net-ssh 3.2.0 → 7.2.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- checksums.yaml.gz.sig +0 -0
- data/.dockerignore +6 -0
- data/.github/FUNDING.yml +1 -0
- data/.github/config/rubocop_linter_action.yml +4 -0
- data/.github/workflows/ci-with-docker.yml +44 -0
- data/.github/workflows/ci.yml +93 -0
- data/.github/workflows/rubocop.yml +16 -0
- data/.gitignore +13 -0
- data/.rubocop.yml +22 -0
- data/.rubocop_todo.yml +1081 -0
- data/CHANGES.txt +237 -7
- data/DEVELOPMENT.md +23 -0
- data/Dockerfile +27 -0
- data/Dockerfile.openssl3 +17 -0
- data/Gemfile +13 -0
- data/Gemfile.noed25519 +12 -0
- data/Gemfile.norbnacl +12 -0
- data/ISSUE_TEMPLATE.md +30 -0
- data/Manifest +4 -5
- data/README.md +298 -0
- data/Rakefile +125 -74
- data/SECURITY.md +4 -0
- data/appveyor.yml +58 -0
- data/docker-compose.yml +23 -0
- data/lib/net/ssh/authentication/agent.rb +279 -18
- data/lib/net/ssh/authentication/certificate.rb +183 -0
- data/lib/net/ssh/authentication/constants.rb +17 -15
- data/lib/net/ssh/authentication/ed25519.rb +186 -0
- data/lib/net/ssh/authentication/ed25519_loader.rb +31 -0
- data/lib/net/ssh/authentication/key_manager.rb +86 -39
- data/lib/net/ssh/authentication/methods/abstract.rb +67 -48
- data/lib/net/ssh/authentication/methods/hostbased.rb +34 -37
- data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +13 -13
- data/lib/net/ssh/authentication/methods/none.rb +16 -19
- data/lib/net/ssh/authentication/methods/password.rb +27 -17
- data/lib/net/ssh/authentication/methods/publickey.rb +96 -55
- data/lib/net/ssh/authentication/pageant.rb +471 -367
- data/lib/net/ssh/authentication/pub_key_fingerprint.rb +43 -0
- data/lib/net/ssh/authentication/session.rb +131 -121
- data/lib/net/ssh/buffer.rb +399 -300
- data/lib/net/ssh/buffered_io.rb +154 -150
- data/lib/net/ssh/config.rb +308 -185
- data/lib/net/ssh/connection/channel.rb +635 -613
- data/lib/net/ssh/connection/constants.rb +29 -29
- data/lib/net/ssh/connection/event_loop.rb +123 -0
- data/lib/net/ssh/connection/keepalive.rb +55 -51
- data/lib/net/ssh/connection/session.rb +620 -551
- data/lib/net/ssh/connection/term.rb +125 -123
- data/lib/net/ssh/errors.rb +101 -99
- data/lib/net/ssh/key_factory.rb +197 -105
- data/lib/net/ssh/known_hosts.rb +214 -127
- data/lib/net/ssh/loggable.rb +50 -49
- data/lib/net/ssh/packet.rb +83 -79
- data/lib/net/ssh/prompt.rb +50 -81
- data/lib/net/ssh/proxy/command.rb +105 -90
- data/lib/net/ssh/proxy/errors.rb +12 -10
- data/lib/net/ssh/proxy/http.rb +82 -79
- data/lib/net/ssh/proxy/https.rb +50 -0
- data/lib/net/ssh/proxy/jump.rb +54 -0
- data/lib/net/ssh/proxy/socks4.rb +2 -6
- data/lib/net/ssh/proxy/socks5.rb +14 -17
- data/lib/net/ssh/service/forward.rb +370 -317
- data/lib/net/ssh/test/channel.rb +145 -136
- data/lib/net/ssh/test/extensions.rb +131 -110
- data/lib/net/ssh/test/kex.rb +34 -32
- data/lib/net/ssh/test/local_packet.rb +46 -44
- data/lib/net/ssh/test/packet.rb +89 -70
- data/lib/net/ssh/test/remote_packet.rb +32 -30
- data/lib/net/ssh/test/script.rb +156 -142
- data/lib/net/ssh/test/socket.rb +49 -48
- data/lib/net/ssh/test.rb +82 -77
- data/lib/net/ssh/transport/algorithms.rb +462 -359
- data/lib/net/ssh/transport/chacha20_poly1305_cipher.rb +117 -0
- data/lib/net/ssh/transport/chacha20_poly1305_cipher_loader.rb +17 -0
- data/lib/net/ssh/transport/cipher_factory.rb +122 -99
- data/lib/net/ssh/transport/constants.rb +32 -24
- data/lib/net/ssh/transport/ctr.rb +42 -22
- data/lib/net/ssh/transport/hmac/abstract.rb +81 -63
- data/lib/net/ssh/transport/hmac/md5.rb +0 -2
- data/lib/net/ssh/transport/hmac/md5_96.rb +0 -2
- data/lib/net/ssh/transport/hmac/none.rb +0 -2
- data/lib/net/ssh/transport/hmac/ripemd160.rb +0 -2
- data/lib/net/ssh/transport/hmac/sha1.rb +0 -2
- data/lib/net/ssh/transport/hmac/sha1_96.rb +0 -2
- data/lib/net/ssh/transport/hmac/sha2_256.rb +7 -11
- data/lib/net/ssh/transport/hmac/sha2_256_96.rb +4 -8
- data/lib/net/ssh/transport/hmac/sha2_256_etm.rb +12 -0
- data/lib/net/ssh/transport/hmac/sha2_512.rb +6 -9
- data/lib/net/ssh/transport/hmac/sha2_512_96.rb +4 -8
- data/lib/net/ssh/transport/hmac/sha2_512_etm.rb +12 -0
- data/lib/net/ssh/transport/hmac.rb +14 -12
- data/lib/net/ssh/transport/identity_cipher.rb +54 -44
- data/lib/net/ssh/transport/kex/abstract.rb +130 -0
- data/lib/net/ssh/transport/kex/abstract5656.rb +72 -0
- data/lib/net/ssh/transport/kex/curve25519_sha256.rb +39 -0
- data/lib/net/ssh/transport/kex/curve25519_sha256_loader.rb +30 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +33 -40
- data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha256.rb +11 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +119 -213
- data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +53 -61
