net-ssh 1.1.4 → 2.0.0

data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb

@@ -0,0 +1,77 @@
+require 'net/ssh/errors'
+require 'net/ssh/transport/constants'
+require 'net/ssh/transport/kex/diffie_hellman_group1_sha1'
+
+module Net::SSH::Transport::Kex
+
+  # A key-exchange service implementing the
+  # "diffie-hellman-group-exchange-sha1" key-exchange algorithm.
+  class DiffieHellmanGroupExchangeSHA1 < DiffieHellmanGroup1SHA1
+    MINIMUM_BITS      = 1024
+    MAXIMUM_BITS      = 8192
+
+    KEXDH_GEX_GROUP   = 31
+    KEXDH_GEX_INIT    = 32
+    KEXDH_GEX_REPLY   = 33
+    KEXDH_GEX_REQUEST = 34
+
+    private
+
+      # Compute the number of bits needed for the given number of bytes.
+      def compute_need_bits
+        need_bits = data[:need_bytes] * 8
+        if need_bits < MINIMUM_BITS
+          need_bits = MINIMUM_BITS
+        elsif need_bits > MAXIMUM_BITS
+          need_bits = MAXIMUM_BITS
+        end
+
+        data[:need_bits ] = need_bits
+        data[:need_bytes] = need_bits / 8
+      end
+
+      # Returns the DH key parameters for the given session.
+      def get_parameters
+        compute_need_bits
+
+        # request the DH key parameters for the given number of bits.
+        buffer = Net::SSH::Buffer.from(:byte, KEXDH_GEX_REQUEST, :long, MINIMUM_BITS,
+          :long, data[:need_bits], :long, MAXIMUM_BITS)
+        connection.send_message(buffer)
+
+        buffer = connection.next_message
+        unless buffer.type == KEXDH_GEX_GROUP
+          raise Net::SSH::Exception, "expected KEXDH_GEX_GROUP, got #{buffer.type}"
+        end
+
+        p = buffer.read_bignum
+        g = buffer.read_bignum
+
+        [p, g]
+      end
+
+      # Returns the INIT/REPLY constants used by this algorithm.
+      def get_message_types
+        [KEXDH_GEX_INIT, KEXDH_GEX_REPLY]
+      end
+
+      # Build the signature buffer to use when verifying a signature from
+      # the server.
+      def build_signature_buffer(result)
+        response = Net::SSH::Buffer.new
+        response.write_string data[:client_version_string],
+                              data[:server_version_string],
+                              data[:client_algorithm_packet],
+                              data[:server_algorithm_packet],
+                              result[:key_blob]
+        response.write_long MINIMUM_BITS,
+                            data[:need_bits],
+                            MAXIMUM_BITS
+        response.write_bignum dh.p, dh.g, dh.pub_key,
+                              result[:server_dh_pubkey],
+                              result[:shared_secret]
+        response
+      end
+  end
+
+end

data/lib/net/ssh/{util → transport}/openssl.rb

@@ -1,22 +1,5 @@
-#--
-# =============================================================================
-# Copyright (c) 2004,2005 Jamis Buck (jamis@37signals.com)
-# All rights reserved.
-#
-# This source file is distributed as part of the Net::SSH Secure Shell Client
-# library for Ruby. This file (and the library as a whole) may be used only as
-# allowed by either the BSD license, or the Ruby license (or, by association
-# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
-# distribution for the texts of these licenses.
-# -----------------------------------------------------------------------------
-# net-ssh website : http://net-ssh.rubyforge.org
-# project website: http://rubyforge.org/projects/net-ssh
-# =============================================================================
-#++
-
-require 'base64'
 require 'openssl'
-require 'net/ssh/util/buffer'
+require 'net/ssh/buffer'
 
 module OpenSSL
 
@@ -29,13 +12,13 @@ module OpenSSL
     # required by the SSH2 protocol.
     def to_ssh
       if zero?
-        return [ 0 ].pack( "N" )
+        return [0].pack("N")
       else
-        buf = to_s( 2 )
+        buf = to_s(2)
         if buf[0][7] == 1
-          return [ buf.length+1, 0, buf ].pack( "NCA*" )
+          return [buf.length+1, 0, buf].pack("NCA*")
         else
-          return [ buf.length, buf ].pack( "NA*" )
+          return [buf.length, buf].pack("NA*")
         end
       end
     end
@@ -44,6 +27,12 @@ module OpenSSL
 
