net-ssh 2.9.2 → 4.0.0

data/lib/net/ssh/key_factory.rb

@@ -1,6 +1,8 @@
 require 'net/ssh/transport/openssl'
 require 'net/ssh/prompt'
 
+require 'net/ssh/authentication/ed25519_loader'
+
 module Net; module SSH
 
   # A factory class for returning new Key classes. It is used for obtaining
@@ -21,11 +23,10 @@ module Net; module SSH
     }
     if defined?(OpenSSL::PKey::EC)
       MAP["ecdsa"] = OpenSSL::PKey::EC
+      MAP["ed25519"] = Net::SSH::Authentication::ED25519::PrivKey if defined? Net::SSH::Authentication::ED25519
     end
 
     class <<self
-      include Prompt
-
       # Fetch an OpenSSL key instance by its SSH name. It will be a new,
       # empty key of the given type.
       def get(name)
@@ -36,61 +37,43 @@ module Net; module SSH
       # whether the file describes an RSA or DSA key, and will load it
       # appropriately. The new key is returned. If the key itself is
       # encrypted (requiring a passphrase to use), the user will be
-      # prompted to enter their password unless passphrase works. 
-      def load_private_key(filename, passphrase=nil, ask_passphrase=true)
+      # prompted to enter their password unless passphrase works.
+      def load_private_key(filename, passphrase=nil, ask_passphrase=true, prompt=Prompt.default)
         data = File.read(File.expand_path(filename))
-        load_data_private_key(data, passphrase, ask_passphrase, filename)
+        load_data_private_key(data, passphrase, ask_passphrase, filename, prompt)
       end
 
       # Loads a private key. It will correctly determine
       # whether the file describes an RSA or DSA key, and will load it
       # appropriately. The new key is returned. If the key itself is
       # encrypted (requiring a passphrase to use), the user will be
-      # prompted to enter their password unless passphrase works. 
-      def load_data_private_key(data, passphrase=nil, ask_passphrase=true, filename="")
-        if OpenSSL::PKey.respond_to?(:read)
-          pkey_read = true
-          error_class = ArgumentError
-        else
-          pkey_read = false
-          if data.match(/-----BEGIN DSA PRIVATE KEY-----/)
-            key_type = OpenSSL::PKey::DSA
-            error_class = OpenSSL::PKey::DSAError
-          elsif data.match(/-----BEGIN RSA PRIVATE KEY-----/)
-            key_type = OpenSSL::PKey::RSA
-            error_class = OpenSSL::PKey::RSAError
-          elsif data.match(/-----BEGIN EC PRIVATE KEY-----/) && defined?(OpenSSL::PKey::EC)
-            key_type = OpenSSL::PKey::EC
-            error_class = OpenSSL::PKey::ECError
-          elsif data.match(/-----BEGIN (.+) PRIVATE KEY-----/)
-            raise OpenSSL::PKey::PKeyError, "not a supported key type '#{$1}'"
-          else
-            raise OpenSSL::PKey::PKeyError, "not a private key (#{filename})"
-          end
-        end
+      # prompted to enter their password unless passphrase works.
+      def load_data_private_key(data, passphrase=nil, ask_passphrase=true, filename="", prompt=Prompt.default)
+        key_read, error_classes = classify_key(data, filename)
 
         encrypted_key = data.match(/ENCRYPTED/)
         tries = 0
 
-        begin
-          if pkey_read
-            return OpenSSL::PKey.read(data, passphrase || 'invalid')
-          else
-            return key_type.new(data, passphrase || 'invalid')
-          end
-        rescue error_class
-          if encrypted_key && ask_passphrase
-            tries += 1
-            if tries <= 3
-              passphrase = prompt("Enter passphrase for #{filename}:", false)
-              retry
+        prompter = nil
+        result =
+          begin
+            key_read[data, passphrase || 'invalid']
+          rescue *error_classes
+            if encrypted_key && ask_passphrase
+              tries += 1
+              if tries <= 3
+                prompter ||= prompt.start(type: 'private_key', filename: filename, sha: Digest::SHA256.digest(data))
+                passphrase = prompter.ask("Enter passphrase for #{filename}:", false)
+                retry
+              else
+                raise
+              end
             else
               raise
             end
-          else
-            raise
           end
-        end
+        prompter.success if prompter
+        result
       end
 