- data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb +5 -9
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +36 -90
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +18 -10
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +18 -10
- data/lib/net/ssh/transport/kex.rb +15 -12
- data/lib/net/ssh/transport/key_expander.rb +24 -20
- data/lib/net/ssh/transport/openssl.rb +161 -124
- data/lib/net/ssh/transport/openssl_cipher_extensions.rb +8 -0
- data/lib/net/ssh/transport/packet_stream.rb +246 -185
- data/lib/net/ssh/transport/server_version.rb +55 -56
- data/lib/net/ssh/transport/session.rb +306 -255
- data/lib/net/ssh/transport/state.rb +178 -176
- data/lib/net/ssh/verifiers/accept_new.rb +33 -0
- data/lib/net/ssh/verifiers/accept_new_or_local_tunnel.rb +33 -0
- data/lib/net/ssh/verifiers/always.rb +58 -0
- data/lib/net/ssh/verifiers/never.rb +19 -0
- data/lib/net/ssh/version.rb +55 -53
- data/lib/net/ssh.rb +111 -47
- data/net-ssh-public_cert.pem +18 -18
- data/net-ssh.gemspec +38 -205
- data/support/ssh_tunnel_bug.rb +5 -5
- data.tar.gz.sig +0 -0
- metadata +173 -118
- metadata.gz.sig +0 -0
- data/.travis.yml +0 -18
- data/README.rdoc +0 -182
- data/lib/net/ssh/authentication/agent/java_pageant.rb +0 -85
- data/lib/net/ssh/authentication/agent/socket.rb +0 -178
- data/lib/net/ssh/ruby_compat.rb +0 -46
- data/lib/net/ssh/verifiers/lenient.rb +0 -30
- data/lib/net/ssh/verifiers/null.rb +0 -12
- data/lib/net/ssh/verifiers/secure.rb +0 -52
- data/lib/net/ssh/verifiers/strict.rb +0 -24
- data/setup.rb +0 -1585
- data/support/arcfour_check.rb +0 -20
- data/test/README.txt +0 -18
- data/test/authentication/methods/common.rb +0 -28
- data/test/authentication/methods/test_abstract.rb +0 -51
- data/test/authentication/methods/test_hostbased.rb +0 -114
- data/test/authentication/methods/test_keyboard_interactive.rb +0 -121
- data/test/authentication/methods/test_none.rb +0 -41
- data/test/authentication/methods/test_password.rb +0 -95
- data/test/authentication/methods/test_publickey.rb +0 -148
- data/test/authentication/test_agent.rb +0 -232
- data/test/authentication/test_key_manager.rb +0 -240
- data/test/authentication/test_session.rb +0 -107
- data/test/common.rb +0 -125
- data/test/configs/auth_off +0 -5
- data/test/configs/auth_on +0 -4
- data/test/configs/empty +0 -0
- data/test/configs/eqsign +0 -3
- data/test/configs/exact_match +0 -8
- data/test/configs/host_plus +0 -10
- data/test/configs/multihost +0 -4
- data/test/configs/negative_match +0 -6
- data/test/configs/nohost +0 -19
- data/test/configs/numeric_host +0 -4
- data/test/configs/proxy_remote_user +0 -2
- data/test/configs/send_env +0 -2
- data/test/configs/substitutes +0 -8
- data/test/configs/wild_cards +0 -14
- data/test/connection/test_channel.rb +0 -487
- data/test/connection/test_session.rb +0 -564
- data/test/integration/README.txt +0 -17
- data/test/integration/Vagrantfile +0 -12
- data/test/integration/common.rb +0 -63
- data/test/integration/playbook.yml +0 -56
- data/test/integration/test_forward.rb +0 -637
- data/test/integration/test_id_rsa_keys.rb +0 -96
- data/test/integration/test_proxy.rb +0 -93
- data/test/known_hosts/github +0 -1
- data/test/known_hosts/github_hash +0 -1
- data/test/manual/test_pageant.rb +0 -37
- data/test/start/test_connection.rb +0 -53
- data/test/start/test_options.rb +0 -57
- data/test/start/test_transport.rb +0 -28
- data/test/start/test_user_nil.rb +0 -27
- data/test/test_all.rb +0 -12
- data/test/test_buffer.rb +0 -433
- data/test/test_buffered_io.rb +0 -63
- data/test/test_config.rb +0 -268
- data/test/test_key_factory.rb +0 -191
- data/test/test_known_hosts.rb +0 -66
- data/test/transport/hmac/test_md5.rb +0 -41
- data/test/transport/hmac/test_md5_96.rb +0 -27
- data/test/transport/hmac/test_none.rb +0 -34
- data/test/transport/hmac/test_ripemd160.rb +0 -36
- data/test/transport/hmac/test_sha1.rb +0 -36
- data/test/transport/hmac/test_sha1_96.rb +0 -27
- data/test/transport/hmac/test_sha2_256.rb +0 -37
- data/test/transport/hmac/test_sha2_256_96.rb +0 -27
- data/test/transport/hmac/test_sha2_512.rb +0 -37
- data/test/transport/hmac/test_sha2_512_96.rb +0 -27
- data/test/transport/kex/test_diffie_hellman_group14_sha1.rb +0 -13
- data/test/transport/kex/test_diffie_hellman_group1_sha1.rb +0 -150
- data/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb +0 -96
- data/test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb +0 -19
- data/test/transport/kex/test_ecdh_sha2_nistp256.rb +0 -161
- data/test/transport/kex/test_ecdh_sha2_nistp384.rb +0 -38
- data/test/transport/kex/test_ecdh_sha2_nistp521.rb +0 -38
- data/test/transport/test_algorithms.rb +0 -328
