net-ssh 5.0.0.beta1 → 5.0.0.beta2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/.rubocop_todo.yml +98 -258
- data/CHANGES.txt +8 -0
- data/Gemfile +1 -3
- data/Rakefile +37 -39
- data/lib/net/ssh.rb +26 -25
- data/lib/net/ssh/authentication/agent.rb +228 -225
- data/lib/net/ssh/authentication/certificate.rb +166 -164
- data/lib/net/ssh/authentication/constants.rb +17 -14
- data/lib/net/ssh/authentication/ed25519.rb +107 -104
- data/lib/net/ssh/authentication/ed25519_loader.rb +32 -28
- data/lib/net/ssh/authentication/key_manager.rb +5 -3
- data/lib/net/ssh/authentication/methods/abstract.rb +53 -47
- data/lib/net/ssh/authentication/methods/hostbased.rb +32 -33
- data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +2 -4
- data/lib/net/ssh/authentication/methods/none.rb +10 -10
- data/lib/net/ssh/authentication/methods/password.rb +13 -13
- data/lib/net/ssh/authentication/methods/publickey.rb +54 -55
- data/lib/net/ssh/authentication/pageant.rb +468 -465
- data/lib/net/ssh/authentication/pub_key_fingerprint.rb +44 -0
- data/lib/net/ssh/authentication/session.rb +127 -123
- data/lib/net/ssh/buffer.rb +305 -303
- data/lib/net/ssh/buffered_io.rb +163 -162
- data/lib/net/ssh/config.rb +230 -227
- data/lib/net/ssh/connection/channel.rb +659 -654
- data/lib/net/ssh/connection/constants.rb +30 -26
- data/lib/net/ssh/connection/event_loop.rb +108 -104
- data/lib/net/ssh/connection/keepalive.rb +54 -50
- data/lib/net/ssh/connection/session.rb +677 -678
- data/lib/net/ssh/connection/term.rb +180 -176
- data/lib/net/ssh/errors.rb +101 -99
- data/lib/net/ssh/key_factory.rb +108 -108
- data/lib/net/ssh/known_hosts.rb +148 -154
- data/lib/net/ssh/loggable.rb +56 -54
- data/lib/net/ssh/packet.rb +82 -78
- data/lib/net/ssh/prompt.rb +55 -53
- data/lib/net/ssh/proxy/command.rb +103 -102
- data/lib/net/ssh/proxy/errors.rb +12 -8
- data/lib/net/ssh/proxy/http.rb +92 -91
- data/lib/net/ssh/proxy/https.rb +42 -39
- data/lib/net/ssh/proxy/jump.rb +50 -47
- data/lib/net/ssh/proxy/socks4.rb +0 -2
- data/lib/net/ssh/proxy/socks5.rb +11 -11
- data/lib/net/ssh/ruby_compat.rb +1 -0
- data/lib/net/ssh/service/forward.rb +364 -362
- data/lib/net/ssh/test.rb +85 -83
- data/lib/net/ssh/test/channel.rb +146 -142
- data/lib/net/ssh/test/extensions.rb +148 -146
- data/lib/net/ssh/test/kex.rb +35 -31
- data/lib/net/ssh/test/local_packet.rb +48 -44
- data/lib/net/ssh/test/packet.rb +87 -84
- data/lib/net/ssh/test/remote_packet.rb +35 -31
- data/lib/net/ssh/test/script.rb +173 -171
- data/lib/net/ssh/test/socket.rb +59 -55
- data/lib/net/ssh/transport/algorithms.rb +413 -412
- data/lib/net/ssh/transport/cipher_factory.rb +108 -105
- data/lib/net/ssh/transport/constants.rb +35 -31
- data/lib/net/ssh/transport/ctr.rb +1 -1
- data/lib/net/ssh/transport/hmac.rb +1 -1
- data/lib/net/ssh/transport/hmac/abstract.rb +67 -64
- data/lib/net/ssh/transport/hmac/sha2_256_96.rb +1 -1
- data/lib/net/ssh/transport/hmac/sha2_512_96.rb +1 -1
- data/lib/net/ssh/transport/identity_cipher.rb +55 -51
- data/lib/net/ssh/transport/kex.rb +2 -4
- data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +47 -40
- data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +201 -197
- data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +53 -56
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +94 -87
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +17 -10
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +17 -10
- data/lib/net/ssh/transport/key_expander.rb +29 -25
- data/lib/net/ssh/transport/openssl.rb +17 -30
- data/lib/net/ssh/transport/packet_stream.rb +193 -192
- data/lib/net/ssh/transport/server_version.rb +64 -66
- data/lib/net/ssh/transport/session.rb +286 -284
- data/lib/net/ssh/transport/state.rb +198 -196
- data/lib/net/ssh/verifiers/lenient.rb +29 -25
- data/lib/net/ssh/verifiers/null.rb +13 -9
- data/lib/net/ssh/verifiers/secure.rb +45 -45
- data/lib/net/ssh/verifiers/strict.rb +20 -16
- data/lib/net/ssh/version.rb +55 -53
- data/net-ssh.gemspec +4 -4
- data/support/ssh_tunnel_bug.rb +2 -2
- metadata +25 -24
- metadata.gz.sig +0 -0
@@ -12,296 +12,298 @@ require 'net/ssh/verifiers/secure'
|
|
12
12
|
require 'net/ssh/verifiers/strict'
|
13
13
|
require 'net/ssh/verifiers/lenient'
