net-ssh 5.0.0.beta1 → 5.0.0.beta2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/.rubocop_todo.yml +98 -258
- data/CHANGES.txt +8 -0
- data/Gemfile +1 -3
- data/Rakefile +37 -39
- data/lib/net/ssh.rb +26 -25
- data/lib/net/ssh/authentication/agent.rb +228 -225
- data/lib/net/ssh/authentication/certificate.rb +166 -164
- data/lib/net/ssh/authentication/constants.rb +17 -14
- data/lib/net/ssh/authentication/ed25519.rb +107 -104
- data/lib/net/ssh/authentication/ed25519_loader.rb +32 -28
- data/lib/net/ssh/authentication/key_manager.rb +5 -3
- data/lib/net/ssh/authentication/methods/abstract.rb +53 -47
- data/lib/net/ssh/authentication/methods/hostbased.rb +32 -33
- data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +2 -4
- data/lib/net/ssh/authentication/methods/none.rb +10 -10
- data/lib/net/ssh/authentication/methods/password.rb +13 -13
- data/lib/net/ssh/authentication/methods/publickey.rb +54 -55
- data/lib/net/ssh/authentication/pageant.rb +468 -465
- data/lib/net/ssh/authentication/pub_key_fingerprint.rb +44 -0
- data/lib/net/ssh/authentication/session.rb +127 -123
- data/lib/net/ssh/buffer.rb +305 -303
- data/lib/net/ssh/buffered_io.rb +163 -162
- data/lib/net/ssh/config.rb +230 -227
- data/lib/net/ssh/connection/channel.rb +659 -654
- data/lib/net/ssh/connection/constants.rb +30 -26
- data/lib/net/ssh/connection/event_loop.rb +108 -104
- data/lib/net/ssh/connection/keepalive.rb +54 -50
- data/lib/net/ssh/connection/session.rb +677 -678
- data/lib/net/ssh/connection/term.rb +180 -176
- data/lib/net/ssh/errors.rb +101 -99
- data/lib/net/ssh/key_factory.rb +108 -108
- data/lib/net/ssh/known_hosts.rb +148 -154
- data/lib/net/ssh/loggable.rb +56 -54
- data/lib/net/ssh/packet.rb +82 -78
- data/lib/net/ssh/prompt.rb +55 -53
- data/lib/net/ssh/proxy/command.rb +103 -102
- data/lib/net/ssh/proxy/errors.rb +12 -8
- data/lib/net/ssh/proxy/http.rb +92 -91
- data/lib/net/ssh/proxy/https.rb +42 -39
- data/lib/net/ssh/proxy/jump.rb +50 -47
- data/lib/net/ssh/proxy/socks4.rb +0 -2
- data/lib/net/ssh/proxy/socks5.rb +11 -11
- data/lib/net/ssh/ruby_compat.rb +1 -0
- data/lib/net/ssh/service/forward.rb +364 -362
- data/lib/net/ssh/test.rb +85 -83
- data/lib/net/ssh/test/channel.rb +146 -142
- data/lib/net/ssh/test/extensions.rb +148 -146
- data/lib/net/ssh/test/kex.rb +35 -31
- data/lib/net/ssh/test/local_packet.rb +48 -44
- data/lib/net/ssh/test/packet.rb +87 -84
- data/lib/net/ssh/test/remote_packet.rb +35 -31
- data/lib/net/ssh/test/script.rb +173 -171
- data/lib/net/ssh/test/socket.rb +59 -55
- data/lib/net/ssh/transport/algorithms.rb +413 -412
- data/lib/net/ssh/transport/cipher_factory.rb +108 -105
- data/lib/net/ssh/transport/constants.rb +35 -31
- data/lib/net/ssh/transport/ctr.rb +1 -1
- data/lib/net/ssh/transport/hmac.rb +1 -1
- data/lib/net/ssh/transport/hmac/abstract.rb +67 -64
- data/lib/net/ssh/transport/hmac/sha2_256_96.rb +1 -1
- data/lib/net/ssh/transport/hmac/sha2_512_96.rb +1 -1
- data/lib/net/ssh/transport/identity_cipher.rb +55 -51
- data/lib/net/ssh/transport/kex.rb +2 -4
- data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +47 -40
