net-ssh 1.1.4 → 2.0.0

data/lib/net/ssh/transport/packet-stream.rb

@@ -1,236 +0,0 @@
-#--
-# =============================================================================
-# Copyright (c) 2004,2005 Jamis Buck (jamis@37signals.com)
-# All rights reserved.
-#
-# This source file is distributed as part of the Net::SSH Secure Shell Client
-# library for Ruby. This file (and the library as a whole) may be used only as
-# allowed by either the BSD license, or the Ruby license (or, by association
-# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
-# distribution for the texts of these licenses.
-# -----------------------------------------------------------------------------
-# net-ssh website : http://net-ssh.rubyforge.org
-# project website: http://rubyforge.org/projects/net-ssh
-# =============================================================================
-#++
-
-require 'thread'
-
-require 'net/ssh/errors'
-require 'net/ssh/transport/errors'
-
-module Net
-  module SSH
-    module Transport
-
-      # The abstract parent of IncomingPacketStream and OutgoingPacketStream. It
-      # represents the common interface of its subclasses.
-      class PacketStream
-        
-        # the sequence number of the next packet to be processed.
-        attr_reader :sequence_number
-
-        # the setter for setting the socket to use for IO communication
-        attr_writer :socket
-
-        # Create a new packet stream. The given ciphers and hmacs are factories
-        # that are used to initialize the cipher and mac attributes.
-        def initialize( ciphers, hmacs )
-          @sequence_number = 0
-
-          @cipher = ciphers.get( "none" )
-          @hmac = hmacs.get( "none" )
-        end
-
-        # Set the cipher and mac algorithms to the given arguments.
-        def set_algorithms( cipher, mac )
-          @cipher, @hmac = cipher, mac
-        end
-
-        # Compute the mac for the given payload.
-        def compute_hmac( payload )
-          @hmac.digest( [ @sequence_number, payload ].pack( "NA*" ) )
-        end
-
-        # Increment the sequence number. This handles the (rare) case of a
-        # sequence number overflowing a long integer, and resets it safely to 0
-        # (as required by the SSH2 protocol).
-        def increment_sequence_number
-          @sequence_number += 1
-          @sequence_number = 0 if @sequence_number > 0xFFFFFFFF
-        end
-        private :increment_sequence_number
-
-      end
-
-      # Handles the compression and encryption of outgoing packets.
-      class OutgoingPacketStream < PacketStream
-
-        # Create a new OutgoingPacketStream.
-        def initialize( ciphers, hmacs, compressors )
-          super( ciphers, hmacs )
-          @compressor = compressors.fetch( "none" )
-          @mutex = Mutex.new
-        end
-
-        # Set the cipher, mac, and compressor to the given values.
-        def set_algorithms( cipher, hmac, compressor )
-          super( cipher, hmac )
-          @compressor = compressor
-        end
-
-        # Send the given payload over the socket, after (possibly) compressing
-        # and encrypting it. The payload is converted to a string (using #to_s)
-        # before being manipulated.
-        def send( payload )
-          @mutex.synchronize do
-            # force the payload into a string
-            payload = @compressor.compress( payload.to_s )
-
-            # the length of the packet, minus the padding
-            actual_length = 4 + payload.length + 1
-
-            # compute the padding length
-            padding_length = @cipher.block_size -
-              ( actual_length % @cipher.block_size )
-            padding_length += @cipher.block_size if padding_length < 4
-
-            # compute the packet length (sans the length field itself)
-            packet_length = payload.length + padding_length + 1
-
-            if packet_length < 16
-              padding_length += @cipher.block_size
-              packet_length = payload.length + padding_length + 1
-            end
-
-            padding = Array.new( padding_length ) { rand(256) }.pack("C*")
-
-            unencrypted_data = [ packet_length, padding_length, payload,
-              padding ].pack( "NCA*A*" )
-            mac = compute_hmac( unencrypted_data )
-
-            encrypted_data = @cipher.update( unencrypted_data ) << @cipher.final
-            message = encrypted_data + mac
-            
-            # send package, in case package was only partially transferred, retry
-            counter = message.size
-            while counter > 0
-              begin
-                counter -= @socket.send message[(message.size-counter)..message.size], 0
-              rescue Errno::EINTR
-                retry
-              end
-            end
-
-            increment_sequence_number
-          end
-        end
-
-      end
-
-      # Handles the decompression and dencryption of incoming packets.
-      class IncomingPacketStream < PacketStream
-
-        # A handle to the buffer factory to use when creating buffers
-        attr_writer :buffers
-
-        # A handle to the logger instance to use for writing log messages
-        attr_writer :log
-
-        # Create a new IncomingPacketStream.
-        def initialize( ciphers, hmacs, decompressors )
-          super( ciphers, hmacs )
-          @decompressor = decompressors.fetch( "none" )
-          @mutex = Mutex.new
-        end
-
-        # Set the cipher, mac, and decompressor algorithms to the given values.
-        def set_algorithms( cipher, mac, decompressor )
-          super( cipher, mac )
-          @decompressor = decompressor
-        end
-
-        # Retrieve the next packet from the string, after (possibly) decrypting
-        # and decompressing it. The packet is returned as a reader buffer.
-        def get
-          @mutex.synchronize do
-            # get the first block of data
-            if @log.debug?
-              @log.debug "reading #{@cipher.block_size} bytes from socket..."
-            end
-
-            data = read( @cipher.block_size )
-
-            # decipher it
-            reader = @buffers.reader( @cipher.update( data ) )
-
-            # determine the packet length and how many bytes remain to be read
-            packet_length = reader.read_long
-            remaining_to_read = packet_length + 4 - @cipher.block_size
-            if @log.debug?
-              @log.debug "packet length(#{packet_length}) " +
-                "remaining(#{remaining_to_read})"
-            end
-
-            # read the remainder of the packet and decrypt it.
-            data = read( remaining_to_read )
-
-            # get the hmac from the tail of the packet (if one exists), and
-            # then validate it.
-            hmac = @hmac.mac_length > 0 ? read( @hmac.mac_length ) : ""
-
-            reader.append @cipher.update( data ) unless data.empty?
-            reader.append @cipher.final
-
-            padding_length = reader.read_byte
-
-            payload = reader.read( packet_length - padding_length - 1 )
-            padding = reader.read( padding_length ) if padding_length > 0
-
-            my_computed_hmac = compute_hmac( reader.content )
-            raise Net::SSH::Exception, "corrupted mac detected" if hmac != my_computed_hmac
-
-            # decompress the payload
-            payload = @decompressor.decompress( payload )
-
-            increment_sequence_number
-
-            buffer = @buffers.reader( payload )
-            @log.debug "received: #{buffer.content.inspect}" if @log.debug?
-
-            return buffer
-          end
-        end
-
-        def read( length )
-          if IO === @socket
-          data = ""
-            begin
-              while data.length < length
-                break if @socket.closed?
-                if ( IO.select([@socket],nil,nil,0.01) rescue nil )
-                  data << @socket.read(length-data.length)
-                end
-              end
-            rescue Errno::EINTR
-              retry
-            end
-          else
-            data = @socket.recv(length)
-          end
-
-          # if the data is less than expected, the socket was closed
-          if data.nil? || data.length < length
-            raise Net::SSH::Transport::Disconnect,
-              "connection closed by remote host"
-          end
-
-          data
-        end
-        private :read
-
-      end
-
-    end
-  end
-end

