net-ssh 4.0.0.alpha3 → 4.0.0.alpha4

data/lib/net/ssh/authentication/session.rb

@@ -70,7 +70,8 @@ module Net; module SSH; module Authentication
 
           debug { "trying #{name}" }
           begin
-            method = Methods.const_get(name.split(/\W+/).map { |p| p.capitalize }.join).new(self, :key_manager => key_manager)
+            auth_class = Methods.const_get(name.split(/\W+/).map { |p| p.capitalize }.join)
+            method = auth_class.new(self, key_manager: key_manager, password_prompt: options[:password_prompt])
           rescue NameError
             debug{"Mechanism #{name} was requested, but isn't a known type.  Ignoring it."}
             next

data/lib/net/ssh/config.rb

@@ -59,7 +59,7 @@ module Net; module SSH
       # given +files+ (defaulting to the list of files returned by
       # #default_files), translates the resulting hash into the options
       # recognized by Net::SSH, and returns them.
-      def for(host, files=default_files)
+      def for(host, files=expandable_default_files)
         translate(files.inject({}) { |settings, file|
           load(file, host, settings)
         })
@@ -239,6 +239,17 @@ module Net; module SSH
 
       private
 
+        def expandable_default_files
+          default_files.keep_if do |path|
+            begin
+              File.expand_path(path)
+              true
+            rescue ArgumentError
+              false
+            end
+          end
+        end
+
         # Converts an ssh_config pattern into a regex for matching against
         # host names.
         def pattern2regex(pattern)

data/lib/net/ssh/connection/event_loop.rb

@@ -0,0 +1,110 @@
+require 'net/ssh/loggable'
+require 'net/ssh/ruby_compat'
+
+module Net; module SSH; module Connection
+  # EventLoop can be shared across multiple sessions
+  #
+  # one issue is with blocks passed to loop, etc.
+  # they should get current session as parameter, but in
+  # case you're using multiple sessions in an event loop it doesnt makes sense
+  # and we don't pass session.
+  class EventLoop
+    include Loggable
+
+    def initialize(logger=nil)
+      self.logger = logger
+      @sessions = []
+    end
+
+    def register(session)
+      @sessions << session
+    end
+
+    # process until timeout
+    # if a block is given a session will be removed from loop
+    # if block returns false for that session
+    def process(wait = nil, &block)
+      return false unless ev_preprocess(&block)
+
+      ev_select_and_postprocess(wait)
+    end
+
+    # process the event loop but only for the sepcified session
+    def process_only(session, wait = nil)
+      orig_sessions = @sessions
+      begin
+        @sessions = [session]
+        return false unless ev_preprocess
+        ev_select_and_postprocess(wait)
+      ensure
+        @sessions = orig_sessions
+      end
+    end
+
+    # Call preprocess on each session. If block given and that
+    # block retuns false then we exit the processing
+    def ev_preprocess(&block)
+      return false if block_given? && !yield(self)
+      @sessions.each(&:ev_preprocess)
+      return false if block_given? && !yield(self)
+      return true
+    end
+
+    def ev_select_and_postprocess(wait)
+      owners = {}
+      r = []
+      w = []
+      minwait = nil
+      @sessions.each do |session|
+        sr,sw,actwait = session.ev_do_calculate_rw_wait(wait)
+        minwait = actwait if actwait && (minwait.nil? || actwait < minwait)
+        r.push(*sr)
+        w.push(*sw)
+        sr.each { |ri| owners[ri] = session }
+        sw.each { |wi| owners[wi] = session }
+      end
+
+      readers, writers, = Net::SSH::Compat.io_select(r, w, nil, minwait)
+
+      fired_sessions = {}
+
+      readers.each do |reader|
+        session = owners[reader]
+        (fired_sessions[session] ||= {r: [],w: []})[:r] << reader
+      end if readers
+      writers.each do |writer|
+        session = owners[writer]
+        (fired_sessions[session] ||= {r: [],w: []})[:w] << writer
+      end if writers
+
+      fired_sessions.each do |s,rw|
+        s.ev_do_handle_events(rw[:r],rw[:w])
+      end
+
+      @sessions.each { |s| s.ev_do_postprocess(fired_sessions.key?(s)) }
+      true
+    end
+  end
+
+  # optimized version for a single session
+  class SingleSessionEventLoop < EventLoop
+    # Compatibility for original single session event loops:
+    # we call block with session as argument
+    def ev_preprocess(&block)
+      return false if block_given? && !yield(@sessions.first)
+      @sessions.each(&:ev_preprocess)
+      return false if block_given? && !yield(@sessions.first)
+      return true
+    end
+
+    def ev_select_and_postprocess(wait)
+      raise "Only one session expected" unless @sessions.count == 1
+      session = @sessions.first
+      sr,sw,actwait = session.ev_do_calculate_rw_wait(wait)
+      readers, writers, = Net::SSH::Compat.io_select(sr, sw, nil, actwait)
+
+      session.ev_do_handle_events(readers,writers)
+      session.ev_do_postprocess(!((readers.nil? || readers.empty?) && (writers.nil? || writers.empty?)))
+    end
+  end
+end; end; end