       # Loads a public key from a file. It will correctly determine whether
@@ -110,7 +93,7 @@ module Net; module SSH
         blob = nil
         begin
           blob = fields.shift
-        end while !blob.nil? && !/^(ssh-(rsa|dss)|ecdsa-sha2-nistp\d+)$/.match(blob)
+        end while !blob.nil? && !/^(ssh-(rsa|dss|ed25519)|ecdsa-sha2-nistp\d+)$/.match(blob)
         blob = fields.shift
 
         raise Net::SSH::Exception, "public key at #{filename} is not valid" if blob.nil?
@@ -119,6 +102,29 @@ module Net; module SSH
         reader = Net::SSH::Buffer.new(blob)
         reader.read_key or raise OpenSSL::PKey::PKeyError, "not a public key #{filename.inspect}"
       end
+
+      private
+
+      # Determine whether the file describes an RSA or DSA key, and return how load it
+      # appropriately.
+      def classify_key(data, filename)
+        if data.match(/-----BEGIN OPENSSH PRIVATE KEY-----/)
+          Net::SSH::Authentication::ED25519Loader.raiseUnlessLoaded("OpenSSH keys only supported if ED25519 is available")
+          return ->(key_data, passphrase) { Net::SSH::Authentication::ED25519::PrivKey.read(key_data, passphrase) }, [ArgumentError]
+        elsif OpenSSL::PKey.respond_to?(:read)
+          return ->(key_data, passphrase) { OpenSSL::PKey.read(key_data, passphrase) }, [ArgumentError, OpenSSL::PKey::PKeyError]
+        elsif data.match(/-----BEGIN DSA PRIVATE KEY-----/)
+          return ->(key_data, passphrase) { OpenSSL::PKey::DSA.new(key_data, passphrase) }, [OpenSSL::PKey::DSAError]
+        elsif data.match(/-----BEGIN RSA PRIVATE KEY-----/)
+          return ->(key_data, passphrase) { OpenSSL::PKey::RSA.new(key_data, passphrase) }, [OpenSSL::PKey::RSAError]
+        elsif data.match(/-----BEGIN EC PRIVATE KEY-----/) && defined?(OpenSSL::PKey::EC)
+          return ->(key_data, passphrase) { OpenSSL::PKey::EC.new(key_data, passphrase) }, [OpenSSL::PKey::ECError]
+        elsif data.match(/-----BEGIN (.+) PRIVATE KEY-----/)
+          raise OpenSSL::PKey::PKeyError, "not a supported key type '#{$1}'"
+        else
+          raise OpenSSL::PKey::PKeyError, "not a private key (#{filename})"
+        end
+      end
     end
 
   end

data/lib/net/ssh/known_hosts.rb

@@ -1,8 +1,37 @@
 require 'strscan'
+require 'openssl'
+require 'base64'
 require 'net/ssh/buffer'
 
 module Net; module SSH
 
+  # Represents the result of a search in known hosts
+  # see search_for
+  class HostKeys
+    include Enumerable
+    attr_reader :host
+
+    def initialize(host_keys, host, known_hosts, options = {})
+       @host_keys = host_keys
+       @host = host
+       @known_hosts = known_hosts
+       @options = options
+    end
+
+    def add_host_key(key)
+       @known_hosts.add(@host, key, @options)
+       @host_keys.push(key)
+    end
+
+    def each(&block)
+       @host_keys.each(&block)
+    end
+
+    def empty?
+      @host_keys.empty?
+    end
+  end
+
   # Searches an OpenSSH-style known-host file for a given host, and returns all
   # matching keys. This is used to implement host-key verification, as well as
   # to determine what key a user prefers to use for a given host.
@@ -24,9 +53,9 @@ module Net; module SSH
     class <<self
 
       # Searches all known host files (see KnownHosts.hostfiles) for all keys
-      # of the given host. Returns an array of keys found.
+      # of the given host. Returns an enumerable of keys found.
       def search_for(host, options={})
-        search_in(hostfiles(options), host)
+        HostKeys.new(search_in(hostfiles(options), host), host, self, options)
       end
 
