
+      SELECT_MUTEX = Mutex.new
+      def self.io_select(*params)
+        # It should be safe to wrap calls in a mutex when the timeout is 0
+        # (that is, the call is not supposed to block).
+        # We leave blocking calls unprotected to avoid causing deadlocks.
+        # This should still catch the main case for Capistrano users.
+        if params[3] == 0
+          SELECT_MUTEX.synchronize do
+            IO.select(*params)
+          end
+        else
+          IO.select(*params)
+        end
+      end
+    end
+    
+  end
+  
+end; end

data/lib/net/ssh/service/forward.rb

@@ -0,0 +1,267 @@
+require 'net/ssh/loggable'
+
+module Net; module SSH; module Service
+
+  # This class implements various port forwarding services for use by
+  # Net::SSH clients. The Forward class should never need to be instantiated
+  # directly; instead, it should be accessed via the singleton instance
+  # returned by Connection::Session#forward:
+  #
+  #   ssh.forward.local(1234, "www.capify.org", 80)
+  class Forward
+    include Loggable
+
+    # The underlying connection service instance that the port-forwarding
+    # services employ.
+    attr_reader :session
+
+    # A simple class for representing a requested remote forwarded port.
+    Remote = Struct.new(:host, :port) #:nodoc:
+
+    # Instantiates a new Forward service instance atop the given connection
+    # service session. This will register new channel open handlers to handle
+    # the specialized channels that the SSH port forwarding protocols employ.
+    def initialize(session)
+      @session = session
+      self.logger = session.logger
+      @remote_forwarded_ports = {}
+      @local_forwarded_ports = {}
+      @agent_forwarded = false
+
+      session.on_open_channel('forwarded-tcpip', &method(:forwarded_tcpip))
+      session.on_open_channel('auth-agent', &method(:auth_agent_channel))
+      session.on_open_channel('auth-agent@openssh.com', &method(:auth_agent_channel))
+    end
+
+    # Starts listening for connections on the local host, and forwards them
+    # to the specified remote host/port via the SSH connection. This method
+    # accepts either three or four arguments. When four arguments are given,
+    # they are:
+    #
+    # * the local address to bind to
+    # * the local port to listen on
+    # * the remote host to forward connections to
+    # * the port on the remote host to connect to
+    #
+    # If three arguments are given, it is as if the local bind address is
+    # "127.0.0.1", and the rest are applied as above.
+    #
+    #   ssh.forward.local(1234, "www.capify.org", 80)
+    #   ssh.forward.local("0.0.0.0", 1234, "www.capify.org", 80)
+    def local(*args)
+      if args.length < 3 || args.length > 4
+        raise ArgumentError, "expected 3 or 4 parameters, got #{args.length}"
+      end
+
+      bind_address = "127.0.0.1"
+      bind_address = args.shift if args.first.is_a?(String) && args.first =~ /\D/
+
+      local_port = args.shift.to_i
+      remote_host = args.shift
+      remote_port = args.shift.to_i
+
+      socket = TCPServer.new(bind_address, local_port)
+
+      @local_forwarded_ports[[local_port, bind_address]] = socket
+
+      session.listen_to(socket) do |server|
+        client = server.accept
+        debug { "received connection on #{bind_address}:#{local_port}" }
+
+        channel = session.open_channel("direct-tcpip", :string, remote_host, :long, remote_port, :string, bind_address, :long, local_port) do |achannel|
+          achannel.info { "direct channel established" }
+        end
+
+        prepare_client(client, channel, :local)
+  
+        channel.on_open_failed do |ch, code, description|
+          channel.error { "could not establish direct channel: #{description} (#{code})" }
+          channel[:socket].close
+        end
+      end
+    end
+
+    # Terminates an active local forwarded port. If no such forwarded port
+    # exists, this will raise an exception. Otherwise, the forwarded connection
+    # is terminated.
+    #
+    #   ssh.forward.cancel_local(1234)
+    #   ssh.forward.cancel_local(1234, "0.0.0.0")
+    def cancel_local(port, bind_address="127.0.0.1")
+      socket = @local_forwarded_ports.delete([port, bind_address])
+      socket.shutdown rescue nil
+      socket.close rescue nil
+      session.stop_listening_to(socket)
+    end
+
+    # Returns a list of all active locally forwarded ports. The returned value
+    # is an array of arrays, where each element is a two-element tuple
+    # consisting of the local port and bind address corresponding to the
+    # forwarding port.