data/lib/net/ssh/connection/keepalive.rb

@@ -33,8 +33,8 @@ class Keepalive
     (options[:keepalive_maxcount] || 3).to_i
   end
 
-  def send_as_needed(readers, writers)
-    return unless readers.nil? && writers.nil?
+  def send_as_needed(was_events)
+    return if was_events
     return unless should_send?
     info { "sending keepalive #{@unresponded_keepalive_count}" }
 

data/lib/net/ssh/connection/session.rb

@@ -4,6 +4,7 @@ require 'net/ssh/connection/channel'
 require 'net/ssh/connection/constants'
 require 'net/ssh/service/forward'
 require 'net/ssh/connection/keepalive'
+require 'net/ssh/connection/event_loop'
 
 module Net; module SSH; module Connection
 
@@ -81,6 +82,9 @@ module Net; module SSH; module Connection
       @max_win_size = (options.has_key?(:max_win_size) ? options[:max_win_size] : 0x20000)
 
       @keepalive = Keepalive.new(self)
+
+      @event_loop = options[:event_loop] || SingleSessionEventLoop.new
+      @event_loop.register(self)
     end
 
     # Retrieves a custom property from this instance. This can be used to
@@ -186,6 +190,8 @@ module Net; module SSH; module Connection
     # This will also cause all active channels to be processed once each (see
     # Net::SSH::Connection::Channel#on_process).
     #
+    # TODO revise example
+    #
     #   # process multiple Net::SSH connections in parallel
     #   connections = [
     #     Net::SSH.start("host1", ...),
@@ -203,13 +209,10 @@ module Net; module SSH; module Connection
     #     break if connections.empty?
     #   end
     def process(wait=nil, &block)
-      return false unless preprocess(&block)
-
-      r = listeners.keys
-      w = r.select { |w2| w2.respond_to?(:pending_write?) && w2.pending_write? }
-      readers, writers, = Net::SSH::Compat.io_select(r, w, nil, io_select_wait(wait))
-
-      postprocess(readers, writers)
+      @event_loop.process(wait, &block)
+    rescue
+      force_channel_cleanup_on_close if closed?
+      raise
     end
 
     # This is called internally as part of #process. It dispatches any
@@ -217,19 +220,38 @@ module Net; module SSH; module Connection
     # for any active channels. If a block is given, it is invoked at the
     # start of the method and again at the end, and if the block ever returns
     # false, this method returns false. Otherwise, it returns true.
-    def preprocess
+    def preprocess(&block)
       return false if block_given? && !yield(self)
-      dispatch_incoming_packets
-      channels.each { |id, channel| channel.process unless channel.local_closed? }
+      ev_preprocess(&block)
       return false if block_given? && !yield(self)
       return true
     end
 
-    # This is called internally as part of #process. It loops over the given
-    # arrays of reader IO's and writer IO's, processing them as needed, and
+    # Called by event loop to process available data before going to
+    # event multiplexing
+    def ev_preprocess(&block)
+      dispatch_incoming_packets
+      each_channel { |id, channel| channel.process unless channel.local_closed? }
+    end
+
+    # Returns the file descriptors the event loop should wait for read/write events,
+    # we also return the max wait
+    def ev_do_calculate_rw_wait(wait)
+      r = listeners.keys
+      w = r.select { |w2| w2.respond_to?(:pending_write?) && w2.pending_write? }
+      [r,w,io_select_wait(wait)]
+    end
+
+    # This is called internally as part of #process.
+    def postprocess(readers, writers)
+      ev_do_handle_events(readers, writers)
+    end
+
+    # It loops over the given arrays of reader IO's and writer IO's,
+    # processing them as needed, and
     # then calls Net::SSH::Transport::Session#rekey_as_needed to allow the
     # transport layer to rekey. Then returns true.
-    def postprocess(readers, writers)
+    def ev_do_handle_events(readers, writers)
       Array(readers).each do |reader|
         if listeners[reader]
           listeners[reader].call(reader)
@@ -244,11 +266,14 @@ module Net; module SSH; module Connection
       Array(writers).each do |writer|
         writer.send_pending
       end
+    end
 
