net-ssh 4.0.0.beta3 → 4.0.0.beta4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 146419fe3e2b0cf850b18f87d8697a309a169370
-  data.tar.gz: c578d63fd847d87466e31bda279b188efe89cb58
+  metadata.gz: 5651b877a83649b20a9c8643125f5bd30bd982b3
+  data.tar.gz: 46d37efc38505e66f1049894b15cdb214e3016b3
 SHA512:
-  metadata.gz: 99e33fcbc5bdd89c5f0068e6610798b87d7b78b87e6c18a969d2e894ccfea1a89d01847e3a2bed1006db21a3032e847df416ca854988d2ef004b4feb60a99186
-  data.tar.gz: 551f47778fa0921ad2cffbee6cfdc0c08df7fde716f83cf95f4330892a16c851fa22be10197a3d3bf6ab87ebc20d9642f9fd54b77a31353e8662717702d302a6
+  metadata.gz: 5b657629b5e8cb5ced31e567d7a6353679683fa4a2024fdb41460fce8314c15b928f7b5b5101b6e4dc1565c1462780cdabc7716a9a2388eceae4ddeaab60cbe3
+  data.tar.gz: 55783d5ebe87f2bb7561f689e4bba5d4fcf22bea6f4661c2aea410fd2d3fcfb2e1f62175db46997f9406182b5e6dc4f8c68ffccd9ed9037ad884b190da6dea74

data/.travis.yml

@@ -26,6 +26,7 @@ matrix:
   allow_failures:
     - rvm: rbx-3.25
     - rvm: jruby-9.1.2.0
+    - rvm: ruby-head
 
 install:
   - export JRUBY_OPTS='--client -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -Xcext.enabled=false -J-Xss2m -Xcompile.invokedynamic=false'
@@ -33,7 +34,7 @@ install:
   - gem install bundler -v "= 1.11.2"
   - bundle _1.11.2_ install
   - BUNDLE_GEMFILE=./Gemfile.norbnacl bundle _1.11.2_ install
-  - sudo ansible-galaxy install rvm_io.rvm1-ruby
+  - sudo ansible-galaxy install rvm_io.ruby
   - sudo chown -R travis:travis /home/travis/.ansible
   - ansible-playbook ./test/integration/playbook.yml -i "localhost," --become -c local -e 'no_rvm=true' -e 'myuser=travis' -e 'mygroup=travis' -e 'homedir=/home/travis'
 

data/CHANGES.txt

@@ -1,3 +1,12 @@
+=== 4.0.0.beta4
+
+ * Added exitstatus method to exec's return [Miklós Fazekas, #452]
+ * Don't raise from exec if server closes transport just after channel close [Miklós Fazekas, #450]
+ * Removed java_pageant, as jruby should be using regular pagent impl [Miklós Fazekas, ]
+ * Use SSH_AUTH_SOCK if possible on windows (cygwin) [Miklós Fazekas, Martin Dürst, #365, #361]
+ * HTTPS proxy support [Marcus Ilgner, #432]
+ * Supports ruby 2.4.0.dev new exception type from OpenSSL::PKey.read
+
 === 4.0.0.beta3
 
  * Fix Net::SSH::Disconnect exceptions when channels are closed cleanly [Miklos Fazekas, #421, #422]

data/Gemfile

@@ -1,4 +1,12 @@
 source 'https://rubygems.org'
 
 # Specify your gem's dependencies in mygem.gemspec
-gemspec
+gemspec
+
+unless Gem.win_platform? || RUBY_PLATFORM == "java"
+  gem 'byebug', group: [:development, :test]
+end
+
+gem 'simplecov', require: false, group: :test
+
+gem 'codecov', require: false, group: :test if ENV["CI"]

data/Gemfile.norbnacl

@@ -2,4 +2,9 @@ source 'https://rubygems.org'
 
 ENV['NET_SSH_NO_RBNACL'] = 'true'
 # Specify your gem's dependencies in mygem.gemspec
-gemspec
+gemspec
+
+unless Gem.win_platform?
+  gem 'simplecov', require: false, group: :test
+  gem 'codecov', require: false, group: :test if ENV["CI"]
+end

data/Gemfile.norbnacl.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    net-ssh (4.0.0.alpha3)
+    net-ssh (4.0.0.beta3)
 
