net-ssh-backports 6.3.0.backports

data/lib/net/ssh/transport/session.rb

@@ -0,0 +1,354 @@
+require 'socket'
+
+require 'net/ssh/errors'
+require 'net/ssh/loggable'
+require 'net/ssh/version'
+require 'net/ssh/transport/algorithms'
+require 'net/ssh/transport/constants'
+require 'net/ssh/transport/packet_stream'
+require 'net/ssh/transport/server_version'
+require 'net/ssh/verifiers/accept_new_or_local_tunnel'
+require 'net/ssh/verifiers/accept_new'
+require 'net/ssh/verifiers/always'
+require 'net/ssh/verifiers/never'
+
+module Net
+  module SSH
+    module Transport
+      # The transport layer represents the lowest level of the SSH protocol, and
+      # implements basic message exchanging and protocol initialization. It will
+      # never be instantiated directly (unless you really know what you're about),
+      # but will instead be created for you automatically when you create a new
+      # SSH session via Net::SSH.start.
+      class Session
+        include Loggable
+        include Constants
+
+        # The standard port for the SSH protocol.
+        DEFAULT_PORT = 22
+
+        # The host to connect to, as given to the constructor.
+        attr_reader :host
+
+        # The port number to connect to, as given in the options to the constructor.
+        # If no port number was given, this will default to DEFAULT_PORT.
+        attr_reader :port
+
+        # The underlying socket object being used to communicate with the remote
+        # host.
+        attr_reader :socket
+
+        # The ServerVersion instance that encapsulates the negotiated protocol
+        # version.
+        attr_reader :server_version
+
+        # The Algorithms instance used to perform key exchanges.
+        attr_reader :algorithms
+
+        # The host-key verifier object used to verify host keys, to ensure that
+        # the connection is not being spoofed.
+        attr_reader :host_key_verifier
+
+        # The hash of options that were given to the object at initialization.
+        attr_reader :options
+
+        # Instantiates a new transport layer abstraction. This will block until
+        # the initial key exchange completes, leaving you with a ready-to-use
+        # transport session.
+        def initialize(host, options={})
+          self.logger = options[:logger]
+
+          @host = host
+          @port = options[:port] || DEFAULT_PORT
+          @bind_address = options[:bind_address] || nil
+          @options = options
+
+          @socket =
+            if (factory = options[:proxy])
+              debug { "establishing connection to #{@host}:#{@port} through proxy" }
+              factory.open(@host, @port, options)
+            else
+              debug { "establishing connection to #{@host}:#{@port}" }
+              Socket.tcp(@host, @port, @bind_address, nil,
+                         connect_timeout: options[:timeout])
+            end
+
+          @socket.extend(PacketStream)
+          @socket.logger = @logger
+
+          debug { "connection established" }
+
+          @queue = []
+
+          @host_key_verifier = select_host_key_verifier(options[:verify_host_key])
+
+          @server_version = ServerVersion.new(socket, logger, options[:timeout])
+
+          @algorithms = Algorithms.new(self, options)
+          @algorithms.start
+          wait { algorithms.initialized? }
+        rescue Errno::ETIMEDOUT
+          raise Net::SSH::ConnectionTimeout
+        end
+
+        def host_keys
+          @host_keys ||= begin
+            known_hosts = options.fetch(:known_hosts, KnownHosts)
+            known_hosts.search_for(options[:host_key_alias] || host_as_string, options)
+          end
+        end
+
+        # Returns the host (and possibly IP address) in a format compatible with
+        # SSH known-host files.
+        def host_as_string
+          @host_as_string ||= begin
+            string = "#{host}"
+            string = "[#{string}]:#{port}" if port != DEFAULT_PORT
+
+            peer_ip = socket.peer_ip
+
+            if peer_ip != Net::SSH::Transport::PacketStream::PROXY_COMMAND_HOST_IP &&
+               peer_ip != host
+              string2 = peer_ip
+              string2 = "[#{string2}]:#{port}" if port != DEFAULT_PORT
+              string << "," << string2
+            end
+
+            string
+          end
+        end
+
+        # Returns true if the underlying socket has been closed.
