net-ssh-net-ssh 2.0.12 → 2.0.13
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.rdoc +14 -2
- data/Manifest +4 -1
- data/README.rdoc +30 -0
- data/Rakefile +1 -1
- data/Rudyfile +110 -0
- data/lib/net/ssh/config.rb +10 -6
- data/lib/net/ssh/proxy/socks5.rb +18 -5
- data/lib/net/ssh/transport/cipher_factory.rb +21 -8
- data/lib/net/ssh/transport/server_version.rb +1 -0
- data/lib/net/ssh/version.rb +1 -1
- data/net-ssh.gemspec +7 -4
- data/support/arcfour_check.rb +20 -0
- data/test/common.rb +1 -0
- data/test/configs/multihost +4 -0
- data/test/test_all.rb +2 -0
- data/test/test_config.rb +16 -1
- data/test/transport/test_cipher_factory.rb +43 -1
- data/test/transport/test_packet_stream.rb +8 -2
- metadata +8 -3
data/CHANGELOG.rdoc
CHANGED
@@ -1,12 +1,24 @@
|
|
1
|
-
=== (unreleased)
|
2
1
|
|
3
|
-
|
2
|
+
|
3
|
+
=== 2.0.13 / 17 Aug 2009
|
4
|
+
|
5
|
+
* Added fix for hanging in ServerVersion#negotiate! when using SOCKS5 proxy (GH-9) [Gerald Talton]
|
6
|
+
|
7
|
+
* Added support for specifying a list of hosts in .ssh/config, with tests (GH-6) [ckoehler, Delano Mandelbaum]
|
8
|
+
|
9
|
+
* Added tests for arcfour128/256/512 lengths, encryption, and decryption [Delano Mandelbaum]
|
10
|
+
|
11
|
+
* Skip packet stream tests for arcfour128/256/512 [Delano Mandelbaum]
|
12
|
+
|
13
|
+
* Fix for OpenSSL cipher key length because it always returns 16, even when 32 byte keys are required, e.g. for arcfour256 and arcfour512 ciphers [Karl Varga]
|
4
14
|
|
5
15
|
|
6
16
|
=== 2.0.12 / 08 Jun 2009
|
7
17
|
|
8
18
|
* Applied patch for arcfour128 and arcfour256 support [Denis Bernard]
|
9
19
|
|
20
|
+
* Use unbuffered reads when negotiating the protocol version [Steven Hazel]
|
21
|
+
|
10
22
|
|
11
23
|
=== 2.0.11 / 24 Feb 2009
|
12
24
|
|
data/Manifest
CHANGED
@@ -2,6 +2,7 @@ CHANGELOG.rdoc
|
|
2
2
|
Manifest
|
3
3
|
README.rdoc
|
4
4
|
Rakefile
|
5
|
+
Rudyfile
|
5
6
|
THANKS.rdoc
|
6
7
|
lib/net/ssh.rb
|
7
8
|
lib/net/ssh/authentication/agent.rb
|
@@ -67,6 +68,7 @@ lib/net/ssh/verifiers/strict.rb
|
|
67
68
|
lib/net/ssh/version.rb
|
68
69
|
net-ssh.gemspec
|
69
70
|
setup.rb
|
71
|
+
support/arcfour_check.rb
|
70
72
|
test/authentication/methods/common.rb
|
71
73
|
test/authentication/methods/test_abstract.rb
|
72
74
|
test/authentication/methods/test_hostbased.rb
|
@@ -79,6 +81,7 @@ test/authentication/test_session.rb
|
|
79
81
|
test/common.rb
|
80
82
|
test/configs/eqsign
|
81
83
|
test/configs/exact_match
|
84
|
+
test/configs/multihost
|
82
85
|
test/configs/wild_cards
|
83
86
|
test/connection/test_channel.rb
|
84
87
|
test/connection/test_session.rb
|
@@ -101,4 +104,4 @@ test/transport/test_identity_cipher.rb
|
|
101
104
|
test/transport/test_packet_stream.rb
|
102
105
|
test/transport/test_server_version.rb
|
103
106
|
test/transport/test_session.rb
|
104
|
-
test/transport/test_state.rb
|
107
|
+
test/transport/test_state.rb
|
data/README.rdoc
CHANGED
@@ -80,10 +80,40 @@ Lastly, if you want to run the tests or use any of the Rake tasks, you'll need:
|
|
80
80
|
* Echoe (for the Rakefile)
|
81
81
|
* Mocha (for the tests)
|
82
82
|
|
83
|
+
|
83
84
|
== INSTALL:
|
84
85
|
|
85
86
|
* gem install net-ssh (might need sudo privileges)
|
86
87
|
|
88
|
+
|
89
|
+
== ARCFOUR SUPPORT:
|
90
|
+
|
91
|
+
from Karl Varga:
|
92
|
+
|
93
|
+
Ruby's OpenSSL bindings always return a key length of 16 for RC4 ciphers, which means that when we try to use ARCFOUR256 or higher, Net::SSH generates keys which are consistently too short - 16 bytes as opposed to 32 bytes - resulting in the following error:
|
94
|
+
|
95
|
+
OpenSSL::CipherError: key length too short
|
96
|
+
|
97
|
+
My patch simply instructs Net::SSH to build keys of the the proper length, regardless of the required key length reported by OpenSSL.
