RubyGems - net-ssh - Versions diffs - 5.0.2 → 6.1.0 - Mend

net-ssh 5.0.2 → 6.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/.gitignore +1 -0
data/.rubocop.yml +8 -2
data/.rubocop_todo.yml +392 -379
data/.travis.yml +22 -22
data/CHANGES.txt +63 -0
data/Manifest +0 -1
data/README.md +287 -0
data/Rakefile +1 -2
data/appveyor.yml +4 -2
data/lib/net/ssh.rb +13 -4
data/lib/net/ssh/authentication/agent.rb +9 -3
data/lib/net/ssh/authentication/certificate.rb +10 -1
data/lib/net/ssh/authentication/ed25519.rb +75 -46
data/lib/net/ssh/authentication/ed25519_loader.rb +1 -1
data/lib/net/ssh/authentication/key_manager.rb +35 -6
data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +3 -1
data/lib/net/ssh/authentication/methods/publickey.rb +2 -0
data/lib/net/ssh/authentication/pub_key_fingerprint.rb +0 -1
data/lib/net/ssh/authentication/session.rb +9 -6
data/lib/net/ssh/buffer.rb +41 -10
data/lib/net/ssh/buffered_io.rb +0 -1
data/lib/net/ssh/config.rb +68 -35
data/lib/net/ssh/connection/channel.rb +17 -5
data/lib/net/ssh/connection/event_loop.rb +0 -1
data/lib/net/ssh/connection/session.rb +7 -4
data/lib/net/ssh/key_factory.rb +104 -17
data/lib/net/ssh/known_hosts.rb +41 -26
data/lib/net/ssh/loggable.rb +2 -2
data/lib/net/ssh/proxy/command.rb +0 -1
data/lib/net/ssh/proxy/socks5.rb +0 -1
data/lib/net/ssh/service/forward.rb +2 -1
data/lib/net/ssh/test.rb +8 -7
data/lib/net/ssh/test/extensions.rb +2 -0
data/lib/net/ssh/transport/algorithms.rb +161 -105
data/lib/net/ssh/transport/cipher_factory.rb +11 -27
data/lib/net/ssh/transport/constants.rb +10 -6
data/lib/net/ssh/transport/ctr.rb +1 -7
data/lib/net/ssh/transport/hmac.rb +15 -13
data/lib/net/ssh/transport/hmac/abstract.rb +16 -0
data/lib/net/ssh/transport/hmac/sha2_256.rb +7 -11
data/lib/net/ssh/transport/hmac/sha2_256_96.rb +4 -8
data/lib/net/ssh/transport/hmac/sha2_256_etm.rb +12 -0
data/lib/net/ssh/transport/hmac/sha2_512.rb +6 -9
data/lib/net/ssh/transport/hmac/sha2_512_96.rb +4 -8
data/lib/net/ssh/transport/hmac/sha2_512_etm.rb +12 -0
data/lib/net/ssh/transport/kex.rb +14 -11
data/lib/net/ssh/transport/kex/abstract.rb +123 -0
data/lib/net/ssh/transport/kex/abstract5656.rb +72 -0
data/lib/net/ssh/transport/kex/curve25519_sha256.rb +38 -0
data/lib/net/ssh/transport/kex/curve25519_sha256_loader.rb +30 -0
data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +1 -15
data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +9 -118
data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +0 -6
data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb +5 -9
data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +18 -79
data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +5 -4
data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +5 -4
data/lib/net/ssh/transport/openssl.rb +106 -93
data/lib/net/ssh/transport/packet_stream.rb +52 -20
data/lib/net/ssh/transport/session.rb +26 -4
data/lib/net/ssh/transport/state.rb +1 -1
data/lib/net/ssh/verifiers/accept_new.rb +7 -0
data/lib/net/ssh/verifiers/always.rb +4 -0
data/lib/net/ssh/verifiers/never.rb +4 -0
data/lib/net/ssh/version.rb +3 -3
data/net-ssh-public_cert.pem +18 -19
data/net-ssh.gemspec +9 -7
metadata +56 -40
metadata.gz.sig +0 -0
data/Gemfile.noed25519.lock +0 -41
data/README.rdoc +0 -169
data/lib/net/ssh/ruby_compat.rb +0 -13
data/support/arcfour_check.rb +0 -20