 GEM
   remote: https://rubygems.org/
@@ -27,9 +27,10 @@ GEM
 
 PLATFORMS
   ruby
+  x86-mingw32
 
 DEPENDENCIES
-  bundler (~> 1.11.2)
+  bundler (~> 1.11)
   minitest (~> 5.0)
   mocha (>= 1.1.0)
   net-ssh!
@@ -37,4 +38,4 @@ DEPENDENCIES
   rubocop (~> 0.39.0)
 
 BUNDLED WITH
-   1.11.2
+   1.13.5

data/ISSUE_TEMPLATE.md

@@ -0,0 +1,30 @@
+### Expected behavior
+
+Tell us what should happen
+
+### Actual behavior
+
+Tell us what happens instead.
+
+### System configuration
+
+- net-ssh version
+- Ruby version
+
+### Example App
+
+Please provide an example script that reproduces the problem. This will save maintainers time so they can spend it fixing your issues instead of trying to build a reproduction case from sparse instructions.
+
+You can use this as stating point:
+
+```ruby
+gem 'net-ssh', '= 4.0.0.beta3'
+require 'net/ssh'
+puts Net::SSH::Version::CURRENT
+
+@host = 'localhost'
+@user = ENV['USER']
+Net::SSH.start(@host, @user) do |ssh|
+  puts ssh.exec!('echo "hello"')
+end
+```

data/README.rdoc

@@ -1,3 +1,7 @@
+{<img src="https://badge.fury.io/rb/net-ssh.svg" alt="Gem Version" />}[https://badge.fury.io/rb/net-ssh]
+{<img src="https://badges.gitter.im/net-ssh/net-ssh.svg" alt="Join the chat at https://gitter.im/net-ssh/net-ssh">}[https://gitter.im/net-ssh/net-ssh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge]
+{<img src="https://travis-ci.org/net-ssh/net-ssh.svg?branch=master" alt="Build Status" />}[https://travis-ci.org/net-ssh/net-ssh]
+
 = Net::SSH 4.x
 
 * Docs: http://net-ssh.github.com/net-ssh
@@ -105,7 +109,7 @@ If you don't add the public key, you'll see an error like "Couldn't verify data
 
 * Ruby 1.8.x is supported up until the net-ssh 2.5.1 release.
 * Ruby 1.9.x is supported up until the net-ssh 2.9.x release.
-* Current net-ssh releases require Ruby 2.0 or later.
+* Current net-ssh releases require Ruby 2.0 or later. JRuby 1.7+ (with `compat.version=2.0` set) or JRuby 9k+
 
 == RUNNING TESTS
 

data/Rakefile

@@ -73,8 +73,12 @@ require 'rake/testtask'
 Rake::TestTask.new do |t|
   t.libs = ["lib", "test"]
   t.libs << "test/integration" if ENV['NET_SSH_RUN_INTEGRATION_TESTS']
+  t.libs << "test/win_integration" if ENV['NET_SSH_RUN_WIN_INTEGRATION_TESTS']
   test_files = FileList['test/**/test_*.rb']
   test_files -= FileList['test/integration/**/test_*.rb'] unless ENV['NET_SSH_RUN_INTEGRATION_TESTS']
+  test_files -= FileList['test/win_integration/**/test_*.rb'] unless ENV['NET_SSH_RUN_WIN_INTEGRATION_TESTS']
+  test_files -= FileList['test/manual/test_*.rb']
+  test_files -= FileList['test/test_pageant.rb']
   test_files -= FileList['test/test/**/test_*.rb']
   t.test_files =  test_files
 end

data/appveyor.yml

@@ -4,17 +4,48 @@ skip_tags: true
 
 environment:
   matrix:
-    - ruby_version: "21"
-    - ruby_version: "21-x64"
+    - ruby_version: "jruby-9.1.2.0"
+    - ruby_version: "23"
+    - ruby_version: "23-x64"
+
+#init:
+#  - ps: iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1'))
+
+#on_finish:
+#  - ps: $blockRdp = $true; iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1'))
+
+
+platform:
+  - x86
 