|
98
|
+
|
99
|
+
You should also be aware that your OpenSSL C libraries may also contain this bug. I've updated to 0.9.8k, but according to this thread[https://bugzilla.mindrot.org/show_bug.cgi?id=1291], the bug existed as recently as 0.9.8e! I've manually taken a look at my header files and they look ok, which is what makes me think it's a bug in the Ruby implementation.
|
100
|
+
|
101
|
+
To see your OpenSSL version:
|
102
|
+
|
103
|
+
$ openssl version
|
104
|
+
OpenSSL 0.9.8k 25 Mar 2009
|
105
|
+
|
106
|
+
After installing this gem, verify that Net::SSH is generating keys of the correct length by running the script <tt>support/arcfour_check.rb</tt>:
|
107
|
+
|
108
|
+
$ ruby arcfour_support.rb
|
109
|
+
|
110
|
+
which should produce the following:
|
111
|
+
|
112
|
+
arcfour128: [16, 8] OpenSSL::Cipher::Cipher
|
113
|
+
arcfour256: [32, 8] OpenSSL::Cipher::Cipher
|
114
|
+
arcfour512: [64, 8] OpenSSL::Cipher::Cipher
|
115
|
+
|
116
|
+
|
87
117
|
== LICENSE:
|
88
118
|
|
89
119
|
(The MIT License)
|
data/Rakefile
CHANGED
@@ -50,7 +50,7 @@ end
|
|
50
50
|
if @spec.rubyforge_project
|
51
51
|
desc 'Publish website to rubyforge'
|
52
52
|
task 'publish:rdoc' => 'doc/index.html' do
|
53
|
-
sh "scp -rp doc/* rubyforge.org:/var/www/gforge-projects/#{name}/"
|
53
|
+
sh "scp -rp doc/* rubyforge.org:/var/www/gforge-projects/#{name}/ssh/v2/api/"
|
54
54
|
end
|
55
55
|
|
56
56
|
desc 'Public release to rubyforge'
