net-ssh 1.1.4 → 2.0.0

data/lib/net/ssh/test/packet.rb

@@ -0,0 +1,81 @@
+require 'net/ssh/connection/constants'
+require 'net/ssh/transport/constants'
+
+module Net; module SSH; module Test
+
+  # This is an abstract class, not to be instantiated directly, subclassed by
+  # Net::SSH::Test::LocalPacket and Net::SSH::Test::RemotePacket. It implements
+  # functionality common to those subclasses.
+  #
+  # These packets are not true packets, in that they don't represent what was
+  # actually sent between the hosst; rather, they represent what was expected
+  # to be sent, as dictated by the script (Net::SSH::Test::Script). Thus,
+  # though they are defined with data elements, these data elements are used
+  # to either validate data that was sent by the local host (Net::SSH::Test::LocalPacket)
+  # or to mimic the sending of data by the remote host (Net::SSH::Test::RemotePacket).
+  class Packet
+    include Net::SSH::Transport::Constants
+    include Net::SSH::Connection::Constants
+
+    # Ceate a new packet of the given +type+, and with +args+ being a list of
+    # data elements in the order expected for packets of the given +type+
+    # (see #types).
+    def initialize(type, *args)
+      @type = self.class.const_get(type.to_s.upcase)
+      @data = args
+    end
+
+    # The default for +remote?+ is false. Subclasses should override as necessary.
+    def remote?
+      false
+    end
+
+    # The default for +local?+ is false. Subclasses should override as necessary.
+    def local?
+      false
+    end
+
+    # Instantiates the packets data elements. When the packet was first defined,
+    # some elements may not have been fully realized, and were described as
+    # Proc objects rather than atomic types. This invokes those Proc objects
+    # and replaces them with their returned values. This allows for values 
+    # like Net::SSH::Test::Channel#remote_id to be used in scripts before
+    # the remote_id is known (since it is only known after a channel has been
+    # confirmed open).
+    def instantiate!
+      @data.map! { |i| i.respond_to?(:call) ? i.call : i }
+    end
+
+    # Returns an array of symbols describing the data elements for packets of
+    # the same type as this packet. These types are used to either validate
+    # sent packets (Net::SSH::Test::LocalPacket) or build received packets
+    # (Net::SSH::Test::RemotePacket).
+    #
+    # Not all packet types are defined here. As new packet types are required
+    # (e.g., a unit test needs to test that the remote host sent a packet that
+    # is not implemented here), the description of that packet should be
+    # added. Unsupported packet types will otherwise raise an exception.
+    def types
+      @types ||= case @type
+        when KEXINIT then 
+          [:long, :long, :long, :long,
+           :string, :string, :string, :string, :string, :string, :string, :string, :string, :string,
+           :bool]
+        when NEWKEYS then []
+        when CHANNEL_OPEN then [:string, :long, :long, :long]
+        when CHANNEL_OPEN_CONFIRMATION then [:long, :long, :long, :long]
+        when CHANNEL_DATA then [:long, :string]
+        when CHANNEL_EOF, CHANNEL_CLOSE, CHANNEL_SUCCESS, CHANNEL_FAILURE then [:long]
+        when CHANNEL_REQUEST
+          parts = [:long, :string, :bool]
+          case @data[1]
+          when "exec", "subsystem" then parts << :string
+          when "exit-status" then parts << :long
+          else raise "don't know what to do about #{@data[1]} channel request"
+          end
+        else raise "don't know how to parse packet type #{@type}"
+        end
+    end
+  end
+
+end; end; end

data/lib/net/ssh/test/remote_packet.rb

@@ -0,0 +1,38 @@
+require 'net/ssh/buffer'
+require 'net/ssh/test/packet'
+
+module Net; module SSH; module Test
+
+  # This is a specialization of Net::SSH::Test::Packet for representing mock
+  # packets that are received by the local (client) host. These are created
+  # automatically by Net::SSH::Test::Script and Net::SSH::Test::Channel by any
+  # of the gets_* methods.
+  class RemotePacket < Packet
+    # Returns +true+; this is a remote packet.