data/lib/net/ssh/transport/services.rb

@@ -1,146 +0,0 @@
-#--
-# =============================================================================
-# Copyright (c) 2004,2005 Jamis Buck (jamis@37signals.com)
-# All rights reserved.
-#
-# This source file is distributed as part of the Net::SSH Secure Shell Client
-# library for Ruby. This file (and the library as a whole) may be used only as
-# allowed by either the BSD license, or the Ruby license (or, by association
-# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
-# distribution for the texts of these licenses.
-# -----------------------------------------------------------------------------
-# net-ssh website : http://net-ssh.rubyforge.org
-# project website: http://rubyforge.org/projects/net-ssh
-# =============================================================================
-#++
-
-module Net
-  module SSH
-    module Transport
-
-      # Register the services that together implement the SSH transport layer.
-      def register_services( container )
-        container.namespace_define :transport do |b|
-          b.kex_names { Hash.new }
-          b.compression_algorithms { Hash.new }
-          b.decompression_algorithms { Hash.new }
-
-          b.cipher_factories { Hash.new }
-          b.hmac_factories { Hash.new }
-          b.key_factories { Hash.new }
-          b.buffer_factories { Hash.new }
-          b.bn_factories { Hash.new }
-          b.digest_factories { Hash.new }
-
-          b.ciphers( :model => :prototype ) { |c,|
-            c.cipher_factories.fetch( c.crypto_backend ) }
-
-          b.hmacs( :model => :prototype ) { |c,|
-            c.hmac_factories.fetch( c.crypto_backend ) }
-
-          b.keys( :model => :prototype ) { |c,|
-            c.key_factories.fetch( c.crypto_backend ) }
-
-          b.buffers( :model => :prototype ) { |c,|
-            c.buffer_factories.fetch( c.crypto_backend ) }
-
-          b.bns( :model => :prototype ) { |c,|
-            c.bn_factories.fetch( c.crypto_backend ) }
-
-          b.digesters( :model => :prototype ) { |c,|
-            c.digest_factories.fetch( c.crypto_backend ) }
-
-          b.identity_cipher do
-            require 'net/ssh/transport/identity-cipher'
-            IdentityCipher.new
-          end
-
-          b.outgoing_packet_stream :model => :prototype_deferred do |c,|
-            require 'net/ssh/transport/packet-stream'
-            OutgoingPacketStream.new(
-              c.ciphers, c.hmacs, c.compression_algorithms )
-          end
-
-          b.incoming_packet_stream :model => :prototype_deferred do |c,point|
-            require 'net/ssh/transport/packet-stream'
-            stream = IncomingPacketStream.new(
-              c.ciphers, c.hmacs, c.decompression_algorithms )
-            stream.buffers = c.buffers
-            stream.log = c.log_for( point )
-            stream
-          end
-
-          b.algorithms do
-            Hash[
-              :host_key => [ "ssh-dss", "ssh-rsa" ],
-              :kex => [ "diffie-hellman-group-exchange-sha1",
-                        "diffie-hellman-group1-sha1" ],
-              :encryption => [ "3des-cbc",
-                               "aes128-cbc", 
-                               "blowfish-cbc",
-                               "aes256-cbc",
-                               "aes192-cbc",
-                               "idea-cbc",
-                               "none" ],
-              :hmac => [ "hmac-md5",
-                         "hmac-sha1",
-                         "hmac-md5-96",
-                         "hmac-sha1-96",
-                         "none" ],
-              :compression => [ "none", "zlib" ],
-              :languages => []
-            ]
-          end
-
-          b.default_ssh_port { 22 }
-
-          b.socket_factory do
-            require 'socket'
-            TCPSocket
-          end
-
-          b.version_negotiator do |c,point|
-            require 'net/ssh/transport/version-negotiator'
-            VersionNegotiator.new( c.log_for( point ) )
-          end
-
-          b.algorithm_negotiator do |c,point|