+    def active_locals
+      @local_forwarded_ports.keys
+    end
+
+    # Requests that all connections on the given remote-port be forwarded via
+    # the local host to the given port/host. The last argument describes the
+    # bind address on the remote host, and defaults to 127.0.0.1.
+    #
+    # This method will return immediately, but the port will not actually be
+    # forwarded immediately. If the remote server is not able to begin the
+    # listener for this request, an exception will be raised asynchronously.
+    #
+    # If you want to know when the connection is active, it will show up in the
+    # #active_remotes list. If you want to block until the port is active, you
+    # could do something like this:
+    #
+    #   ssh.forward.remote(80, "www.google.com", 1234, "0.0.0.0")
+    #   ssh.loop { !ssh.forward.active_remotes.include?([1234, "0.0.0.0"]) }
+    def remote(port, host, remote_port, remote_host="127.0.0.1")
+      session.send_global_request("tcpip-forward", :string, remote_host, :long, remote_port) do |success, response|
+        if success
+          debug { "remote forward from remote #{remote_host}:#{remote_port} to #{host}:#{port} established" }
+          @remote_forwarded_ports[[remote_port, remote_host]] = Remote.new(host, port)
+        else
+          error { "remote forwarding request failed" }
+          raise Net::SSH::Exception, "remote forwarding request failed"
+        end
+      end
+    end
+
+    # an alias, for token backwards compatibility with the 1.x API
+    alias :remote_to :remote
+
+    # Requests that a remote forwarded port be cancelled. The remote forwarded
+    # port on the remote host, bound to the given address on the remote host,
+    # will be terminated, but not immediately. This method returns immediately
+    # after queueing the request to be sent to the server. If for some reason
+    # the port cannot be cancelled, an exception will be raised (asynchronously).
+    #
+    # If you want to know when the connection has been cancelled, it will no
+    # longer be present in the #active_remotes list. If you want to block until
+    # the port is no longer active, you could do something like this:
+    #
+    #   ssh.forward.cancel_remote(1234, "0.0.0.0")
+    #   ssh.loop { ssh.forward.active_remotes.include?([1234, "0.0.0.0"]) }
+    def cancel_remote(port, host="127.0.0.1")
+      session.send_global_request("cancel-tcpip-forward", :string, host, :long, port) do |success, response|
+        if success
+          @remote_forwarded_ports.delete([port, host])
+        else
+          raise Net::SSH::Exception, "could not cancel remote forward request on #{host}:#{port}"
+        end
+      end
+    end
+
+    # Returns all active forwarded remote ports. The returned value is an
+    # array of two-element tuples, where the first element is the port on the
+    # remote host and the second is the bind address.
+    def active_remotes
+      @remote_forwarded_ports.keys
+    end
+
+    # Enables SSH agent forwarding on the given channel. The forwarded agent
+    # will remain active even after the channel closes--the channel is only
+    # used as the transport for enabling the forwarded connection. You should
+    # never need to call this directly--it is called automatically the first
+    # time a session channel is opened, when the connection was created with
+    # :forward_agent set to true:
+    #
+    #    Net::SSH.start("remote.host", "me", :forwrd_agent => true) do |ssh|
+    #      ssh.open_channel do |ch|
+    #        # agent will be automatically forwarded by this point
+    #      end
+    #      ssh.loop
+    #    end
+    def agent(channel)
+      return if @agent_forwarded
+      @agent_forwarded = true
+
+      channel.send_channel_request("auth-agent-req@openssh.com") do |achannel, success|
+        if success
+          debug { "authentication agent forwarding is active" }
+        else
+          achannel.send_channel_request("auth-agent-req") do |a2channel, success2|
+            if success2
+              debug { "authentication agent forwarding is active" }
+            else
+              error { "could not establish forwarding of authentication agent" }
+            end
+          end
+        end
+      end
+    end
+
+    private
+
+      # Perform setup operations that are common to all forwarded channels.
+      # +client+ is a socket, +channel+ is the channel that was just created,
+      # and +type+ is an arbitrary string describing the type of the channel.