+        def closed?
+          socket.closed?
+        end
+
+        # Cleans up (see PacketStream#cleanup) and closes the underlying socket.
+        def close
+          socket.cleanup
+          socket.close
+        end
+
+        # Performs a "hard" shutdown of the connection. In general, this should
+        # never be done, but it might be necessary (in a rescue clause, for instance,
+        # when the connection needs to close but you don't know the status of the
+        # underlying protocol's state).
+        def shutdown!
+          error { "forcing connection closed" }
+          socket.close
+        end
+
+        # Returns a new service_request packet for the given service name, ready
+        # for sending to the server.
+        def service_request(service)
+          Net::SSH::Buffer.from(:byte, SERVICE_REQUEST, :string, service)
+        end
+
+        # Requests a rekey operation, and blocks until the operation completes.
+        # If a rekey is already pending, this returns immediately, having no
+        # effect.
+        def rekey!
+          if !algorithms.pending?
+            algorithms.rekey!
+            wait { algorithms.initialized? }
+          end
+        end
+
+        # Returns immediately if a rekey is already in process. Otherwise, if a
+        # rekey is needed (as indicated by the socket, see PacketStream#if_needs_rekey?)
+        # one is performed, causing this method to block until it completes.
+        def rekey_as_needed
+          return if algorithms.pending?
+
+          socket.if_needs_rekey? { rekey! }
+        end
+
+        # Returns a hash of information about the peer (remote) side of the socket,
+        # including :ip, :port, :host, and :canonized (see #host_as_string).
+        def peer
+          @peer ||= { ip: socket.peer_ip, port: @port.to_i, host: @host, canonized: host_as_string }
+        end
+
+        # Blocks until a new packet is available to be read, and returns that
+        # packet. See #poll_message.
+        def next_message
+          poll_message(:block)
+        end
+
+        # Tries to read the next packet from the socket. If mode is :nonblock (the
+        # default), this will not block and will return nil if there are no packets
+        # waiting to be read. Otherwise, this will block until a packet is
+        # available. Note that some packet types (DISCONNECT, IGNORE, UNIMPLEMENTED,
+        # DEBUG, and KEXINIT) are handled silently by this method, and will never
+        # be returned.
+        #
+        # If a key-exchange is in process and a disallowed packet type is
+        # received, it will be enqueued and otherwise ignored. When a key-exchange
+        # is not in process, and consume_queue is true, packets will be first
+        # read from the queue before the socket is queried.
+        def poll_message(mode=:nonblock, consume_queue=true)
+          loop do
+            return @queue.shift if consume_queue && @queue.any? && algorithms.allow?(@queue.first)
+
+            packet = socket.next_packet(mode, options[:timeout])
+            return nil if packet.nil?
+
+            case packet.type
+            when DISCONNECT
+              raise Net::SSH::Disconnect, "disconnected: #{packet[:description]} (#{packet[:reason_code]})"
+
+            when IGNORE
+              debug { "IGNORE packet received: #{packet[:data].inspect}" }
+
+            when UNIMPLEMENTED
+              lwarn { "UNIMPLEMENTED: #{packet[:number]}" }
+
+            when DEBUG
+              send(packet[:always_display] ? :fatal : :debug) { packet[:message] }
+
+            when KEXINIT
+              algorithms.accept_kexinit(packet)
+
+            else
+              return packet if algorithms.allow?(packet)
+
+              push(packet)
+            end
+          end
+        end
+
+        # Waits (blocks) until the given block returns true. If no block is given,
+        # this just waits long enough to see if there are any pending packets. Any
+        # packets read are enqueued (see #push).
+        def wait
+          loop do
+            break if block_given? && yield
+
+            message = poll_message(:nonblock, false)
+            push(message) if message
+            break if !block_given?
+          end
+        end
+
+        # Adds the given packet to the packet queue. If the queue is non-empty,
+        # #poll_message will return packets from the queue in the order they
