RubyGems - net-ssh-net-ssh - Versions diffs - 2.0.12 - Mend

net-ssh-net-ssh 2.0.12

Files changed (105) hide show

data/CHANGELOG.rdoc +137 -0
data/Manifest +104 -0
data/README.rdoc +110 -0
data/Rakefile +79 -0
data/THANKS.rdoc +16 -0
data/lib/net/ssh.rb +215 -0
data/lib/net/ssh/authentication/agent.rb +176 -0
data/lib/net/ssh/authentication/constants.rb +18 -0
data/lib/net/ssh/authentication/key_manager.rb +193 -0
data/lib/net/ssh/authentication/methods/abstract.rb +60 -0
data/lib/net/ssh/authentication/methods/hostbased.rb +71 -0
data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +66 -0
data/lib/net/ssh/authentication/methods/password.rb +39 -0
data/lib/net/ssh/authentication/methods/publickey.rb +92 -0
data/lib/net/ssh/authentication/pageant.rb +183 -0
data/lib/net/ssh/authentication/session.rb +134 -0
data/lib/net/ssh/buffer.rb +340 -0
data/lib/net/ssh/buffered_io.rb +149 -0
data/lib/net/ssh/config.rb +181 -0
data/lib/net/ssh/connection/channel.rb +625 -0
data/lib/net/ssh/connection/constants.rb +33 -0
data/lib/net/ssh/connection/session.rb +596 -0
data/lib/net/ssh/connection/term.rb +178 -0
data/lib/net/ssh/errors.rb +85 -0
data/lib/net/ssh/key_factory.rb +102 -0
data/lib/net/ssh/known_hosts.rb +129 -0
data/lib/net/ssh/loggable.rb +61 -0
data/lib/net/ssh/packet.rb +102 -0
data/lib/net/ssh/prompt.rb +93 -0
data/lib/net/ssh/proxy/errors.rb +14 -0
data/lib/net/ssh/proxy/http.rb +94 -0
data/lib/net/ssh/proxy/socks4.rb +70 -0
data/lib/net/ssh/proxy/socks5.rb +129 -0
data/lib/net/ssh/ruby_compat.rb +7 -0
data/lib/net/ssh/service/forward.rb +267 -0
data/lib/net/ssh/test.rb +89 -0
data/lib/net/ssh/test/channel.rb +129 -0
data/lib/net/ssh/test/extensions.rb +152 -0
data/lib/net/ssh/test/kex.rb +44 -0
data/lib/net/ssh/test/local_packet.rb +51 -0
data/lib/net/ssh/test/packet.rb +81 -0
data/lib/net/ssh/test/remote_packet.rb +38 -0
data/lib/net/ssh/test/script.rb +157 -0
data/lib/net/ssh/test/socket.rb +59 -0
data/lib/net/ssh/transport/algorithms.rb +384 -0
data/lib/net/ssh/transport/cipher_factory.rb +84 -0
data/lib/net/ssh/transport/constants.rb +30 -0
data/lib/net/ssh/transport/hmac.rb +31 -0
data/lib/net/ssh/transport/hmac/abstract.rb +78 -0
data/lib/net/ssh/transport/hmac/md5.rb +12 -0
data/lib/net/ssh/transport/hmac/md5_96.rb +11 -0
data/lib/net/ssh/transport/hmac/none.rb +15 -0
data/lib/net/ssh/transport/hmac/sha1.rb +13 -0
data/lib/net/ssh/transport/hmac/sha1_96.rb +11 -0
data/lib/net/ssh/transport/identity_cipher.rb +55 -0
data/lib/net/ssh/transport/kex.rb +13 -0
data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +208 -0
data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +77 -0
data/lib/net/ssh/transport/openssl.rb +128 -0
data/lib/net/ssh/transport/packet_stream.rb +230 -0
data/lib/net/ssh/transport/server_version.rb +69 -0
data/lib/net/ssh/transport/session.rb +276 -0
data/lib/net/ssh/transport/state.rb +206 -0
data/lib/net/ssh/verifiers/lenient.rb +30 -0
data/lib/net/ssh/verifiers/null.rb +12 -0
data/lib/net/ssh/verifiers/strict.rb +53 -0
data/lib/net/ssh/version.rb +62 -0
data/net-ssh.gemspec +128 -0
data/setup.rb +1585 -0
data/test/authentication/methods/common.rb +28 -0
data/test/authentication/methods/test_abstract.rb +51 -0
data/test/authentication/methods/test_hostbased.rb +114 -0
data/test/authentication/methods/test_keyboard_interactive.rb +98 -0
data/test/authentication/methods/test_password.rb +50 -0
data/test/authentication/methods/test_publickey.rb +127 -0
data/test/authentication/test_agent.rb +205 -0
data/test/authentication/test_key_manager.rb +105 -0
data/test/authentication/test_session.rb +93 -0
data/test/common.rb +106 -0
data/test/configs/eqsign +3 -0
data/test/configs/exact_match +8 -0
data/test/configs/wild_cards +14 -0
data/test/connection/test_channel.rb +452 -0
data/test/connection/test_session.rb +488 -0
data/test/test_all.rb +6 -0
data/test/test_buffer.rb +336 -0
data/test/test_buffered_io.rb +63 -0
data/test/test_config.rb +84 -0
data/test/test_key_factory.rb +67 -0
data/test/transport/hmac/test_md5.rb +39 -0
data/test/transport/hmac/test_md5_96.rb +25 -0
data/test/transport/hmac/test_none.rb +34 -0
data/test/transport/hmac/test_sha1.rb +34 -0
data/test/transport/hmac/test_sha1_96.rb +25 -0
data/test/transport/kex/test_diffie_hellman_group1_sha1.rb +146 -0
data/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb +92 -0
data/test/transport/test_algorithms.rb +302 -0
data/test/transport/test_cipher_factory.rb +171 -0
data/test/transport/test_hmac.rb +34 -0
data/test/transport/test_identity_cipher.rb +40 -0
data/test/transport/test_packet_stream.rb +435 -0
data/test/transport/test_server_version.rb +68 -0
data/test/transport/test_session.rb +315 -0
data/test/transport/test_state.rb +173 -0
metadata +162 -0