- data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +201 -197
- data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +53 -56
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +94 -87
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +17 -10
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +17 -10
- data/lib/net/ssh/transport/key_expander.rb +29 -25
- data/lib/net/ssh/transport/openssl.rb +17 -30
- data/lib/net/ssh/transport/packet_stream.rb +193 -192
- data/lib/net/ssh/transport/server_version.rb +64 -66
- data/lib/net/ssh/transport/session.rb +286 -284
- data/lib/net/ssh/transport/state.rb +198 -196
- data/lib/net/ssh/verifiers/lenient.rb +29 -25
- data/lib/net/ssh/verifiers/null.rb +13 -9
- data/lib/net/ssh/verifiers/secure.rb +45 -45
- data/lib/net/ssh/verifiers/strict.rb +20 -16
- data/lib/net/ssh/version.rb +55 -53
- data/net-ssh.gemspec +4 -4
- data/support/ssh_tunnel_bug.rb +2 -2
- metadata +25 -24
- metadata.gz.sig +0 -0
@@ -21,474 +21,477 @@ end
|
|
21
21
|
|
22
22
|
require 'net/ssh/errors'
|
23
23
|
|
24
|
-
module Net
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
|
252
|
-
|
253
|
-
|
254
|
-
|
255
|
-
|
256
|
-
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
|
261
|
-
|
262
|
-
|
263
|
-
|
264
|
-
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
|
283
|
-
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
295
|
-
|
296
|
-
|
297
|
-
|
298
|
-
|
299
|
-
|
300
|
-
|
301
|
-
|
302
|
-
|
303
|
-
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
|
308
|
-
|
309
|
-
|
310
|
-
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
|
315
|
-
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
|
323
|
-
|
324
|
-
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
|
331
|
-
|
332
|
-
|
333
|
-
|
334
|
-
|
335
|
-
|
336
|
-
|
337
|
-
|
338
|
-
|
339
|
-
|
340
|
-
|
341
|
-
|
342
|
-
|
343
|
-
|
344
|
-
|
345
|
-
|
346
|
-
|
347
|
-
|
348
|
-
|
349
|
-
|
350
|
-
|
351
|
-
|
352
|
-
|
353
|
-
|
354
|
-
|
355
|
-
|
356
|
-
|
357
|
-
|
358
|
-
|
359
|
-
|
360
|
-
|
361
|
-
|
362
|
-
|
363
|
-
|
364
|
-
|
365
|
-
|
366
|
-
|
367
|
-
|
368
|
-
|
369
|
-
|
370
|
-
|
371
|
-
|
372
|
-
|
373
|
-
|
374
|
-
|
375
|
-
|
376
|
-
|
377
|
-
|
378
|
-
|
379
|
-
|
380
|
-
|
381
|
-
|
382
|
-
|
383
|
-
|
384
|
-
|
385
|
-
|
386
|
-
|
387
|
-
# This is the pseudo-socket implementation that mimics the interface of
|
388
|
-
# a socket, translating each request into a Windows messaging call to
|
389
|
-
# the pageant daemon. This allows pageant support to be implemented
|
390
|
-
# simply by replacing the socket factory used by the Agent class.
|
391
|
-
class Socket
|
392
|
-
|
393
|
-
private_class_method :new
|
394
|
-
|
395
|
-
# The factory method for creating a new Socket instance.
|
396
|
-
def self.open
|
397
|
-
new
|
398
|
-
end
|
399
|
-
|
400
|
-
# Create a new instance that communicates with the running pageant
|
401
|
-
# instance. If no such instance is running, this will cause an error.
|
402
|
-
def initialize
|
403
|
-
@win = Win.FindWindow("Pageant", "Pageant")
|
404
|
-
|
405
|
-
if @win.to_i == 0
|
406
|
-
raise Net::SSH::Exception,
|
407
|
-
"pageant process not running"