data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb CHANGED

@@ -1,8 +1,9 @@
-module Net
-  module SSH
-    module Transport
-      module Kex
+require 'net/ssh/transport/kex/ecdh_sha2_nistp256'
+module Net
+  module SSH
+    module Transport
+      module Kex
         # A key-exchange service implementing the "ecdh-sha2-nistp256"
         # key-exchange algorithm. (defined in RFC 5656)
         class EcdhSHA2NistP384 < EcdhSHA2NistP256

data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb CHANGED

@@ -1,8 +1,9 @@
-module Net
-  module SSH
-    module Transport
-      module Kex
+require 'net/ssh/transport/kex/ecdh_sha2_nistp256'
+module Net
+  module SSH
+    module Transport
+      module Kex
         # A key-exchange service implementing the "ecdh-sha2-nistp521"
         # key-exchange algorithm. (defined in RFC 5656)
         class EcdhSHA2NistP521 < EcdhSHA2NistP256

data/lib/net/ssh/transport/openssl.rb CHANGED

@@ -98,9 +98,9 @@ module OpenSSL
         sig_r = sig[0,20].unpack("H*")[0].to_i(16)
         sig_s = sig[20,20].unpack("H*")[0].to_i(16)
         a1sig = OpenSSL::ASN1::Sequence([
-           OpenSSL::ASN1::Integer(sig_r),
-           OpenSSL::ASN1::Integer(sig_s)
-        ])
+                                          OpenSSL::ASN1::Integer(sig_r),
+                                          OpenSSL::ASN1::Integer(sig_s)
+                                        ])
         return verify(OpenSSL::Digest::SHA1.new, a1sig.to_der, data)
       end
@@ -121,115 +121,128 @@ module OpenSSL
       end
     end
-    if defined?(OpenSSL::PKey::EC)
-      # This class is originally defined in the OpenSSL module. As needed, methods
-      # have been added to it by the Net::SSH module for convenience in dealing
-      # with SSH functionality.
-      class EC
-        CurveNameAlias = {
-          "nistp256" => "prime256v1",
-          "nistp384" => "secp384r1",
-          "nistp521" => "secp521r1"
-        }
-        CurveNameAliasInv = {
-          "prime256v1" => "nistp256",
-          "secp384r1" => "nistp384",
-          "secp521r1" => "nistp521"
-        }
-        def self.read_keyblob(curve_name_in_type, buffer)
-          curve_name_in_key = buffer.read_string
-          raise Net::SSH::Exception, "curve name mismatched (`#{curve_name_in_key}' with `#{curve_name_in_type}')" unless curve_name_in_type == curve_name_in_key
-          public_key_oct = buffer.read_string
-          begin
-            key = OpenSSL::PKey::EC.new(OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key])
-            group = key.group
-            point = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(public_key_oct, 2))
-            key.public_key = point
-            return key
-          rescue OpenSSL::PKey::ECError
-            raise NotImplementedError, "unsupported key type `#{type}'"
-          end
+    # This class is originally defined in the OpenSSL module. As needed, methods
+    # have been added to it by the Net::SSH module for convenience in dealing
+    # with SSH functionality.
+    class EC
+      CurveNameAlias = {
+        'nistp256' => 'prime256v1',
