net-ssh 1.1.4 → 2.0.0

data/lib/net/ssh/connection/term.rb

@@ -1,90 +1,178 @@
-#--
-# =============================================================================
-# Copyright (c) 2004,2005 Jamis Buck (jamis@37signals.com)
-# All rights reserved.
-#
-# This source file is distributed as part of the Net::SSH Secure Shell Client
-# library for Ruby. This file (and the library as a whole) may be used only as
-# allowed by either the BSD license, or the Ruby license (or, by association
-# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
-# distribution for the texts of these licenses.
-# -----------------------------------------------------------------------------
-# net-ssh website : http://net-ssh.rubyforge.org
-# project website: http://rubyforge.org/projects/net-ssh
-# =============================================================================
-#++
-
-module Net
-  module SSH
-    module Connection
+module Net; module SSH; module Connection
       
-      # Terminal opcodes, for use when opening pty's.
-      module Term
-
-        TTY_OP_END = 0
-        VINTR = 1
-        VQUIT = 2
-        VERASE = 3
-        VKILL = 4
-        VEOF = 5
-        VEOL = 6
-        VEOL2 = 7
-        VSTART = 8
-        VSTOP = 9
-        VSUSP = 10
-        VDSUSP = 11
-        VREPRINT = 12
-        VWERASE = 13
-        VLNEXT = 14
-        VFLUSH = 15
-        VSWITCH = 16
-        VSTATUS = 17
-        VDISCARD = 18
-
-        IGNPAR = 30
-        PARMRK = 31
-        INPCK = 32
-        ISTRIP = 33
-        INCLR = 34
-        IGNCR = 35
-        ICRNL = 36
-        IUCLC = 37
-        IXON = 38
-        IXANY = 39
-        IXOFF = 40
-        IMAXBEL = 41
-
-        ISIG = 50
-        ICANON = 51
-        XCASE = 52
-        ECHO = 53
-        ECHOE = 54
-        ECHOK = 55
-        ECHONL = 56
-        NOFLSH = 57
-        TOSTOP= 58
-        IEXTEN = 59
-        ECHOCTL = 60
-        ECHOKE = 61
-        PENDIN = 62
-
-        OPOST = 70
-        OLCUC = 71
-        ONLCR = 72
-        OCRNL = 73
-        ONOCR = 74
-        ONLRET = 75
-
-        CS7 = 90
-        CS8 = 91
-        PARENB = 92
-        PARODD = 93
-
-        TTY_OP_ISPEED = 128
-        TTY_OP_OSPEED = 129
-
-      end
-
-    end
+  # These constants are used when requesting a pseudo-terminal (via
+  # Net::SSH::Connection::Channel#request_pty). The descriptions for each are
+  # taken directly from RFC 4254 ("The Secure Shell (SSH) Connection Protocol"),
+  # http://tools.ietf.org/html/rfc4254.
+  module Term
+    # Interrupt character; 255 if none. Similarly for the other characters.
+    # Not all of these characters are supported on all systems.
+    VINTR = 1
+
+    # The quit character (sends SIGQUIT signal on POSIX systems).
+    VQUIT = 2
+
+    # Erase the character to left of the cursor.
+    VERASE = 3
+
+    # Kill the current input line.
+    VKILL = 4
+
+    # End-of-file character (sends EOF from the terminal).
+    VEOF = 5
+
+    # End-of-line character in addition to carriage return and/or linefeed.
+    VEOL = 6
+
+    # Additional end-of-line character.
+    VEOL2 = 7
+
+    # Continues paused output (normally control-Q).
+    VSTART = 8
+
+    # Pauses output (normally control-S).
+    VSTOP = 9
+
+    # Suspends the current program.
+    VSUSP = 10
+
+    # Another suspend character.
+    VDSUSP = 11
+
+    # Reprints the current input line.
+    VREPRINT = 12
+
+    # Erases a word left of cursor.
+    VWERASE = 13
+
+    # Enter the next character typed literally, even if it is a special
+    # character.
+    VLNEXT = 14
+
+    # Character to flush output.
+    VFLUSH = 15
+
+    # Switch to a different shell layer.
+    VSWITCH = 16
+
+    # Prints system status line (load, command, pid, etc).
+    VSTATUS = 17
+
+    # Toggles the flushing of terminal output.
+    VDISCARD = 18
+
+    # The ignore parity flag. The parameter SHOULD be 0 if this flag is FALSE,
+    # and 1 if it is TRUE.
+    IGNPAR = 30
+
+    # Mark parity and framing errors.
+    PARMRK = 31
+
+    # Enable checking of parity errors.
+    INPCK = 32
+
+    # Strip 8th bit off characters.
+    ISTRIP = 33
+
+    # Map NL into CR on input.
+    INCLR = 34
+
+    # Ignore CR on input.
+    IGNCR = 35
+
+    # Map CR to NL on input.
+    ICRNL = 36
+
+    # Translate uppercase characters to lowercase.
+    IUCLC = 37
+
+    # Enable output flow control.
+    IXON = 38
+
+    # Any char will restart after stop.
+    IXANY = 39
+
+    # Enable input flow control.
+    IXOFF = 40
+
+    # Ring bell on input queue full.
+    IMAXBEL = 41
+
+    # Enable signals INTR, QUIT, [D]SUSP.
+    ISIG = 50
+
+    # Canonicalize input lines.
+    ICANON = 51
+
+    # Enable input and output of uppercase characters by preceding their
+    # lowercase equivalents with "\".
+    XCASE = 52
+
+    # Enable echoing.
+    ECHO = 53
+
+    # Visually erase chars.
+    ECHOE = 54
+
+    # Kill character discards current line.
+    ECHOK = 55
+
+    # Echo NL even if ECHO is off.
+    ECHONL = 56
+
+    # Don't flush after interrupt.
+    NOFLSH = 57
+
+    # Stop background jobs from output.
+    TOSTOP= 58
+
+    # Enable extensions.
+    IEXTEN = 59
+
+    # Echo control characters as ^(Char).
+    ECHOCTL = 60
+
+    # Visual erase for line kill.
+    ECHOKE = 61
+
+    # Retype pending input.
+    PENDIN = 62
+
+    # Enable output processing.
+    OPOST = 70
+
+    # Convert lowercase to uppercase.
+    OLCUC = 71
+
+    # Map NL to CR-NL.
+    ONLCR = 72
+
+    # Translate carriage return to newline (output).
+    OCRNL = 73
+
+    # Translate newline to carriage return-newline (output).
+    ONOCR = 74
+
+    # Newline performs a carriage return (output).
+    ONLRET = 75
+
+    # 7 bit mode.
+    CS7 = 90
+
+    # 8 bit mode.
+    CS8 = 91
+
+    # Parity enable.
+    PARENB = 92
+
+    # Odd parity, else even.
+    PARODD = 93
+
+    # Specifies the input baud rate in bits per second.
+    TTY_OP_ISPEED = 128
+
+    # Specifies the output baud rate in bits per second.
+    TTY_OP_OSPEED = 129
   end
-end
+
+end; end; end