 install:
   - SET PATH=C:\Ruby%ruby_version%\bin;%PATH%
-  - gem install bundler --no-document -v 1.11.2
+  - if "%ruby_version%" == "jruby-9.1.2.0" ( cinst javaruntime -i )
+  - if "%ruby_version%" == "jruby-9.1.2.0" ( cinst jruby --version 9.1.2.0 -i )
+  - if "%ruby_version%" == "jruby-9.1.2.0" ( SET "PATH=C:\jruby-9.1.2.0\bin\;%PATH%" )
+  - ruby --version
+  - gem install bundler --no-document -v 1.13.5
   - SET BUNDLE_GEMFILE=Gemfile.norbnacl
-  - bundle _1.11.2_ install --retry=3
+  - bundle _1.13.5_ install --retry=3
+  - cinst freesshd
+  - cinst putty
+  - ps: |
+          if ($env:Processor_Architecture -eq "x86")
+          {
+            dir 'C:\Program Files\'
+            dir 'C:\Program Files\freeSSHd'
+            cp 'test\win_integration\FreeSSHDService.ini' 'C:\Program Files\freeSSHd\FreeSSHDService.ini'
+            & 'C:\Program Files\freeSSHd\FreeSSHDService.exe'
+          } else {
+            dir 'C:\Program Files (x86)\'
+            dir 'C:\Program Files (x86)\freeSSHd'
+            cp 'test\win_integration\FreeSSHDService32.ini' 'C:\Program Files (x86)\freeSSHd\FreeSSHDService.ini'
+            & 'C:\Program Files (x86)\freeSSHd\FreeSSHDService.exe'
+          }
 
 test_script:
   - SET BUNDLE_GEMFILE=Gemfile.norbnacl
-  - bundle _1.11.2_ exec rake test
+  - SET NET_SSH_RUN_WIN_INTEGRATION_TESTS=YES
+  - bundle _1.13.5_ exec rake test
 
 build: off

data/lib/net/ssh.rb

@@ -153,6 +153,10 @@ module Net
     #   for better performance if your SSH server supports it (most do).
     # * :max_win_size => maximum size we tell the other side that is supported for
     #   the window.
+    # * :non_interactive => set to true if your app is non interactive and prefers
+    #   authentication failure vs password prompt. Non-interactive applications 
+    #   should set it to true to prefer failing a password/etc auth methods vs. 
+    #   asking for password.
     # * :paranoid => either false, true, :very, or :secure specifying how
     #   strict host-key verification should be (in increasing order here).
     #   You can also provide an own Object which responds to +verify+. The argument
@@ -181,8 +185,6 @@ module Net
     #   Defaults to %w(~/.ssh/known_hosts ~/.ssh/known_hosts2).
     # * :use_agent => Set false to disable the use of ssh-agent. Defaults to
     #   true
-    # * :non_interactive => set to true if your app is non interactive and prefers
-    #   authentication failure vs password prompt
     # * :verbose => how verbose to be (Logger verbosity constants, Logger::DEBUG
     #   is very verbose, Logger::FATAL is all but silent). Logger::FATAL is the
     #   default. The symbols :debug, :info, :warn, :error, and :fatal are also
@@ -192,8 +194,6 @@ module Net
     # * :number_of_password_prompts => Number of prompts for the password
     #   authentication method defaults to 3 set to 0 to disable prompt for
     #   password auth method
-    # * :non_interactive => non interactive applications should set it to true
-    #   to prefer failing a password/etc auth methods vs asking for password
     # * :password_prompt => a custom prompt object with ask method. See Net::SSH::Prompt
     #
     # * :agent_socket_factory => enables the user to pass a lambda/block that will serve as the socket factory
@@ -264,7 +264,7 @@ module Net
     # to read.
     #
     # See Net::SSH::Config for the full description of all supported options.
-    def self.configuration_for(host, use_ssh_config=true)
+    def self.configuration_for(host, use_ssh_config)
       files = case use_ssh_config
         when true then Net::SSH::Config.default_files
         when false, nil then return {}

data/lib/net/ssh/authentication/agent.rb

@@ -2,22 +2,182 @@ require 'net/ssh/buffer'
 require 'net/ssh/errors'
 require 'net/ssh/loggable'
 