|
14
14
|
|
15
|
-
module Net
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
15
|
+
module Net
|
16
|
+
module SSH
|
17
|
+
module Transport
|
18
|
+
|
19
|
+
# The transport layer represents the lowest level of the SSH protocol, and
|
20
|
+
# implements basic message exchanging and protocol initialization. It will
|
21
|
+
# never be instantiated directly (unless you really know what you're about),
|
22
|
+
# but will instead be created for you automatically when you create a new
|
23
|
+
# SSH session via Net::SSH.start.
|
24
|
+
class Session
|
25
|
+
include Loggable
|
26
|
+
include Constants
|
27
|
+
|
28
|
+
# The standard port for the SSH protocol.
|
29
|
+
DEFAULT_PORT = 22
|
30
|
+
|
31
|
+
# The host to connect to, as given to the constructor.
|
32
|
+
attr_reader :host
|
33
|
+
|
34
|
+
# The port number to connect to, as given in the options to the constructor.
|
35
|
+
# If no port number was given, this will default to DEFAULT_PORT.
|
36
|
+
attr_reader :port
|
37
|
+
|
38
|
+
# The underlying socket object being used to communicate with the remote
|
39
|
+
# host.
|
40
|
+
attr_reader :socket
|
41
|
+
|
42
|
+
# The ServerVersion instance that encapsulates the negotiated protocol
|
43
|
+
# version.
|
44
|
+
attr_reader :server_version
|
45
|
+
|
46
|
+
# The Algorithms instance used to perform key exchanges.
|
47
|
+
attr_reader :algorithms
|
48
|
+
|
49
|
+
# The host-key verifier object used to verify host keys, to ensure that
|
50
|
+
# the connection is not being spoofed.
|
51
|
+
attr_reader :host_key_verifier
|
52
|
+
|
53
|
+
# The hash of options that were given to the object at initialization.
|
54
|
+
attr_reader :options
|
55
|
+
|
56
|
+
# Instantiates a new transport layer abstraction. This will block until
|
57
|
+
# the initial key exchange completes, leaving you with a ready-to-use
|
58
|
+
# transport session.
|
59
|
+
def initialize(host, options={})
|
60
|
+
self.logger = options[:logger]
|
61
|
+
|
62
|
+
@host = host
|
63
|
+
@port = options[:port] || DEFAULT_PORT
|
64
|
+
@bind_address = options[:bind_address] || nil
|
65
|
+
@options = options
|
66
|
+
|
67
|
+
@socket =
|
68
|
+
if (factory = options[:proxy])
|
69
|
+
debug { "establishing connection to #{@host}:#{@port} through proxy" }
|
70
|
+
factory.open(@host, @port, options)
|
71
|
+
else
|
72
|
+
debug { "establishing connection to #{@host}:#{@port}" }
|
73
|
+
Socket.tcp(@host, @port, @bind_address, nil,
|
74
|
+
connect_timeout: options[:timeout])
|
75
|
+
end
|
76
|
+
|
77
|
+
@socket.extend(PacketStream)
|
78
|
+
@socket.logger = @logger
|
79
|
+
|
80
|
+
debug { "connection established" }
|
81
|
+
|
82
|
+
@queue = []
|
83
|
+
|
84
|
+
@host_key_verifier = select_host_key_verifier(options[:verify_host_key])
|
85
|
+
|
86
|
+
@server_version = ServerVersion.new(socket, logger, options[:timeout])
|
87
|
+
|