- data/test/transport/test_cipher_factory.rb +0 -443
- data/test/transport/test_hmac.rb +0 -34
- data/test/transport/test_identity_cipher.rb +0 -40
- data/test/transport/test_packet_stream.rb +0 -1762
- data/test/transport/test_server_version.rb +0 -74
- data/test/transport/test_session.rb +0 -331
- data/test/transport/test_state.rb +0 -181
- data/test/verifiers/test_secure.rb +0 -40
@@ -1,232 +0,0 @@
|
|
1
|
-
require 'common'
|
2
|
-
require 'net/ssh/authentication/agent'
|
3
|
-
|
4
|
-
module Authentication
|
5
|
-
|
6
|
-
class TestAgent < Test::Unit::TestCase
|
7
|
-
|
8
|
-
SSH2_AGENT_REQUEST_VERSION = 1
|
9
|
-
SSH2_AGENT_REQUEST_IDENTITIES = 11
|
10
|
-
SSH2_AGENT_IDENTITIES_ANSWER = 12
|
11
|
-
SSH2_AGENT_SIGN_REQUEST = 13
|
12
|
-
SSH2_AGENT_SIGN_RESPONSE = 14
|
13
|
-
SSH2_AGENT_FAILURE = 30
|
14
|
-
SSH2_AGENT_VERSION_RESPONSE = 103
|
15
|
-
|
16
|
-
SSH_COM_AGENT2_FAILURE = 102
|
17
|
-
|
18
|
-
SSH_AGENT_REQUEST_RSA_IDENTITIES = 1
|
19
|
-
SSH_AGENT_RSA_IDENTITIES_ANSWER = 2
|
20
|
-
SSH_AGENT_FAILURE = 5
|
21
|
-
|
22
|
-
def setup
|
23
|
-
@original, ENV['SSH_AUTH_SOCK'] = ENV['SSH_AUTH_SOCK'], "/path/to/ssh.agent.sock"
|
24
|
-
end
|
25
|
-
|
26
|
-
def teardown
|
27
|
-
ENV['SSH_AUTH_SOCK'] = @original
|
28
|
-
end
|
29
|
-
|
30
|
-
def test_connect_should_use_agent_factory_to_determine_connection_type
|
31
|
-
factory.expects(:open).with("/path/to/ssh.agent.sock").returns(socket)
|
32
|
-
agent(false).connect!
|
33
|
-
end
|
34
|
-
|
35
|
-
def test_connect_should_use_agent_socket_factory_instead_of_factory
|
36
|
-
assert_equal agent.connect!, socket
|
37
|
-
assert_equal agent.connect!(agent_socket_factory), "/foo/bar.sock"
|
38
|
-
end
|
39
|
-
|
40
|
-
def test_connect_should_raise_error_if_connection_could_not_be_established
|
41
|
-
factory.expects(:open).raises(SocketError)
|
42
|
-
assert_raises(Net::SSH::Authentication::AgentNotAvailable) { agent(false).connect! }
|
43
|
-
end
|
44
|
-
|
45
|
-
def test_negotiate_should_raise_error_if_ssh2_agent_response_recieved
|
46
|
-
socket.expect do |s, type, buffer|
|
47
|
-
assert_equal SSH2_AGENT_REQUEST_VERSION, type
|
48
|
-
assert_equal Net::SSH::Transport::ServerVersion::PROTO_VERSION, buffer.read_string
|
49
|
-
s.return(SSH2_AGENT_VERSION_RESPONSE)
|
50
|
-
end
|
51
|
-
assert_raises(Net::SSH::Authentication::AgentNotAvailable) { agent.negotiate! }
|
52
|
-
end
|
53
|
-
|
54
|
-
def test_negotiate_should_raise_error_if_response_was_unexpected
|
55
|
-
socket.expect do |s, type, buffer|
|
56
|
-
assert_equal SSH2_AGENT_REQUEST_VERSION, type
|
57
|
-
s.return(255)
|
58
|
-
end
|
59
|
-
assert_raises(Net::SSH::Authentication::AgentNotAvailable) { agent.negotiate! }
|
60
|
-
end
|
61
|
-
|
62
|
-
def test_negotiate_should_be_successful_with_expected_response
|
63
|
-
socket.expect do |s, type, buffer|
|
64
|
-
assert_equal SSH2_AGENT_REQUEST_VERSION, type
|
65
|
-
s.return(SSH_AGENT_RSA_IDENTITIES_ANSWER)
|
66
|
-
end
|
67
|
-
assert_nothing_raised { agent(:connect).negotiate! }
|
68
|
-
end
|
69
|
-
|
70
|
-
def test_identities_should_fail_if_SSH_AGENT_FAILURE_recieved
|
71
|
-
socket.expect do |s, type, buffer|
|
72
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
73
|
-
s.return(SSH_AGENT_FAILURE)
|
74
|
-
end
|
75
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
|
76
|
-
end
|
77
|
-
|
78
|
-
def test_identities_should_fail_if_SSH2_AGENT_FAILURE_recieved
|
79
|
-
socket.expect do |s, type, buffer|
|
80
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
81
|
-
s.return(SSH2_AGENT_FAILURE)
|
82
|
-
end
|
83
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
|
84
|
-
end
|
85
|
-
|
86
|
-
def test_identities_should_fail_if_SSH_COM_AGENT2_FAILURE_recieved
|
87
|
-
socket.expect do |s, type, buffer|
|
88
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
89
|
-
s.return(SSH_COM_AGENT2_FAILURE)
|
90
|
-
end
|
91
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
|
92
|
-
end
|
93
|
-
|
94
|
-
def test_identities_should_fail_if_response_is_not_SSH2_AGENT_IDENTITIES_ANSWER
|
95
|
-
socket.expect do |s, type, buffer|
|
96
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
97
|
-
s.return(255)
|
98
|
-
end
|
99
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
|
100
|
-
end
|
101
|
-
|
102
|
-
def test_identities_should_augment_identities_with_comment_field
|
103
|
-
key1 = key
|
104
|
-
key2 = OpenSSL::PKey::DSA.new(512)
|
105
|
-
|
106
|
-
socket.expect do |s, type, buffer|
|
107
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
108
|
-
s.return(SSH2_AGENT_IDENTITIES_ANSWER, :long, 2, :string, Net::SSH::Buffer.from(:key, key1), :string, "My favorite key", :string, Net::SSH::Buffer.from(:key, key2), :string, "Okay, but not the best")