|
24
|
+
module Net
|
25
|
+
module SSH
|
26
|
+
module Authentication
|
27
|
+
|
28
|
+
# This module encapsulates the implementation of a socket factory that
|
29
|
+
# uses the PuTTY "pageant" utility to obtain information about SSH
|
30
|
+
# identities.
|
31
|
+
#
|
32
|
+
# This code is a slightly modified version of the original implementation
|
33
|
+
# by Guillaume Marçais (guillaume.marcais@free.fr). It is used and
|
34
|
+
# relicensed by permission.
|
35
|
+
module Pageant
|
36
|
+
|
37
|
+
# From Putty pageant.c
|
38
|
+
AGENT_MAX_MSGLEN = 8192
|
39
|
+
AGENT_COPYDATA_ID = 0x804e50ba
|
40
|
+
|
41
|
+
# The definition of the Windows methods and data structures used in
|
42
|
+
# communicating with the pageant process.
|
43
|
+
module Win # rubocop:disable Metrics/ModuleLength
|
44
|
+
# Compatibility on initialization
|
45
|
+
if RUBY_VERSION < "1.9"
|
46
|
+
extend DL::Importable
|
47
|
+
|
48
|
+
dlload 'user32'
|
49
|
+
dlload 'kernel32'
|
50
|
+
dlload 'advapi32'
|
51
|
+
|
52
|
+
SIZEOF_DWORD = DL.sizeof('L')
|
53
|
+
elsif RUBY_VERSION < "2.1"
|
54
|
+
extend DL::Importer
|
55
|
+
dlload 'user32','kernel32', 'advapi32'
|
56
|
+
include DL::Win32Types
|
57
|
+
|
58
|
+
SIZEOF_DWORD = DL::SIZEOF_LONG
|
59
|
+
else
|
60
|
+
extend Fiddle::Importer
|
61
|
+
dlload 'user32','kernel32', 'advapi32'
|
62
|
+
include Fiddle::Win32Types
|
63
|
+
SIZEOF_DWORD = Fiddle::SIZEOF_LONG
|
64
|
+
end
|
65
|
+
|
66
|
+
if RUBY_ENGINE == "jruby"
|
67
|
+
typealias("HANDLE", "void *") # From winnt.h
|
68
|
+
typealias("PHANDLE", "void *") # From winnt.h
|
69
|
+
typealias("ULONG_PTR", "unsigned long*")
|
70
|
+
end
|
71
|
+
typealias("LPCTSTR", "char *") # From winnt.h
|
72
|
+
typealias("LPVOID", "void *") # From winnt.h
|
73
|
+
typealias("LPCVOID", "const void *") # From windef.h
|
74
|
+
typealias("LRESULT", "long") # From windef.h
|
75
|
+
typealias("WPARAM", "unsigned int *") # From windef.h
|
76
|
+
typealias("LPARAM", "long *") # From windef.h
|
77
|
+
typealias("PDWORD_PTR", "long *") # From basetsd.h
|
78
|
+
typealias("USHORT", "unsigned short") # From windef.h
|
79
|
+
|
80
|
+
# From winbase.h, winnt.h
|
81
|
+
INVALID_HANDLE_VALUE = -1
|
82
|
+
NULL = nil
|
83
|
+
PAGE_READWRITE = 0x0004
|
84
|
+
FILE_MAP_WRITE = 2
|
85
|
+
WM_COPYDATA = 74
|
86
|
+
|
87
|
+
SMTO_NORMAL = 0 # From winuser.h
|
88
|
+
|
89
|
+
SUFFIX = if RUBY_ENGINE == "jruby"
|
90
|
+
"A"
|
91
|
+
else
|
92
|
+
""
|
93
|
+
end
|
94
|
+
|
95
|
+
# args: lpClassName, lpWindowName
|
96
|
+
extern "HWND FindWindow#{SUFFIX}(LPCTSTR, LPCTSTR)"
|
97
|
+
|
98
|
+
# args: none
|
99
|
+
extern 'DWORD GetCurrentThreadId()'
|
100
|
+
|
101
|
+
# args: hFile, (ignored), flProtect, dwMaximumSizeHigh,
|
102
|
+
# dwMaximumSizeLow, lpName
|
103
|
+
extern "HANDLE CreateFileMapping#{SUFFIX}(HANDLE, void *, DWORD, " +
|
104
|
+
"DWORD, DWORD, LPCTSTR)"
|
105
|
+
|
106
|
+
# args: hFileMappingObject, dwDesiredAccess, dwFileOffsetHigh,
|
