net-ssh 0.5.0

data/lib/net/ssh/connection/term.rb

@@ -0,0 +1,90 @@
+#--
+# =============================================================================
+# Copyright (c) 2004, Jamis Buck (jgb3@email.byu.edu)
+# All rights reserved.
+#
+# This source file is distributed as part of the Net::SSH Secure Shell Client
+# library for Ruby. This file (and the library as a whole) may be used only as
+# allowed by either the BSD license, or the Ruby license (or, by association
+# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
+# distribution for the texts of these licenses.
+# -----------------------------------------------------------------------------
+# net-ssh website : http://net-ssh.rubyforge.org
+# project website: http://rubyforge.org/projects/net-ssh
+# =============================================================================
+#++
+
+module Net
+  module SSH
+    module Connection
+      
+      # Terminal opcodes, for use when opening pty's.
+      module Term
+
+        TTY_OP_END = 0
+        VINTR = 1
+        VQUIT = 2
+        VERASE = 3
+        VKILL = 4
+        VEOF = 5
+        VEOL = 6
+        VEOL2 = 7
+        VSTART = 8
+        VSTOP = 9
+        VSUSP = 10
+        VDSUSP = 11
+        VREPRINT = 12
+        VWERASE = 13
+        VLNEXT = 14
+        VFLUSH = 15
+        VSWITCH = 16
+        VSTATUS = 17
+        VDISCARD = 18
+
+        IGNPAR = 30
+        PARMRK = 31
+        INPCK = 32
+        ISTRIP = 33
+        INCLR = 34
+        IGNCR = 35
+        ICRNL = 36
+        IUCLC = 37
+        IXON = 38
+        IXANY = 39
+        IXOFF = 40
+        IMAXBEL = 41
+
+        ISIG = 50
+        ICANON = 51
+        XCASE = 52
+        ECHO = 53
+        ECHOE = 54
+        ECHOK = 55
+        ECHONL = 56
+        NOFLSH = 57
+        TOSTOP= 58
+        IEXTEN = 59
+        ECHOCTL = 60
+        ECHOKE = 61
+        PENDIN = 62
+
+        OPOST = 70
+        OLCUC = 71
+        ONLCR = 72
+        OCRNL = 73
+        ONOCR = 74
+        ONLRET = 75
+
+        CS7 = 90
+        CS8 = 91
+        PARENB = 92
+        PARODD = 93
+
+        TTY_OP_ISPEED = 128
+        TTY_OP_OSPEED = 129
+
+      end
+
+    end
+  end
+end

data/lib/net/ssh/errors.rb

@@ -0,0 +1,27 @@
+#--
+# =============================================================================
+# Copyright (c) 2004, Jamis Buck (jgb3@email.byu.edu)
+# All rights reserved.
+#
+# This source file is distributed as part of the Net::SSH Secure Shell Client
+# library for Ruby. This file (and the library as a whole) may be used only as
+# allowed by either the BSD license, or the Ruby license (or, by association
+# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
+# distribution for the texts of these licenses.
+# -----------------------------------------------------------------------------
+# net-ssh website : http://net-ssh.rubyforge.org
+# project website: http://rubyforge.org/projects/net-ssh
+# =============================================================================
+#++
+
+module Net
+  module SSH
+
+    # The ancestor class of all exceptions raised in the Net::SSH module.
+    class Exception < StandardError; end
+
+    # Raised when user authentication failed.
+    class AuthenticationFailed < Exception; end
+
+  end
+end

data/lib/net/ssh/proxy/errors.rb

@@ -0,0 +1,34 @@
+#--
+# =============================================================================
+# Copyright (c) 2004, Jamis Buck (jgb3@email.byu.edu)
+# All rights reserved.
+#
+# This source file is distributed as part of the Net::SSH Secure Shell Client
+# library for Ruby. This file (and the library as a whole) may be used only as
+# allowed by either the BSD license, or the Ruby license (or, by association
+# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
+# distribution for the texts of these licenses.
+# -----------------------------------------------------------------------------
+# net-ssh website : http://net-ssh.rubyforge.org
+# project website: http://rubyforge.org/projects/net-ssh
+# =============================================================================
+#++
+
+require 'net/ssh/errors'
+
+module Net
+  module SSH
+    module Proxy
+
+      # A general exception class for all Proxy errors.
+      class Error < Net::SSH::Exception; end
+
+      # Used for reporting proxy connection errors.
+      class ConnectError < Error; end
+
+      # Used when the server doesn't recognize the users credentials
+      class UnauthorizedError < Error; end
+
+    end
+  end
+end