+        'nistp384' => 'secp384r1',
+        'nistp521' => 'secp521r1'
+      }.freeze
+      CurveNameAliasInv = {
+        'prime256v1' => 'nistp256',
+        'secp384r1' => 'nistp384',
+        'secp521r1' => 'nistp521'
+      }.freeze
+      def self.read_keyblob(curve_name_in_type, buffer)
+        curve_name_in_key = buffer.read_string
+        unless curve_name_in_type == curve_name_in_key
+          raise Net::SSH::Exception, "curve name mismatched (`#{curve_name_in_key}' with `#{curve_name_in_type}')"
         end
-        # Returns the description of this key type used by the
-        # SSH2 protocol, like "ecdsa-sha2-nistp256"
-        def ssh_type
-          "ecdsa-sha2-#{CurveNameAliasInv[self.group.curve_name]}"
-        end
+        public_key_oct = buffer.read_string
+        begin
+          key = OpenSSL::PKey::EC.new(OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key])
+          group = key.group
+          point = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(public_key_oct, 2))
+          key.public_key = point
-        def ssh_signature_type
-          ssh_type
+          return key
+        rescue OpenSSL::PKey::ECError
+          raise NotImplementedError, "unsupported key type `#{type}'"
         end
+      end
-        def digester
-          if self.group.curve_name =~ /^[a-z]+(\d+)\w*\z/
-            curve_size = $1.to_i
-            if curve_size <= 256
-              OpenSSL::Digest::SHA256.new
-            elsif curve_size <= 384
-              OpenSSL::Digest::SHA384.new
-            else
-              OpenSSL::Digest::SHA512.new
-            end
-          else
+      # Returns the description of this key type used by the
+      # SSH2 protocol, like "ecdsa-sha2-nistp256"
+      def ssh_type
+        "ecdsa-sha2-#{CurveNameAliasInv[group.curve_name]}"
+      end
+      def ssh_signature_type
+        ssh_type
+      end
+      def digester
+        if group.curve_name =~ /^[a-z]+(\d+)\w*\z/
+          curve_size = Regexp.last_match(1).to_i
+          if curve_size <= 256
             OpenSSL::Digest::SHA256.new
+          elsif curve_size <= 384
+            OpenSSL::Digest::SHA384.new
+          else
+            OpenSSL::Digest::SHA512.new
           end
+        else
+          OpenSSL::Digest::SHA256.new
         end
-        private :digester
+      end
+      private :digester
-        # Converts the key to a blob, according to the SSH2 protocol.
-        def to_blob
-          @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
-                                          :string, CurveNameAliasInv[self.group.curve_name],
-                                          :mstring, self.public_key.to_bn.to_s(2)).to_s
-          @blob
-        end
+      # Converts the key to a blob, according to the SSH2 protocol.
+      def to_blob
+        @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
+                                        :string, CurveNameAliasInv[group.curve_name],
+                                        :mstring, public_key.to_bn.to_s(2)).to_s
+        @blob
+      end