107
|
+
# dwfileOffsetLow, dwNumberOfBytesToMap
|
108
|
+
extern 'LPVOID MapViewOfFile(HANDLE, DWORD, DWORD, DWORD, DWORD)'
|
109
|
+
|
110
|
+
# args: lpBaseAddress
|
111
|
+
extern 'BOOL UnmapViewOfFile(LPCVOID)'
|
112
|
+
|
113
|
+
# args: hObject
|
114
|
+
extern 'BOOL CloseHandle(HANDLE)'
|
115
|
+
|
116
|
+
# args: hWnd, Msg, wParam, lParam, fuFlags, uTimeout, lpdwResult
|
117
|
+
extern "LRESULT SendMessageTimeout#{SUFFIX}(HWND, UINT, WPARAM, LPARAM, " +
|
118
|
+
"UINT, UINT, PDWORD_PTR)"
|
119
|
+
|
120
|
+
# args: none
|
121
|
+
extern 'DWORD GetLastError()'
|
122
|
+
|
123
|
+
# args: none
|
124
|
+
extern 'HANDLE GetCurrentProcess()'
|
125
|
+
|
126
|
+
# args: hProcessHandle, dwDesiredAccess, (out) phNewTokenHandle
|
127
|
+
extern 'BOOL OpenProcessToken(HANDLE, DWORD, PHANDLE)'
|
128
|
+
|
129
|
+
# args: hTokenHandle, uTokenInformationClass,
|
130
|
+
# (out) lpTokenInformation, dwTokenInformationLength
|
131
|
+
# (out) pdwInfoReturnLength
|
132
|
+
extern 'BOOL GetTokenInformation(HANDLE, UINT, LPVOID, DWORD, ' +
|
133
|
+
'PDWORD)'
|
134
|
+
|
135
|
+
# args: (out) lpSecurityDescriptor, dwRevisionLevel
|
136
|
+
extern 'BOOL InitializeSecurityDescriptor(LPVOID, DWORD)'
|
137
|
+
|
138
|
+
# args: (out) lpSecurityDescriptor, lpOwnerSid, bOwnerDefaulted
|
139
|
+
extern 'BOOL SetSecurityDescriptorOwner(LPVOID, LPVOID, BOOL)'
|
140
|
+
|
141
|
+
# args: pSecurityDescriptor
|
142
|
+
extern 'BOOL IsValidSecurityDescriptor(LPVOID)'
|
143
|
+
|
144
|
+
# Constants needed for security attribute retrieval.
|
145
|
+
# Specifies the access mask corresponding to the desired access
|
146
|
+
# rights.
|
147
|
+
TOKEN_QUERY = 0x8
|
148
|
+
|
149
|
+
# The value of TOKEN_USER from the TOKEN_INFORMATION_CLASS enum.
|
150
|
+
TOKEN_USER_INFORMATION_CLASS = 1
|
151
|
+
|
152
|
+
# The initial revision level assigned to the security descriptor.
|
153
|
+
REVISION = 1
|
154
|
+
|
155
|
+
# Structs for security attribute functions.
|
156
|
+
# Holds the retrieved user access token.
|
157
|
+
TOKEN_USER = struct ['void * SID', 'DWORD ATTRIBUTES']
|
158
|
+
|
159
|
+
# Contains the security descriptor, this gets passed to the
|
160
|
+
# function that constructs the shared memory map.
|
161
|
+
SECURITY_ATTRIBUTES = struct ['DWORD nLength',
|
162
|
+
'LPVOID lpSecurityDescriptor',
|
163
|
+
'BOOL bInheritHandle']
|
164
|
+
|
165
|
+
# The security descriptor holds security information.
|
166
|
+
SECURITY_DESCRIPTOR = struct ['UCHAR Revision', 'UCHAR Sbz1',
|
167
|
+
'USHORT Control', 'LPVOID Owner',
|
168
|
+
'LPVOID Group', 'LPVOID Sacl',
|
169
|
+
'LPVOID Dacl']
|
170
|
+
|
171
|
+
# The COPYDATASTRUCT is used to send WM_COPYDATA messages
|
172
|
+
COPYDATASTRUCT = if RUBY_ENGINE == "jruby"
|
173
|
+
struct ['ULONG_PTR dwData', 'DWORD cbData', 'LPVOID lpData']
|
174
|
+
else
|
175
|
+
struct ['uintptr_t dwData', 'DWORD cbData', 'LPVOID lpData']