|
data/Rudyfile
ADDED
@@ -0,0 +1,110 @@
|
|
1
|
+
# Rudyfile
|
2
|
+
#
|
3
|
+
# This configuration is used to test installing
|
4
|
+
# and running net-ssh on a clean machine.
|
5
|
+
#
|
6
|
+
# Usage:
|
7
|
+
#
|
8
|
+
# $ rudy -vv startup
|
9
|
+
# $ rudy -vv testsuite
|
10
|
+
# $ rudy -vv shutdown
|
11
|
+
#
|
12
|
+
# Requires: Rudy 0.9 (http://code.google.com/p/rudy/)
|
13
|
+
#
|
14
|
+
|
15
|
+
defaults do
|
16
|
+
color true
|
17
|
+
environment :test
|
18
|
+
role :netssh
|
19
|
+
end
|
20
|
+
|
21
|
+
machines do
|
22
|
+
region :'us-east-1' do
|
23
|
+
ami 'ami-e348af8a' # Alestic Debian 5.0, 32-bit (US)
|
24
|
+
end
|
25
|
+
env :test do
|
26
|
+
role :netssh do
|
27
|
+
user :root
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
commands do
|
33
|
+
allow :apt_get, "apt-get", :y, :q
|
34
|
+
allow :gem_install, "/usr/bin/gem", "install", :n, '/usr/bin', :y, :V, "--no-rdoc", "--no-ri"
|
35
|
+
allow :gem_sources, "/usr/bin/gem", "sources"
|
36
|
+
allow :gem_uninstall, "/usr/bin/gem", "uninstall", :V
|
37
|
+
allow :update_rubygems
|
38
|
+
allow :rm
|
39
|
+
end
|
40
|
+
|
41
|
+
routines do
|
42
|
+
|
43
|
+
testsuite do
|
44
|
+
before :sysupdate, :installdeps, :install_gem
|
45
|
+
|
46
|
+
remote :root do
|
47
|
+
directory_upload 'test', '/tmp/'
|
48
|
+
cd '/tmp'
|
49
|
+
ruby :I, 'lib/', :I, 'test/', :r, 'rubygems', 'test/test_all.rb'
|
50
|
+
end
|
51
|
+
|
52
|
+
after :install_rubyforge, :install_github
|
53
|
+
end
|
54
|
+
|
55
|
+
install_rubyforge do
|
56
|
+
remote :root do
|
57
|
+
gem_install 'net-ssh', '--version', '2.0.7'
|
58
|
+
gem_install 'net-ssh'
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
install_github do
|
63
|
+
remote :root do
|
64
|
+
gem_sources :a, "http://gems.github.com"
|
65
|
+
gem_install 'net-ssh-net-ssh'
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
install_gem do
|
70
|
+
before :package_gem
|
71
|
+
remote :root do
|
72
|
+
disable_safe_mode
|
73
|
+
file_upload "pkg/net-ssh-*.gem", "/tmp/"
|
74
|
+
gem_install "/tmp/net-ssh-*.gem"
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
package_gem do
|
79
|
+
local do
|
80
|
+
rm :r, :f, 'pkg'
|
81
|
+
rake 'package'
|
82
|
+
end
|
83
|
+
end
|
84
|
+
|
85
|
+
remove do
|
86
|
+
remote :root do
|
87
|
+
gem_uninstall 'net-ssh'
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
installdeps do
|
92
|
+
remote :root do
|
93
|
+
gem_install "rye", "test-unit", "mocha"
|
94
|
+
rye 'authorize-local'
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
sysupdate do
|
99
|
+
remote :root do
|
100
|
+
apt_get "update"
|
101
|
+
apt_get "install", "build-essential", "git-core"
|
102
|
+
apt_get "install", "ruby1.8-dev", "rdoc", "libzlib-ruby", "rubygems"
|
103
|
+
mkdir :p, "/var/lib/gems/1.8/bin" # Doesn't get created, but causes Rubygems to fail
|
104
|
+
gem_install "builder", "session"
|
105
|
+
gem_install 'rubygems-update', "-v=1.3.4" # circular issue with 1.3.5 and hoe
|
106
|
+
update_rubygems
|
107
|
+
end
|
108
|
+
end
|
109
|
+
end
|
110
|
+
|
data/lib/net/ssh/config.rb
CHANGED
@@ -57,11 +57,12 @@ module Net; module SSH
|
|
57
57
|
def load(file, host, settings={})
|
58
58
|
file = File.expand_path(file)
|
59
59
|
return settings unless File.readable?(file)
|
60
|
-
|
61
|
-
|
60
|
+
|
61
|
+
matched_host = nil
|
62
|
+
multi_host = []
|
62
63
|
IO.foreach(file) do |line|
|
63
64
|
next if line =~ /^\s*(?:#.*)?$/
|
64
|
-
|
65
|
+
|
65
66
|
if line =~ /^\s*(\S+)\s*=(.*)$/
|
66
67
|
key, value = $1, $2
|
67
68
|
else
|
@@ -82,8 +83,11 @@ module Net; module SSH
|
|
82
83
|
end
|
83
84
|
|
84
85
|
if key == 'host'
|
85
|
-
|
86
|
-
|
86
|
+
# Support "Host host1,host2,hostN".
|
87
|
+
# See http://github.com/net-ssh/net-ssh/issues#issue/6
|
88
|
+
multi_host = value.split(/,\s+/)
|
89
|
+
matched_host = multi_host.select { |h| host =~ pattern2regex(h) }.first
|
90
|
+
elsif !matched_host.nil?