data/lib/net/ssh/errors.rb

@@ -1,63 +1,85 @@
-#--
-# =============================================================================
-# Copyright (c) 2004,2005 Jamis Buck (jamis@37signals.com)
-# All rights reserved.
-#
-# This source file is distributed as part of the Net::SSH Secure Shell Client
-# library for Ruby. This file (and the library as a whole) may be used only as
-# allowed by either the BSD license, or the Ruby license (or, by association
-# with the Ruby license, the GPL). See the "doc" subdirectory of the Net::SSH
-# distribution for the texts of these licenses.
-# -----------------------------------------------------------------------------
-# net-ssh website : http://net-ssh.rubyforge.org
-# project website: http://rubyforge.org/projects/net-ssh
-# =============================================================================
-#++
-
-module Net
-  module SSH
-
-    # The ancestor class of all exceptions raised in the Net::SSH module.
-    class Exception < StandardError; end
-
-    # Raised when user authentication failed.
-    class AuthenticationFailed < Exception; end
-
-    # Raised when the cached key for a particular host does not match the
-    # key given by the host, which can be indicative of a man-in-the-middle
-    # attack. When rescuing this exception, you can inspect the key fingerprint
-    # and, if you want to proceed anyway, simply call the remember_host!
-    # method on the exception, and then retry.
-    class HostKeyMismatch < Exception
-      attr_writer :callback, :data
-
-      def [](key)
-        @data[key]
-      end
-
-      def fingerprint
-        @data[:fingerprint]
-      end
-
-      def host
-        @data[:peer][:host]
-      end
-
-      def port
-        @data[:peer][:port]
-      end
-
-      def ip
-        @data[:peer][:ip]
-      end
-
-      def key
-        @data[:key]
-      end
-
-      def remember_host!
-        @callback.call
-      end
+module Net; module SSH
+  # A general exception class, to act as the ancestor of all other Net::SSH
+  # exception classes.
+  class Exception < ::RuntimeError; end
+
+  # This exception is raised when authentication fails (whether it be
+  # public key authentication, password authentication, or whatever).
+  class AuthenticationFailed < Exception; end
+
+  # This exception is raised when the remote host has disconnected
+  # unexpectedly.
+  class Disconnect < Exception; end
+
+  # This exception is primarily used internally, but if you have a channel
+  # request handler (see Net::SSH::Connection::Channel#on_request) that you
+  # want to fail in such a way that the server knows it failed, you can
+  # raise this exception in the handler and Net::SSH will translate that into
+  # a "channel failure" message.
+  class ChannelRequestFailed < Exception; end
+
+  # This is exception is primarily used internally, but if you have a channel
+  # open handler (see Net::SSH::Connection::Session#on_open_channel) and you
+  # want to fail in such a way that the server knows it failed, you can
+  # raise this exception in the handler and Net::SSH will translate that into
+  # a "channel open failed" message.
+  class ChannelOpenFailed < Exception
+    attr_reader :code, :reason
+
+    def initialize(code, reason)
+      @code, @reason = code, reason
+      super "#{reason} (#{code})"
+    end
+  end
+
+  # Raised when the cached key for a particular host does not match the
+  # key given by the host, which can be indicative of a man-in-the-middle
+  # attack. When rescuing this exception, you can inspect the key fingerprint
+  # and, if you want to proceed anyway, simply call the remember_host!
+  # method on the exception, and then retry.
+  class HostKeyMismatch < Exception
+    # the callback to use when #remember_host! is called
+    attr_writer :callback #:nodoc:
+
+    # situation-specific data describing the host (see #host, #port, etc.)
+    attr_writer :data #:nodoc:
+
+    # An accessor for getting at the data that was used to look up the host
+    # (see also #fingerprint, #host, #port, #ip, and #key).
+    def [](key)
+      @data && @data[key]
+    end
+
+    # Returns the fingerprint of the key for the host, which either was not
+    # found or did not match.
+    def fingerprint
+      @data && @data[:fingerprint]
+    end
+
+    # Returns the host name for the remote host, as reported by the socket.
+    def host
+      @data && @data[:peer] && @data[:peer][:host]
+    end
+
+    # Returns the port number for the remote host, as reported by the socket.
+    def port
+      @data && @data[:peer] && @data[:peer][:port]
+    end
+
+    # Returns the IP address of the remote host, as reported by the socket.
+    def ip
+      @data && @data[:peer] && @data[:peer][:ip]
+    end
+
+    # Returns the key itself, as reported by the remote host.
+    def key
+      @data && @data[:key]
+    end
+
+    # Tell Net::SSH to record this host and key in the known hosts file, so
+    # that subsequent connections will remember them.
+    def remember_host!
+      @callback.call
     end
   end
-end
+end; end