|
176
|
+
end
|
177
|
+
|
178
|
+
# Compatibility for security attribute retrieval.
|
179
|
+
if RUBY_VERSION < "1.9"
|
180
|
+
# Alias functions to > 1.9 capitalization
|
181
|
+
%w[findWindow
|
182
|
+
getCurrentProcess
|
183
|
+
initializeSecurityDescriptor
|
184
|
+
setSecurityDescriptorOwner
|
185
|
+
isValidSecurityDescriptor
|
186
|
+
openProcessToken
|
187
|
+
getTokenInformation
|
188
|
+
getLastError
|
189
|
+
getCurrentThreadId
|
190
|
+
createFileMapping
|
191
|
+
mapViewOfFile
|
192
|
+
sendMessageTimeout
|
193
|
+
unmapViewOfFile
|
194
|
+
closeHandle].each do |name|
|
195
|
+
new_name = name[0].chr.upcase + name[1..name.length]
|
196
|
+
alias_method new_name, name
|
197
|
+
module_function new_name
|
198
|
+
end
|
199
|
+
|
200
|
+
def self.malloc_ptr(size)
|
201
|
+
return DL.malloc(size)
|
202
|
+
end
|
203
|
+
|
204
|
+
def self.get_ptr(data)
|
205
|
+
return data.to_ptr
|
206
|
+
end
|
207
|
+
|
208
|
+
def self.set_ptr_data(ptr, data)
|
209
|
+
ptr[0] = data
|
210
|
+
end
|
211
|
+
elsif RUBY_ENGINE == "jruby"
|
212
|
+
%w[FindWindow CreateFileMapping SendMessageTimeout].each do |name|
|
213
|
+
alias_method name, name + "A"
|
214
|
+
module_function name
|
215
|
+
end
|
216
|
+
# :nodoc:
|
217
|
+
module LibC
|
218
|
+
extend FFI::Library
|
219
|
+
ffi_lib FFI::Library::LIBC
|
220
|
+
attach_function :malloc, [:size_t], :pointer
|
221
|
+
attach_function :free, [:pointer], :void
|
222
|
+
end
|
223
|
+
|
224
|
+
def self.malloc_ptr(size)
|
225
|
+
Fiddle::Pointer.new(LibC.malloc(size), size, LibC.method(:free))
|
226
|
+
end
|
227
|
+
|
228
|
+
def self.get_ptr(ptr)
|
229
|
+
return data.address
|
230
|
+
end
|
231
|
+
|
232
|
+
def self.set_ptr_data(ptr, data)
|
233
|
+
ptr.write_string_length(data, data.size)
|
234
|
+
end
|
235
|
+
else
|
236
|
+
def self.malloc_ptr(size)
|
237
|
+
return DL::CPtr.malloc(size, DL::RUBY_FREE)
|
238
|
+
end
|
239
|
+
|
240
|
+
def self.get_ptr(data)
|
241
|
+
return DL::CPtr.to_ptr data
|
242
|
+
end
|
243
|
+
|
244
|
+
def self.set_ptr_data(ptr, data)
|
245
|
+
DL::CPtr.new(ptr)[0,data.size] = data
|
246
|
+
end
|
247
|
+
end
|
248
|
+
|
249
|
+
def self.get_security_attributes_for_user
|
250
|
+
user = get_current_user
|
251
|
+
|
252
|
+
psd_information = malloc_ptr(Win::SECURITY_DESCRIPTOR.size)
|
253
|
+
raise_error_if_zero(
|
254
|
+
Win.InitializeSecurityDescriptor(psd_information,
|
255
|
+
Win::REVISION)
|
256
|
+
)
|
257
|
+
raise_error_if_zero(
|
258
|
+
Win.SetSecurityDescriptorOwner(psd_information, get_sid_ptr(user),
|
259
|
+
0)
|
260
|
+
)
|
261
|
+
raise_error_if_zero(
|
262
|
+
Win.IsValidSecurityDescriptor(psd_information)
|
263
|
+
)
|
264
|
+
|
265
|
+
sa = Win::SECURITY_ATTRIBUTES.new(to_struct_ptr(malloc_ptr(Win::SECURITY_ATTRIBUTES.size)))
|
266
|
+
sa.nLength = Win::SECURITY_ATTRIBUTES.size
|
267
|
+
sa.lpSecurityDescriptor = psd_information.to_i
|
268
|
+
sa.bInheritHandle = 1
|
269
|
+
|
270
|
+
return sa
|
271
|
+
end
|
272
|
+
|
273
|
+
if RUBY_ENGINE == "jruby"
|
274
|
+
def self.ptr_to_s(ptr, size)
|
275
|
+
ret = ptr.to_s(size)
|
276
|
+
ret << "\x00" while ret.size < size
|
277
|
+
ret
|
278
|
+
end
|
279
|
+
|
280
|
+
def self.ptr_to_handle(phandle)
|
281
|
+
phandle.ptr