|
109
|
-
end
|
110
|
-
|
111
|
-
result = agent.identities
|
112
|
-
assert_equal key1.to_blob, result.first.to_blob
|
113
|
-
assert_equal key2.to_blob, result.last.to_blob
|
114
|
-
assert_equal "My favorite key", result.first.comment
|
115
|
-
assert_equal "Okay, but not the best", result.last.comment
|
116
|
-
end
|
117
|
-
|
118
|
-
def test_identities_should_ignore_unimplemented_ones
|
119
|
-
key1 = key
|
120
|
-
key2 = OpenSSL::PKey::DSA.new(512)
|
121
|
-
key2.to_blob[0..5]='badkey'
|
122
|
-
key3 = OpenSSL::PKey::DSA.new(512)
|
123
|
-
|
124
|
-
socket.expect do |s, type, buffer|
|
125
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
126
|
-
s.return(SSH2_AGENT_IDENTITIES_ANSWER, :long, 3, :string, Net::SSH::Buffer.from(:key, key1), :string, "My favorite key", :string, Net::SSH::Buffer.from(:key, key2), :string, "bad", :string, Net::SSH::Buffer.from(:key, key3), :string, "Okay, but not the best")
|
127
|
-
end
|
128
|
-
|
129
|
-
result = agent.identities
|
130
|
-
assert_equal 2,result.size
|
131
|
-
assert_equal key1.to_blob, result.first.to_blob
|
132
|
-
assert_equal key3.to_blob, result.last.to_blob
|
133
|
-
assert_equal "My favorite key", result.first.comment
|
134
|
-
assert_equal "Okay, but not the best", result.last.comment
|
135
|
-
end
|
136
|
-
|
137
|
-
def test_close_should_close_socket
|
138
|
-
socket.expects(:close)
|
139
|
-
agent.close
|
140
|
-
end
|
141
|
-
|
142
|
-
def test_sign_should_fail_if_response_is_SSH_AGENT_FAILURE
|
143
|
-
socket.expect { |s,| s.return(SSH_AGENT_FAILURE) }
|
144
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
|
145
|
-
end
|
146
|
-
|
147
|
-
def test_sign_should_fail_if_response_is_SSH2_AGENT_FAILURE
|
148
|
-
socket.expect { |s,| s.return(SSH2_AGENT_FAILURE) }
|
149
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
|
150
|
-
end
|
151
|
-
|
152
|
-
def test_sign_should_fail_if_response_is_SSH_COM_AGENT2_FAILURE
|
153
|
-
socket.expect { |s,| s.return(SSH_COM_AGENT2_FAILURE) }
|
154
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
|
155
|
-
end
|
156
|
-
|
157
|
-
def test_sign_should_fail_if_response_is_not_SSH2_AGENT_SIGN_RESPONSE
|
158
|
-
socket.expect { |s,| s.return(255) }
|
159
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
|
160
|
-
end
|
161
|
-
|
162
|
-
def test_sign_should_return_signed_data_from_agent
|
163
|
-
socket.expect do |s,type,buffer|
|
164
|
-
assert_equal SSH2_AGENT_SIGN_REQUEST, type
|
165
|
-
assert_equal key.to_blob, Net::SSH::Buffer.new(buffer.read_string).read_key.to_blob
|
166
|
-
assert_equal "hello world", buffer.read_string
|
167
|
-
assert_equal 0, buffer.read_long
|
168
|
-
|
169
|
-
s.return(SSH2_AGENT_SIGN_RESPONSE, :string, "abcxyz123")
|
170
|
-
end
|
171
|
-
|
172
|
-
assert_equal "abcxyz123", agent.sign(key, "hello world")
|
173
|
-
end
|
174
|
-
|
175
|
-
private
|
176
|
-
|
177
|
-
class MockSocket
|
178
|
-
def initialize
|
179
|
-
@expectation = nil
|
180
|
-
@buffer = Net::SSH::Buffer.new
|
181
|
-
end
|
182
|
-
|
183
|
-
def expect(&block)
|
184
|
-
@expectation = block
|
185
|
-
end
|
186
|
-
|
187
|
-
def return(type, *args)
|
188
|
-
data = Net::SSH::Buffer.from(*args)
|
189
|
-
@buffer.append([data.length+1, type, data.to_s].pack("NCA*"))
|
190
|
-
end
|
191
|
-
|
192
|
-
def send(data, flags)
|
193
|
-
raise "got #{data.inspect} but no packet was expected" unless @expectation
|
194
|
-
buffer = Net::SSH::Buffer.new(data)
|
195
|
-
buffer.read_long # skip the length
|
196
|
-
type = buffer.read_byte
|
197
|
-
@expectation.call(self, type, buffer)
|
198
|
-
@expectation = nil
|
199
|
-
end
|
200
|
-
|
201
|
-
def read(length)
|
202
|
-
@buffer.read(length)
|
203
|
-
end
|
204
|
-
end
|
205
|
-
|
206
|
-
def key
|
207
|
-
@key ||= OpenSSL::PKey::RSA.new(512)
|
208
|
-
end
|
209
|
-
|
210
|
-
def socket
|
211
|
-
@socket ||= MockSocket.new
|
212
|
-
end
|
213
|
-
|
214
|
-
def factory
|
215
|
-
@factory ||= stub("socket factory", :open => socket)
|
216
|
-
end
|
217
|
-
|
218
|
-
def agent(auto=:connect)
|
219
|
-
@agent ||= begin
|
220
|
-
agent = Net::SSH::Authentication::Agent.new
|
221
|
-
agent.stubs(:socket_class).returns(factory)
|
222
|
-
agent.connect! if auto == :connect
|
223
|
-
agent
|
224
|
-
end
|
225
|
-
end
|
226
|
-
|
227
|
-
def agent_socket_factory
|
228
|
-
@agent_socket_factory ||= ->{"/foo/bar.sock"}
|
229
|
-
end
|
230
|
-
end
|
231
|
-
|
232
|
-
end
|
@@ -1,240 +0,0 @@
|
|
1
|
-
require 'common'
|
2
|
-
require 'net/ssh/authentication/key_manager'
|
3
|
-
|
4
|
-
module Authentication
|
5
|
-
|
6
|
-
class TestKeyManager < Test::Unit::TestCase
|
7
|
-
def test_key_files_and_known_identities_are_empty_by_default
|
8
|
-
assert manager.key_files.empty?