+    def remote?
+      true
+    end
+
+    # The #process method should only be called on Net::SSH::Test::LocalPacket
+    # packets; if it is attempted on a remote packet, then it is an expectation
+    # mismatch (a remote packet was received when a local packet was expected
+    # to be sent). This will happen when either your test script
+    # (Net::SSH::Test::Script) or your program are wrong.
+    def process(packet)
+      raise "received packet type #{packet.read_byte} and was not expecting any packet"
+    end
+
+    # Returns this remote packet as a string, suitable for parsing by 
+    # Net::SSH::Transport::PacketStream and friends. When a remote packet is
+    # received, this method is called and the result concatenated onto the
+    # input buffer for the packet stream.
+    def to_s
+      @to_s ||= begin
+        instantiate!
+        string = Net::SSH::Buffer.from(:byte, @type, *types.zip(@data).flatten).to_s
+        [string.length, string].pack("NA*")
+      end
+    end
+  end
+
+end; end; end

data/lib/net/ssh/test/script.rb

@@ -0,0 +1,157 @@
+require 'net/ssh/test/channel'
+require 'net/ssh/test/local_packet'
+require 'net/ssh/test/remote_packet'
+
+module Net; module SSH; module Test
+
+  # Represents a sequence of scripted events that identify the behavior that
+  # a test expects. Methods named "sends_*" create events for packets being
+  # sent from the local to the remote host, and methods named "gets_*" create
+  # events for packets being received by the local from the remote host.
+  #
+  # A reference to a script. is generally obtained in a unit test via the
+  # Net::SSH::Test#story helper method:
+  #
+  #   story do |script|
+  #     channel = script.opens_channel
+  #     ...
+  #   end
+  class Script
+    # The list of scripted events. These will be Net::SSH::Test::LocalPacket
+    # and Net::SSH::Test::RemotePacket instances.
+    attr_reader :events
+
+    # Create a new, empty script.
+    def initialize
+      @events = []
+    end
+
+    # Scripts the opening of a channel by adding a local packet sending the
+    # channel open request, and if +confirm+ is true (the default), also
+    # adding a remote packet confirming the new channel.
+    #
+    # A new Net::SSH::Test::Channel instance is returned, which can be used
+    # to script additional channel operations.
+    def opens_channel(confirm=true)
+      channel = Channel.new(self)
+      channel.remote_id = 5555
+
+      events << LocalPacket.new(:channel_open) { |p| channel.local_id = p[:remote_id] }
+
+      if confirm
+        events << RemotePacket.new(:channel_open_confirmation, channel.local_id, channel.remote_id, 0x20000, 0x10000)
+      end
+
+      channel
+    end
+
+    # A convenience method for adding an arbitrary local packet to the events
+    # list.
+    def sends(type, *args, &block)
+      events << LocalPacket.new(type, *args, &block)
+    end
+
+    # A convenience method for adding an arbitrary remote packet to the events
+    # list.
+    def gets(type, *args)
+      events << RemotePacket.new(type, *args)
+    end
+
+    # Scripts the sending of a new channel request packet to the remote host.
+    # +channel+ should be an instance of Net::SSH::Test::Channel. +request+
+    # is a string naming the request type to send, +reply+ is a boolean
+    # indicating whether a response to this packet is required , and +data+
+    # is any additional request-specific data that this packet should send.
+    # +success+ indicates whether the response (if one is required) should be
+    # success or failure.
+    #
+    # If a reply is desired, a remote packet will also be queued, :channel_success
+    # if +success+ is true, or :channel_failure if +success+ is false.
+    #
+    # This will typically be called via Net::SSH::Test::Channel#sends_exec or
+    # Net::SSH::Test::Channel#sends_subsystem.
+    def sends_channel_request(channel, request, reply, data, success=true)
+      events << LocalPacket.new(:channel_request, channel.remote_id, request, reply, data)
+      if reply
+        if success
+          events << RemotePacket.new(:channel_success, channel.local_id)
+        else
+          events << RemotePacket.new(:channel_failure, channel.local_id)
+        end
+      end
+    end
+
+    # Scripts the sending of a channel data packet. +channel+ must be a
+    # Net::SSH::Test::Channel object, and +data+ is the (string) data to
+    # expect will be sent.