|
87
91
|
if key == 'identityfile'
|
88
92
|
settings[key] ||= []
|
89
93
|
settings[key] << value
|
@@ -92,7 +96,7 @@ module Net; module SSH
|
|
92
96
|
end
|
93
97
|
end
|
94
98
|
end
|
95
|
-
|
99
|
+
|
96
100
|
return settings
|
97
101
|
end
|
98
102
|
|
data/lib/net/ssh/proxy/socks5.rb
CHANGED
@@ -94,11 +94,24 @@ module Net
|
|
94
94
|
|
95
95
|
packet << [port].pack("n")
|
96
96
|
socket.send packet, 0
|
97
|
-
|
98
|
-
version, reply, = socket.recv(
|
99
|
-
|
100
|
-
socket.recv(
|
101
|
-
|
97
|
+
|
98
|
+
version, reply, = socket.recv(2).unpack("C*")
|
99
|
+
socket.recv(1)
|
100
|
+
address_type = socket.recv(1).getbyte(0)
|
101
|
+
case address_type
|
102
|
+
when 1
|
103
|
+
socket.recv(4) # get four bytes for IPv4 address
|
104
|
+
when 3
|
105
|
+
len = socket.recv(1).getbyte(0)
|
106
|
+
hostname = socket.recv(len)
|
107
|
+
when 4
|
108
|
+
ipv6addr hostname = socket.recv(16)
|
109
|
+
else
|
110
|
+
socket.close
|
111
|
+
raise ConnectionError, "Illegal response type"
|
112
|
+
end
|
113
|
+
portnum = socket.recv(2)
|
114
|
+
|
102
115
|
unless reply == SUCCESS
|
103
116
|
socket.close
|
104
117
|
raise ConnectError, "#{reply}"
|
@@ -17,9 +17,18 @@ module Net; module SSH; module Transport
|
|
17
17
|
"rijndael-cbc@lysator.liu.se" => "aes-256-cbc",
|
18
18
|
"arcfour128" => "rc4",
|
19
19
|
"arcfour256" => "rc4",
|
20
|
+
"arcfour512" => "rc4",
|
20
21
|
"none" => "none"
|
21
22
|
}
|
22
|
-
|
23
|
+
|
24
|
+
# Ruby's OpenSSL bindings always return a key length of 16 for RC4 ciphers
|
25
|
+
# resulting in the error: OpenSSL::CipherError: key length too short.
|
26
|
+
# The following ciphers will override this key length.
|
27
|
+
KEY_LEN_OVERRIDE = {
|
28
|
+
"arcfour256" => 32,
|
29
|
+
"arcfour512" => 64
|
30
|
+
}
|
31
|
+
|
23
32
|
# Returns true if the underlying OpenSSL library supports the given cipher,
|
24
33
|
# and false otherwise.
|
25
34
|
def self.supported?(name)
|
@@ -42,8 +51,9 @@ module Net; module SSH; module Transport
|
|
42
51
|
|
43
52
|
cipher.padding = 0
|
44
53
|
cipher.iv = make_key(cipher.iv_len, options[:iv], options) if ossl_name != "rc4"
|
45
|
-
|
46
|
-
cipher.