+      def prepare_client(client, channel, type)
+        client.extend(Net::SSH::BufferedIo)
+        client.logger = logger
+
+        session.listen_to(client)
+        channel[:socket] = client
+
+        channel.on_data do |ch, data|
+          ch[:socket].enqueue(data)
+        end
+
+        channel.on_close do |ch|
+          debug { "closing #{type} forwarded channel" }
+          ch[:socket].close if !client.closed?
+          session.stop_listening_to(ch[:socket])
+        end
+
+        channel.on_process do |ch|
+          if ch[:socket].closed?
+            ch.info { "#{type} forwarded connection closed" }
+            ch.close
+          elsif ch[:socket].available > 0
+            data = ch[:socket].read_available(8192)
+            ch.debug { "read #{data.length} bytes from client, sending over #{type} forwarded connection" }
+            ch.send_data(data)
+          end
+        end
+      end
+
+      # The callback used when a new "forwarded-tcpip" channel is requested
+      # by the server.  This will open a new socket to the host/port specified
+      # when the forwarded connection was first requested.
+      def forwarded_tcpip(session, channel, packet)
+        connected_address  = packet.read_string
+        connected_port     = packet.read_long
+        originator_address = packet.read_string
+        originator_port    = packet.read_long
+
+        remote = @remote_forwarded_ports[[connected_port, connected_address]]
+
+        if remote.nil?
+          raise Net::SSH::ChannelOpenFailed.new(1, "unknown request from remote forwarded connection on #{connected_address}:#{connected_port}")
+        end
+
+        client = TCPSocket.new(remote.host, remote.port)
+        info { "connected #{connected_address}:#{connected_port} originator #{originator_address}:#{originator_port}" }
+
+        prepare_client(client, channel, :remote)
+      rescue SocketError => err
+        raise Net::SSH::ChannelOpenFailed.new(2, "could not connect to remote host (#{remote.host}:#{remote.port}): #{err.message}")
+      end
+
+      # The callback used when an auth-agent channel is requested by the server.
+      def auth_agent_channel(session, channel, packet)
+        info { "opening auth-agent channel" }
+        channel[:invisible] = true
+
+        begin
+          agent = Authentication::Agent.connect(logger)
+          prepare_client(agent.socket, channel, :agent)
+        rescue Exception => e
+          error { "attempted to connect to agent but failed: #{e.class.name} (#{e.message})" }
+          raise Net::SSH::ChannelOpenFailed.new(2, "could not connect to authentication agent")
+        end
+      end
+  end
+
+end; end; end

data/lib/net/ssh/test/channel.rb

@@ -0,0 +1,129 @@
+module Net; module SSH; module Test
+
+  # A mock channel, used for scripting actions in tests. It wraps a
+  # Net::SSH::Test::Script instance, and delegates to it for the most part.
+  # This class has little real functionality on its own, but rather acts as
+  # a convenience for scripting channel-related activity for later comparison
+  # in a unit test.
+  #
+  #   story do |session|
+  #     channel = session.opens_channel
+  #     channel.sends_exec "ls"
+  #     channel.gets_data "result of ls"
+  #     channel.gets_close
+  #     channel.sends_close
+  #   end
+  class Channel
+    # The Net::SSH::Test::Script instance employed by this mock channel.
+    attr_reader :script
+
+    # Sets the local-id of this channel object (the id assigned by the client).
+    attr_writer :local_id
+
+    # Sets the remote-id of this channel object (the id assigned by the mock-server).
+    attr_writer :remote_id
+
+    # Creates a new Test::Channel instance on top of the given +script+ (which
+    # must be a Net::SSH::Test::Script instance).
+    def initialize(script)
+      @script = script
+      @local_id = @remote_id = nil
+    end
+
+    # Returns the local (client-assigned) id for this channel, or a Proc object
+    # that will return the local-id later if the local id has not yet been set.
+    # (See Net::SSH::Test::Packet#instantiate!.)
+    def local_id
+      @local_id || Proc.new { @local_id or raise "local-id has not been set yet!" }
+    end
+
+    # Returns the remote (server-assigned) id for this channel, or a Proc object
+    # that will return the remote-id later if the remote id has not yet been set.
+    # (See Net::SSH::Test::Packet#instantiate!.)