|
282
|
+
end
|
283
|
+
|
284
|
+
def self.ptr_to_dword(ptr)
|
285
|
+
first = ptr.ptr.to_i
|
286
|
+
second = ptr_to_s(ptr,Win::SIZEOF_DWORD).unpack('L')[0]
|
287
|
+
raise "Error" unless first == second
|
288
|
+
first
|
289
|
+
end
|
290
|
+
|
291
|
+
def self.to_token_user(ptoken_information)
|
292
|
+
TOKEN_USER.new(ptoken_information.to_ptr)
|
293
|
+
end
|
294
|
+
|
295
|
+
def self.to_struct_ptr(ptr)
|
296
|
+
ptr.to_ptr
|
297
|
+
end
|
298
|
+
|
299
|
+
def self.get_sid(user)
|
300
|
+
ptr_to_s(user.to_ptr.ptr,Win::SIZEOF_DWORD).unpack('L')[0]
|
301
|
+
end
|
302
|
+
|
303
|
+
def self.get_sid_ptr(user)
|
304
|
+
user.to_ptr.ptr
|
305
|
+
end
|
306
|
+
else
|
307
|
+
def self.get_sid(user)
|
308
|
+
user.SID
|
309
|
+
end
|
310
|
+
|
311
|
+
def self.ptr_to_handle(phandle)
|
312
|
+
phandle.ptr.to_i
|
313
|
+
end
|
314
|
+
|
315
|
+
def self.to_struct_ptr(ptr)
|
316
|
+
ptr
|
317
|
+
end
|
318
|
+
|
319
|
+
def self.ptr_to_dword(ptr)
|
320
|
+
ptr.to_s(Win::SIZEOF_DWORD).unpack('L')[0]
|
321
|
+
end
|
322
|
+
|
323
|
+
def self.to_token_user(ptoken_information)
|
324
|
+
TOKEN_USER.new(ptoken_information)
|
325
|
+
end
|
326
|
+
|
327
|
+
def self.get_sid_ptr(user)
|
328
|
+
user.SID
|
329
|
+
end
|
330
|
+
end
|
331
|
+
|
332
|
+
def self.get_current_user
|
333
|
+
token_handle = open_process_token(Win.GetCurrentProcess,
|
334
|
+
Win::TOKEN_QUERY)
|
335
|
+
token_user = get_token_information(token_handle,
|
336
|
+
Win::TOKEN_USER_INFORMATION_CLASS)
|
337
|
+
return token_user
|
338
|
+
end
|
339
|
+
|
340
|
+
def self.open_process_token(process_handle, desired_access)
|
341
|
+
ptoken_handle = malloc_ptr(Win::SIZEOF_DWORD)
|
342
|
+
|
343
|
+
raise_error_if_zero(
|
344
|
+
Win.OpenProcessToken(process_handle, desired_access,
|
345
|
+
ptoken_handle)
|
346
|
+
)
|
347
|
+
token_handle = ptr_to_handle(ptoken_handle)
|
348
|
+
return token_handle
|
349
|
+
end
|
350
|
+
|
351
|
+
def self.get_token_information(token_handle,
|
352
|
+
token_information_class)
|
353
|
+
# Hold the size of the information to be returned
|
354
|
+
preturn_length = malloc_ptr(Win::SIZEOF_DWORD)
|
355
|
+
|
356
|
+
# Going to throw an INSUFFICIENT_BUFFER_ERROR, but that is ok
|
357
|
+
# here. This is retrieving the size of the information to be
|
358
|
+
# returned.
|
359
|
+
Win.GetTokenInformation(token_handle,
|
360
|
+
token_information_class,
|
361
|
+
Win::NULL, 0, preturn_length)
|
362
|
+
ptoken_information = malloc_ptr(ptr_to_dword(preturn_length))
|
363
|
+
|
364
|
+
# This call is going to write the requested information to
|
365
|
+
# the memory location referenced by token_information.
|
366
|
+
raise_error_if_zero(
|
367
|
+
Win.GetTokenInformation(token_handle,
|
368
|
+
token_information_class,
|
369
|
+
ptoken_information,
|
370
|
+
ptoken_information.size,
|
371
|
+
preturn_length)
|
372
|
+
)
|
373
|
+
|
374
|
+
return to_token_user(ptoken_information)
|
375
|
+
end
|
376
|
+
|
377
|
+
def self.raise_error_if_zero(result)
|
378
|
+
if result == 0
|
379
|
+
raise "Windows error: #{Win.GetLastError}"
|
380
|
+
end
|
381
|
+
end
|
382
|
+
|
383
|
+
# Get a null-terminated string given a string.
|
384
|
+
def self.get_cstr(str)
|
385
|
+
return str + "\000"