data/lib/net/ssh/proxy/http.rb

@@ -0,0 +1,126 @@
+#--
+# =============================================================================
+# Copyright (c) 2004, Jamis Buck (jgb3@email.byu.edu)
+# All rights reserved.
+#
+# This source file is distributed as part of the Net::SSH Secure Shell Client
+# library for Ruby. This file (and the library as a whole) may be used only as
+# allowed by either the BSD license, or the Ruby license (or, by association
+# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
+# distribution for the texts of these licenses.
+# -----------------------------------------------------------------------------
+# net-ssh website : http://net-ssh.rubyforge.org
+# project website: http://rubyforge.org/projects/net-ssh
+# =============================================================================
+#++
+
+require 'socket'
+require 'base64'
+require 'net/ssh/proxy/errors'
+
+module Net
+  module SSH
+    module Proxy
+
+      # An implementation of a socket factory that returns a socket which
+      # will tunnel the connection through an HTTP proxy. It allows explicit
+      # specification of the user and password, but if none are given it
+      # will look in the HTTP_PROXY_USER/HTTP_PROXY_PASSWORD and
+      # CONNECT_USER/CONNECT_PASSWORD environment variables as well.
+      class HTTP
+
+        # Create a new socket factory that tunnels via the given host and
+        # port.
+        def initialize( proxy_host, proxy_port=80, options={} )
+          @proxy_host = proxy_host
+          @proxy_port = proxy_port
+          @options = options
+        end
+
+        # Return a new socket connected to the given host and port via the
+        # proxy that was requested when the socket factory was instantiated.
+        def open( host, port )
+          connect_string = "CONNECT #{host}:#{port} HTTP/1.0"
+
+          socket = TCPSocket.new( @proxy_host, @proxy_port )
+          socket.puts connect_string
+          socket.puts
+
+          resp = parse_response( socket )
+
+          return socket if resp[:code] == 200
+
+          socket.shutdown
+          raise ConnectError, resp.inspect unless resp[:code] == 407
+
+          user = proxy_user
+          passwd = proxy_password
+
+          raise UnauthorizedError, "no proxy user given" unless user
+
+          auth = resp[:headers]["Proxy-Authenticate"]
+          scheme, parms = auth.split( / /, 2 )
+
+          case scheme
+            when "Basic"
+              credentials =
+                Base64.encode64( "#{user}:#{passwd}" ).gsub( /\n/, "" )
+            else
+              raise NotImplementedError,
+                "authorization scheme #{scheme.inspect} is not supported"
+          end
+
+          socket = TCPSocket.new( @proxy_host, @proxy_port )
+          socket.puts connect_string
+          socket.puts "Proxy-Authorization: #{scheme} #{credentials}"
+          socket.puts
+
+          resp = parse_response( socket )
+
+          raise ConnectError, resp.inspect if resp[:code] != 200
+
+          return socket
+        end
+
+        def parse_response( socket )
+          version, code, reason = socket.gets.chomp.split( / /, 3 )
+          headers = {}
+
+          while ( line = socket.gets.chomp ) != ""
+            name, value = line.split( /:/, 2 ).map { |v| v.strip }
+            headers[ name ] = value
+          end
+
+          if headers[ "Content-Length" ]
+            body = socket.read( headers[ "Content-Length" ].to_i )
+          end
+
+          return { :version => version,
+                   :code => code.to_i,
+                   :reason => reason,
+                   :headers => headers,
+                   :body => body }
+        end
+        private :parse_response
+
+        def proxy_user
+          return @options[ :user ] if @options[ :user ]
+          return ENV['HTTP_PROXY_USER'] if ENV['HTTP_PROXY_USER']
+          return ENV['CONNECT_USER'] if ENV['CONNECT_USER']
+          return nil
+        end
+        private :proxy_user
+
+        def proxy_password
+          return @options[ :password ] if @options[ :password ]
+          return ENV['HTTP_PROXY_PASSWORD'] if ENV['HTTP_PROXY_PASSWORD']
+          return ENV['CONNECT_PASSWORD'] if ENV['CONNECT_PASSWORD']
+          return ""
+        end
+        private :proxy_password
+
+      end
+
+    end
+  end
+end