+        # were received.
+        def push(packet)
+          @queue.push(packet)
+        end
+
+        # Sends the given message via the packet stream, blocking until the
+        # entire message has been sent.
+        def send_message(message)
+          socket.send_packet(message)
+        end
+
+        # Enqueues the given message, such that it will be sent at the earliest
+        # opportunity. This does not block, but returns immediately.
+        def enqueue_message(message)
+          socket.enqueue_packet(message)
+        end
+
+        # Configure's the packet stream's client state with the given set of
+        # options. This is typically used to define the cipher, compression, and
+        # hmac algorithms to use when sending packets to the server.
+        def configure_client(options={})
+          socket.client.set(options)
+        end
+
+        # Configure's the packet stream's server state with the given set of
+        # options. This is typically used to define the cipher, compression, and
+        # hmac algorithms to use when reading packets from the server.
+        def configure_server(options={})
+          socket.server.set(options)
+        end
+
+        # Sets a new hint for the packet stream, which the packet stream may use
+        # to change its behavior. (See PacketStream#hints).
+        def hint(which, value=true)
+          socket.hints[which] = value
+        end
+
+        public
+
+        # this method is primarily for use in tests
+        attr_reader :queue #:nodoc:
+
+        private
+
+        # Compatibility verifier which allows users to keep using
+        # custom verifier code without adding new :verify_signature
+        # method.
+        class CompatibleVerifier
+          def initialize(verifier)
+            @verifier = verifier
+          end
+
+          def verify(arguments)
+            @verifier.verify(arguments)
+          end
+
+          def verify_signature(&block)
+            yield
+          end
+        end
+
+        # Instantiates a new host-key verification class, based on the value of
+        # the parameter.
+        #
+        # Usually, the argument is a symbol like `:never` which corresponds to
+        # a verifier, like `::Net::SSH::Verifiers::Never`.
+        #
+        # - :never (very insecure)
+        # - :accept_new_or_local_tunnel (insecure)
+        # - :accept_new (insecure)
+        # - :always (secure)
+        #
+        # If the argument happens to respond to :verify and :verify_signature,
+        # it is returned directly. Otherwise, an exception is raised.
+        #
+        # Values false, true, and :very were deprecated in
+        # [#595](https://github.com/net-ssh/net-ssh/pull/595)
+        def select_host_key_verifier(verifier)
+          case verifier
+          when false
+            Kernel.warn('verify_host_key: false is deprecated, use :never')
+            Net::SSH::Verifiers::Never.new
+          when :never then
+            Net::SSH::Verifiers::Never.new
+          when true
+            Kernel.warn('verify_host_key: true is deprecated, use :accept_new_or_local_tunnel')
+            Net::SSH::Verifiers::AcceptNewOrLocalTunnel.new
+          when :accept_new_or_local_tunnel, nil then
+            Net::SSH::Verifiers::AcceptNewOrLocalTunnel.new
+          when :very
+            Kernel.warn('verify_host_key: :very is deprecated, use :accept_new')
+            Net::SSH::Verifiers::AcceptNew.new
+          when :accept_new then
+            Net::SSH::Verifiers::AcceptNew.new
+          when :secure then
+            Kernel.warn('verify_host_key: :secure is deprecated, use :always')
+            Net::SSH::Verifiers::Always.new
+          when :always then
+            Net::SSH::Verifiers::Always.new
+          else
+            if verifier.respond_to?(:verify)
+              if verifier.respond_to?(:verify_signature)
+                verifier
+              else
+                Kernel.warn("Warning: verifier without :verify_signature is deprecated")
+                CompatibleVerifier.new(verifier)
+              end
+            else
+              raise(
+                ArgumentError,
+                "Invalid argument to :verify_host_key (or deprecated " \
+                ":paranoid): #{verifier.inspect}"
+              )
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/net/ssh/transport/state.rb