+    #
+    # This will typically be called via Net::SSH::Test::Channel#sends_data.
+    def sends_channel_data(channel, data)
+      events << LocalPacket.new(:channel_data, channel.remote_id, data)
+    end
+
+    # Scripts the sending of a channel EOF packet from the given
+    # Net::SSH::Test::Channel +channel+. This will typically be called via
+    # Net::SSH::Test::Channel#sends_eof.
+    def sends_channel_eof(channel)
+      events << LocalPacket.new(:channel_eof, channel.remote_id)
+    end
+
+    # Scripts the sending of a channel close packet from the given
+    # Net::SSH::Test::Channel +channel+. This will typically be called via
+    # Net::SSH::Test::Channel#sends_close.
+    def sends_channel_close(channel)
+      events << LocalPacket.new(:channel_close, channel.remote_id)
+    end
+
+    # Scripts the reception of a channel data packet from the remote host by
+    # the given Net::SSH::Test::Channel +channel+. This will typically be
+    # called via Net::SSH::Test::Channel#gets_data.
+    def gets_channel_data(channel, data)
+      events << RemotePacket.new(:channel_data, channel.local_id, data)
+    end
+
+    # Scripts the reception of a channel request packet from the remote host by
+    # the given Net::SSH::Test::Channel +channel+. This will typically be
+    # called via Net::SSH::Test::Channel#gets_exit_status.
+    def gets_channel_request(channel, request, reply, data)
+      events << RemotePacket.new(:channel_request, channel.local_id, request, reply, data)
+    end
+
+    # Scripts the reception of a channel EOF packet from the remote host by
+    # the given Net::SSH::Test::Channel +channel+. This will typically be
+    # called via Net::SSH::Test::Channel#gets_eof.
+    def gets_channel_eof(channel)
+      events << RemotePacket.new(:channel_eof, channel.local_id)
+    end
+
+    # Scripts the reception of a channel close packet from the remote host by
+    # the given Net::SSH::Test::Channel +channel+. This will typically be
+    # called via Net::SSH::Test::Channel#gets_close.
+    def gets_channel_close(channel)
+      events << RemotePacket.new(:channel_close, channel.local_id)
+    end
+
+    # By default, removes the next event in the list and returns it. However,
+    # this can also be used to non-destructively peek at the next event in the
+    # list, by passing :first as the argument.
+    #
+    #   # remove the next event and return it
+    #   event = script.next
+    #
+    #   # peek at the next event
+    #   event = script.next(:first)
+    def next(mode=:shift)
+      events.send(mode)
+    end
+
+    # Compare the given packet against the next event in the list. If there is
+    # no next event, an exception will be raised. This is called by
+    # Net::SSH::Test::Extensions::PacketStream#test_enqueue_packet.
+    def process(packet)
+      event = events.shift or raise "end of script reached, but got a packet type #{packet.read_byte}"
+      event.process(packet)
+    end
+  end
+
+end; end; end

data/lib/net/ssh/test/socket.rb

@@ -0,0 +1,59 @@
+require 'socket'
+require 'stringio'
+require 'net/ssh/test/extensions'
+require 'net/ssh/test/script'
+
+module Net; module SSH; module Test
+
+  # A mock socket implementation for use in testing. It implements the minimum
+  # necessary interface for interacting with the rest of the Net::SSH::Test
+  # system.
+  class Socket < StringIO
+    attr_reader :host, :port
+
+    # The Net::SSH::Test::Script object in use by this socket. This is the
+    # canonical script instance that should be used for any test depending on
+    # this socket instance.
+    attr_reader :script
+
+    # Create a new test socket. This will also instantiate a new Net::SSH::Test::Script
+    # and seed it with the necessary events to power the initialization of the
+    # connection.