-module Net; module SSH; module Authentication
-  PLATFORM = File::ALT_SEPARATOR \
-    ? RUBY_PLATFORM =~ /java/ ? :java_win32 : :win32 \
-    : RUBY_PLATFORM =~ /java/ ? :java : :unix
+require 'net/ssh/transport/server_version'
+require 'socket'
+require 'rubygems'
 
-  # A trivial exception class for representing agent-specific errors.
-  class AgentError < Net::SSH::Exception; end
+require 'net/ssh/authentication/pageant' if Gem.win_platform? && RUBY_PLATFORM != "java"
 
+module Net; module SSH; module Authentication
+  # Class for representing agent-specific errors.
+  class AgentError < Net::SSH::Exception; end
   # An exception for indicating that the SSH agent is not available.
   class AgentNotAvailable < AgentError; end
-end; end; end
 
-case Net::SSH::Authentication::PLATFORM
-when :java_win32
-  # Java pageant requires whole different agent.
-  require 'net/ssh/authentication/agent/java_pageant'
-else
-  require 'net/ssh/authentication/agent/socket'
-end
+  # This class implements a simple client for the ssh-agent protocol. It
+  # does not implement any specific protocol, but instead copies the
+  # behavior of the ssh-agent functions in the OpenSSH library (3.8).
+  #
+  # This means that although it behaves like a SSH1 client, it also has
+  # some SSH2 functionality (like signing data).
+  class Agent
+    include Loggable
+
+    # A simple module for extending keys, to allow comments to be specified
+    # for them.
+    module Comment
+      attr_accessor :comment
+    end
+
+    SSH2_AGENT_REQUEST_VERSION    = 1
+    SSH2_AGENT_REQUEST_IDENTITIES = 11
+    SSH2_AGENT_IDENTITIES_ANSWER  = 12
+    SSH2_AGENT_SIGN_REQUEST       = 13
+    SSH2_AGENT_SIGN_RESPONSE      = 14
+    SSH2_AGENT_FAILURE            = 30
+    SSH2_AGENT_VERSION_RESPONSE   = 103
+
+    SSH_COM_AGENT2_FAILURE        = 102
+
+    SSH_AGENT_REQUEST_RSA_IDENTITIES = 1
+    SSH_AGENT_RSA_IDENTITIES_ANSWER1 = 2
+    SSH_AGENT_RSA_IDENTITIES_ANSWER2 = 5
+    SSH_AGENT_FAILURE                = 5
+
+    # The underlying socket being used to communicate with the SSH agent.
+    attr_reader :socket
+
+    # Instantiates a new agent object, connects to a running SSH agent,
+    # negotiates the agent protocol version, and returns the agent object.
+    def self.connect(logger=nil, agent_socket_factory = nil)
+      agent = new(logger)
+      agent.connect!(agent_socket_factory)
+      agent.negotiate!
+      agent
+    end
+
+    # Creates a new Agent object, using the optional logger instance to
+    # report status.
+    def initialize(logger=nil)
+      self.logger = logger
+    end
+
+    # Connect to the agent process using the socket factory and socket name
+    # given by the attribute writers. If the agent on the other end of the
+    # socket reports that it is an SSH2-compatible agent, this will fail
+    # (it only supports the ssh-agent distributed by OpenSSH).
+    def connect!(agent_socket_factory = nil)
+      debug { "connecting to ssh-agent" }
+      @socket =
+        if agent_socket_factory
+          agent_socket_factory.call
+        elsif ENV['SSH_AUTH_SOCK'] && defined?(unix_socket_class)
+          unix_socket_class.open(ENV['SSH_AUTH_SOCK'])
+        elsif Gem.win_platform? && RUBY_ENGINE != "jruby"
+          Pageant::Socket.open
+        else
+          raise AgentNotAvailable, "Agent not configured"
+        end
+    rescue StandardError => e
+      error { "could not connect to ssh-agent: #{e.message}" }
+      raise AgentNotAvailable, $!.message
+    end
+
+    # Attempts to negotiate the SSH agent protocol version. Raises an error