|
9
|
-
assert manager.known_identities.empty?
|
10
|
-
end
|
11
|
-
|
12
|
-
def test_assume_agent_is_available_by_default
|
13
|
-
assert manager.use_agent?
|
14
|
-
end
|
15
|
-
|
16
|
-
def test_add_ensures_list_is_unique
|
17
|
-
manager.add "/first"
|
18
|
-
manager.add "/second"
|
19
|
-
manager.add "/third"
|
20
|
-
manager.add "/second"
|
21
|
-
assert_equal 3, manager.key_files.length
|
22
|
-
final_files = manager.key_files.map {|item| item.split('/').last}
|
23
|
-
assert_equal %w(first second third), final_files
|
24
|
-
end
|
25
|
-
|
26
|
-
def test_use_agent_should_be_set_to_false_if_agent_could_not_be_found
|
27
|
-
Net::SSH::Authentication::Agent.expects(:connect).raises(Net::SSH::Authentication::AgentNotAvailable)
|
28
|
-
assert manager.use_agent?
|
29
|
-
assert_nil manager.agent
|
30
|
-
assert !manager.use_agent?
|
31
|
-
end
|
32
|
-
|
33
|
-
def test_agent_should_be_used_by_default
|
34
|
-
assert manager().use_agent?
|
35
|
-
end
|
36
|
-
|
37
|
-
def test_agent_should_not_be_used_with_no_agent
|
38
|
-
assert !manager(:use_agent => false).use_agent?
|
39
|
-
end
|
40
|
-
|
41
|
-
def test_each_identity_should_load_from_key_files
|
42
|
-
manager.stubs(:agent).returns(nil)
|
43
|
-
first = File.expand_path("/first")
|
44
|
-
second = File.expand_path("/second")
|
45
|
-
stub_file_private_key first, rsa
|
46
|
-
stub_file_private_key second, dsa
|
47
|
-
|
48
|
-
identities = []
|
49
|
-
manager.each_identity { |identity| identities << identity }
|
50
|
-
|
51
|
-
assert_equal 2, identities.length
|
52
|
-
assert_equal rsa.to_blob, identities.first.to_blob
|
53
|
-
assert_equal dsa.to_blob, identities.last.to_blob
|
54
|
-
|
55
|
-
assert_equal({:from => :file, :file => first, :key => rsa}, manager.known_identities[rsa])
|
56
|
-
assert_equal({:from => :file, :file => second, :key => dsa}, manager.known_identities[dsa])
|
57
|
-
end
|
58
|
-
|
59
|
-
def test_each_identity_should_not_prompt_for_passphrase_in_non_interactive_mode
|
60
|
-
manager(:non_interactive => true).stubs(:agent).returns(nil)
|
61
|
-
first = File.expand_path("/first")
|
62
|
-
stub_file_private_key first, rsa, :passphrase => :should_not_be_asked
|
63
|
-
identities = []
|
64
|
-
manager.each_identity { |identity| identities << identity }
|
65
|
-
assert_equal(identities, [])
|
66
|
-
end
|
67
|
-
|
68
|
-
def test_identities_should_load_from_agent
|
69
|
-
manager.stubs(:agent).returns(agent)
|
70
|
-
|
71
|
-
identities = []
|
72
|
-
manager.each_identity { |identity| identities << identity }
|
73
|
-
|
74
|
-
assert_equal 2, identities.length
|
75
|
-
assert_equal rsa.to_blob, identities.first.to_blob
|
76
|
-
assert_equal dsa.to_blob, identities.last.to_blob
|
77
|
-
|
78
|
-
assert_equal({:from => :agent}, manager.known_identities[rsa])
|
79
|
-
assert_equal({:from => :agent}, manager.known_identities[dsa])
|
80
|
-
end
|
81
|
-
|
82
|
-
if defined?(OpenSSL::PKey::EC)
|
83
|
-
def test_identities_with_ecdsa_should_load_from_agent
|
84
|
-
manager.stubs(:agent).returns(agent_with_ecdsa_keys)
|
85
|
-
|
86
|
-
identities = []
|
87
|
-
manager.each_identity { |identity| identities << identity }
|
88
|
-
assert_equal 5, identities.length
|
89
|
-
|
90
|
-
assert_equal rsa.to_blob, identities[0].to_blob
|
91
|
-
assert_equal dsa.to_blob, identities[1].to_blob
|
92
|
-
assert_equal ecdsa_sha2_nistp256.to_blob, identities[2].to_blob
|
93
|
-
assert_equal ecdsa_sha2_nistp384.to_blob, identities[3].to_blob
|
94
|
-
assert_equal ecdsa_sha2_nistp521.to_blob, identities[4].to_blob
|
95
|
-
|
96
|
-
assert_equal({:from => :agent}, manager.known_identities[rsa])
|
97
|
-
assert_equal({:from => :agent}, manager.known_identities[dsa])
|
98
|
-
assert_equal({:from => :agent}, manager.known_identities[ecdsa_sha2_nistp256])
|
99
|
-
assert_equal({:from => :agent}, manager.known_identities[ecdsa_sha2_nistp384])
|
100
|
-
assert_equal({:from => :agent}, manager.known_identities[ecdsa_sha2_nistp521])
|
101
|
-
end
|
102
|
-
end
|
103
|
-
|
104
|
-
def test_only_identities_with_key_files_should_load_from_agent_of_keys_only_set
|
105
|
-
manager(:keys_only => true).stubs(:agent).returns(agent)
|
106
|
-
|
107
|
-
first = File.expand_path("/first")
|
108
|
-
stub_file_private_key first, rsa
|
109
|
-
|
110
|
-
identities = []
|
111
|
-
manager.each_identity { |identity| identities << identity }
|
112
|
-
|
113
|
-
assert_equal 1, identities.length
|
114
|
-
assert_equal rsa.to_blob, identities.first.to_blob
|
115
|
-
|
116
|
-
assert_equal({:from => :agent}, manager.known_identities[rsa])
|
117
|
-
assert manager.use_agent?