|
54
|
+
key_len = KEY_LEN_OVERRIDE[name] || cipher.key_len
|
55
|
+
cipher.key_len = key_len
|
56
|
+
cipher.key = make_key(key_len, options[:key], options)
|
47
57
|
cipher.update(" " * 1536) if ossl_name == "rc4"
|
48
58
|
|
49
59
|
return cipher
|
@@ -58,7 +68,10 @@ module Net; module SSH; module Transport
|
|
58
68
|
return [0, 0] if ossl_name.nil? || ossl_name == "none"
|
59
69
|
|
60
70
|
cipher = OpenSSL::Cipher::Cipher.new(ossl_name)
|
61
|
-
|
71
|
+
key_len = KEY_LEN_OVERRIDE[name] || cipher.key_len
|
72
|
+
cipher.key_len = key_len
|
73
|
+
|
74
|
+
return [key_len, ossl_name=="rc4" ? 8 : cipher.block_size]
|
62
75
|
end
|
63
76
|
|
64
77
|
private
|
@@ -66,10 +79,10 @@ module Net; module SSH; module Transport
|
|
66
79
|
# Generate a key value in accordance with the SSH2 specification.
|
67
80
|
def self.make_key(bytes, start, options={})
|
68
81
|
k = start[0, bytes]
|
69
|
-
|
70
|
-
digester = options[:digester]
|
71
|
-
shared = options[:shared]
|
72
|
-
hash = options[:hash]
|
82
|
+
|
83
|
+
digester = options[:digester] or raise 'No digester supplied'
|
84
|
+
shared = options[:shared] or raise 'No shared secret supplied'
|
85
|
+
hash = options[:hash] or raise 'No hash supplied'
|
73
86
|
|
74
87
|
while k.length < bytes
|
75
88
|
step = digester.digest(shared + hash + k)
|
data/lib/net/ssh/version.rb
CHANGED
data/net-ssh.gemspec
CHANGED
@@ -1,18 +1,18 @@
|
|
1
1
|
@spec = Gem::Specification.new do |s|
|
2
2
|
s.name = "net-ssh"
|
3
3
|
s.rubyforge_project = 'net-ssh'
|
4
|
-
s.version = "2.0.
|
4
|
+
s.version = "2.0.13"
|
5
5
|
s.summary = "Net::SSH: a pure-Ruby implementation of the SSH2 client protocol."
|
6
6
|
s.description = s.summary
|
7
|
-
s.
|
7
|
+
s.authors = ["Jamis Buck", "Delano Mandelbaum"]
|
8
8
|
s.email = "net-ssh@solutious.com"
|
9
|
-
s.homepage = "http://
|
9
|
+
s.homepage = "http://rubyforge.org/projects/net-ssh/"
|
10
10
|
|
11
11
|
s.extra_rdoc_files = %w[README.rdoc THANKS.rdoc CHANGELOG.rdoc]
|
12
12
|
s.has_rdoc = true
|
13
13
|
s.rdoc_options = ["--line-numbers", "--title", s.summary, "--main", "README.rdoc"]
|
14
14
|
s.require_paths = %w[lib]
|
15
|
-
s.rubygems_version = '1.
|
15
|
+
s.rubygems_version = '1.3.2'
|
16
16
|
|
17
17
|
s.executables = %w[]
|
18
18
|
|
@@ -22,6 +22,7 @@
|
|
22
22
|
Manifest
|
23
23
|
README.rdoc
|
24
24
|
Rakefile
|
25
|
+
Rudyfile
|
25
26
|
THANKS.rdoc
|
26
27
|
lib/net/ssh.rb
|
27
28
|
lib/net/ssh/authentication/agent.rb
|
@@ -87,6 +88,7 @@
|
|
87
88
|
lib/net/ssh/version.rb
|
88
89
|
net-ssh.gemspec
|
89
90
|
setup.rb
|
91
|
+
support/arcfour_check.rb
|
90
92
|
test/authentication/methods/common.rb
|
91
93
|
test/authentication/methods/test_abstract.rb
|
92
94
|
test/authentication/methods/test_hostbased.rb
|
@@ -99,6 +101,7 @@
|
|
99
101