       # Search for all known keys for the given host, in every file given in
@@ -111,7 +140,9 @@ module Net; module SSH
           next if scanner.match?(/$|#/)
 
           hostlist = scanner.scan(/\S+/).split(/,/)
-          next unless entries.all? { |entry| hostlist.include?(entry) }
+          found = entries.all? { |entry| hostlist.include?(entry) } ||
+            known_host_hash?(hostlist, entries, scanner)
+          next unless found
 
           scanner.skip(/\s*/)
           type = scanner.scan(/\S+/)
@@ -127,6 +158,21 @@ module Net; module SSH
       keys
     end
 
+    # Indicates whether one of the entries matches an hostname that has been
+    # stored as a HMAC-SHA1 hash in the known hosts.
+    def known_host_hash?(hostlist, entries, scanner)
+      if hostlist.size == 1 && hostlist.first =~ /\A\|1(\|.+){2}\z/
+        chunks = hostlist.first.split(/\|/)
+        salt = Base64.decode64(chunks[2])
+        digest = OpenSSL::Digest.new('sha1')
+        entries.each do |entry|
+          hmac = OpenSSL::HMAC.digest(digest, salt, entry)
+          return true if Base64.encode64(hmac).chomp == chunks[3]
+        end
+      end
+      false
+    end
+
     # Tries to append an entry to the current source file for the given host
     # and key. If it is unable to (because the file is not writable, for
     # instance), an exception will be raised.

data/lib/net/ssh/prompt.rb

@@ -1,93 +1,62 @@
-module Net; module SSH
-
-  # A basic prompt module that can be mixed into other objects. If HighLine is
-  # installed, it will be used to display prompts and read input from the
-  # user. Otherwise, the termios library will be used. If neither HighLine
-  # nor termios is installed, a simple prompt that echos text in the clear
-  # will be used.
+require 'io/console'
 
-  module PromptMethods
+module Net; module SSH
 
-    # Defines the prompt method to use if the Highline library is installed.
-    module Highline
-      # Uses Highline#ask to present a prompt and accept input. If +echo+ is
-      # +false+, the characters entered by the user will not be echoed to the
-      # screen.
-      def prompt(prompt, echo=true)
-        @highline ||= ::HighLine.new
-        @highline.ask(prompt + " ") { |q| q.echo = echo }
-      end
+  # Default prompt implementation, called for asking password from user.
+  # It will never be instantiated directly, but will instead be created for
+  # you automatically.
+  #
+  # A custom prompt objects can implement caching, or different UI. The prompt
+  # object should implemnted a start method, which should return something implementing
+  # ask and success. Net::SSH uses it like:
+  #
+  #   prompter = options[:password_prompt].start({type:'password'})
+  #   while !ok && max_retries < 3
+  #     user = prompter.ask("user: ", {}, true)
+  #     password = prompter.ask("password: ", {}, false)
+  #     ok = send(user, password)
+  #     prompter.sucess if ok
+  #   end
+  #
+  class Prompt
+    # factory
+    def self.default(options = {})
+      @default ||= new(options)
     end
 
-    # Defines the prompt method to use if the Termios library is installed.
-    module Termios
-      # Displays the prompt to $stdout. If +echo+ is false, the Termios
-      # library will be used to disable keystroke echoing for the duration of
-      # this method.
-      def prompt(prompt, echo=true)
-        $stdout.print(prompt)
-        $stdout.flush
+    def initialize(options = {}); end
 
-        set_echo(false) unless echo
-        $stdin.gets.chomp
-      ensure
-        if !echo
-          set_echo(true)
-          $stdout.puts
+    # default prompt object implementation. More sophisticated implemenetations
+    # might implement caching.
+    class Prompter
+      def initialize(info)
+        if info[:type] == 'keyboard-interactive'
+          $stdout.puts(info[:name]) unless info[:name].empty?
+          $stdout.puts(info[:instruction]) unless info[:instruction].empty?
         end
       end
 