data/test/authentication/test_agent.rb ADDED Viewed

@@ -0,0 +1,205 @@
+require 'common'
+require 'net/ssh/authentication/agent'
+module Authentication
+  class TestAgent < Test::Unit::TestCase
+    SSH2_AGENT_REQUEST_VERSION    = 1
+    SSH2_AGENT_REQUEST_IDENTITIES = 11
+    SSH2_AGENT_IDENTITIES_ANSWER  = 12
+    SSH2_AGENT_SIGN_REQUEST       = 13
+    SSH2_AGENT_SIGN_RESPONSE      = 14
+    SSH2_AGENT_FAILURE            = 30
+    SSH2_AGENT_VERSION_RESPONSE   = 103
+    SSH_COM_AGENT2_FAILURE        = 102
+    SSH_AGENT_REQUEST_RSA_IDENTITIES = 1
+    SSH_AGENT_RSA_IDENTITIES_ANSWER  = 2
+    SSH_AGENT_FAILURE                = 5
+    def setup
+      @original, ENV['SSH_AUTH_SOCK'] = ENV['SSH_AUTH_SOCK'], "/path/to/ssh.agent.sock"
+    end
+    def teardown
+      ENV['SSH_AUTH_SOCK'] = @original
+    end
+    def test_connect_should_use_agent_factory_to_determine_connection_type
+      factory.expects(:open).with("/path/to/ssh.agent.sock").returns(socket)
+      agent(false).connect!
+    end
+    def test_connect_should_raise_error_if_connection_could_not_be_established
+      factory.expects(:open).raises(SocketError)
+      assert_raises(Net::SSH::Authentication::AgentNotAvailable) { agent(false).connect! }
+    end
+    def test_negotiate_should_raise_error_if_ssh2_agent_response_recieved
+      socket.expect do |s, type, buffer|
+        assert_equal SSH2_AGENT_REQUEST_VERSION, type
+        assert_equal Net::SSH::Transport::ServerVersion::PROTO_VERSION, buffer.read_string
+        s.return(SSH2_AGENT_VERSION_RESPONSE)
+      end
+      assert_raises(NotImplementedError) { agent.negotiate! }
+    end
+    def test_negotiate_should_raise_error_if_response_was_unexpected
+      socket.expect do |s, type, buffer|
+        assert_equal SSH2_AGENT_REQUEST_VERSION, type
+        s.return(255)
+      end
+      assert_raises(Net::SSH::Authentication::AgentError) { agent.negotiate! }
+    end
+    def test_negotiate_should_be_successful_with_expected_response
+      socket.expect do |s, type, buffer|
+        assert_equal SSH2_AGENT_REQUEST_VERSION, type
+        s.return(SSH_AGENT_RSA_IDENTITIES_ANSWER)
+      end
+      assert_nothing_raised { agent(:connect).negotiate! }
+    end
+    def test_identities_should_fail_if_SSH_AGENT_FAILURE_recieved
+      socket.expect do |s, type, buffer|
+        assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
+        s.return(SSH_AGENT_FAILURE)
+      end
+      assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
+    end
+    def test_identities_should_fail_if_SSH2_AGENT_FAILURE_recieved
+      socket.expect do |s, type, buffer|
+        assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
+        s.return(SSH2_AGENT_FAILURE)
+      end
+      assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
+    end
+    def test_identities_should_fail_if_SSH_COM_AGENT2_FAILURE_recieved
+      socket.expect do |s, type, buffer|
+        assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
+        s.return(SSH_COM_AGENT2_FAILURE)
+      end
+      assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
+    end
+    def test_identities_should_fail_if_response_is_not_SSH2_AGENT_IDENTITIES_ANSWER
+      socket.expect do |s, type, buffer|
+        assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
+        s.return(255)
+      end
+      assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
+    end