|
386
|
+
end
|
408
387
|
end
|
409
|
-
|
410
|
-
|
411
|
-
|
412
|
-
|
413
|
-
|
414
|
-
|
415
|
-
|
416
|
-
|
417
|
-
|
418
|
-
|
419
|
-
|
420
|
-
|
421
|
-
|
422
|
-
|
423
|
-
|
424
|
-
|
425
|
-
|
426
|
-
|
427
|
-
|
428
|
-
|
388
|
+
|
389
|
+
# This is the pseudo-socket implementation that mimics the interface of
|
390
|
+
# a socket, translating each request into a Windows messaging call to
|
391
|
+
# the pageant daemon. This allows pageant support to be implemented
|
392
|
+
# simply by replacing the socket factory used by the Agent class.
|
393
|
+
class Socket
|
394
|
+
private_class_method :new
|
395
|
+
|
396
|
+
# The factory method for creating a new Socket instance.
|
397
|
+
def self.open
|
398
|
+
new
|
399
|
+
end
|
400
|
+
|
401
|
+
# Create a new instance that communicates with the running pageant
|
402
|
+
# instance. If no such instance is running, this will cause an error.
|
403
|
+
def initialize
|
404
|
+
@win = Win.FindWindow("Pageant", "Pageant")
|
405
|
+
|
406
|
+
if @win.to_i == 0
|
407
|
+
raise Net::SSH::Exception,
|
408
|
+
"pageant process not running"
|
409
|
+
end
|
410
|
+
|
411
|
+
@input_buffer = Net::SSH::Buffer.new
|
412
|
+
@output_buffer = Net::SSH::Buffer.new
|
413
|
+
end
|
414
|
+
|
415
|
+
# Forwards the data to #send_query, ignoring any arguments after
|
416
|
+
# the first.
|
417
|
+
def send(data, *args)
|
418
|
+
@input_buffer.append(data)
|
419
|
+
|
420
|
+
ret = data.length
|
421
|
+
|
422
|
+
while true
|
423
|
+
return ret if @input_buffer.length < 4
|
424
|
+
msg_length = @input_buffer.read_long + 4
|
425
|
+
@input_buffer.reset!
|
426
|
+
|
427
|
+
return ret if @input_buffer.length < msg_length
|
428
|
+
msg = @input_buffer.read!(msg_length)
|
429
|
+
@output_buffer.append(send_query(msg))
|
430
|
+
end
|
431
|
+
end
|
432
|
+
|
433
|
+
# Reads +n+ bytes from the cached result of the last query. If +n+
|
434
|
+
# is +nil+, returns all remaining data from the last query.
|
435
|
+
def read(n = nil)
|
436
|
+
@output_buffer.read(n)
|
437
|
+
end
|
438
|
+
|
439
|
+
def close; end
|
440
|
+
|
441
|
+
# Packages the given query string and sends it to the pageant
|
442
|
+
# process via the Windows messaging subsystem. The result is
|
443
|
+
# cached, to be returned piece-wise when #read is called.
|
444
|
+
def send_query(query)
|
445
|
+
res = nil
|
446
|
+
filemap = 0
|
447
|
+
ptr = nil
|
448
|
+
id = Win.malloc_ptr(Win::SIZEOF_DWORD)
|
449
|
+
|
450
|
+
mapname = "PageantRequest%08x" % Win.GetCurrentThreadId()
|
451
|
+
security_attributes = Win.get_ptr Win.get_security_attributes_for_user
|
452
|
+
|
453
|
+
filemap = Win.CreateFileMapping(Win::INVALID_HANDLE_VALUE,
|
454
|
+
security_attributes,
|
455
|
+
Win::PAGE_READWRITE, 0,
|
456
|
+
AGENT_MAX_MSGLEN, mapname)
|
457
|
+
|
458
|
+
if filemap == 0 || filemap == Win::INVALID_HANDLE_VALUE
|
459
|
+
raise Net::SSH::Exception,
|
460
|
+
"Creation of file mapping failed with error: #{Win.GetLastError}"
|
461
|
+
end
|
462
|
+
|
463
|
+
ptr = Win.MapViewOfFile(filemap, Win::FILE_MAP_WRITE, 0, 0,
|
464
|
+
0)
|
465
|
+
|
466
|
+
if ptr.nil? || ptr.null?