|
118
|
-
end
|
119
|
-
|
120
|
-
def test_identities_without_public_key_files_should_not_be_touched_if_identity_loaded_from_agent
|
121
|
-
manager.stubs(:agent).returns(agent)
|
122
|
-
|
123
|
-
first = File.expand_path("/first")
|
124
|
-
stub_file_public_key first, rsa
|
125
|
-
second = File.expand_path("/second")
|
126
|
-
stub_file_private_key second, dsa, :passphrase => :should_not_be_asked
|
127
|
-
|
128
|
-
identities = []
|
129
|
-
manager.each_identity do |identity|
|
130
|
-
identities << identity
|
131
|
-
break if manager.known_identities[identity][:from] == :agent
|
132
|
-
end
|
133
|
-
|
134
|
-
assert_equal 1, identities.length
|
135
|
-
assert_equal rsa.to_blob, identities.first.to_blob
|
136
|
-
end
|
137
|
-
|
138
|
-
def test_sign_with_agent_originated_key_should_request_signature_from_agent
|
139
|
-
manager.stubs(:agent).returns(agent)
|
140
|
-
manager.each_identity { |identity| } # preload the known_identities
|
141
|
-
agent.expects(:sign).with(rsa, "hello, world").returns("abcxyz123")
|
142
|
-
assert_equal "abcxyz123", manager.sign(rsa, "hello, world")
|
143
|
-
end
|
144
|
-
|
145
|
-
def test_sign_with_file_originated_key_should_load_private_key_and_sign_with_it
|
146
|
-
manager.stubs(:agent).returns(nil)
|
147
|
-
first = File.expand_path("/first")
|
148
|
-
stub_file_private_key first, rsa(512)
|
149
|
-
rsa.expects(:ssh_do_sign).with("hello, world").returns("abcxyz123")
|
150
|
-
manager.each_identity { |identity| } # preload the known_identities
|
151
|
-
assert_equal "\0\0\0\assh-rsa\0\0\0\011abcxyz123", manager.sign(rsa, "hello, world")
|
152
|
-
end
|
153
|
-
|
154
|
-
def test_sign_with_file_originated_key_should_raise_key_manager_error_if_unloadable
|
155
|
-
manager.known_identities[rsa] = { :from => :file, :file => "/first" }
|
156
|
-
|
157
|
-
Net::SSH::KeyFactory.expects(:load_private_key).raises(OpenSSL::PKey::RSAError)
|
158
|
-
|
159
|
-
assert_raises Net::SSH::Authentication::KeyManagerError do
|
160
|
-
manager.sign(rsa, "hello, world")
|
161
|
-
end
|
162
|
-
end
|
163
|
-
|
164
|
-
private
|
165
|
-
|
166
|
-
def stub_file_private_key(name, key, options = {})
|
167
|
-
manager.add(name)
|
168
|
-
File.stubs(:file?).with(name).returns(true)
|
169
|
-
File.stubs(:readable?).with(name).returns(true)
|
170
|
-
File.stubs(:file?).with(name + ".pub").returns(true)
|
171
|
-
File.stubs(:readable?).with(name + ".pub").returns(false)
|
172
|
-
|
173
|
-
case options.fetch(:passphrase, :indifferently)
|
174
|
-
when :should_be_asked
|
175
|
-
Net::SSH::KeyFactory.expects(:load_private_key).with(name, nil, false).raises(OpenSSL::PKey::RSAError).at_least_once
|
176
|
-
Net::SSH::KeyFactory.expects(:load_private_key).with(name, nil, true).returns(key).at_least_once
|
177
|
-
when :should_not_be_asked
|
178
|
-
Net::SSH::KeyFactory.expects(:load_private_key).with(name, nil, false).raises(OpenSSL::PKey::RSAError).at_least_once
|
179
|
-
Net::SSH::KeyFactory.expects(:load_private_key).with(name, nil, true).never
|
180
|
-
else # :indifferently
|
181
|
-
Net::SSH::KeyFactory.expects(:load_private_key).with(name, nil, any_of(true, false)).returns(key).at_least_once
|
182
|
-
end
|
183
|
-
|
184
|
-
# do not override OpenSSL::PKey::EC#public_key
|
185
|
-
# (it will be called in transport/openssl.rb.)
|
186
|
-
unless defined?(OpenSSL::PKey::EC) && key.public_key.kind_of?(OpenSSL::PKey::EC::Point)
|
187
|
-
key.stubs(:public_key).returns(key)
|
188
|
-
end
|
189
|
-
end
|
190
|
-
|
191
|
-
def stub_file_public_key(name, key)
|
192
|
-
manager.add(name)
|
193
|
-
File.stubs(:file?).with(name).returns(true)
|
194
|
-
File.stubs(:readable?).with(name).returns(true)
|
195
|
-
File.stubs(:file?).with(name + ".pub").returns(true)
|
196
|
-
File.stubs(:readable?).with(name + ".pub").returns(true)
|
197
|
-
|
198
|
-
Net::SSH::KeyFactory.expects(:load_public_key).with(name + ".pub").returns(key).at_least_once
|
199
|
-
end
|
200
|
-
|
201
|
-
def rsa(size=512)
|
202
|
-
@rsa ||= OpenSSL::PKey::RSA.new(size)
|
203
|
-
end