+    def initialize
+      extend(Net::SSH::Transport::PacketStream)
+      super "SSH-2.0-Test\r\n"
+
+      @script = Script.new
+
+      script.gets(:kexinit, 1, 2, 3, 4, "test", "ssh-rsa", "none", "none", "none", "none", "none", "none", "", "", false)
+      script.sends(:kexinit)
+      script.sends(:newkeys)
+      script.gets(:newkeys)
+    end
+
+    # This doesn't actually do anything, since we don't really care what gets
+    # written.
+    def write(data)
+      # black hole, because we don't actually care about what gets written
+    end
+
+    # Allows the socket to also mimic a socket factory, simply returning
+    # +self+.
+    def open(host, port)
+      @host, @port = host, port
+      self
+    end
+
+    # Returns a sockaddr struct for the port and host that were used when the
+    # socket was instantiated.
+    def getpeername
+      ::Socket.sockaddr_in(port, host)
+    end
+
+    # Alias to #read, but never returns nil (returns an empty string instead).
+    def recv(n)
+      read(n) || ""
+    end
+  end
+
+end; end; end

data/lib/net/ssh/transport/algorithms.rb

@@ -0,0 +1,384 @@
+require 'net/ssh/buffer'
+require 'net/ssh/known_hosts'
+require 'net/ssh/loggable'
+require 'net/ssh/transport/cipher_factory'
+require 'net/ssh/transport/constants'
+require 'net/ssh/transport/hmac'
+require 'net/ssh/transport/kex'
+require 'net/ssh/transport/server_version'
+
+module Net; module SSH; module Transport
+
+  # Implements the higher-level logic behind an SSH key-exchange. It handles
+  # both the initial exchange, as well as subsequent re-exchanges (as needed).
+  # It also encapsulates the negotiation of the algorithms, and provides a
+  # single point of access to the negotiated algorithms.
+  #
+  # You will never instantiate or reference this directly. It is used
+  # internally by the transport layer.
+  class Algorithms
+    include Constants, Loggable
+
+    # Define the default algorithms, in order of preference, supported by
+    # Net::SSH.
+    ALGORITHMS = {
+      :host_key    => %w(ssh-rsa ssh-dss),
+      :kex         => %w(diffie-hellman-group-exchange-sha1
+                         diffie-hellman-group1-sha1),
+      :encryption  => %w(aes128-cbc 3des-cbc blowfish-cbc cast128-cbc
+                         aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se
+                         idea-cbc none),
+      :hmac        => %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 none),
+      :compression => %w(none zlib@openssh.com zlib),
+      :language    => %w() 
+    }
+
+    # The underlying transport layer session that supports this object
+    attr_reader :session
+
+    # The hash of options used to initialize this object
+    attr_reader :options
+
+    # The kex algorithm to use settled on between the client and server.
+    attr_reader :kex
+
+    # The type of host key that will be used for this session.
+    attr_reader :host_key
+
+    # The type of the cipher to use to encrypt packets sent from the client to
+    # the server.
+    attr_reader :encryption_client
+
+    # The type of the cipher to use to decrypt packets arriving from the server.
+    attr_reader :encryption_server
+
+    # The type of HMAC to use to sign packets sent by the client.
+    attr_reader :hmac_client
+
+    # The type of HMAC to use to validate packets arriving from the server.
+    attr_reader :hmac_server
+
+    # The type of compression to use to compress packets being sent by the client.
+    attr_reader :compression_client
+
+    # The type of compression to use to decompress packets arriving from the server.
+    attr_reader :compression_server
+
+    # The language that will be used in messages sent by the client.
+    attr_reader :language_client
+
+    # The language that will be used in messages sent from the server.
+    attr_reader :language_server
+
+    # The hash of algorithms preferred by the client, which will be told to
+    # the server during algorithm negotiation.
+    attr_reader :algorithms
+
+    # The session-id for this session, as decided during the initial key exchange.
+    attr_reader :session_id
+
+    # Returns true if the given packet can be processed during a key-exchange.