+    def remote_id
+      @remote_id || Proc.new { @remote_id or raise "remote-id has not been set yet!" }
+    end
+
+    # Because adjacent calls to #gets_data will sometimes cause the data packets
+    # to be concatenated (causing expectations in tests to fail), you may
+    # need to separate those calls with calls to #inject_remote_delay! (which
+    # essentially just mimics receiving an empty data packet):
+    #
+    #   channel.gets_data "abcdefg"
+    #   channel.inject_remote_delay!
+    #   channel.gets_data "hijklmn"
+    def inject_remote_delay!
+      gets_data("")
+    end
+
+    # Scripts the sending of an "exec" channel request packet to the mock 
+    # server. If +reply+ is true, then the server is expected to reply to the
+    # request, otherwise no response to this request will be sent. If +success+
+    # is +true+, then the request will be successful, otherwise a failure will
+    # be scripted.
+    #
+    #   channel.sends_exec "ls -l"
+    def sends_exec(command, reply=true, success=true)
+      script.sends_channel_request(self, "exec", reply, command, success)
+    end
+
+    # Scripts the sending of a "subsystem" channel request packet to the mock
+    # server. See #sends_exec for a discussion of the meaning of the +reply+
+    # and +success+ arguments.
+    #
+    #   channel.sends_subsystem "sftp"
+    def sends_subsystem(subsystem, reply=true, success=true)
+      script.sends_channel_request(self, "subsystem", reply, subsystem, success)
+    end
+
+    # Scripts the sending of a data packet across the channel.
+    #
+    #   channel.sends_data "foo"
+    def sends_data(data)
+      script.sends_channel_data(self, data)
+    end
+
+    # Scripts the sending of an EOF packet across the channel.
+    #
+    #   channel.sends_eof
+    def sends_eof
+      script.sends_channel_eof(self)
+    end
+
+    # Scripts the sending of a "channel close" packet across the channel.
+    #
+    #   channel.sends_close
+    def sends_close
+      script.sends_channel_close(self)
+    end
+
+    # Scripts the reception of a channel data packet from the remote end.
+    #
+    #   channel.gets_data "bar"
+    def gets_data(data)
+      script.gets_channel_data(self, data)
+    end
+
+    # Scripts the reception of an "exit-status" channel request packet.
+    #
+    #   channel.gets_exit_status(127)
+    def gets_exit_status(status=0)
+      script.gets_channel_request(self, "exit-status", false, status)
+    end
+
+    # Scripts the reception of an EOF packet from the remote end.
+    #
+    #   channel.gets_eof
+    def gets_eof
+      script.gets_channel_eof(self)
+    end
+
+    # Scripts the reception of a "channel close" packet from the remote end.
+    #
+    #   channel.gets_close
+    def gets_close
+      script.gets_channel_close(self)
+    end
+  end
+
+end; end; end

data/lib/net/ssh/test/extensions.rb

@@ -0,0 +1,152 @@
+require 'net/ssh/buffer'
+require 'net/ssh/packet'
+require 'net/ssh/buffered_io'
+require 'net/ssh/connection/channel'
+require 'net/ssh/connection/constants'
+require 'net/ssh/transport/constants'
+require 'net/ssh/transport/packet_stream'
+
+module Net; module SSH; module Test
+
+  # A collection of modules used to extend/override the default behavior of
+  # Net::SSH internals for ease of testing. As a consumer of Net::SSH, you'll
+  # never need to use this directly--they're all used under the covers by
+  # the Net::SSH::Test system.
+  module Extensions
+
+    # An extension to Net::SSH::BufferedIo (assumes that the underlying IO
+    # is actually a StringIO). Facilitates unit testing.
+    module BufferedIo
+      # Returns +true+ if the position in the stream is less than the total
+      # length of the stream.
+      def select_for_read?
+        pos < size
+      end
+
+      # Set this to +true+ if you want the IO to pretend to be available for writing
+      attr_accessor :select_for_write
+
+      # Set this to +true+ if you want the IO to pretend to be in an error state
+      attr_accessor :select_for_error
+
+      alias select_for_write? select_for_write
+      alias select_for_error? select_for_error
+    end
+
+    # An extension to Net::SSH::Transport::PacketStream (assumes that the
+    # underlying IO is actually a StringIO). Facilitates unit testing.