-      @keepalive.send_as_needed(readers, writers)
+    # calls Net::SSH::Transport::Session#rekey_as_needed to allow the
+    # transport layer to rekey
+    def ev_do_postprocess(was_events)
+      @keepalive.send_as_needed(was_events)
       transport.rekey_as_needed
-
-      return true
+      true
     end
 
     # Send a global request of the given type. The +extra+ parameters must
@@ -330,7 +355,7 @@ module Net; module SSH; module Connection
       open_channel do |channel|
         channel.exec(command) do |ch, success|
           raise "could not execute command: #{command.inspect}" unless success
-          
+
           channel.on_data do |ch2, data|
             if block
               block.call(ch2, :stdout, data)
@@ -472,6 +497,11 @@ module Net; module SSH; module Connection
 
     private
 
+      # iterate channels with the posibility of callbacks opening new channels during the iteration
+      def each_channel(&block)
+        channels.dup.each(&block)
+      end
+
       # Read all pending packets from the connection and dispatch them as
       # appropriate. Returns as soon as there are no more pending packets.
       def dispatch_incoming_packets
@@ -495,14 +525,18 @@ module Net; module SSH; module Connection
 
       def force_channel_cleanup_on_close
         channels.each do |id, channel|
-          channel.remote_closed!
-          channel.close
-
-          cleanup_channel(channel)
-          channel.do_close
+          channel_closed(channel)
         end
       end
 
+      def channel_closed(channel)
+        channel.remote_closed!
+        channel.close
+
+        cleanup_channel(channel)
+        channel.do_close
+      end
+
       # Invoked when a global request is received. The registered global
       # request callback will be invoked, if one exists, and the necessary
       # reply returned.
@@ -611,11 +645,7 @@ module Net; module SSH; module Connection
         info { "channel_close: #{packet[:local_id]}" }
 
         channel = channels[packet[:local_id]]
-        channel.remote_closed!
-        channel.close
-
-        cleanup_channel(channel)
-        channel.do_close
+        channel_closed(channel)
       end
 
       def channel_success(packet)

data/lib/net/ssh/key_factory.rb

@@ -1,6 +1,10 @@
 require 'net/ssh/transport/openssl'
 require 'net/ssh/prompt'
-require 'net/ssh/authentication/ed25519'
+
+begin
+  require 'net/ssh/authentication/ed25519'
+rescue Gem::LoadError => e # rubocop:disable Lint/HandleExceptions
+end
 
 module Net; module SSH
 
@@ -22,12 +26,10 @@ module Net; module SSH
     }
     if defined?(OpenSSL::PKey::EC)
       MAP["ecdsa"] = OpenSSL::PKey::EC
-      MAP["ed25519"] = ED25519::PrivKey
+      MAP["ed25519"] = ED25519::PrivKey if defined? ED25519
     end
 
     class <<self
-      include Prompt
-
       # Fetch an OpenSSL key instance by its SSH name. It will be a new,
       # empty key of the given type.
       def get(name)
@@ -39,9 +41,9 @@ module Net; module SSH
       # appropriately. The new key is returned. If the key itself is
       # encrypted (requiring a passphrase to use), the user will be
       # prompted to enter their password unless passphrase works. 
-      def load_private_key(filename, passphrase=nil, ask_passphrase=true)
+      def load_private_key(filename, passphrase=nil, ask_passphrase=true, prompt=Prompt.default)
         data = File.read(File.expand_path(filename))
-        load_data_private_key(data, passphrase, ask_passphrase, filename)
+        load_data_private_key(data, passphrase, ask_passphrase, filename, prompt)
       end
 