+    def test_identities_should_augment_identities_with_comment_field
+      key1 = key
+      key2 = OpenSSL::PKey::DSA.new(32)
+      socket.expect do |s, type, buffer|
+        assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
+        s.return(SSH2_AGENT_IDENTITIES_ANSWER, :long, 2, :string, Net::SSH::Buffer.from(:key, key1), :string, "My favorite key", :string, Net::SSH::Buffer.from(:key, key2), :string, "Okay, but not the best")
+      end
+      result = agent.identities
+      assert_equal key1.to_blob, result.first.to_blob
+      assert_equal key2.to_blob, result.last.to_blob
+      assert_equal "My favorite key", result.first.comment
+      assert_equal "Okay, but not the best", result.last.comment
+    end
+    def test_close_should_close_socket
+      socket.expects(:close)
+      agent.close
+    end
+    def test_sign_should_fail_if_response_is_SSH_AGENT_FAILURE
+      socket.expect { |s,| s.return(SSH_AGENT_FAILURE) }
+      assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
+    end
+    def test_sign_should_fail_if_response_is_SSH2_AGENT_FAILURE
+      socket.expect { |s,| s.return(SSH2_AGENT_FAILURE) }
+      assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
+    end
+    def test_sign_should_fail_if_response_is_SSH_COM_AGENT2_FAILURE
+      socket.expect { |s,| s.return(SSH_COM_AGENT2_FAILURE) }
+      assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
+    end
+    def test_sign_should_fail_if_response_is_not_SSH2_AGENT_SIGN_RESPONSE
+      socket.expect { |s,| s.return(255) }
+      assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
+    end
+    def test_sign_should_return_signed_data_from_agent
+      socket.expect do |s,type,buffer|
+        assert_equal SSH2_AGENT_SIGN_REQUEST, type
+        assert_equal key.to_blob, Net::SSH::Buffer.new(buffer.read_string).read_key.to_blob
+        assert_equal "hello world", buffer.read_string
+        assert_equal 0, buffer.read_long
+        s.return(SSH2_AGENT_SIGN_RESPONSE, :string, "abcxyz123")
+      end
+      assert_equal "abcxyz123", agent.sign(key, "hello world")
+    end
+    private
+      class MockSocket
+        def initialize
+          @expectation = nil
+          @buffer = Net::SSH::Buffer.new
+        end
+        def expect(&block)
+          @expectation = block
+        end
+        def return(type, *args)
+          data = Net::SSH::Buffer.from(*args)
+          @buffer.append([data.length+1, type, data.to_s].pack("NCA*"))
+        end
+        def send(data, flags)
+          raise "got #{data.inspect} but no packet was expected" unless @expectation
+          buffer = Net::SSH::Buffer.new(data)
+          buffer.read_long # skip the length
+          type = buffer.read_byte
+          @expectation.call(self, type, buffer)
+          @expectation = nil
+        end
+        def read(length)
+          @buffer.read(length)
+        end
+      end
+      def key
+        @key ||= OpenSSL::PKey::RSA.new(32)
+      end
+      def socket
+        @socket ||= MockSocket.new
+      end
+      def factory
+        @factory ||= stub("socket factory", :open => socket)
+      end
+      def agent(auto=:connect)
+        @agent ||= begin
+          agent = Net::SSH::Authentication::Agent.new
+          agent.stubs(:agent_socket_factory).returns(factory)
+          agent.connect! if auto == :connect
+          agent
+        end
+      end
+  end
+end