+    module PacketStream
+      include BufferedIo # make sure we get the extensions here, too
+
+      def self.included(base) #:nodoc:
+        base.send :alias_method, :real_available_for_read?, :available_for_read?
+        base.send :alias_method, :available_for_read?, :test_available_for_read?
+
+        base.send :alias_method, :real_enqueue_packet, :enqueue_packet
+        base.send :alias_method, :enqueue_packet, :test_enqueue_packet
+
+        base.send :alias_method, :real_poll_next_packet, :poll_next_packet
+        base.send :alias_method, :poll_next_packet, :test_poll_next_packet
+      end
+
+      # Called when another packet should be inspected from the current
+      # script. If the next packet is a remote packet, it pops it off the
+      # script and shoves it onto this IO object, making it available to
+      # be read.
+      def idle!
+        return false unless script.next(:first)
+
+        if script.next(:first).remote?
+          self.string << script.next.to_s
+          self.pos = pos
+        end
+
+        return true
+      end
+
+      # The testing version of Net::SSH::Transport::PacketStream#available_for_read?.
+      # Returns true if there is data pending to be read. Otherwise calls #idle!.
+      def test_available_for_read?
+        return true if select_for_read?
+        idle!
+        false
+      end
+
+      # The testing version of Net::SSH::Transport::PacketStream#enqueued_packet.
+      # Simply calls Net::SSH::Test::Script#process on the packet.
+      def test_enqueue_packet(payload)
+        packet = Net::SSH::Buffer.new(payload.to_s)
+        script.process(packet)
+      end
+
+      # The testing version of Net::SSH::Transport::PacketStream#poll_next_packet.
+      # Reads the next available packet from the IO object and returns it.
+      def test_poll_next_packet
+        return nil if available <= 0
+        packet = Net::SSH::Buffer.new(read_available(4))
+        length = packet.read_long
+        Net::SSH::Packet.new(read_available(length))
+      end
+    end
+
+    # An extension to Net::SSH::Connection::Channel. Facilitates unit testing.
+    module Channel
+      def self.included(base) #:nodoc:
+        base.send :alias_method, :send_data_for_real, :send_data
+        base.send :alias_method, :send_data, :send_data_for_test
+      end
+
+      # The testing version of Net::SSH::Connection::Channel#send_data. Calls
+      # the original implementation, and then immediately enqueues the data for
+      # output so that scripted sends are properly interpreted as discrete
+      # (rather than concatenated) data packets.
+      def send_data_for_test(data)
+        send_data_for_real(data)
+        enqueue_pending_output
+      end
+    end
+
+    # An extension to the built-in ::IO class. Simply redefines IO.select
+    # so that it can be scripted in Net::SSH unit tests.
+    module IO
+      def self.included(base) #:nodoc:
+        base.extend(ClassMethods)
+      end
+
+      module ClassMethods
+        def self.extended(obj) #:nodoc:
+          class <<obj
+            alias_method :select_for_real, :select
+            alias_method :select, :select_for_test
+          end
+        end
+
+        # The testing version of ::IO.select. Assumes that all readers,
+        # writers, and errors arrays are either nil, or contain only objects
+        # that mix in Net::SSH::Test::Extensions::BufferedIo.
+        def select_for_test(readers=nil, writers=nil, errors=nil, wait=nil)
+          ready_readers = Array(readers).select { |r| r.select_for_read? }
+          ready_writers = Array(writers).select { |r| r.select_for_write? }
+          ready_errors  = Array(errors).select  { |r| r.select_for_error? }
+
+          if ready_readers.any? || ready_writers.any? || ready_errors.any?
+            return [ready_readers, ready_writers, ready_errors]
+          end
+
+          processed = 0
+          Array(readers).each do |reader|
+            processed += 1 if reader.idle!
+          end
+
+          raise "no readers were ready for reading, and none had any incoming packets" if processed == 0
+        end
+      end
+    end
+  end
+
+end; end; end
+
+Net::SSH::BufferedIo.send(:include, Net::SSH::Test::Extensions::BufferedIo)
+Net::SSH::Transport::PacketStream.send(:include, Net::SSH::Test::Extensions::PacketStream)
+Net::SSH::Connection::Channel.send(:include, Net::SSH::Test::Extensions::Channel)
+IO.send(:include, Net::SSH::Test::Extensions::IO)