|
467
|
+
raise Net::SSH::Exception, "Mapping of file failed"
|
468
|
+
end
|
469
|
+
|
470
|
+
Win.set_ptr_data(ptr, query)
|
471
|
+
|
472
|
+
# using struct to achieve proper alignment and field size on 64-bit platform
|
473
|
+
cds = Win::COPYDATASTRUCT.new(Win.malloc_ptr(Win::COPYDATASTRUCT.size))
|
474
|
+
cds.dwData = AGENT_COPYDATA_ID
|
475
|
+
cds.cbData = mapname.size + 1
|
476
|
+
cds.lpData = Win.get_cstr(mapname)
|
477
|
+
succ = Win.SendMessageTimeout(@win, Win::WM_COPYDATA, Win::NULL,
|
478
|
+
cds.to_ptr, Win::SMTO_NORMAL, 5000, id)
|
479
|
+
|
480
|
+
if succ > 0
|
481
|
+
retlen = 4 + ptr.to_s(4).unpack("N")[0]
|
482
|
+
res = ptr.to_s(retlen)
|
483
|
+
else
|
484
|
+
raise Net::SSH::Exception, "Message failed with error: #{Win.GetLastError}"
|
485
|
+
end
|
486
|
+
|
487
|
+
return res
|
488
|
+
ensure
|
489
|
+
Win.UnmapViewOfFile(ptr) unless ptr.nil? || ptr.null?
|
490
|
+
Win.CloseHandle(filemap) if filemap != 0
|
491
|
+
end
|
429
492
|
end
|
430
493
|
end
|
431
494
|
|
432
|
-
# Reads +n+ bytes from the cached result of the last query. If +n+
|
433
|
-
# is +nil+, returns all remaining data from the last query.
|
434
|
-
def read(n = nil)
|
435
|
-
@output_buffer.read(n)
|
436
|
-
end
|
437
|
-
|
438
|
-
def close; end
|
439
|
-
|
440
|
-
# Packages the given query string and sends it to the pageant
|
441
|
-
# process via the Windows messaging subsystem. The result is
|
442
|
-
# cached, to be returned piece-wise when #read is called.
|
443
|
-
def send_query(query)
|
444
|
-
res = nil
|
445
|
-
filemap = 0
|
446
|
-
ptr = nil
|
447
|
-
id = Win.malloc_ptr(Win::SIZEOF_DWORD)
|
448
|
-
|
449
|
-
mapname = "PageantRequest%08x" % Win.GetCurrentThreadId()
|
450
|
-
security_attributes = Win.get_ptr Win.get_security_attributes_for_user
|
451
|
-
|
452
|
-
filemap = Win.CreateFileMapping(Win::INVALID_HANDLE_VALUE,
|
453
|
-
security_attributes,
|
454
|
-
Win::PAGE_READWRITE, 0,
|
455
|
-
AGENT_MAX_MSGLEN, mapname)
|
456
|
-
|
457
|
-
if filemap == 0 || filemap == Win::INVALID_HANDLE_VALUE
|
458
|
-
raise Net::SSH::Exception,
|
459
|
-
"Creation of file mapping failed with error: #{Win.GetLastError}"
|
460
|
-
end
|
461
|
-
|
462
|
-
ptr = Win.MapViewOfFile(filemap, Win::FILE_MAP_WRITE, 0, 0,
|
463
|
-
0)
|
464
|
-
|
465
|
-
if ptr.nil? || ptr.null?
|
466
|
-
raise Net::SSH::Exception, "Mapping of file failed"
|
467
|
-
end
|
468
|
-
|
469
|
-
Win.set_ptr_data(ptr, query)
|
470
|
-
|
471
|
-
# using struct to achieve proper alignment and field size on 64-bit platform
|
472
|
-
cds = Win::COPYDATASTRUCT.new(Win.malloc_ptr(Win::COPYDATASTRUCT.size))
|
473
|
-
cds.dwData = AGENT_COPYDATA_ID
|
474
|
-
cds.cbData = mapname.size + 1
|
475
|
-
cds.lpData = Win.get_cstr(mapname)
|
476
|
-
succ = Win.SendMessageTimeout(@win, Win::WM_COPYDATA, Win::NULL,
|
477
|
-
cds.to_ptr, Win::SMTO_NORMAL, 5000, id)
|
478
|
-
|
479
|
-
if succ > 0
|
480
|
-
retlen = 4 + ptr.to_s(4).unpack("N")[0]
|
481
|
-
res = ptr.to_s(retlen)
|
482
|
-
else
|
483
|
-
raise Net::SSH::Exception, "Message failed with error: #{Win.GetLastError}"
|
484
|
-
end
|
485
|
-
|
486
|
-
return res
|
487
|
-
ensure
|
488
|
-
Win.UnmapViewOfFile(ptr) unless ptr.nil? || ptr.null?
|
489
|
-
Win.CloseHandle(filemap) if filemap != 0
|
490
|
-
end
|
491
495
|
end
|
492
496
|
end
|
493
|
-
|
494
|
-
end; end; end
|
497
|
+
end
|