88
|
+
@algorithms = Algorithms.new(self, options)
|
89
|
+
@algorithms.start
|
90
|
+
wait { algorithms.initialized? }
|
91
|
+
rescue Errno::ETIMEDOUT
|
92
|
+
raise Net::SSH::ConnectionTimeout
|
72
93
|
end
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
@queue = []
|
80
|
-
|
81
|
-
@host_key_verifier = select_host_key_verifier(options[:verify_host_key])
|
82
|
-
|
83
|
-
|
84
|
-
@server_version = ServerVersion.new(socket, logger, options[:timeout])
|
85
|
-
|
86
|
-
@algorithms = Algorithms.new(self, options)
|
87
|
-
@algorithms.start
|
88
|
-
wait { algorithms.initialized? }
|
89
|
-
rescue Errno::ETIMEDOUT
|
90
|
-
raise Net::SSH::ConnectionTimeout
|
91
|
-
end
|
92
|
-
|
93
|
-
def host_keys
|
94
|
-
@host_keys ||= begin
|
95
|
-
known_hosts = options.fetch(:known_hosts, KnownHosts)
|
96
|
-
known_hosts.search_for(options[:host_key_alias] || host_as_string, options)
|
97
|
-
end
|
98
|
-
end
|
99
|
-
|
100
|
-
# Returns the host (and possibly IP address) in a format compatible with
|
101
|
-
# SSH known-host files.
|
102
|
-
def host_as_string
|
103
|
-
@host_as_string ||= begin
|
104
|
-
string = "#{host}"
|
105
|
-
string = "[#{string}]:#{port}" if port != DEFAULT_PORT
|
106
|
-
|
107
|
-
peer_ip = socket.peer_ip
|
108
|
-
|
109
|
-
if peer_ip != Net::SSH::Transport::PacketStream::PROXY_COMMAND_HOST_IP &&
|
110
|
-
peer_ip != host
|
111
|
-
string2 = peer_ip
|
112
|
-
string2 = "[#{string2}]:#{port}" if port != DEFAULT_PORT
|
113
|
-
string << "," << string2
|
94
|
+
|
95
|
+
def host_keys
|
96
|
+
@host_keys ||= begin
|
97
|
+
known_hosts = options.fetch(:known_hosts, KnownHosts)
|
98
|
+
known_hosts.search_for(options[:host_key_alias] || host_as_string, options)
|
99
|
+
end
|
114
100
|
end
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
# underlying protocol's state).
|
135
|
-
def shutdown!
|
136
|
-
error { "forcing connection closed" }
|
137
|
-
socket.close
|
138
|
-
end
|
139
|
-
|
140
|
-
# Returns a new service_request packet for the given service name, ready
|
141
|
-
# for sending to the server.
|
142
|
-
def service_request(service)
|
143
|
-
Net::SSH::Buffer.from(:byte, SERVICE_REQUEST, :string, service)
|
144
|
-
end
|
145
|
-
|
146
|
-
# Requests a rekey operation, and blocks until the operation completes.
|
147
|
-
# If a rekey is already pending, this returns immediately, having no
|
148
|
-
# effect.
|
149
|
-
def rekey!
|
150
|
-
if !algorithms.pending?
|
151
|
-
algorithms.rekey!
|
152
|
-
wait { algorithms.initialized? }
|
153
|
-
end
|
154
|
-
end
|
155
|
-
|
156
|
-
# Returns immediately if a rekey is already in process. Otherwise, if a
|
157
|
-
# rekey is needed (as indicated by the socket, see PacketStream#if_needs_rekey?)
|
158
|
-
# one is performed, causing this method to block until it completes.
|
159
|
-
def rekey_as_needed
|
160
|
-
return if algorithms.pending?