-      private
-
-        # Enables or disables keystroke echoing using the Termios library.
-        def set_echo(enable)
-          term = ::Termios.getattr($stdin)
-
-          if enable
-            term.c_lflag |= (::Termios::ECHO | ::Termios::ICANON)
-          else
-            term.c_lflag &= ~::Termios::ECHO
-          end
-
-          ::Termios.setattr($stdin, ::Termios::TCSANOW, term)
-        end
-    end
-
-    # Defines the prompt method to use when neither Highline nor Termios are
-    # installed.
-    module Clear
-      # Displays the prompt to $stdout and pulls the response from $stdin.
-      # Text is always echoed in the clear, regardless of the +echo+ setting.
-      # The first time a prompt is given and +echo+ is false, a warning will
-      # be written to $stderr recommending that either Highline or Termios
-      # be installed.
-      def prompt(prompt, echo=true)
-        @seen_warning ||= false
-        if !echo && !@seen_warning
-          $stderr.puts "Text will be echoed in the clear. Please install the HighLine or Termios libraries to suppress echoed text."
-          @seen_warning = true
-        end
-
+      # ask input from user, a prompter might ask for multiple inputs
+      # (like user and password) in a single session.
+      def ask(prompt, echo=true)
         $stdout.print(prompt)
         $stdout.flush
-        $stdin.gets.chomp
+        ret = $stdin.noecho(&:gets).chomp
+        $stdout.print("\n")
+        ret
       end
+
+      # success method will be called when the password was accepted
+      # It's a good time to save password asked to a cache.
+      def success; end
     end
-  end
 
-  # Try to load Highline and Termios in turn, selecting the corresponding
-  # PromptMethods module to use. If neither are available, choose PromptMethods::Clear.
-  Prompt = begin
-      require 'highline'
-      HighLine.track_eof = false
-      PromptMethods::Highline
-    rescue LoadError
-      begin
-        require 'termios'
-        PromptMethods::Termios
-      rescue LoadError
-        PromptMethods::Clear
-      end
+    # start password session. Multiple questions might be asked multiple times
+    # on the returned object. Info hash tries to uniquely identify the password
+    # session, so caching implementations can save passwords properly.
+    def start(info)
+      Prompter.new(info)
     end
+  end
 
-end; end
+end; end

data/lib/net/ssh/proxy/command.rb

@@ -1,4 +1,5 @@
 require 'socket'
+require 'rubygems'
 require 'net/ssh/proxy/errors'
 require 'net/ssh/ruby_compat'
 
@@ -66,13 +67,38 @@ module Net; module SSH; module Proxy
         raise ConnectError, "#{e}: #{command_line}"
       end
       @command_line = command_line
-      class << io
-        def send(data, flag)
-          write_nonblock(data)
+      if Gem.win_platform?
+        # read_nonblock and write_nonblock are not available on Windows
+        # pipe. Use sysread and syswrite as a replacement works.
+        def io.send(data, flag)
+          syswrite(data)
         end
 
-        def recv(size)
-          read_nonblock(size)
+        def io.recv(size)
+          sysread(size)
+        end
+      else
+        def io.send(data, flag)
+          begin
+            result = write_nonblock(data)
+          rescue IO::WaitWritable, Errno::EINTR
+            IO.select(nil, [self])
+            retry
+          end
+          result
+        end
+
+        def io.recv(size)
+          begin
+            result = read_nonblock(size)
+          rescue IO::WaitReadable, Errno::EINTR
+            timeout_in_seconds = 20
+            if IO.select([self], nil, [self], timeout_in_seconds) == nil
+              raise "Unexpected spurious read wakeup"
+            end
+            retry
+          end
+          result
         end
       end
       io

data/lib/net/ssh/proxy/http.rb

@@ -8,7 +8,7 @@ module Net; module SSH; module Proxy
   #
   #   require 'net/ssh/proxy/http'
   #
-  #   proxy = Net::SSH::Proxy::HTTP.new('proxy.host', proxy_port)
+  #   proxy = Net::SSH::Proxy::HTTP.new('proxy_host', proxy_port)
   #   Net::SSH.start('host', 'user', :proxy => proxy) do |ssh|
   #     ...
   #   end
@@ -16,7 +16,7 @@ module Net; module SSH; module Proxy
   # If the proxy requires authentication, you can pass :user and :password
   # to the proxy's constructor:
   #
-  #   proxy = Net::SSH::Proxy::HTTP.new('proxy.host', proxy_port,
+  #   proxy = Net::SSH::Proxy::HTTP.new('proxy_host', proxy_port,
   #      :user => "user", :password => "password")
   #
   # Note that HTTP digest authentication is not supported; Basic only at
@@ -48,8 +48,8 @@ module Net; module SSH; module Proxy
 