data/lib/net/ssh/proxy/socks4.rb

@@ -0,0 +1,83 @@
+#--
+# =============================================================================
+# Copyright (c) 2004, Jamis Buck (jgb3@email.byu.edu)
+# All rights reserved.
+#
+# This source file is distributed as part of the Net::SSH Secure Shell Client
+# library for Ruby. This file (and the library as a whole) may be used only as
+# allowed by either the BSD license, or the Ruby license (or, by association
+# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
+# distribution for the texts of these licenses.
+# -----------------------------------------------------------------------------
+# net-ssh website : http://net-ssh.rubyforge.org
+# project website: http://rubyforge.org/projects/net-ssh
+# =============================================================================
+#++
+
+require 'socket'
+require 'resolv'
+require 'ipaddr'
+require 'net/ssh/proxy/errors'
+
+module Net
+  module SSH
+    module Proxy
+
+      # An implementation of a socket factory that returns a socket which
+      # will tunnel the connection through a SOCKS4 proxy. It allows explicit
+      # specification of the user, but if it is not given it will look in the
+      # SOCKS_USER and CONNECT_USER environment variables as well.
+      class SOCKS4
+
+        SOCKS_VERSION = 4
+
+        SOCKS_CMD_CONNECT    = 1
+
+        SOCKS_GRANTED        = 90
+        SOCKS_REJECTED       = 91
+        SOCKS_IDENTD_REJECT  = 92
+        SOCKS_IDENTD_BAD     = 93
+
+        # Create a new proxy connection to the given proxy host and port.
+        # Optionally, a @:user@ option may be given to identify the username
+        # with which to authenticate.
+        def initialize( proxy_host, proxy_port=1080, options={} )
+          @proxy_host = proxy_host
+          @proxy_port = proxy_port
+          @options = options
+        end
+
+        # Return a new socket connected to the given host and port via the
+        # proxy that was requested when the socket factory was instantiated.
+        def open( host, port )
+          sock = TCPSocket.new( @proxy_host, @proxy_port )
+
+          ip_addr = IPAddr.new( Resolv.getaddress( host ) )
+          
+          packet = [ SOCKS_VERSION, SOCKS_CMD_CONNECT,
+                     port.to_i, ip_addr.to_i,
+                     proxy_user, 0 ].pack( "CCnNA*C" )
+          sock.send packet, 0
+
+          version, status, port, ip = sock.recv( 8 ).unpack( "CCnN" )
+          if status != SOCKS_GRANTED
+            sock.close
+            raise ConnectError, "error connecting to proxy (#{status})"
+          end
+
+          return sock
+        end
+
+        def proxy_user
+          return @options[ :user ] if @options[ :user ]
+          return ENV['SOCKS_USER'] if ENV['SOCKS_USER']
+          return ENV['CONNECT_USER'] if ENV['CONNECT_USER']
+          return nil
+        end
+        private :proxy_user
+
+      end
+
+    end
+  end
+end