|
161
|
-
socket.if_needs_rekey? { rekey! }
|
162
|
-
end
|
163
|
-
|
164
|
-
# Returns a hash of information about the peer (remote) side of the socket,
|
165
|
-
# including :ip, :port, :host, and :canonized (see #host_as_string).
|
166
|
-
def peer
|
167
|
-
@peer ||= { ip: socket.peer_ip, port: @port.to_i, host: @host, canonized: host_as_string }
|
168
|
-
end
|
169
|
-
|
170
|
-
# Blocks until a new packet is available to be read, and returns that
|
171
|
-
# packet. See #poll_message.
|
172
|
-
def next_message
|
173
|
-
poll_message(:block)
|
174
|
-
end
|
175
|
-
|
176
|
-
# Tries to read the next packet from the socket. If mode is :nonblock (the
|
177
|
-
# default), this will not block and will return nil if there are no packets
|
178
|
-
# waiting to be read. Otherwise, this will block until a packet is
|
179
|
-
# available. Note that some packet types (DISCONNECT, IGNORE, UNIMPLEMENTED,
|
180
|
-
# DEBUG, and KEXINIT) are handled silently by this method, and will never
|
181
|
-
# be returned.
|
182
|
-
#
|
183
|
-
# If a key-exchange is in process and a disallowed packet type is
|
184
|
-
# received, it will be enqueued and otherwise ignored. When a key-exchange
|
185
|
-
# is not in process, and consume_queue is true, packets will be first
|
186
|
-
# read from the queue before the socket is queried.
|
187
|
-
def poll_message(mode=:nonblock, consume_queue=true)
|
188
|
-
loop do
|
189
|
-
if consume_queue && @queue.any? && algorithms.allow?(@queue.first)
|
190
|
-
return @queue.shift
|
101
|
+
|
102
|
+
# Returns the host (and possibly IP address) in a format compatible with
|
103
|
+
# SSH known-host files.
|
104
|
+
def host_as_string
|
105
|
+
@host_as_string ||= begin
|
106
|
+
string = "#{host}"
|
107
|
+
string = "[#{string}]:#{port}" if port != DEFAULT_PORT
|
108
|
+
|
109
|
+
peer_ip = socket.peer_ip
|
110
|
+
|
111
|
+
if peer_ip != Net::SSH::Transport::PacketStream::PROXY_COMMAND_HOST_IP &&
|
112
|
+
peer_ip != host
|
113
|
+
string2 = peer_ip
|
114
|
+
string2 = "[#{string2}]:#{port}" if port != DEFAULT_PORT
|
115
|
+
string << "," << string2
|
116
|
+
end
|
117
|
+
|
118
|
+
string
|
119
|
+
end
|
191
120
|
end
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
case packet.type
|
197
|
-
when DISCONNECT
|
198
|
-
raise Net::SSH::Disconnect, "disconnected: #{packet[:description]} (#{packet[:reason_code]})"
|
199
|
-
|
200
|
-
when IGNORE
|
201
|
-
debug { "IGNORE packet received: #{packet[:data].inspect}" }
|
202
|
-
|
203
|
-
when UNIMPLEMENTED
|
204
|
-
lwarn { "UNIMPLEMENTED: #{packet[:number]}" }
|
205
|
-
|
206
|
-
when DEBUG
|
207
|
-
send(packet[:always_display] ? :fatal : :debug) { packet[:message] }
|
208
|
-
|
209
|
-
when KEXINIT
|
210
|
-
algorithms.accept_kexinit(packet)
|
211
|
-
|
212
|
-
else
|
213
|
-
return packet if algorithms.allow?(packet)
|
214
|
-
push(packet)
|
121
|
+
|
122
|
+
# Returns true if the underlying socket has been closed.
|
123
|
+
def closed?
|
124
|
+
socket.closed?
|
215
125
|
end
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
|
252
|
-
|
253
|
-
|
254
|
-
|
255
|
-
|
256
|
-
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
|
261
|
-
|
262
|
-
|
263
|
-
|
264
|
-
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
|
283
|
-
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
295
|
-
|
296
|
-
|
126
|
+
|
127
|
+
# Cleans up (see PacketStream#cleanup) and closes the underlying socket.
|
128
|
+
def close
|
129
|
+
socket.cleanup
|
130
|
+
socket.close
|
131
|
+
end
|
132
|
+
|
133
|
+
# Performs a "hard" shutdown of the connection. In general, this should
|
134
|
+
# never be done, but it might be necessary (in a rescue clause, for instance,
|
135
|
+
# when the connection needs to close but you don't know the status of the
|
136
|
+
# underlying protocol's state).
|
137
|
+
def shutdown!