     # Return a new socket connected to the given host and port via the
     # proxy that was requested when the socket factory was instantiated.
-    def open(host, port, connection_options = nil)
-      socket = TCPSocket.new(proxy_host, proxy_port)
+    def open(host, port, connection_options)
+      socket = establish_connection(connection_options[:timeout])
       socket.write "CONNECT #{host}:#{port} HTTP/1.0\r\n"
 
       if options[:user]
@@ -67,7 +67,12 @@ module Net; module SSH; module Proxy
       raise ConnectError, resp.inspect
     end
 
-    private
+    protected
+
+      def establish_connection(connect_timeout)
+        Socket.tcp(proxy_host, proxy_port, nil, nil,
+                   connect_timeout: connect_timeout)
+      end
 
       def parse_response(socket)
         version, code, reason = socket.gets.chomp.split(/ /, 3)
@@ -82,13 +87,12 @@ module Net; module SSH; module Proxy
           body = socket.read(headers["Content-Length"].to_i)
         end
 
-        return { :version => version,
-                 :code => code.to_i,
-                 :reason => reason,
-                 :headers => headers,
-                 :body => body }
+        return { version: version,
+                 code: code.to_i,
+                 reason: reason,
+                 headers: headers,
+                 body: body }
       end
-
   end
 
 end; end; end

data/lib/net/ssh/proxy/https.rb

@@ -0,0 +1,49 @@
+require 'socket'
+require 'openssl'
+require 'net/ssh/proxy/errors'
+require 'net/ssh/proxy/http'
+
+module Net; module SSH; module Proxy
+
+  # A specialization of the HTTP proxy which encrypts the whole connection
+  # using OpenSSL. This has the advantage that proxy authentication
+  # information is not sent in plaintext.
+  class HTTPS < HTTP
+
+    # Create a new socket factory that tunnels via the given host and
+    # port. The +options+ parameter is a hash of additional settings that
+    # can be used to tweak this proxy connection. In addition to the options
+    # taken by Net::SSH::Proxy::HTTP it supports:
+    #
+    # * :ssl_context => the SSL configuration to use for the connection
+    def initialize(proxy_host, proxy_port=80, options={})
+      @ssl_context = options.delete(:ssl_context) ||
+                       OpenSSL::SSL::SSLContext.new
+      super(proxy_host, proxy_port, options)
+    end
+
+    protected
+
+      # Shim to make OpenSSL::SSL::SSLSocket behave like a regular TCPSocket
+      # for all intents and purposes of Net::SSH::BufferedIo
+      module SSLSocketCompatibility
+        def self.extended(object) #:nodoc:
+          object.define_singleton_method(:recv, object.method(:sysread))
+          object.sync_close = true
+        end
+
+        def send(data, _opts)
+          syswrite(data)
+        end
+      end
+
+      def establish_connection(connect_timeout)
+        plain_socket = super(connect_timeout)
+        OpenSSL::SSL::SSLSocket.new(plain_socket, @ssl_context).tap do |socket|
+          socket.extend(SSLSocketCompatibility)
+          socket.connect
+        end
+      end
+  end
+
+end; end; end

data/lib/net/ssh/proxy/socks4.rb

@@ -48,7 +48,8 @@ module Net
         # Return a new socket connected to the given host and port via the
         # proxy that was requested when the socket factory was instantiated.
         def open(host, port, connection_options)
-          socket = TCPSocket.new(proxy_host, proxy_port)
+          socket = Socket.tcp(proxy_host, proxy_port, nil, nil,
+                              connect_timeout: connection_options[:timeout])
           ip_addr = IPAddr.new(Resolv.getaddress(host))
           
           packet = [VERSION, CONNECT, port.to_i, ip_addr.to_i, options[:user]].pack("CCnNZ*")

data/lib/net/ssh/proxy/socks5.rb

@@ -62,8 +62,9 @@ module Net
 
         # Return a new socket connected to the given host and port via the
         # proxy that was requested when the socket factory was instantiated.
-        def open(host, port, connection_options = nil)
-          socket = TCPSocket.new(proxy_host, proxy_port)
+        def open(host, port, connection_options)
+          socket = Socket.tcp(proxy_host, proxy_port, nil, nil,
+                              connect_timeout: connection_options[:timeout])
 