|
204
|
-
|
205
|
-
def dsa
|
206
|
-
@dsa ||= OpenSSL::PKey::DSA.new(512)
|
207
|
-
end
|
208
|
-
|
209
|
-
if defined?(OpenSSL::PKey::EC)
|
210
|
-
def ecdsa_sha2_nistp256
|
211
|
-
@ecdsa_sha2_nistp256 ||= OpenSSL::PKey::EC.new("prime256v1").generate_key
|
212
|
-
end
|
213
|
-
|
214
|
-
def ecdsa_sha2_nistp384
|
215
|
-
@ecdsa_sha2_nistp384 ||= OpenSSL::PKey::EC.new("secp384r1").generate_key
|
216
|
-
end
|
217
|
-
|
218
|
-
def ecdsa_sha2_nistp521
|
219
|
-
@ecdsa_sha2_nistp521 ||= OpenSSL::PKey::EC.new("secp521r1").generate_key
|
220
|
-
end
|
221
|
-
end
|
222
|
-
|
223
|
-
def agent
|
224
|
-
@agent ||= stub("agent", :identities => [rsa, dsa])
|
225
|
-
end
|
226
|
-
|
227
|
-
def agent_with_ecdsa_keys
|
228
|
-
@agent ||= stub("agent", :identities => [rsa, dsa,
|
229
|
-
ecdsa_sha2_nistp256,
|
230
|
-
ecdsa_sha2_nistp384,
|
231
|
-
ecdsa_sha2_nistp521])
|
232
|
-
end
|
233
|
-
|
234
|
-
def manager(options = {})
|
235
|
-
@manager ||= Net::SSH::Authentication::KeyManager.new(nil, options)
|
236
|
-
end
|
237
|
-
|
238
|
-
end
|
239
|
-
|
240
|
-
end
|
@@ -1,107 +0,0 @@
|
|
1
|
-
require 'common'
|
2
|
-
require 'net/ssh/authentication/session'
|
3
|
-
|
4
|
-
module Authentication
|
5
|
-
|
6
|
-
class TestSession < Test::Unit::TestCase
|
7
|
-
include Net::SSH::Transport::Constants
|
8
|
-
include Net::SSH::Authentication::Constants
|
9
|
-
|
10
|
-
def test_constructor_should_set_defaults
|
11
|
-
assert_equal %w(none publickey password keyboard-interactive), session.auth_methods
|
12
|
-
assert_equal session.auth_methods, session.allowed_auth_methods
|
13
|
-
end
|
14
|
-
|
15
|
-
def test_authenticate_should_continue_if_method_disallowed
|
16
|
-
transport.expect do |t, packet|
|
17
|
-
assert_equal SERVICE_REQUEST, packet.type
|
18
|
-
assert_equal "ssh-userauth", packet.read_string
|
19
|
-
t.return(SERVICE_ACCEPT)
|
20
|
-
end
|
21
|
-
|
22
|
-
Net::SSH::Authentication::Methods::Publickey.any_instance.expects(:authenticate).with("next service", "username", "password").raises(Net::SSH::Authentication::DisallowedMethod)
|
23
|
-
Net::SSH::Authentication::Methods::Password.any_instance.expects(:authenticate).with("next service", "username", "password").returns(true)
|
24
|
-
Net::SSH::Authentication::Methods::None.any_instance.expects(:authenticate).with("next service", "username", "password").returns(false)
|
25
|
-
|
26
|
-
assert session.authenticate("next service", "username", "password")
|
27
|
-
end
|
28
|
-
|
29
|
-
def test_authenticate_should_raise_error_if_service_request_fails
|
30
|
-
transport.expect do |t, packet|
|
31
|
-
assert_equal SERVICE_REQUEST, packet.type
|
32
|
-
assert_equal "ssh-userauth", packet.read_string
|
33
|
-
t.return(255)
|
34
|
-
end
|
35
|
-
|
36
|
-
assert_raises(Net::SSH::Exception) { session.authenticate("next service", "username", "password") }
|
37
|
-
end
|
38
|
-
|
39
|
-
def test_authenticate_should_return_false_if_all_auth_methods_fail
|
40
|
-
transport.expect do |t, packet|
|
41
|
-
assert_equal SERVICE_REQUEST, packet.type
|
42
|
-
assert_equal "ssh-userauth", packet.read_string
|
43
|
-
t.return(SERVICE_ACCEPT)
|
44
|
-
end
|
45
|
-
|
46
|
-
Net::SSH::Authentication::Methods::Publickey.any_instance.expects(:authenticate).with("next service", "username", "password").returns(false)
|
47
|
-
Net::SSH::Authentication::Methods::Password.any_instance.expects(:authenticate).with("next service", "username", "password").returns(false)
|
48
|
-
Net::SSH::Authentication::Methods::KeyboardInteractive.any_instance.expects(:authenticate).with("next service", "username", "password").returns(false)
|
49
|
-
Net::SSH::Authentication::Methods::None.any_instance.expects(:authenticate).with("next service", "username", "password").returns(false)
|
50
|
-
|
51
|
-
assert_equal false, session.authenticate("next service", "username", "password")
|
52
|
-
end
|
53
|
-
|
54
|
-
def test_next_message_should_silently_handle_USERAUTH_BANNER_packets
|
55
|
-
transport.return(USERAUTH_BANNER, :string, "Howdy, folks!")