+    # if the version could not be negotiated successfully.
+    def negotiate!
+      # determine what type of agent we're communicating with
+      type, body = send_and_wait(SSH2_AGENT_REQUEST_VERSION, :string, Transport::ServerVersion::PROTO_VERSION)
+
+      raise AgentNotAvailable, "SSH2 agents are not yet supported" if type == SSH2_AGENT_VERSION_RESPONSE
+      if type == SSH2_AGENT_FAILURE
+        debug { "Unexpected response type==#{type}, this will be ignored" }
+      elsif type != SSH_AGENT_RSA_IDENTITIES_ANSWER1 && type != SSH_AGENT_RSA_IDENTITIES_ANSWER2
+        raise AgentNotAvailable, "unknown response from agent: #{type}, #{body.to_s.inspect}"
+      end
+    end
+
+    # Return an array of all identities (public keys) known to the agent.
+    # Each key returned is augmented with a +comment+ property which is set
+    # to the comment returned by the agent for that key.
+    def identities
+      type, body = send_and_wait(SSH2_AGENT_REQUEST_IDENTITIES)
+      raise AgentError, "could not get identity count" if agent_failed(type)
+      raise AgentError, "bad authentication reply: #{type}" if type != SSH2_AGENT_IDENTITIES_ANSWER
+
+      identities = []
+      body.read_long.times do
+        key_str = body.read_string
+        comment_str = body.read_string
+        begin
+          key = Buffer.new(key_str).read_key
+          key.extend(Comment)
+          key.comment = comment_str
+          identities.push key
+        rescue NotImplementedError => e
+          error { "ignoring unimplemented key:#{e.message} #{comment_str}" }
+        end
+      end
+
+      return identities
+    end
+
+    # Closes this socket. This agent reference is no longer able to
+    # query the agent.
+    def close
+      @socket.close
+    end
+
+    # Using the agent and the given public key, sign the given data. The
+    # signature is returned in SSH2 format.
+    def sign(key, data)
+      type, reply = send_and_wait(SSH2_AGENT_SIGN_REQUEST, :string, Buffer.from(:key, key), :string, data, :long, 0)
+
+      raise AgentError, "agent could not sign data with requested identity" if agent_failed(type)
+      raise AgentError, "bad authentication response #{type}" if type != SSH2_AGENT_SIGN_RESPONSE
+
+      return reply.read_string
+    end
+
+    private
+
+    def unix_socket_class
+      UNIXSocket
+    end
+
+    # Send a new packet of the given type, with the associated data.
+    def send_packet(type, *args)
+      buffer = Buffer.from(*args)
+      data = [buffer.length + 1, type.to_i, buffer.to_s].pack("NCA*")
+      debug { "sending agent request #{type} len #{buffer.length}" }
+      @socket.send data, 0
+    end
+
+    # Read the next packet from the agent. This will return a two-part
+    # tuple consisting of the packet type, and the packet's body (which
+    # is returned as a Net::SSH::Buffer).
+    def read_packet
+      buffer = Net::SSH::Buffer.new(@socket.read(4))
+      buffer.append(@socket.read(buffer.read_long))
+      type = buffer.read_byte
+      debug { "received agent packet #{type} len #{buffer.length-4}" }
+      return type, buffer
+    end
+
+    # Send the given packet and return the subsequent reply from the agent.
+    # (See #send_packet and #read_packet).
+    def send_and_wait(type, *args)
+      send_packet(type, *args)
+      read_packet
+    end
+
+    # Returns +true+ if the parameter indicates a "failure" response from
+    # the agent, and +false+ otherwise.
+    def agent_failed(type)
+      type == SSH_AGENT_FAILURE ||
+        type == SSH2_AGENT_FAILURE ||
+        type == SSH_COM_AGENT2_FAILURE
+    end
+  end
+
+end; end; end