|
test/common.rb
|
100
102
|
test/configs/eqsign
|
101
103
|
test/configs/exact_match
|
104
|
+
test/configs/multihost
|
102
105
|
test/configs/wild_cards
|
103
106
|
test/connection/test_channel.rb
|
104
107
|
test/connection/test_session.rb
|
@@ -0,0 +1,20 @@
|
|
1
|
+
|
2
|
+
require 'net/ssh'
|
3
|
+
|
4
|
+
# ARCFOUR CHECK
|
5
|
+
#
|
6
|
+
# Usage:
|
7
|
+
# $ ruby support/arcfour_check.rb
|
8
|
+
#
|
9
|
+
# Expected Output:
|
10
|
+
# arcfour128: [16, 8] OpenSSL::Cipher::Cipher
|
11
|
+
# arcfour256: [32, 8] OpenSSL::Cipher::Cipher
|
12
|
+
# arcfour512: [64, 8] OpenSSL::Cipher::Cipher
|
13
|
+
|
14
|
+
[['arcfour128', 16], ['arcfour256', 32], ['arcfour512', 64]].each do |cipher|
|
15
|
+
print "#{cipher[0]}: "
|
16
|
+
a = Net::SSH::Transport::CipherFactory.get_lengths(cipher[0])
|
17
|
+
b = Net::SSH::Transport::CipherFactory.get(cipher[0], :key => ([].fill('x', 0, cipher[1]).join))
|
18
|
+
puts "#{a} #{b.class}"
|
19
|
+
end
|
20
|
+
|
data/test/common.rb
CHANGED
data/test/test_all.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# $ ruby -Ilib -Itest -rrubygems test/test_all.rb
|
2
|
+
# $ ruby -Ilib -Itest -rrubygems test/transport/test_server_version.rb
|
1
3
|
Dir.chdir(File.dirname(__FILE__)) do
|
2
4
|
test_files = Dir['**/test_*.rb']
|
3
5
|
test_files = test_files.select { |f| f =~ Regexp.new(ENV['ONLY']) } if ENV['ONLY']
|
data/test/test_config.rb
CHANGED
@@ -37,7 +37,22 @@ class TestConfig < Test::Unit::TestCase
|
|
37
37
|
assert_equal %w(~/.ssh/id_dsa), config[:keys]
|
38
38
|
assert !config.key?(:rekey_limit)
|
39
39
|
end
|
40
|
-
|
40
|
+
|
41
|
+
def test_load_with_multiple_hosts
|
42
|
+
config = Net::SSH::Config.load(config(:multihost), "test.host")
|
43
|
+
assert config['compression']
|
44
|
+
assert_equal '2G', config['rekeylimit']
|
45
|
+
assert_equal 1980, config['port']
|
46
|
+
end
|
47
|
+
|
48
|
+
def test_load_with_multiple_hosts_and_config_should_match_for_both
|
49
|
+
aconfig = Net::SSH::Config.load(config(:multihost), "test.host")
|
50
|
+
bconfig = Net::SSH::Config.load(config(:multihost), "other.host")
|
51
|
+
assert_equal aconfig['port'], bconfig['port']
|
52
|
+
assert_equal aconfig['compression'], bconfig['compression']
|
53
|
+
assert_equal aconfig['rekeylimit'], bconfig['rekeylimit']
|
54
|
+
end
|
55
|
+
|
41
56
|
def test_load_should_parse_equal_sign_delimiters
|
42
57
|
config = Net::SSH::Config.load(config(:eqsign), "test.test")
|
43
58
|
assert config['compression']
|
@@ -47,6 +47,18 @@ module Transport
|
|
47
47
|
assert_equal [32,16], factory.get_lengths("aes256-cbc")
|
48
48
|
end
|
49
49
|
|
50
|
+
def test_lengths_for_arcfour128
|
51
|
+
assert_equal [16,8], factory.get_lengths("arcfour128")
|
52
|
+
end
|
53
|
+
|
54
|
+
def test_lengths_for_arcfour256
|