|
56
|
-
transport.return(SERVICE_ACCEPT)
|
57
|
-
assert_equal SERVICE_ACCEPT, session.next_message.type
|
58
|
-
end
|
59
|
-
|
60
|
-
def test_next_message_should_understand_USERAUTH_FAILURE
|
61
|
-
transport.return(USERAUTH_FAILURE, :string, "a,b,c", :bool, false)
|
62
|
-
packet = session.next_message
|
63
|
-
assert_equal USERAUTH_FAILURE, packet.type
|
64
|
-
assert_equal %w(a b c), session.allowed_auth_methods
|
65
|
-
end
|
66
|
-
|
67
|
-
(60..79).each do |type|
|
68
|
-
define_method("test_next_message_should_return_packets_of_type_#{type}") do
|
69
|
-
transport.return(type)
|
70
|
-
assert_equal type, session.next_message.type
|
71
|
-
end
|
72
|
-
end
|
73
|
-
|
74
|
-
def test_next_message_should_understand_USERAUTH_SUCCESS
|
75
|
-
transport.return(USERAUTH_SUCCESS)
|
76
|
-
assert !transport.hints[:authenticated]
|
77
|
-
assert_equal USERAUTH_SUCCESS, session.next_message.type
|
78
|
-
assert transport.hints[:authenticated]
|
79
|
-
end
|
80
|
-
|
81
|
-
def test_next_message_should_raise_error_on_unrecognized_packet_types
|
82
|
-
transport.return(1)
|
83
|
-
assert_raises(Net::SSH::Exception) { session.next_message }
|
84
|
-
end
|
85
|
-
|
86
|
-
def test_expect_message_should_raise_exception_if_next_packet_is_not_expected_type
|
87
|
-
transport.return(SERVICE_ACCEPT)
|
88
|
-
assert_raises(Net::SSH::Exception) { session.expect_message(USERAUTH_BANNER) }
|
89
|
-
end
|
90
|
-
|
91
|
-
def test_expect_message_should_return_packet_if_next_packet_is_expected_type
|
92
|
-
transport.return(SERVICE_ACCEPT)
|
93
|
-
assert_equal SERVICE_ACCEPT, session.expect_message(SERVICE_ACCEPT).type
|
94
|
-
end
|
95
|
-
|
96
|
-
private
|
97
|
-
|
98
|
-
def session(options={})
|
99
|
-
@session ||= Net::SSH::Authentication::Session.new(transport(options), options)
|
100
|
-
end
|
101
|
-
|
102
|
-
def transport(options={})
|
103
|
-
@transport ||= MockTransport.new(options)
|
104
|
-
end
|
105
|
-
end
|
106
|
-
|
107
|
-
end
|
data/test/common.rb
DELETED
@@ -1,125 +0,0 @@
|
|
1
|
-
$LOAD_PATH.unshift "#{File.dirname(__FILE__)}/../lib"
|
2
|
-
gem "test-unit" # http://rubyforge.org/pipermail/test-unit-tracker/2009-July/000075.html
|
3
|
-
gem 'mocha'
|
4
|
-
require 'test/unit'
|
5
|
-
require 'mocha/setup'
|
6
|
-
require 'net/ssh/buffer'
|
7
|
-
require 'net/ssh/config'
|
8
|
-
require 'net/ssh/loggable'
|
9
|
-
require 'net/ssh/packet'
|
10
|
-
require 'net/ssh/transport/session'
|
11
|
-
require 'ostruct'
|
12
|
-
|
13
|
-
# clear the default files out so that tests don't get confused by existing
|
14
|
-
# SSH config files.
|
15
|
-
$original_config_default_files = Net::SSH::Config.default_files.dup
|
16
|
-
Net::SSH::Config.default_files.clear
|
17
|
-
|
18
|
-
def with_restored_default_files(&block)
|
19
|
-
act_default_files = Net::SSH::Config.default_files.dup
|
20
|
-
begin
|
21
|
-
Net::SSH::Config.default_files.clear
|
22
|
-
Net::SSH::Config.default_files.concat($_original_config_default_files) # rubocop:disable Style/GlobalVars
|
23
|
-
yield
|
24
|
-
ensure
|
25
|
-
Net::SSH::Config.default_files.clear
|
26
|
-
Net::SSH::Config.default_files.concat(act_default_files)
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
def P(*args)
|
31
|
-
Net::SSH::Packet.new(Net::SSH::Buffer.from(*args))
|
32
|
-
end
|
33
|
-
|
34
|
-
class MockTransport < Net::SSH::Transport::Session
|
35
|
-
class BlockVerifier
|
36
|
-
def initialize(block)
|
37
|
-
@block = block
|
38
|
-
end
|
39
|
-
|
40
|
-
def verify(data)
|
41
|
-
@block.call(data)
|
42
|
-
end
|
43
|
-
end
|
44
|
-
|
45
|
-
attr_reader :host_key_verifier
|
46
|
-
attr_accessor :host_as_string
|
47
|
-
attr_accessor :server_version
|
48
|
-
|
49
|
-
attr_reader :client_options
|
50
|
-
attr_reader :server_options
|
51
|
-
attr_reader :hints, :queue
|
52
|
-
|
53
|
-
attr_accessor :mock_enqueue
|
54
|
-
|
55
|
-
def initialize(options={})
|
56
|
-
@options = options
|
57
|
-
self.logger = options[:logger]
|
58
|
-
self.host_as_string = "net.ssh.test,127.0.0.1"
|
59
|
-
self.server_version = OpenStruct.new(:version => "SSH-2.0-Ruby/Net::SSH::Test")
|
60
|
-
@expectation = nil
|
61
|
-
@queue = []
|
62
|
-
@hints = {}
|
63
|
-
@socket = options[:socket]
|
64
|
-
@algorithms = OpenStruct.new(:session_id => "abcxyz123")
|
65
|
-
verifier { |data| true }
|
66
|
-
end
|
67
|
-
|
68
|
-
def send_message(message)
|
69
|
-
buffer = Net::SSH::Buffer.new(message.to_s)
|
70
|
-
if @expectation.nil?
|
71
|
-
raise "got #{message.to_s.inspect} but was not expecting anything"
|
72
|
-
else
|
73
|
-
block, @expectation = @expectation, nil
|
74
|
-
block.call(self, Net::SSH::Packet.new(buffer))
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
def enqueue_message(message)
|
79
|
-
if mock_enqueue
|
80
|
-
send_message(message)
|
81
|
-
else
|
82
|
-
super
|
83
|
-
end
|
84
|
-
end
|
85
|
-
|
86
|
-
def closed?
|
87
|
-
false
|
88
|
-
end
|
89
|
-
|
90
|
-
def poll_message
|
91
|
-
@queue.shift
|
92
|
-
end
|
93
|
-
|
94
|
-
def next_message
|
95
|
-
@queue.shift or raise "expected a message from the server but nothing was ready to send"
|
96
|
-
end
|
97
|
-
|
98
|
-
def return(type, *args)
|
99
|
-
@queue << P(:byte, type, *args)
|
100
|
-
end
|
101
|
-
|
102
|
-
def expect(&block)
|
103
|
-
@expectation = block
|
104
|
-
end
|
105
|
-
|
106
|
-
def expect!
|
107
|
-
expect {}
|
108
|
-
end
|
109
|
-
|
110
|
-
def verifier(&block)
|
111
|
-
@host_key_verifier = BlockVerifier.new(block)
|
112
|
-
end
|
113
|
-
|
114
|
-
def configure_client(options)
|
115
|
-
@client_options = options
|
116
|
-
end
|
117
|
-
|
118
|
-
def configure_server(options)
|
119
|
-
@server_options = options
|
120
|
-
end
|
121
|
-
|
122
|
-
def hint(name, value=true)
|
123
|
-
@hints[name] = value
|
124
|
-
end
|
125
|
-
end
|