   module PKey
 
+    class PKey
+      def fingerprint
+        @fingerprint ||= OpenSSL::Digest::MD5.hexdigest(to_blob).scan(/../).join(":")
+      end
+    end
+
     # This class is originally defined in the OpenSSL module. As needed, methods
     # have been added to it by the Net::SSH module for convenience in dealing
     # with SSH functionality.
@@ -52,9 +41,9 @@ module OpenSSL
       # Determines whether the pub_key for this key is valid. (This algorithm
       # lifted more-or-less directly from OpenSSH, dh.c, dh_pub_is_valid.)
       def valid?
-        return false if pub_key < 0
+        return false if pub_key.nil? || pub_key < 0
         bits_set = 0
-        pub_key.num_bits.times { |i| bits_set += 1 if pub_key.bit_set? i }
+        pub_key.num_bits.times { |i| bits_set += 1 if pub_key.bit_set?(i) }
         return ( bits_set > 1 && pub_key < p )
       end
 
@@ -73,20 +62,17 @@ module OpenSSL
 
       # Converts the key to a blob, according to the SSH2 protocol.
       def to_blob
-        buffer = Net::SSH::Util::WriterBuffer.new
-        buffer.write_bignum( e )
-        buffer.write_bignum( n )
-        return buffer.to_s
+        @blob ||= Net::SSH::Buffer.from(:string, ssh_type, :bignum, e, :bignum, n).to_s
       end
 
       # Verifies the given signature matches the given data.
-      def ssh_do_verify( sig, data )
-        verify( OpenSSL::Digest::SHA1.new, sig, data )
+      def ssh_do_verify(sig, data)
+        verify(OpenSSL::Digest::SHA1.new, sig, data)
       end
 
       # Returns the signature for the given data.
-      def ssh_do_sign( data )
-        sign( OpenSSL::Digest::SHA1.new, data )
+      def ssh_do_sign(data)
+        sign(OpenSSL::Digest::SHA1.new, data)
       end
     end
 
@@ -103,16 +89,12 @@ module OpenSSL
 
       # Converts the key to a blob, according to the SSH2 protocol.
       def to_blob
-        buffer = Net::SSH::Util::WriterBuffer.new
-        buffer.write_bignum( p )
-        buffer.write_bignum( q )
-        buffer.write_bignum( g )
-        buffer.write_bignum( pub_key )
-        return buffer.to_s
+        @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
+          :bignum, p, :bignum, q, :bignum, g, :bignum, pub_key).to_s
       end
 
       # Verifies the given signature matches the given data.
-      def ssh_do_verify( sig, data )
+      def ssh_do_verify(sig, data)
         sig_r = sig[0,20].unpack("H*")[0].to_i(16)
         sig_s = sig[20,20].unpack("H*")[0].to_i(16)
         a1sig = OpenSSL::ASN1::Sequence([
@@ -123,7 +105,7 @@ module OpenSSL
       end
 
       # Signs the given data.
-      def ssh_do_sign( data )
+      def ssh_do_sign(data)
         sig = sign( OpenSSL::Digest::DSS1.new, data)
         a1sig = OpenSSL::ASN1.decode( sig )
 