55
|
+
assert_equal [32,8], factory.get_lengths("arcfour256")
|
56
|
+
end
|
57
|
+
|
58
|
+
def test_lengths_for_arcfour512
|
59
|
+
assert_equal [64,8], factory.get_lengths("arcfour512")
|
60
|
+
end
|
61
|
+
|
50
62
|
BLOWFISH = "\210\021\200\315\240_\026$\352\204g\233\244\242x\332e\370\001\327\224Nv@9_\323\037\252kb\037\036\237\375]\343/y\037\237\312Q\f7]\347Y\005\275%\377\0010$G\272\250B\265Nd\375\342\372\025r6}+Y\213y\n\237\267\\\374^\346BdJ$\353\220Ik\023<\236&H\277=\225"
|
51
63
|
|
52
64
|
def test_blowfish_cbc_for_encryption
|
@@ -128,7 +140,37 @@ module Transport
|
|
128
140
|
def test_aes256_cbc_for_decryption
|
129
141
|
assert_equal TEXT, decrypt("aes256-cbc", AES256)
|
130
142
|
end
|
143
|
+
|
144
|
+
ARCFOUR128 = "\n\x90\xED*\xD4\xBE\xCBg5\xA5\a\xEC]\x97\xB7L\x06)6\x12FL\x90@\xF4Sqxqh\r\x11\x1Aq \xC8\xE6v\xC6\x12\xD9<A\xDAZ\xFE\x7F\x88\x19f.\x06\xA7\xFE:\xFF\x93\x9B\x8D\xA0\\\x9E\xCA\x03\x15\xE1\xE2\f\xC0\b\xA2C\xE1\xBD\xB6\x13D\xD1\xB4'g\x89\xDC\xEB\f\x19Z)U"
|
145
|
+
|
146
|
+
def test_arcfour128_for_encryption
|
147
|
+
assert_equal ARCFOUR128, encrypt("arcfour128")
|
148
|
+
end
|
149
|
+
|
150
|
+
def test_arcfour128_for_decryption
|
151
|
+
assert_equal TEXT, decrypt("arcfour128", ARCFOUR128)
|
152
|
+
end
|
153
|
+
|
154
|
+
ARCFOUR256 = "|g\xCCw\xF5\xC1y\xEB\xF0\v\xF7\x83\x14\x03\xC8\xAB\xE8\xC2\xFCY\xDC,\xB8\xD4dVa\x8B\x18%\xA4S\x00\xE0at\x86\xE8\xA6W\xAB\xD2\x9D\xA8\xDE[g\aZy.\xFB\xFC\x82c\x04h\f\xBFYq\xB7U\x80\x0EG\x91\x88\xDF\xA3\xA2\xFA(\xEC\xDB\xA4\xE7\xFE)\x12u\xAF\x0EZ\xA0\xBA\x97\n\xFC"
|
131
155
|
|
156
|
+
def test_arcfour256_for_encryption
|
157
|
+
assert_equal ARCFOUR256, encrypt("arcfour256")
|
158
|
+
end
|
159
|
+
|
160
|
+
def test_arcfour256_for_decryption
|
161
|
+
assert_equal TEXT, decrypt("arcfour256", ARCFOUR256)
|
162
|
+
end
|
163
|
+
|
164
|
+
ARCFOUR512 = "|8\"v\xE7\xE3\b\xA8\x19\x9Aa\xB6Vv\x00\x11\x8A$C\xB6xE\xEF\xF1j\x90\xA8\xFA\x10\xE4\xA1b8\xF6\x04\xF2+\xC0\xD1(8\xEBT]\xB0\xF3/\xD9\xE0@\x83\a\x93\x9D\xCA\x04RXS\xB7A\x0Fj\x94\bE\xEB\x84j\xB4\xDF\nU\xF7\x83o\n\xE8\xF9\x01{jH\xEE\xCDQym\x9E"
|
165
|
+
|
166
|
+
def test_arcfour512_for_encryption
|
167
|
+
assert_equal ARCFOUR512, encrypt("arcfour512")
|
168
|
+
end
|
169
|
+
|
170
|
+
def test_arcfour512_for_decryption
|
171
|
+
assert_equal TEXT, decrypt("arcfour512", ARCFOUR512)
|
172
|
+
end
|
173
|
+
|
132
174
|
def test_none_for_encryption
|
133
175
|
assert_equal TEXT, encrypt("none").strip
|
134
176
|
end
|
@@ -136,7 +178,7 @@ module Transport
|
|
136
178
|
def test_none_for_decryption
|
137
179
|
assert_equal TEXT, decrypt("none", TEXT)
|
138
180
|
end
|
139
|
-
|
181
|
+
|
140
182
|
private
|
141
183
|
|
142
184
|
TEXT = "But soft! What light through yonder window breaks? It is the east, and Juliet is the sun!"