+    def self.allowed_packet?(packet)
+      ( 1.. 4).include?(packet.type) ||
+      ( 6..19).include?(packet.type) ||
+      (21..49).include?(packet.type)
+    end
+
+    # Instantiates a new Algorithms object, and prepares the hash of preferred
+    # algorithms based on the options parameter and the ALGORITHMS constant.
+    def initialize(session, options={})
+      @session = session
+      @logger = session.logger
+      @options = options
+      @algorithms = {}
+      @pending = @initialized = false
+      @client_packet = @server_packet = nil
+      prepare_preferred_algorithms!
+    end
+
+    # Request a rekey operation. This will return immediately, and does not
+    # actually perform the rekey operation. It does cause the session to change
+    # state, however--until the key exchange finishes, no new packets will be
+    # processed.
+    def rekey!
+      @client_packet = @server_packet = nil
+      @initialized = false
+      send_kexinit
+    end
+
+    # Called by the transport layer when a KEXINIT packet is recieved, indicating
+    # that the server wants to exchange keys. This can be spontaneous, or it
+    # can be in response to a client-initiated rekey request (see #rekey!). Either
+    # way, this will block until the key exchange completes.
+    def accept_kexinit(packet)
+      info { "got KEXINIT from server" }
+      @server_data = parse_server_algorithm_packet(packet)
+      @server_packet = @server_data[:raw]
+      if !pending?
+        send_kexinit
+      else
+        proceed!
+      end
+    end
+
+    # A convenience method for accessing the list of preferred types for a
+    # specific algorithm (see #algorithms).
+    def [](key)
+      algorithms[key]
+    end
+
+    # Returns +true+ if a key-exchange is pending. This will be true from the
+    # moment either the client or server requests the key exchange, until the
+    # exchange completes. While an exchange is pending, only a limited number
+    # of packets are allowed, so event processing essentially stops during this
+    # period.
+    def pending?
+      @pending
+    end
+
+    # Returns true if no exchange is pending, and otherwise returns true or
+    # false depending on whether the given packet is of a type that is allowed
+    # during a key exchange.
+    def allow?(packet)
+      !pending? || Algorithms.allowed_packet?(packet)
+    end
+
+    # Returns true if the algorithms have been negotiated at all.
+    def initialized?
+      @initialized
+    end
+
+    private
+
+      # Sends a KEXINIT packet to the server. If a server KEXINIT has already
+      # been received, this will then invoke #proceed! to proceed with the key
+      # exchange, otherwise it returns immediately (but sets the object to the
+      # pending state).
+      def send_kexinit
+        info { "sending KEXINIT" }
+        @pending = true
+        packet = build_client_algorithm_packet
+        @client_packet = packet.to_s
+        session.send_message(packet)
+        proceed! if @server_packet
+      end
+
+      # After both client and server have sent their KEXINIT packets, this
+      # will do the algorithm negotiation and key exchange. Once both finish,
+      # the object leaves the pending state and the method returns.
+      def proceed!
+        info { "negotiating algorithms" }
+        negotiate_algorithms
+        exchange_keys
+        @pending = false
+      end
+
+      # Prepares the list of preferred algorithms, based on the options hash
+      # that was given when the object was constructed, and the ALGORITHMS
+      # constant. Also, when determining the host_key type to use, the known
+      # hosts files are examined to see if the host has ever sent a host_key
+      # before, and if so, that key type is used as the preferred type for
+      # communicating with this server.
+      def prepare_preferred_algorithms!
+        options[:compression] = %w(zlib@openssh.com zlib) if options[:compression] == true
+
+        ALGORITHMS.each do |algorithm, list|
+          algorithms[algorithm] = list.dup
+
+          # apply the preferred algorithm order, if any
+          if options[algorithm]
+            algorithms[algorithm] = Array(options[algorithm]).compact.uniq
+            invalid = algorithms[algorithm].detect { |name| !ALGORITHMS[algorithm].include?(name) }
+            raise NotImplementedError, "unsupported #{algorithm} algorithm: `#{invalid}'" if invalid
+
+            # make sure all of our supported algorithms are tacked onto the
+            # end, so that if the user tries to give a list of which none are
+            # supported, we can still proceed.