@@ -0,0 +1,208 @@
+require 'zlib'
+require 'net/ssh/transport/cipher_factory'
+require 'net/ssh/transport/hmac'
+
+module Net
+  module SSH
+    module Transport
+      # Encapsulates state information about one end of an SSH connection. Such
+      # state includes the packet sequence number, the algorithms in use, how
+      # many packets and blocks have been processed since the last reset, and so
+      # forth. This class will never be instantiated directly, but is used as
+      # part of the internal state of the PacketStream module.
+      class State
+        # The socket object that owns this state object.
+        attr_reader :socket
+
+        # The next packet sequence number for this socket endpoint.
+        attr_reader :sequence_number
+
+        # The hmac algorithm in use for this endpoint.
+        attr_reader :hmac
+
+        # The compression algorithm in use for this endpoint.
+        attr_reader :compression
+
+        # The compression level to use when compressing data (or nil, for the default).
+        attr_reader :compression_level
+
+        # The number of packets processed since the last call to #reset!
+        attr_reader :packets
+
+        # The number of data blocks processed since the last call to #reset!
+        attr_reader :blocks
+
+        # The cipher algorithm in use for this socket endpoint.
+        attr_reader :cipher
+
+        # The block size for the cipher
+        attr_reader :block_size
+
+        # The role that this state plays (either :client or :server)
+        attr_reader :role
+
+        # The maximum number of packets that this endpoint wants to process before
+        # needing a rekey.
+        attr_accessor :max_packets
+
+        # The maximum number of blocks that this endpoint wants to process before
+        # needing a rekey.
+        attr_accessor :max_blocks
+
+        # The user-specified maximum number of bytes that this endpoint ought to
+        # process before needing a rekey.
+        attr_accessor :rekey_limit
+
+        # Creates a new state object, belonging to the given socket. Initializes
+        # the algorithms to "none".
+        def initialize(socket, role)
+          @socket = socket
+          @role = role
+          @sequence_number = @packets = @blocks = 0
+          @cipher = CipherFactory.get("none")
+          @block_size = 8
+          @hmac = HMAC.get("none")
+          @compression = nil
+          @compressor = @decompressor = nil
+          @next_iv = String.new
+        end
+
+        # A convenience method for quickly setting multiple values in a single
+        # command.
+        def set(values)
+          values.each do |key, value|
+            instance_variable_set("@#{key}", value)
+          end
+          reset!
+        end
+
+        def update_cipher(data)
+          result = cipher.update(data)
+          update_next_iv(role == :client ? result : data)
+          return result
+        end
+
+        def final_cipher
+          result = cipher.final
+          update_next_iv(role == :client ? result : "", true)
+          return result
+        end
+
+        # Increments the counters. The sequence number is incremented (and remapped
+        # so it always fits in a 32-bit integer). The number of packets and blocks
+        # are also incremented.
+        def increment(packet_length)
+          @sequence_number = (@sequence_number + 1) & 0xFFFFFFFF
+          @packets += 1
+          @blocks += (packet_length + 4) / @block_size
+        end
+
+        # The compressor object to use when compressing data. This takes into account
+        # the desired compression level.
+        def compressor
+          @compressor ||= Zlib::Deflate.new(compression_level || Zlib::DEFAULT_COMPRESSION)
+        end
+
+        # The decompressor object to use when decompressing data.
+        def decompressor
+          @decompressor ||= Zlib::Inflate.new(nil)
+        end
+
+        # Returns true if data compression/decompression is enabled. This will
+        # return true if :standard compression is selected, or if :delayed
+        # compression is selected and the :authenticated hint has been received
+        # by the socket.
+        def compression?
+          compression == :standard || (compression == :delayed && socket.hints[:authenticated])
+        end
+
+        # Compresses the data. If no compression is in effect, this will just return
+        # the data unmodified, otherwise it uses #compressor to compress the data.
+        def compress(data)
+          data = data.to_s
+          return data unless compression?
+
+          compressor.deflate(data, Zlib::SYNC_FLUSH)
+        end
+
+        # Deompresses the data. If no compression is in effect, this will just return
+        # the data unmodified, otherwise it uses #decompressor to decompress the data.
+        def decompress(data)
+          data = data.to_s
+          return data unless compression?
+
+          decompressor.inflate(data)
+        end
+
+        # Resets the counters on the state object, but leaves the sequence_number
+        # unchanged. It also sets defaults for and recomputes the max_packets and
+        # max_blocks values.
+        def reset!
+          @packets = @blocks = 0
+
+          @max_packets ||= 1 << 31
+
+          @block_size = cipher.block_size
+
+          if max_blocks.nil?
+            # cargo-culted from openssh. the idea is that "the 2^(blocksize*2)
+            # limit is too expensive for 3DES, blowfish, etc., so enforce a 1GB
+            # limit for small blocksizes."
+            if @block_size >= 16
+              @max_blocks = 1 << (@block_size * 2)
+            else
+              @max_blocks = (1 << 30) / @block_size
+            end
+
+            # if a limit on the # of bytes has been given, convert that into a
+            # minimum number of blocks processed.
+
+            @max_blocks = [@max_blocks, rekey_limit / @block_size].min if rekey_limit
+          end
+
+          cleanup
+        end
+
+        # Closes any the compressor and/or decompressor objects that have been
+        # instantiated.
+        def cleanup
+          if @compressor
+            @compressor.finish if !@compressor.finished?
+            @compressor.close
+          end
+
+          if @decompressor
+            # we call reset here so that we don't get warnings when we try to
+            # close the decompressor
+            @decompressor.reset
+            @decompressor.close
+          end
+
+          @compressor = @decompressor = nil
+        end
+
+        # Returns true if the number of packets processed exceeds the maximum
+        # number of packets, or if the number of blocks processed exceeds the
+        # maximum number of blocks.
+        def needs_rekey?
+          max_packets && packets > max_packets ||
+          max_blocks && blocks > max_blocks
+        end
+
+        private
+
+        def update_next_iv(data, reset=false)
+          @next_iv << data
+          @next_iv = @next_iv[@next_iv.size - cipher.iv_len..-1]
+
+          if reset
+            cipher.reset
+            cipher.iv = @next_iv
+          end
+
+          return data
+        end
+      end
+    end
+  end
+end