|
138
|
+
error { "forcing connection closed" }
|
139
|
+
socket.close
|
140
|
+
end
|
141
|
+
|
142
|
+
# Returns a new service_request packet for the given service name, ready
|
143
|
+
# for sending to the server.
|
144
|
+
def service_request(service)
|
145
|
+
Net::SSH::Buffer.from(:byte, SERVICE_REQUEST, :string, service)
|
146
|
+
end
|
147
|
+
|
148
|
+
# Requests a rekey operation, and blocks until the operation completes.
|
149
|
+
# If a rekey is already pending, this returns immediately, having no
|
150
|
+
# effect.
|
151
|
+
def rekey!
|
152
|
+
if !algorithms.pending?
|
153
|
+
algorithms.rekey!
|
154
|
+
wait { algorithms.initialized? }
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
# Returns immediately if a rekey is already in process. Otherwise, if a
|
159
|
+
# rekey is needed (as indicated by the socket, see PacketStream#if_needs_rekey?)
|
160
|
+
# one is performed, causing this method to block until it completes.
|
161
|
+
def rekey_as_needed
|
162
|
+
return if algorithms.pending?
|
163
|
+
socket.if_needs_rekey? { rekey! }
|
164
|
+
end
|
165
|
+
|
166
|
+
# Returns a hash of information about the peer (remote) side of the socket,
|
167
|
+
# including :ip, :port, :host, and :canonized (see #host_as_string).
|
168
|
+
def peer
|
169
|
+
@peer ||= { ip: socket.peer_ip, port: @port.to_i, host: @host, canonized: host_as_string }
|
170
|
+
end
|
171
|
+
|
172
|
+
# Blocks until a new packet is available to be read, and returns that
|
173
|
+
# packet. See #poll_message.
|
174
|
+
def next_message
|
175
|
+
poll_message(:block)
|
176
|
+
end
|
177
|
+
|
178
|
+
# Tries to read the next packet from the socket. If mode is :nonblock (the
|
179
|
+
# default), this will not block and will return nil if there are no packets
|
180
|
+
# waiting to be read. Otherwise, this will block until a packet is
|
181
|
+
# available. Note that some packet types (DISCONNECT, IGNORE, UNIMPLEMENTED,
|
182
|
+
# DEBUG, and KEXINIT) are handled silently by this method, and will never
|
183
|
+
# be returned.
|
184
|
+
#
|
185
|
+
# If a key-exchange is in process and a disallowed packet type is
|
186
|
+
# received, it will be enqueued and otherwise ignored. When a key-exchange
|
187
|
+
# is not in process, and consume_queue is true, packets will be first
|
188
|
+
# read from the queue before the socket is queried.
|
189
|
+
def poll_message(mode=:nonblock, consume_queue=true)
|
190
|
+
loop do
|
191
|
+
return @queue.shift if consume_queue && @queue.any? && algorithms.allow?(@queue.first)
|
192
|
+
|
193
|
+
packet = socket.next_packet(mode)
|
194
|
+
return nil if packet.nil?
|
195
|
+
|
196
|
+
case packet.type
|
197
|
+
when DISCONNECT
|
198
|
+
raise Net::SSH::Disconnect, "disconnected: #{packet[:description]} (#{packet[:reason_code]})"
|
199
|
+
|
200
|
+
when IGNORE
|
201
|
+
debug { "IGNORE packet received: #{packet[:data].inspect}" }
|
202
|
+
|
203
|
+
when UNIMPLEMENTED
|
204
|
+
lwarn { "UNIMPLEMENTED: #{packet[:number]}" }
|
205
|
+
|
206
|
+
when DEBUG
|
207
|
+
send(packet[:always_display] ? :fatal : :debug) { packet[:message] }
|
208
|
+
|
209
|
+
when KEXINIT
|
210
|
+
algorithms.accept_kexinit(packet)
|
211
|
+
|
212
|
+
else
|
213
|
+
return packet if algorithms.allow?(packet)
|
214
|
+
push(packet)
|
215
|
+
end
|
216
|
+
end
|
217
|
+
end
|
218
|
+
|
219
|
+
# Waits (blocks) until the given block returns true. If no block is given,
|
220
|
+
# this just waits long enough to see if there are any pending packets. Any
|
221
|
+
# packets read are enqueued (see #push).
|
222
|
+
def wait
|
223
|
+
loop do
|
224
|
+
break if block_given? && yield
|
225
|
+
message = poll_message(:nonblock, false)
|
226
|
+
push(message) if message
|
227
|
+
break if !block_given?