|
@@ -371,12 +371,18 @@ module Transport
|
|
371
371
|
|
372
372
|
ciphers.each do |cipher_name|
|
373
373
|
next unless Net::SSH::Transport::CipherFactory.supported?(cipher_name)
|
374
|
-
|
374
|
+
|
375
|
+
# TODO: How are the expected packets generated?
|
376
|
+
if cipher_name =~ /arcfour/
|
377
|
+
puts "Skipping packet stream test for #{cipher_name}"
|
378
|
+
next
|
379
|
+
end
|
380
|
+
|
375
381
|
hmacs.each do |hmac_name|
|
376
382
|
[false, :standard].each do |compress|
|
377
383
|
cipher_method_name = cipher_name.gsub(/\W/, "_")
|
378
384
|
hmac_method_name = hmac_name.gsub(/\W/, "_")
|
379
|
-
|
385
|
+
|
380
386
|
define_method("test_next_packet_with_#{cipher_method_name}_and_#{hmac_method_name}_and_#{compress}_compression") do
|
381
387
|
cipher = Net::SSH::Transport::CipherFactory.get(cipher_name, :key => "ABC", :iv => "abc", :shared => "123", :digester => OpenSSL::Digest::SHA1, :hash => "^&*", :decrypt => true)
|
382
388
|
hmac = Net::SSH::Transport::HMAC.get(hmac_name, "{}|")
|
metadata
CHANGED
@@ -1,10 +1,11 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: net-ssh-net-ssh
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.13
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jamis Buck
|
8
|
+
- Delano Mandelbaum
|
8
9
|
autorequire:
|
9
10
|
bindir: bin
|
10
11
|
cert_chain: []
|
@@ -28,6 +29,7 @@ files:
|
|
28
29
|
- Manifest
|
29
30
|
- README.rdoc
|
30
31
|
- Rakefile
|
32
|
+
- Rudyfile
|
31
33
|
- THANKS.rdoc
|
32
34
|
- lib/net/ssh.rb
|
33
35
|
- lib/net/ssh/authentication/agent.rb
|
@@ -93,6 +95,7 @@ files:
|
|
93
95
|
- lib/net/ssh/version.rb
|
94
96
|
- net-ssh.gemspec
|
95
97
|
- setup.rb
|
98
|
+
- support/arcfour_check.rb
|
96
99
|
- test/authentication/methods/common.rb
|
97
100
|
- test/authentication/methods/test_abstract.rb
|
98
101
|
- test/authentication/methods/test_hostbased.rb
|
@@ -105,6 +108,7 @@ files:
|
|
105
108
|
- test/common.rb
|
106
109
|
- test/configs/eqsign
|
107
110
|
- test/configs/exact_match
|
111
|
+
- test/configs/multihost
|
108
112
|
- test/configs/wild_cards
|
109
113
|
- test/connection/test_channel.rb
|
110
114
|
- test/connection/test_session.rb
|
@@ -129,7 +133,8 @@ files:
|
|
129
133
|
- test/transport/test_session.rb
|
130
134
|
- test/transport/test_state.rb
|
131
135
|
has_rdoc: true
|
132
|
-
homepage: http://
|
136
|
+
homepage: http://rubyforge.org/projects/net-ssh/
|
137
|
+
licenses:
|
133
138
|
post_install_message:
|
134
139
|
rdoc_options:
|
135
140
|
- --line-numbers
|
@@ -154,7 +159,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
154
159
|
requirements: []
|
155
160
|
|
156
161
|
rubyforge_project: net-ssh
|
157
|
-
rubygems_version: 1.
|
162
|
+
rubygems_version: 1.3.5
|
158
163
|
signing_key:
|
159
164
|
specification_version: 2
|
160
165
|
summary: "Net::SSH: a pure-Ruby implementation of the SSH2 client protocol."
|