data/lib/net/ssh/proxy/socks5.rb

@@ -0,0 +1,160 @@
+#--
+# =============================================================================
+# Copyright (c) 2004, Jamis Buck (jgb3@email.byu.edu)
+# All rights reserved.
+#
+# This source file is distributed as part of the Net::SSH Secure Shell Client
+# library for Ruby. This file (and the library as a whole) may be used only as
+# allowed by either the BSD license, or the Ruby license (or, by association
+# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
+# distribution for the texts of these licenses.
+# -----------------------------------------------------------------------------
+# net-ssh website : http://net-ssh.rubyforge.org
+# project website: http://rubyforge.org/projects/net-ssh
+# =============================================================================
+#++
+
+require 'socket'
+require 'net/ssh/proxy/errors'
+
+module Net
+  module SSH
+    module Proxy
+
+      # An implementation of a socket factory that returns a socket which
+      # will tunnel the connection through a SOCKS5 proxy. It allows explicit
+      # specification of the user and password, but if none are given it
+      # will look in the SOCKS_USER/SOCKS_PASSWORD and
+      # CONNECT_USER/CONNECT_PASSWORD environment variables as well.
+      class SOCKS5
+
+        SOCKS_VERSION = 5
+
+        SOCKS_METHOD_NO_AUTH = 0
+        SOCKS_METHOD_GSSAPI  = 1
+        SOCKS_METHOD_PASSWD  = 2
+
+        SOCKS_METHOD_NONE    = 0xFF
+        
+        SOCKS_CMD_CONNECT    = 1
+
+        SOCKS_ATYP_IPV4      = 1
+        SOCKS_ATYP_DOMAIN    = 3
+        SOCKS_ATYP_IPV6      = 4
+
+        SOCKS_SUCCESS        = 0
+        SOCKS_FAILURE        = 1
+        SOCKS_NOT_ALLOWED    = 2
+        SOCKS_NETWORK_UNREACHABLE = 3
+        SOCKS_HOST_UNREACHABLE = 4
+        SOCKS_REFUSED        = 5
+        SOCKS_TTL_EXPIRED    = 6
+        SOCKS_CMD_NOT_SUPPORTED = 7
+        SOCKS_ADDR_NOT_SUPPORTED = 8
+
+        # Create a new proxy connection to the given proxy host and port.
+        # Optionally, @:user@ and @:password@ options may be given to
+        # identify the username and password with which to authenticate.
+        def initialize( proxy_host, proxy_port=1080, options={} )
+          @proxy_host = proxy_host
+          @proxy_port = proxy_port
+          @options = options
+        end
+
+        # Return a new socket connected to the given host and port via the
+        # proxy that was requested when the socket factory was instantiated.
+        def open( host, port )
+          sock = TCPSocket.new( @proxy_host, @proxy_port )
+
+          methods = [ SOCKS_METHOD_NO_AUTH ]
+          methods << SOCKS_METHOD_PASSWD if proxy_user
+
+          packet = [ SOCKS_VERSION, methods.size, *methods ].pack( "C*" )
+          sock.send packet, 0
+
+          version, method = sock.recv( 2 ).unpack( "CC" )
+          if version != 5
+            sock.close
+            raise Net::SSH::Proxy::Error,
+              "invalid SOCKS version (#{version})"
+          end
+
+          if method == SOCKS_METHOD_NONE
+            sock.close
+            raise Net::SSH::Proxy::Error,
+              "no supported authorization methods"
+          end
+
+          case method
+            when SOCKS_METHOD_NO_AUTH
+              # no method-dependent subnegotiation required
+
+            when SOCKS_METHOD_PASSWD
+              negotiate_password( sock )
+          end
+
+          packet = [ SOCKS_VERSION, SOCKS_CMD_CONNECT, 0 ].pack( "C*" )
+
+          if host =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/
+            packet << [ SOCKS_ATYP_IPV4, $1.to_i, $2.to_i,
+                        $3.to_i, $4.to_i ].pack( "C*" )
+          else
+            packet << [ SOCKS_ATYP_DOMAIN, host.length, host ].pack( "CCA*" )
+          end
+
+          packet << [ port ].pack( "n" )
+          sock.send packet, 0
+
+          version, reply, = sock.recv( 4 ).unpack( "C*" )
+          len = sock.recv( 1 )[0]
+          sock.recv( len + 2 )
+
+          unless reply == SOCKS_SUCCESS
+            sock.close
+            raise ConnectError, "#{reply}"
+          end
+
+          return sock
+        end
+
+        # Simple username/password negotiation with the SOCKS5 server.
+        def negotiate_password( socket )
+          user = proxy_user
+          passwd = proxy_password
+
+          packet = [ SOCKS_VERSION,
+                     user.length, user,
+                     passwd.length, passwd ].pack( "CCA*CA*" )
+
+          socket.send packet, 0
+
+          version, status = socket.recv( 2 ).unpack( "CC" )
+
+          if status != SOCKS_SUCCESS
+            socket.close
+            raise UnauthorizedError, "could not authorize user"
+          end
+        end
+        private :negotiate_password
+
+        def proxy_user
+          return @options[ :user ] if @options[ :user ]
+          return ENV['SOCKS_USER'] if ENV['SOCKS_USER']
+          return ENV['CONNECT_USER'] if ENV['CONNECT_USER']
+          return nil
+        end
+        private :proxy_user
+
+        def proxy_password
+          return @options[ :password ] if @options[ :password ]
+          return ENV['SOCKS_PASSWORD'] if ENV['SOCKS_PASSWORD']
+          return ENV['CONNECT_PASSWORD'] if ENV['CONNECT_PASSWORD']
+          return ""
+        end
+        private :proxy_password
+
+      end
+
+    end
+  end
+end