       # Loads a private key. It will correctly determine
@@ -49,58 +51,32 @@ module Net; module SSH
       # appropriately. The new key is returned. If the key itself is
       # encrypted (requiring a passphrase to use), the user will be
       # prompted to enter their password unless passphrase works. 
-      def load_data_private_key(data, passphrase=nil, ask_passphrase=true, filename="")
-        if OpenSSL::PKey.respond_to?(:read)
-          pkey_read = true
-          error_class = ArgumentError
-        else
-          pkey_read = false
-          if data.match(/-----BEGIN DSA PRIVATE KEY-----/)
-            key_type = OpenSSL::PKey::DSA
-            error_class = OpenSSL::PKey::DSAError
-          elsif data.match(/-----BEGIN RSA PRIVATE KEY-----/)
-            key_type = OpenSSL::PKey::RSA
-            error_class = OpenSSL::PKey::RSAError
-          elsif data.match(/-----BEGIN EC PRIVATE KEY-----/) && defined?(OpenSSL::PKey::EC)
-            key_type = OpenSSL::PKey::EC
-            error_class = OpenSSL::PKey::ECError
-          elsif data.match(/-----BEGIN OPENSSH PRIVATE KEY-----/)
-            openssh_key = true
-            key_type = ED25519::PrivKey
-          elsif data.match(/-----BEGIN (.+) PRIVATE KEY-----/)
-            raise OpenSSL::PKey::PKeyError, "not a supported key type '#{$1}'"
-          else
-            raise OpenSSL::PKey::PKeyError, "not a private key (#{filename})"
-          end
-        end
+      def load_data_private_key(data, passphrase=nil, ask_passphrase=true, filename="", prompt=Prompt.default)
+        key_read, error_class = classify_key(data, filename)
 
         encrypted_key = data.match(/ENCRYPTED/)
-        openssh_key = data.match(/-----BEGIN OPENSSH PRIVATE KEY-----/)
         tries = 0
 
-        begin
-          if openssh_key
-            ED25519::PrivKey.read(data, passphrase || 'invalid')
-          else
-            if pkey_read
-              return OpenSSL::PKey.read(data, passphrase || 'invalid')
-            else
-              return key_type.new(data, passphrase || 'invalid')
-            end
-          end
-        rescue error_class
-          if encrypted_key && ask_passphrase
-            tries += 1
-            if tries <= 3
-              passphrase = prompt("Enter passphrase for #{filename}:", false)
-              retry
+        prompter = nil
+        result = 
+          begin
+            key_read[data, passphrase || 'invalid']
+          rescue error_class
+            if encrypted_key && ask_passphrase
+              tries += 1
+              if tries <= 3
+                prompter ||= prompt.start(type: 'private_key', filename: filename, sha: Digest::SHA256.digest(data))
+                passphrase = prompter.ask("Enter passphrase for #{filename}:", false)
+                retry
+              else
+                raise
+              end
             else
               raise
             end
-          else
-            raise
           end
-        end
+        prompter.success if prompter
+        result
       end
 
       # Loads a public key from a file. It will correctly determine whether
@@ -129,6 +105,28 @@ module Net; module SSH
         reader = Net::SSH::Buffer.new(blob)
         reader.read_key or raise OpenSSL::PKey::PKeyError, "not a public key #{filename.inspect}"
       end
+
+      private
+
+      # Determine whether the file describes an RSA or DSA key, and return how load it
+      # appropriately.
+      def classify_key(data, filename)
+        if data.match(/-----BEGIN OPENSSH PRIVATE KEY-----/)
+          return ->(key_data, passphrase) { ED25519::PrivKey.read(key_data, passphrase) }, ArgumentError
+        elsif OpenSSL::PKey.respond_to?(:read)
+          return ->(key_data, passphrase) { OpenSSL::PKey.read(key_data, passphrase) }, ArgumentError
+        elsif data.match(/-----BEGIN DSA PRIVATE KEY-----/)
+          return ->(key_data, passphrase) { OpenSSL::PKey::DSA.new(key_data, passphrase) }, OpenSSL::PKey::DSAError
+        elsif data.match(/-----BEGIN RSA PRIVATE KEY-----/)
+          return ->(key_data, passphrase) { OpenSSL::PKey::RSA.new(key_data, passphrase) }, OpenSSL::PKey::RSAError
+        elsif data.match(/-----BEGIN EC PRIVATE KEY-----/) && defined?(OpenSSL::PKey::EC)
+          return ->(key_data, passphrase) { OpenSSL::PKey::EC.new(key_data, passphrase) }, OpenSSL::PKey::ECError
+        elsif data.match(/-----BEGIN (.+) PRIVATE KEY-----/)
+          raise OpenSSL::PKey::PKeyError, "not a supported key type '#{$1}'"
+        else
+          raise OpenSSL::PKey::PKeyError, "not a private key (#{filename})"
+        end
+      end
     end
 
   end