data/lib/net/ssh/key_factory.rb

@@ -0,0 +1,85 @@
+require 'net/ssh/transport/openssl'
+require 'net/ssh/prompt'
+
+module Net; module SSH
+
+  # A factory class for returning new Key classes. It is used for obtaining
+  # OpenSSL key instances via their SSH names, and for loading both public and
+  # private keys. It used used primarily by Net::SSH itself, internally, and
+  # will rarely (if ever) be directly used by consumers of the library.
+  #
+  #   klass = Net::SSH::KeyFactory.get("rsa")
+  #   assert klass.is_a?(OpenSSL::PKey::RSA)
+  #
+  #   key = Net::SSH::KeyFacory.load_public_key("~/.ssh/id_dsa.pub")
+  class KeyFactory
+    # Specifies the mapping of SSH names to OpenSSL key classes.
+    MAP = {
+      "dh"  => OpenSSL::PKey::DH,
+      "rsa" => OpenSSL::PKey::RSA,
+      "dsa" => OpenSSL::PKey::DSA
+    }
+
+    class <<self
+      include Prompt
+
+      # Fetch an OpenSSL key instance by its SSH name. It will be a new,
+      # empty key of the given type.
+      def get(name)
+        MAP.fetch(name).new
+      end
+
+      # Loads a private key from a file. It will correctly determine
+      # whether the file describes an RSA or DSA key, and will load it
+      # appropriately. The new key is returned. If the key itself is
+      # encrypted (requiring a passphrase to use), the user will be
+      # prompted to enter their password unless passphrase works. 
+      def load_private_key(filename, passphrase=nil)
+        file = File.read(File.expand_path(filename))
+
+        if file.match(/-----BEGIN DSA PRIVATE KEY-----/)
+          key_type = OpenSSL::PKey::DSA
+        elsif file.match(/-----BEGIN RSA PRIVATE KEY-----/)
+          key_type = OpenSSL::PKey::RSA
+        elsif file.match(/-----BEGIN (.*) PRIVATE KEY-----/)
+          raise OpenSSL::PKey::PKeyError, "not a supported key type '#{$1}'"
+        else
+          raise OpenSSL::PKey::PKeyError, "not a private key (#{filename})"
+        end
+
+        encrypted_key = file.match(/ENCRYPTED/)
+        tries = 0
+
+        begin
+          return key_type.new(file, passphrase || 'invalid')
+        rescue OpenSSL::PKey::RSAError, OpenSSL::PKey::DSAError => e
+          if encrypted_key
+            tries += 1
+            if tries <= 3
+              passphrase = prompt("Enter passphrase for #{filename}:", false)
+              retry
+            else
+              raise
+            end
+          else
+            raise
+          end
+        end
+      end
+
+      # Loads a public key from a file. It will correctly determine whether
+      # the file describes an RSA or DSA key, and will load it
+      # appropriately. The new public key is returned.
+      def load_public_key(filename)
+        data = File.read(File.expand_path(filename))
+        type, blob = data.split(/ /)
+
+        blob = blob.unpack("m*").first
+        reader = Net::SSH::Buffer.new(blob)
+        reader.read_key or raise OpenSSL::PKey::PKeyError, "not a public key #{filename.inspect}"
+      end
+    end
+
+  end
+
+end; end