+            list.each { |name| algorithms[algorithm] << name unless algorithms[algorithm].include?(name) }
+          end
+        end
+
+        # for convention, make sure our list has the same keys as the server
+        # list
+
+        algorithms[:encryption_client ] = algorithms[:encryption_server ] = algorithms[:encryption]
+        algorithms[:hmac_client       ] = algorithms[:hmac_server       ] = algorithms[:hmac]
+        algorithms[:compression_client] = algorithms[:compression_server] = algorithms[:compression]
+        algorithms[:language_client   ] = algorithms[:language_server   ] = algorithms[:language]
+
+        if !options.key?(:host_key)
+          # make sure the host keys are specified in preference order, where any
+          # existing known key for the host has preference.
+
+          existing_keys = KnownHosts.search_for(options[:host_key_alias] || session.host_as_string, options)
+          host_keys = existing_keys.map { |key| key.ssh_type }.uniq
+          algorithms[:host_key].each do |name|
+            host_keys << name unless host_keys.include?(name)
+          end
+          algorithms[:host_key] = host_keys
+        end
+      end
+
+      # Parses a KEXINIT packet from the server.
+      def parse_server_algorithm_packet(packet)
+        data = { :raw => packet.content }
+
+        packet.read(16) # skip the cookie value
+
+        data[:kex]                = packet.read_string.split(/,/)
+        data[:host_key]           = packet.read_string.split(/,/)
+        data[:encryption_client]  = packet.read_string.split(/,/)
+        data[:encryption_server]  = packet.read_string.split(/,/)
+        data[:hmac_client]        = packet.read_string.split(/,/)
+        data[:hmac_server]        = packet.read_string.split(/,/)
+        data[:compression_client] = packet.read_string.split(/,/)
+        data[:compression_server] = packet.read_string.split(/,/)
+        data[:language_client]    = packet.read_string.split(/,/)
+        data[:language_server]    = packet.read_string.split(/,/)
+
+        # TODO: if first_kex_packet_follows, we need to try to skip the
+        # actual kexinit stuff and try to guess what the server is doing...
+        # need to read more about this scenario.
+        first_kex_packet_follows = packet.read_bool
+
+        return data
+      end
+
+      # Given the #algorithms map of preferred algorithm types, this constructs
+      # a KEXINIT packet to send to the server. It does not actually send it,
+      # it simply builds the packet and returns it.
+      def build_client_algorithm_packet
+        kex         = algorithms[:kex        ].join(",")
+        host_key    = algorithms[:host_key   ].join(",")
+        encryption  = algorithms[:encryption ].join(",")
+        hmac        = algorithms[:hmac       ].join(",")
+        compression = algorithms[:compression].join(",")
+        language    = algorithms[:language   ].join(",")
+
+        Net::SSH::Buffer.from(:byte, KEXINIT,
+          :long, [rand(0xFFFFFFFF), rand(0xFFFFFFFF), rand(0xFFFFFFFF), rand(0xFFFFFFFF)],
+          :string, [kex, host_key, encryption, encryption, hmac, hmac],
+          :string, [compression, compression, language, language],
+          :bool, false, :long, 0)
+      end
+
+      # Given the parsed server KEX packet, and the client's preferred algorithm
+      # lists in #algorithms, determine which preferred algorithms each has
+      # in common and set those as the selected algorithms. If, for any algorithm,
+      # no type can be settled on, an exception is raised.
+      def negotiate_algorithms
+        @kex                = negotiate(:kex)
+        @host_key           = negotiate(:host_key)
+        @encryption_client  = negotiate(:encryption_client)
+        @encryption_server  = negotiate(:encryption_server)
+        @hmac_client        = negotiate(:hmac_client)
+        @hmac_server        = negotiate(:hmac_server)
+        @compression_client = negotiate(:compression_client)
+        @compression_server = negotiate(:compression_server)
+        @language_client    = negotiate(:language_client) rescue ""
+        @language_server    = negotiate(:language_server) rescue ""
+
+        debug do
+          "negotiated:\n" +
+            [:kex, :host_key, :encryption_server, :encryption_client, :hmac_client, :hmac_server, :compression_client, :compression_server, :language_client, :language_server].map do |key|
+              "* #{key}: #{instance_variable_get("@#{key}")}"
+            end.join("\n")
+        end
+      end
+
+      # Negotiates a single algorithm based on the preferences reported by the
+      # server and those set by the client. This is called by
+      # #negotiate_algorithms.