data/lib/net/ssh/transport/packet_stream.rb

@@ -0,0 +1,230 @@
+require 'net/ssh/buffered_io'
+require 'net/ssh/errors'
+require 'net/ssh/packet'
+require 'net/ssh/transport/cipher_factory'
+require 'net/ssh/transport/hmac'
+require 'net/ssh/transport/state'
+
+module Net; module SSH; module Transport
+
+  # A module that builds additional functionality onto the Net::SSH::BufferedIo
+  # module. It adds SSH encryption, compression, and packet validation, as
+  # per the SSH2 protocol. It also adds an abstraction for polling packets,
+  # to allow for both blocking and non-blocking reads.
+  module PacketStream
+    include BufferedIo
+
+    def self.extended(object)
+      object.__send__(:initialize_ssh)
+    end
+
+    # The map of "hints" that can be used to modify the behavior of the packet
+    # stream. For instance, when authentication succeeds, an "authenticated"
+    # hint is set, which is used to determine whether or not to compress the
+    # data when using the "delayed" compression algorithm.
+    attr_reader :hints
+
+    # The server state object, which encapsulates the algorithms used to interpret
+    # packets coming from the server.
+    attr_reader :server
+
+    # The client state object, which encapsulates the algorithms used to build
+    # packets to send to the server.
+    attr_reader :client
+
+    # The name of the client (local) end of the socket, as reported by the
+    # socket.
+    def client_name
+      @client_name ||= begin
+        sockaddr = getsockname
+        begin
+          Socket.getnameinfo(sockaddr, Socket::NI_NAMEREQD).first
+        rescue
+          begin
+            Socket.getnameinfo(sockaddr).first
+          rescue
+            begin
+              Socket.gethostbyname(Socket.gethostname).first
+            rescue
+              lwarn { "the client ipaddr/name could not be determined" }
+              "unknown"
+            end
+          end
+        end
+      end
+    end
+
+    # The IP address of the peer (remote) end of the socket, as reported by
+    # the socket.
+    def peer_ip
+      @peer_ip ||= begin
+        addr = getpeername
+        Socket.getnameinfo(addr, Socket::NI_NUMERICHOST | Socket::NI_NUMERICSERV).first
+      end
+    end
+
+    # Returns true if the IO is available for reading, and false otherwise.
+    def available_for_read?
+      result = IO.select([self], nil, nil, 0)
+      result && result.first.any?
+    end
+
+    # Returns the next full packet. If the mode parameter is :nonblock (the
+    # default), then this will return immediately, whether a packet is
+    # available or not, and will return nil if there is no packet ready to be
+    # returned. If the mode parameter is :block, then this method will block
+    # until a packet is available.
+    def next_packet(mode=:nonblock)
+      case mode
+      when :nonblock then
+        fill if available_for_read?
+        poll_next_packet
+
+      when :block then
+        loop do
+          packet = poll_next_packet
+          return packet if packet
+
+          loop do
+            result = IO.select([self]) or next
+            break if result.first.any?
+          end
+
+          if fill <= 0
+            raise Net::SSH::Disconnect, "connection closed by remote host"
+          end
+        end
+
+      else
+        raise ArgumentError, "expected :block or :nonblock, got #{mode.inspect}"
+      end
+    end
+
+    # Enqueues a packet to be sent, and blocks until the entire packet is
+    # sent.
+    def send_packet(payload)
+      enqueue_packet(payload)
+      wait_for_pending_sends
+    end
+
+    # Enqueues a packet to be sent, but does not immediately send the packet.
+    # The given payload is pre-processed according to the algorithms specified
+    # in the client state (compression, cipher, and hmac).
+    def enqueue_packet(payload)
+      # try to compress the packet
+      payload = client.compress(payload)
+
+      # the length of the packet, minus the padding
+      actual_length = 4 + payload.length + 1
+
+      # compute the padding length
+      padding_length = client.cipher.block_size - (actual_length % client.cipher.block_size)
+      padding_length += client.cipher.block_size if padding_length < 4
+
+      # compute the packet length (sans the length field itself)
+      packet_length = payload.length + padding_length + 1
+
+      if packet_length < 16
+        padding_length += client.cipher.block_size
+        packet_length = payload.length + padding_length + 1
+      end
+
+      padding = Array.new(padding_length) { rand(256) }.pack("C*")
+
+      unencrypted_data = [packet_length, padding_length, payload, padding].pack("NCA*A*")
+      mac = client.hmac.digest([client.sequence_number, unencrypted_data].pack("NA*"))
+
+      encrypted_data = client.cipher.update(unencrypted_data) << client.cipher.final
+      message = encrypted_data + mac
+
+      debug { "queueing packet nr #{client.sequence_number} type #{payload[0]} len #{packet_length}" }
+      enqueue(message)
+
+      client.increment(packet_length)
+
+      self
+    end
+
+    # Performs any pending cleanup necessary on the IO and its associated
+    # state objects. (See State#cleanup).
+    def cleanup
+      client.cleanup
+      server.cleanup
+    end
+
+    # If the IO object requires a rekey operation (as indicated by either its
+    # client or server state objects, see State#needs_rekey?), this will
+    # yield. Otherwise, this does nothing.
+    def if_needs_rekey?
+      if client.needs_rekey? || server.needs_rekey?
+        yield
+        client.reset! if client.needs_rekey?
+        server.reset! if server.needs_rekey?
+      end
+    end
+
+    protected
+
+      # Called when this module is used to extend an object. It initializes
+      # the states and generally prepares the object for use as a packet stream.
+      def initialize_ssh
+        @hints  = {}
+        @server = State.new(self)
+        @client = State.new(self)
+        @packet = nil
+        initialize_buffered_io
+      end
+
+      # Tries to read the next packet. If there is insufficient data to read
+      # an entire packet, this returns immediately, otherwise the packet is
+      # read, post-processed according to the cipher, hmac, and compression
+      # algorithms specified in the server state object, and returned as a
+      # new Packet object.
+      def poll_next_packet
+        if @packet.nil?
+          minimum = server.cipher.block_size < 4 ? 4 : server.cipher.block_size
+          return nil if available < minimum
+          data = read_available(minimum)
+
+          # decipher it
+          @packet = Net::SSH::Buffer.new(server.cipher.update(data))
+          @packet_length = @packet.read_long
+        end
+
+        need = @packet_length + 4 - server.cipher.block_size
+        raise Net::SSH::Exception, "padding error, need #{need} block #{server.cipher.block_size}" if need % server.cipher.block_size != 0
+
+        return nil if available < need + server.hmac.mac_length
+
+        if need > 0
+          # read the remainder of the packet and decrypt it.
+          data = read_available(need)
+          @packet.append(server.cipher.update(data))
+        end
+
+        # get the hmac from the tail of the packet (if one exists), and
+        # then validate it.
+        real_hmac = read_available(server.hmac.mac_length) || ""
+
+        @packet.append(server.cipher.final)
+        padding_length = @packet.read_byte
+
+        payload = @packet.read(@packet_length - padding_length - 1)
+        padding = @packet.read(padding_length) if padding_length > 0
+
+        my_computed_hmac = server.hmac.digest([server.sequence_number, @packet.content].pack("NA*"))
+        raise Net::SSH::Exception, "corrupted mac detected" if real_hmac != my_computed_hmac
+
+        # try to decompress the payload, in case compression is active
+        payload = server.decompress(payload)
+
+        debug { "received packet nr #{server.sequence_number} type #{payload[0]} len #{@packet_length}" }
+
+        server.increment(@packet_length)
+        @packet = nil
+
+        return Packet.new(payload)
+      end
+  end
+
+end; end; end