-        # Verifies the given signature matches the given data.
-        def ssh_do_verify(sig, data)
-          digest = digester.digest(data)
-          a1sig = nil
+      # Verifies the given signature matches the given data.
+      def ssh_do_verify(sig, data)
+        digest = digester.digest(data)
+        a1sig = nil
-          begin
-            sig_r_len = sig[0,4].unpack("H*")[0].to_i(16)
-            sig_l_len = sig[4 + sig_r_len,4].unpack("H*")[0].to_i(16)
+        begin
+          sig_r_len = sig[0, 4].unpack('H*')[0].to_i(16)
+          sig_l_len = sig[4 + sig_r_len, 4].unpack('H*')[0].to_i(16)
-            sig_r = sig[4,sig_r_len].unpack("H*")[0]
-            sig_s = sig[4 + sig_r_len + 4,sig_l_len].unpack("H*")[0]
+          sig_r = sig[4, sig_r_len].unpack('H*')[0]
+          sig_s = sig[4 + sig_r_len + 4, sig_l_len].unpack('H*')[0]
-            a1sig = OpenSSL::ASN1::Sequence([
-              OpenSSL::ASN1::Integer(sig_r.to_i(16)),
-              OpenSSL::ASN1::Integer(sig_s.to_i(16))
-            ])
-          rescue StandardError
-          end
+          a1sig = OpenSSL::ASN1::Sequence([
+                                            OpenSSL::ASN1::Integer(sig_r.to_i(16)),
+                                            OpenSSL::ASN1::Integer(sig_s.to_i(16))
+                                          ])
+        rescue StandardError
+        end
-          if a1sig == nil
-            return false
-          else
-            dsa_verify_asn1(digest, a1sig.to_der)
-          end
+        if a1sig.nil?
+          return false
+        else
+          dsa_verify_asn1(digest, a1sig.to_der)
         end
+      end
+      # Returns the signature for the given data.
+      def ssh_do_sign(data)
+        digest = digester.digest(data)
+        sig = dsa_sign_asn1(digest)
+        a1sig = OpenSSL::ASN1.decode(sig)
-        # Returns the signature for the given data.
-        def ssh_do_sign(data)
-          digest = digester.digest(data)
-          sig = dsa_sign_asn1(digest)
-          a1sig = OpenSSL::ASN1.decode(sig)
+        sig_r = a1sig.value[0].value
+        sig_s = a1sig.value[1].value
-          sig_r = a1sig.value[0].value
-          sig_s = a1sig.value[1].value
+        Net::SSH::Buffer.from(:bignum, sig_r, :bignum, sig_s).to_s
+      end
-          return Net::SSH::Buffer.from(:bignum, sig_r, :bignum, sig_s).to_s
+      class Point
+        # Returns the description of this key type used by the
+        # SSH2 protocol, like "ecdsa-sha2-nistp256"
+        def ssh_type
+          "ecdsa-sha2-#{CurveNameAliasInv[group.curve_name]}"
+        end
+        # Converts the key to a blob, according to the SSH2 protocol.
+        def to_blob
+          @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
+                                          :string, CurveNameAliasInv[group.curve_name],
+                                          :mstring, to_bn.to_s(2)).to_s
+          @blob
         end
-      end
-    else
-      class OpenSSL::PKey::ECError < RuntimeError
-        # for compatibility with interpreters
-        # without EC support (i.e. JRuby)
       end
     end
   end