           methods = [METHOD_NO_AUTH]
           methods << METHOD_PASSWD if options[:user]

data/lib/net/ssh/ruby_compat.rb

@@ -9,11 +9,6 @@ class String
       self[index] = c
     end
   end
-  if RUBY_VERSION < "1.8.7"
-    def bytesize
-      self.size
-    end
-  end
 end
 
 module Net; module SSH
@@ -21,31 +16,9 @@ module Net; module SSH
   # This class contains miscellaneous patches and workarounds
   # for different ruby implementations.
   class Compat
-    
-    # A workaround for an IO#select threading bug in certain versions of MRI 1.8.
-    # See: http://net-ssh.lighthouseapp.com/projects/36253/tickets/1-ioselect-threading-bug-in-ruby-18
-    # The root issue is documented here: http://redmine.ruby-lang.org/issues/show/1993
-    if RUBY_VERSION >= '1.9' || RUBY_PLATFORM == 'java'
-      def self.io_select(*params)
-        IO.select(*params)
-      end
-    else
-      SELECT_MUTEX = Mutex.new
-      def self.io_select(*params)
-        # It should be safe to wrap calls in a mutex when the timeout is 0
-        # (that is, the call is not supposed to block).
-        # We leave blocking calls unprotected to avoid causing deadlocks.
-        # This should still catch the main case for Capistrano users.
-        if params[3] == 0
-          SELECT_MUTEX.synchronize do
-            IO.select(*params)
-          end
-        else
-          IO.select(*params)
-        end
-      end
+    def self.io_select(*params)
+      IO.select(*params)
     end
-    
   end
   
 end; end

data/lib/net/ssh/service/forward.rb

@@ -91,6 +91,7 @@ module Net; module SSH; module Service
 
         channel.on_open_failed do |ch, code, description|
           channel.error { "could not establish direct channel: #{description} (#{code})" }
+          session.stop_listening_to(channel[:socket])
           channel[:socket].close
         end
       end
@@ -273,7 +274,6 @@ module Net; module SSH; module Service
           ch[:socket].enqueue(data)
         end
 
-        # Handles server close on the sending side by Miklós Fazekas
         channel.on_eof do |ch|
           debug { "eof #{type} on #{type} forwarded channel" }
           begin
@@ -357,7 +357,7 @@ module Net; module SSH; module Service
         channel[:invisible] = true
 
         begin
-          agent = Authentication::Agent.connect(logger)
+          agent = Authentication::Agent.connect(logger, session.options[:agent_socket_factory])
           if (agent.socket.is_a? ::IO)
             prepare_client(agent.socket, channel, :agent)
           else

data/lib/net/ssh/test/channel.rb

@@ -98,6 +98,13 @@ module Net; module SSH; module Test
       script.sends_channel_close(self)
     end
 
+    # Scripts the sending of a "request pty" request packet across the channel.
+    #
+    #   channel.sends_request_pty
+    def sends_request_pty
+      script.sends_channel_request_pty(self)
+    end
+
     # Scripts the reception of a channel data packet from the remote end.
     #
     #   channel.gets_data "bar"

data/lib/net/ssh/test/extensions.rb

@@ -113,6 +113,22 @@ module Net; module SSH; module Test
         base.extend(ClassMethods)
       end
 
+      @extension_enabled = false
+
+      def self.with_test_extension(&block)
+        orig_value = @extension_enabled
+        @extension_enabled = true
+        begin
+          yield
+        ensure
+          @extension_enabled = orig_value
+        end
+      end
+
+      def self.extension_enabled?
+        @extension_enabled
+      end
+
       module ClassMethods
         def self.extended(obj) #:nodoc:
           class <<obj
@@ -125,6 +141,7 @@ module Net; module SSH; module Test
         # writers, and errors arrays are either nil, or contain only objects
         # that mix in Net::SSH::Test::Extensions::BufferedIo.
         def select_for_test(readers=nil, writers=nil, errors=nil, wait=nil)
+          return select_for_real(readers, writers, errors, wait) unless Net::SSH::Test::Extensions::IO.extension_enabled?
           ready_readers = Array(readers).select { |r| r.select_for_read? }
           ready_writers = Array(writers).select { |r| r.select_for_write? }
           ready_errors  = Array(errors).select  { |r| r.select_for_error? }