data/lib/net/ssh/transport/server_version.rb

@@ -0,0 +1,61 @@
+require 'net/ssh/errors'
+require 'net/ssh/loggable'
+require 'net/ssh/version'
+
+module Net; module SSH; module Transport
+
+  # Negotiates the SSH protocol version and trades information about server
+  # and client. This is never used directly--it is always called by the
+  # transport layer as part of the initialization process of the transport
+  # layer.
+  #
+  # Note that this class also encapsulates the negotiated version, and acts as
+  # the authoritative reference for any queries regarding the version in effect.
+  class ServerVersion
+    include Loggable
+
+    # The SSH version string as reported by Net::SSH
+    PROTO_VERSION = "SSH-2.0-Ruby/Net::SSH_#{Net::SSH::Version::CURRENT} #{RUBY_PLATFORM}"
+
+    # Any header text sent by the server prior to sending the version.
+    attr_reader :header
+
+    # The version string reported by the server.
+    attr_reader :version
+
+    # Instantiates a new ServerVersion and immediately (and synchronously)
+    # negotiates the SSH protocol in effect, using the given socket.
+    def initialize(socket, logger)
+      @header = ""
+      @version = nil
+      @logger = logger
+      negotiate!(socket)
+    end
+
+    private
+
+      # Negotiates the SSH protocol to use, via the given socket. If the server
+      # reports an incompatible SSH version (e.g., SSH1), this will raise an
+      # exception.
+      def negotiate!(socket)
+        info { "negotiating protocol version" }
+
+        loop do
+          @version = socket.readline
+          break if @version.nil? || @version.match(/^SSH-/)
+          @header << @version
+        end
+
+        debug { "remote is #{@version.strip}" }
+
+        unless @version.match(/^SSH-(1\.99|2\.0)-/)
+          raise Net::SSH::Exception, "incompatible SSH version `#{@version}'"
+        end
+
+        @version.strip!
+
+        debug { "local is #{PROTO_VERSION}" }
+        socket.write "#{PROTO_VERSION}\r\n"
+      end
+  end
+end; end; end