+      def negotiate(algorithm)
+        match = self[algorithm].find { |item| @server_data[algorithm].include?(item) }
+
+        if match.nil?
+          raise Net::SSH::Exception, "could not settle on #{algorithm} algorithm"
+        end
+
+        return match
+      end
+
+      # Considers the sizes of the keys and block-sizes for the selected ciphers,
+      # and the lengths of the hmacs, and returns the largest as the byte requirement
+      # for the key-exchange algorithm.
+      def kex_byte_requirement
+        sizes = [8] # require at least 8 bytes
+
+        sizes.concat(CipherFactory.get_lengths(encryption_client))
+        sizes.concat(CipherFactory.get_lengths(encryption_server))
+
+        sizes << HMAC.key_length(hmac_client)
+        sizes << HMAC.key_length(hmac_server)
+
+        sizes.max
+      end
+
+      # Instantiates one of the Transport::Kex classes (based on the negotiated
+      # kex algorithm), and uses it to exchange keys. Then, the ciphers and
+      # HMACs are initialized and fed to the transport layer, to be used in
+      # further communication with the server.
+      def exchange_keys
+        debug { "exchanging keys" }
+
+        algorithm = Kex::MAP[kex].new(self, session,
+          :client_version_string => Net::SSH::Transport::ServerVersion::PROTO_VERSION,
+          :server_version_string => session.server_version.version,
+          :server_algorithm_packet => @server_packet,
+          :client_algorithm_packet => @client_packet,
+          :need_bytes => kex_byte_requirement,
+          :logger => logger)
+        result = algorithm.exchange_keys
+
+        secret   = result[:shared_secret].to_ssh
+        hash     = result[:session_id]
+        digester = result[:hashing_algorithm]
+
+        @session_id ||= hash
+
+        key = Proc.new { |salt| digester.digest(secret + hash + salt + @session_id) }
+        
+        iv_client = key["A"]
+        iv_server = key["B"]
+        key_client = key["C"]
+        key_server = key["D"]
+        mac_key_client = key["E"]
+        mac_key_server = key["F"]
+
+        parameters = { :iv => iv_client, :key => key_client, :shared => secret,
+          :hash => hash, :digester => digester }
+        
+        cipher_client = CipherFactory.get(encryption_client, parameters.merge(:encrypt => true))
+        cipher_server = CipherFactory.get(encryption_server, parameters.merge(:iv => iv_server, :key => key_server, :decrypt => true))
+
+        mac_client = HMAC.get(hmac_client, mac_key_client)
+        mac_server = HMAC.get(hmac_server, mac_key_server)
+
+        session.configure_client :cipher => cipher_client, :hmac => mac_client,
+          :compression => normalize_compression_name(compression_client),
+          :compression_level => options[:compression_level],
+          :rekey_limit => options[:rekey_limit],
+          :max_packets => options[:rekey_packet_limit],
+          :max_blocks => options[:rekey_blocks_limit]
+
+        session.configure_server :cipher => cipher_server, :hmac => mac_server,
+          :compression => normalize_compression_name(compression_server),
+          :rekey_limit => options[:rekey_limit],
+          :max_packets => options[:rekey_packet_limit],
+          :max_blocks  => options[:rekey_blocks_limit]
+
+        @initialized = true
+      end
+
+      # Given the SSH name for some compression algorithm, return a normalized
+      # name as a symbol.
+      def normalize_compression_name(name)
+        case name
+        when "none"             then false
+        when "zlib"             then :standard
+        when "zlib@openssh.com" then :delayed
+        else raise ArgumentError, "unknown compression type `#{name}'"
+        end
+      end
+  end
+end; end; end