data/test/authentication/test_key_manager.rb ADDED Viewed

@@ -0,0 +1,105 @@
+require 'common'
+require 'net/ssh/authentication/key_manager'
+module Authentication
+  class TestKeyManager < Test::Unit::TestCase
+    def test_key_files_and_known_identities_are_empty_by_default
+      assert manager.key_files.empty?
+      assert manager.known_identities.empty?
+    end
+    def test_assume_agent_is_available_by_default
+      assert manager.use_agent?
+    end
+    def test_add_ensures_list_is_unique
+      manager.add "/first"
+      manager.add "/second"
+      manager.add "/third"
+      manager.add "/second"
+      assert_equal %w(/first /second /third), manager.key_files
+    end
+    def test_use_agent_should_be_set_to_false_if_agent_could_not_be_found
+      Net::SSH::Authentication::Agent.expects(:connect).raises(Net::SSH::Authentication::AgentNotAvailable)
+      assert manager.use_agent?
+      assert_nil manager.agent
+      assert !manager.use_agent?
+    end
+    def test_each_identity_should_load_from_key_files
+      manager.stubs(:agent).returns(nil)
+      stub_file_key "/first", rsa
+      stub_file_key "/second", dsa
+      identities = []
+      manager.each_identity { |identity| identities << identity }
+      assert_equal 2, identities.length
+      assert_equal rsa.to_blob, identities.first.to_blob
+      assert_equal dsa.to_blob, identities.last.to_blob
+      assert_equal({:from => :file, :file => "/first", :key => rsa}, manager.known_identities[rsa])
+      assert_equal({:from => :file, :file => "/second", :key => dsa}, manager.known_identities[dsa])
+    end
+    def test_identities_should_load_from_agent
+      manager.stubs(:agent).returns(agent)
+      identities = []
+      manager.each_identity { |identity| identities << identity }
+      assert_equal 2, identities.length
+      assert_equal rsa.to_blob, identities.first.to_blob
+      assert_equal dsa.to_blob, identities.last.to_blob
+      assert_equal({:from => :agent}, manager.known_identities[rsa])
+      assert_equal({:from => :agent}, manager.known_identities[dsa])
+    end
+    def test_sign_with_agent_originated_key_should_request_signature_from_agent
+      manager.stubs(:agent).returns(agent)
+      manager.each_identity { |identity| } # preload the known_identities
+      agent.expects(:sign).with(rsa, "hello, world").returns("abcxyz123")
+      assert_equal "abcxyz123", manager.sign(rsa, "hello, world")
+    end
+    def test_sign_with_file_originated_key_should_load_private_key_and_sign_with_it
+      manager.stubs(:agent).returns(nil)
+      stub_file_key "/first", rsa(512), true
+      rsa.expects(:ssh_do_sign).with("hello, world").returns("abcxyz123")
+      manager.each_identity { |identity| } # preload the known_identities
+      assert_equal "\0\0\0\assh-rsa\0\0\0\011abcxyz123", manager.sign(rsa, "hello, world")
+    end
+    private
+      def stub_file_key(name, key, also_private=false)
+        manager.add(name)
+        File.expects(:readable?).with(name).returns(true)
+        File.expects(:readable?).with(name + ".pub").returns(false)
+        Net::SSH::KeyFactory.expects(:load_private_key).with(name, nil).returns(key).at_least_once
+        key.expects(:public_key).returns(key)
+      end
+      def rsa(size=32)
+        @rsa ||= OpenSSL::PKey::RSA.new(size)
+      end
+      def dsa
+        @dsa ||= OpenSSL::PKey::DSA.new(32)
+      end
+      def agent
+        @agent ||= stub("agent", :identities => [rsa, dsa])
+      end
+      def manager
+        @manager ||= Net::SSH::Authentication::KeyManager.new(nil)
+      end
+  end
+end