|
228
|
+
end
|
229
|
+
end
|
230
|
+
|
231
|
+
# Adds the given packet to the packet queue. If the queue is non-empty,
|
232
|
+
# #poll_message will return packets from the queue in the order they
|
233
|
+
# were received.
|
234
|
+
def push(packet)
|
235
|
+
@queue.push(packet)
|
236
|
+
end
|
237
|
+
|
238
|
+
# Sends the given message via the packet stream, blocking until the
|
239
|
+
# entire message has been sent.
|
240
|
+
def send_message(message)
|
241
|
+
socket.send_packet(message)
|
242
|
+
end
|
243
|
+
|
244
|
+
# Enqueues the given message, such that it will be sent at the earliest
|
245
|
+
# opportunity. This does not block, but returns immediately.
|
246
|
+
def enqueue_message(message)
|
247
|
+
socket.enqueue_packet(message)
|
248
|
+
end
|
249
|
+
|
250
|
+
# Configure's the packet stream's client state with the given set of
|
251
|
+
# options. This is typically used to define the cipher, compression, and
|
252
|
+
# hmac algorithms to use when sending packets to the server.
|
253
|
+
def configure_client(options={})
|
254
|
+
socket.client.set(options)
|
255
|
+
end
|
256
|
+
|
257
|
+
# Configure's the packet stream's server state with the given set of
|
258
|
+
# options. This is typically used to define the cipher, compression, and
|
259
|
+
# hmac algorithms to use when reading packets from the server.
|
260
|
+
def configure_server(options={})
|
261
|
+
socket.server.set(options)
|
262
|
+
end
|
263
|
+
|
264
|
+
# Sets a new hint for the packet stream, which the packet stream may use
|
265
|
+
# to change its behavior. (See PacketStream#hints).
|
266
|
+
def hint(which, value=true)
|
267
|
+
socket.hints[which] = value
|
268
|
+
end
|
269
|
+
|
270
|
+
public
|
271
|
+
|
272
|
+
# this method is primarily for use in tests
|
273
|
+
attr_reader :queue #:nodoc:
|
274
|
+
|
275
|
+
private
|
276
|
+
|
277
|
+
# Instantiates a new host-key verification class, based on the value of
|
278
|
+
# the parameter. When true or nil, the default Lenient verifier is
|
279
|
+
# returned. If it is false, the Null verifier is returned, and if it is
|
280
|
+
# :very, the Strict verifier is returned. If it is :secure, the even more
|
281
|
+
# strict Secure verifier is returned. If the argument happens to respond
|
282
|
+
# to :verify, it is returned directly. Otherwise, an exception
|
283
|
+
# is raised.
|
284
|
+
def select_host_key_verifier(verify_host_key)
|
285
|
+
case verify_host_key
|
286
|
+
when true, nil then
|
287
|
+
Net::SSH::Verifiers::Lenient.new
|
288
|
+
when false then
|
289
|
+
Net::SSH::Verifiers::Null.new
|
290
|
+
when :very then
|
291
|
+
Net::SSH::Verifiers::Strict.new
|
292
|
+
when :secure then
|
293
|
+
Net::SSH::Verifiers::Secure.new
|
297
294
|
else
|
298
|
-
|
299
|
-
|
300
|
-
|
301
|
-
|
302
|
-
|
295
|
+
if verify_host_key.respond_to?(:verify)
|
296
|
+
verify_host_key
|
297
|
+
else
|
298
|
+
raise(
|
299
|
+
ArgumentError,
|
300
|
+
"Invalid argument to :verify_host_key (or deprecated " \
|
301
|
+
":paranoid): #{verify_host_key.inspect}"
|
302
|
+
)
|
303
|
+
end
|
303
304
|
end
|
304
305
|
end
|
305
306
|
end
|
307
|
+
end
|
306
308
|
end
|
307
|
-
end
|
309
|
+
end
|