data/lib/net/ssh/verifiers/accept_new.rb

@@ -0,0 +1,33 @@
+require 'net/ssh/errors'
+require 'net/ssh/known_hosts'
+require 'net/ssh/verifiers/always'
+
+module Net
+  module SSH
+    module Verifiers
+      # Does a strict host verification, looking the server up in the known
+      # host files to see if a key has already been seen for this server. If this
+      # server does not appear in any host file, this will silently add the
+      # server. If the server does appear at least once, but the key given does
+      # not match any known for the server, an exception will be raised (HostKeyMismatch).
+      # Otherwise, this returns true.
+      class AcceptNew < Always
+        def verify(arguments)
+          begin
+            super
+          rescue HostKeyUnknown => err
+            err.remember_host!
+            return true
+          end
+        end
+
+        def verify_signature(&block)
+          yield
+        rescue HostKeyUnknown => err
+          err.remember_host!
+          return true
+        end
+      end
+    end
+  end
+end

data/lib/net/ssh/verifiers/accept_new_or_local_tunnel.rb

@@ -0,0 +1,33 @@
+require 'net/ssh/verifiers/accept_new'
+
+module Net
+  module SSH
+    module Verifiers
+      # Basically the same as the AcceptNew verifier, but does not try to actually
+      # verify a connection if the server is the localhost and the port is a
+      # nonstandard port number. Those two conditions will typically mean the
+      # connection is being tunnelled through a forwarded port, so the known-hosts
+      # file will not be helpful (in general).
+      class AcceptNewOrLocalTunnel < AcceptNew
+        # Tries to determine if the connection is being tunnelled, and if so,
+        # returns true. Otherwise, performs the standard strict verification.
+        def verify(arguments)
+          return true if tunnelled?(arguments)
+
+          super
+        end
+
+        private
+
+        # A connection is potentially being tunnelled if the port is not 22,
+        # and the ip refers to the localhost.
+        def tunnelled?(args)
+          return false if args[:session].port == Net::SSH::Transport::Session::DEFAULT_PORT
+
+          ip = args[:session].peer[:ip]
+          return ip == "127.0.0.1" || ip == "::1"
+        end
+      end
+    end
+  end
+end

data/lib/net/ssh/verifiers/always.rb

@@ -0,0 +1,58 @@
+require 'net/ssh/errors'
+require 'net/ssh/known_hosts'
+
+module Net
+  module SSH
+    module Verifiers
+      # Does a strict host verification, looking the server up in the known
+      # host files to see if a key has already been seen for this server. If this
+      # server does not appear in any host file, an exception will be raised
+      # (HostKeyUnknown). This is in contrast to the "Strict" class, which will
+      # silently add the key to your known_hosts file. If the server does appear at
+      # least once, but the key given does not match any known for the server, an
+      # exception will be raised (HostKeyMismatch).
+      # Otherwise, this returns true.
+      class Always
+        def verify(arguments)
+          host_keys = arguments[:session].host_keys
+
+          # We've never seen this host before, so raise an exception.
+          process_cache_miss(host_keys, arguments, HostKeyUnknown, "is unknown") if host_keys.empty?
+
+          # If we found any matches, check to see that the key type and
+          # blob also match.
+
+          found = host_keys.any? do |key|
+            if key.respond_to?(:matches_key?)
+              key.matches_key?(arguments[:key])
+            else
+              key.ssh_type == arguments[:key].ssh_type && key.to_blob == arguments[:key].to_blob
+            end
+          end
+
+          # If a match was found, return true. Otherwise, raise an exception
+          # indicating that the key was not recognized.
+          process_cache_miss(host_keys, arguments, HostKeyMismatch, "does not match") unless found
+
+          found
+        end
+
+        def verify_signature(&block)
+          yield
+        end
+
+        private
+
+        def process_cache_miss(host_keys, args, exc_class, message)
+          exception = exc_class.new("fingerprint #{args[:fingerprint]} " +
+                                    "#{message} for #{host_keys.host.inspect}")
+          exception.data = args
+          exception.callback = Proc.new do
+            host_keys.add_host_key(args[:key])
+          end
+          raise exception
+        end
+      end
+    end
+  end
+end