data/test/authentication/test_session.rb ADDED Viewed

@@ -0,0 +1,93 @@
+require 'common'
+require 'net/ssh/authentication/session'
+module Authentication
+  class TestSession < Test::Unit::TestCase
+    include Net::SSH::Transport::Constants
+    include Net::SSH::Authentication::Constants
+    def test_constructor_should_set_defaults
+      assert_equal %w(publickey hostbased password keyboard-interactive), session.auth_methods
+      assert_equal session.auth_methods, session.allowed_auth_methods
+    end
+    def test_authenticate_should_raise_error_if_service_request_fails
+      transport.expect do |t, packet|
+        assert_equal SERVICE_REQUEST, packet.type
+        assert_equal "ssh-userauth", packet.read_string
+        t.return(255)
+      end
+      assert_raises(Net::SSH::Exception) { session.authenticate("next service", "username", "password") }
+    end
+    def test_authenticate_should_return_false_if_all_auth_methods_fail
+      transport.expect do |t, packet|
+        assert_equal SERVICE_REQUEST, packet.type
+        assert_equal "ssh-userauth", packet.read_string
+        t.return(SERVICE_ACCEPT)
+      end
+      Net::SSH::Authentication::Methods::Publickey.any_instance.expects(:authenticate).with("next service", "username", "password").returns(false)
+      Net::SSH::Authentication::Methods::Hostbased.any_instance.expects(:authenticate).with("next service", "username", "password").returns(false)
+      Net::SSH::Authentication::Methods::Password.any_instance.expects(:authenticate).with("next service", "username", "password").returns(false)
+      Net::SSH::Authentication::Methods::KeyboardInteractive.any_instance.expects(:authenticate).with("next service", "username", "password").returns(false)
+      assert_equal false, session.authenticate("next service", "username", "password")
+    end
+    def test_next_message_should_silently_handle_USERAUTH_BANNER_packets
+      transport.return(USERAUTH_BANNER, :string, "Howdy, folks!")
+      transport.return(SERVICE_ACCEPT)
+      assert_equal SERVICE_ACCEPT, session.next_message.type
+    end
+    def test_next_message_should_understand_USERAUTH_FAILURE
+      transport.return(USERAUTH_FAILURE, :string, "a,b,c", :bool, false)
+      packet = session.next_message
+      assert_equal USERAUTH_FAILURE, packet.type
+      assert_equal %w(a b c), session.allowed_auth_methods
+    end
+    (60..79).each do |type|
+      define_method("test_next_message_should_return_packets_of_type_#{type}") do
+        transport.return(type)
+        assert_equal type, session.next_message.type
+      end
+    end
+    def test_next_message_should_understand_USERAUTH_SUCCESS
+      transport.return(USERAUTH_SUCCESS)
+      assert !transport.hints[:authenticated]
+      assert_equal USERAUTH_SUCCESS, session.next_message.type
+      assert transport.hints[:authenticated]
+    end
+    def test_next_message_should_raise_error_on_unrecognized_packet_types
+      transport.return(1)
+      assert_raises(Net::SSH::Exception) { session.next_message }
+    end
+    def test_expect_message_should_raise_exception_if_next_packet_is_not_expected_type
+      transport.return(SERVICE_ACCEPT)
+      assert_raises(Net::SSH::Exception) { session.expect_message(USERAUTH_BANNER) }
+    end
+    def test_expect_message_should_return_packet_if_next_packet_is_expected_type
+      transport.return(SERVICE_ACCEPT)
+      assert_equal SERVICE_ACCEPT, session.expect_message(SERVICE_ACCEPT).type
+    end
+    private
+      def session(options={})
+        @session ||= Net::SSH::Authentication::Session.new(transport(options), options)
+      end
+      def transport(options={})
+        @transport ||= MockTransport.new(options)
+      end
+  end
+end