-            require 'net/ssh/transport/algorithm-negotiator'
-            AlgorithmNegotiator.new(
-              c.log_for( point ),
-              c.algorithms,
-              c.buffers )
-          end
-
-          b.session do |c,point|
-            require 'net/ssh/transport/session'
-
-            args = [ c[:transport_host] ]
-            args << c[:transport_options] if c.knows_key?(:transport_options)
-
-            Session.new( *args ) do |s|
-              s.logger               = c[:log_for, point]
-              s.default_port         = c[:default_ssh_port]
-              s.version_negotiator   = c[:version_negotiator]
-              s.algorithm_negotiator = c[:algorithm_negotiator]
-              s.socket_factory       = c[:socket_factory]
-              s.packet_sender        = c[:outgoing_packet_stream]
-              s.packet_receiver      = c[:incoming_packet_stream]
-              s.ciphers              = c[:ciphers]
-              s.hmacs                = c[:hmacs]
-              s.kexs                 = c[:kex_names]
-              s.compressors          = c[:compression_algorithms]
-              s.decompressors        = c[:decompression_algorithms]
-            end
-          end
-
-          b.require 'net/ssh/transport/ossl/services', "#{self}::OSSL"
-          b.require 'net/ssh/transport/compress/services', "#{self}::Compress"
-          b.require 'net/ssh/transport/kex/services', "#{self}::Kex"
-        end
-      end
-      module_function :register_services
-
-    end
-  end
-end

data/lib/net/ssh/transport/version-negotiator.rb

@@ -1,73 +0,0 @@
-#--
-# =============================================================================
-# Copyright (c) 2004,2005 Jamis Buck (jamis@37signals.com)
-# All rights reserved.
-#
-# This source file is distributed as part of the Net::SSH Secure Shell Client
-# library for Ruby. This file (and the library as a whole) may be used only as
-# allowed by either the BSD license, or the Ruby license (or, by association
-# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
-# distribution for the texts of these licenses.
-# -----------------------------------------------------------------------------
-# net-ssh website : http://net-ssh.rubyforge.org
-# project website: http://rubyforge.org/projects/net-ssh
-# =============================================================================
-#++
-
-require 'net/ssh/errors'
-
-module Net
-  module SSH
-    module Transport
-
-      # Manages the negotiation of the version strings between client and
-      # server.
-      class VersionNegotiator
-
-        # For processing the version header. The version reported by the server
-        # must match this pattern.
-        VERSION_LINE = /^SSH-/
-
-        # Only versions matching this pattern are supported by Net::SSH.
-        REQUIRED_VERSION_PATTERN = /^SSH-(1.99|2.0)-/
-
-        # An array of lines returned by the server prior to reporting the
-        # version.
-        attr_reader :header_lines
-
-        # Creates a new VersionNegotiator object that logs to the given logger
-        # instance.
-        def initialize( logger )
-          @logger = logger
-        end
-
-        # Negotiate version information over the given socket. This will
-        # return the version reported by the server.
-        def negotiate( socket, version )
-          server_version = ""
-          @header_lines = []
-
-          loop do
-            server_version = socket.readline
-            break if server_version.nil? || VERSION_LINE.match( server_version )
-            @header_lines << server_version
-          end
-
-          if !REQUIRED_VERSION_PATTERN.match( server_version )
-            raise Net::SSH::Exception,
-              "incompatible ssh version #{server_version.inspect}"
-          end
-
-          if @logger.debug?
-            @logger.debug "remote server is #{server_version.chomp.inspect}"
-          end
-          socket.print "#{version}\r\n"
-
-          return server_version.chomp
-        end
-
-      end
-
-    end
-  end
-end