data/test/common.rb ADDED Viewed

@@ -0,0 +1,106 @@
+$LOAD_PATH.unshift "#{File.dirname(__FILE__)}/../lib"
+require 'test/unit'
+require 'mocha'
+require 'net/ssh/buffer'
+require 'net/ssh/config'
+require 'net/ssh/loggable'
+require 'net/ssh/packet'
+require 'net/ssh/transport/session'
+require 'ostruct'
+# clear the default files out so that tests don't get confused by existing
+# SSH config files.
+$original_config_default_files = Net::SSH::Config.default_files.dup
+Net::SSH::Config.default_files.clear
+def P(*args)
+  Net::SSH::Packet.new(Net::SSH::Buffer.from(*args))
+end
+class MockTransport < Net::SSH::Transport::Session
+  class BlockVerifier
+    def initialize(block)
+      @block = block
+    end
+    def verify(data)
+      @block.call(data)
+    end
+  end
+  attr_reader :host_key_verifier
+  attr_accessor :host_as_string
+  attr_accessor :server_version
+  attr_reader :client_options
+  attr_reader :server_options
+  attr_reader :hints, :queue
+  attr_accessor :mock_enqueue
+  def initialize(options={})
+    self.logger = options[:logger]
+    self.host_as_string = "net.ssh.test,127.0.0.1"
+    self.server_version = OpenStruct.new(:version => "SSH-2.0-Ruby/Net::SSH::Test")
+    @expectation = nil
+    @queue = []
+    @hints = {}
+    @socket = options[:socket]
+    @algorithms = OpenStruct.new(:session_id => "abcxyz123")
+    verifier { |data| true }
+  end
+  def send_message(message)
+    buffer = Net::SSH::Buffer.new(message.to_s)
+    if @expectation.nil?
+      raise "got #{message.to_s.inspect} but was not expecting anything"
+    else
+      block, @expectation = @expectation, nil
+      block.call(self, Net::SSH::Packet.new(buffer))
+    end
+  end
+  def enqueue_message(message)
+    if mock_enqueue
+      send_message(message)
+    else
+      super
+    end
+  end
+  def poll_message
+    @queue.shift
+  end
+  def next_message
+    @queue.shift or raise "expected a message from the server but nothing was ready to send"
+  end
+  def return(type, *args)
+    @queue << P(:byte, type, *args)
+  end
+  def expect(&block)
+    @expectation = block
+  end
+  def expect!
+    expect {}
+  end
+  def verifier(&block)
+    @host_key_verifier = BlockVerifier.new(block)
+  end
+  def configure_client(options)
+    @client_options = options
+  end
+  def configure_server(options)
+    @server_options = options
+  end
+  def hint(name, value=true)
+    @hints[name] = value
+  end
+end