data/lib/net/ssh/transport/packet_stream.rb CHANGED

@@ -1,7 +1,6 @@
 require 'net/ssh/buffered_io'
 require 'net/ssh/errors'
 require 'net/ssh/packet'
-require 'net/ssh/ruby_compat'
 require 'net/ssh/transport/cipher_factory'
 require 'net/ssh/transport/hmac'
 require 'net/ssh/transport/state'
@@ -81,8 +80,8 @@ module Net
         # default), then this will return immediately, whether a packet is
         # available or not, and will return nil if there is no packet ready to be
         # returned. If the mode parameter is :block, then this method will block
-        # until a packet is available.
-        def next_packet(mode=:nonblock)
+        # until a packet is available or timeout seconds have passed.
+        def next_packet(mode=:nonblock, timeout=nil)
           case mode
           when :nonblock then
             packet = poll_next_packet
@@ -105,11 +104,8 @@ module Net
               packet = poll_next_packet
               return packet if packet
-              loop do
-                result = IO.select([self]) or next
-                break if result.first.any?
-              end
+              result = IO.select([self], nil, nil, timeout)
+              raise Net::SSH::ConnectionTimeout, "timeout waiting for next packet" unless result
               raise Net::SSH::Disconnect, "connection closed by remote host" if fill <= 0
             end
@@ -133,7 +129,7 @@ module Net
           payload = client.compress(payload)
           # the length of the packet, minus the padding
-          actual_length = 4 + payload.bytesize + 1
+          actual_length = (client.hmac.etm ? 0 : 4) + payload.bytesize + 1
           # compute the padding length
           padding_length = client.block_size - (actual_length % client.block_size)
@@ -149,11 +145,32 @@ module Net
           padding = Array.new(padding_length) { rand(256) }.pack("C*")
-          unencrypted_data = [packet_length, padding_length, payload, padding].pack("NCA*A*")
-          mac = client.hmac.digest([client.sequence_number, unencrypted_data].pack("NA*"))
+          if client.hmac.etm
+            debug { "using encrypt-then-mac" }
+            # Encrypt padding_length, payload, and padding. Take MAC
+            # from the unencrypted packet_lenght and the encrypted
+            # data.
+            length_data = [packet_length].pack("N")
+            unencrypted_data = [padding_length, payload, padding].pack("CA*A*")
-          encrypted_data = client.update_cipher(unencrypted_data) << client.final_cipher
-          message = encrypted_data + mac
+            encrypted_data = client.update_cipher(unencrypted_data) << client.final_cipher
+            mac_data = length_data + encrypted_data
+            mac = client.hmac.digest([client.sequence_number, mac_data].pack("NA*"))
+            message = mac_data + mac
+          else
+            unencrypted_data = [packet_length, padding_length, payload, padding].pack("NCA*A*")
+            mac = client.hmac.digest([client.sequence_number, unencrypted_data].pack("NA*"))
+            encrypted_data = client.update_cipher(unencrypted_data) << client.final_cipher
+            message = encrypted_data + mac
+          end
           debug { "queueing packet nr #{client.sequence_number} type #{payload.getbyte(0)} len #{packet_length}" }
           enqueue(message)
@@ -198,18 +215,27 @@ module Net
         # read, post-processed according to the cipher, hmac, and compression
         # algorithms specified in the server state object, and returned as a
         # new Packet object.
+        # rubocop:disable Metrics/AbcSize
         def poll_next_packet
+          aad_length = server.hmac.etm ? 4 : 0
           if @packet.nil?
             minimum = server.block_size < 4 ? 4 : server.block_size
-            return nil if available < minimum
-            data = read_available(minimum)
+            return nil if available < minimum + aad_length
+            data = read_available(minimum + aad_length)
             # decipher it
-            @packet = Net::SSH::Buffer.new(server.update_cipher(data))
-            @packet_length = @packet.read_long
+            if server.hmac.etm
+              @packet_length = data.unpack("N").first
+              @mac_data = data
+              @packet = Net::SSH::Buffer.new(server.update_cipher(data[aad_length..-1]))
+            else
+              @packet = Net::SSH::Buffer.new(server.update_cipher(data))
+              @packet_length = @packet.read_long
+            end
           end
-          need = @packet_length + 4 - server.block_size
+          need = @packet_length + 4 - aad_length - server.block_size
           raise Net::SSH::Exception, "padding error, need #{need} block #{server.block_size}" if need % server.block_size != 0
           return nil if available < need + server.hmac.mac_length
@@ -217,6 +243,7 @@ module Net
           if need > 0
             # read the remainder of the packet and decrypt it.
             data = read_available(need)
+            @mac_data += data if server.hmac.etm
             @packet.append(server.update_cipher(data))
           end
@@ -229,8 +256,12 @@ module Net
           payload = @packet.read(@packet_length - padding_length - 1)
-          my_computed_hmac = server.hmac.digest([server.sequence_number, @packet.content].pack("NA*"))
-          raise Net::SSH::Exception, "corrupted hmac detected" if real_hmac != my_computed_hmac
+          my_computed_hmac = if server.hmac.etm
+                               server.hmac.digest([server.sequence_number, @mac_data].pack("NA*"))
+                             else
+                               server.hmac.digest([server.sequence_number, @packet.content].pack("NA*"))
+                             end
+          raise Net::SSH::Exception, "corrupted hmac detected #{server.hmac.class}" if real_hmac != my_computed_hmac
           # try to decompress the payload, in case compression is active
           payload = server.decompress(payload)
@@ -243,6 +274,7 @@ module Net
           return Packet.new(payload)
         end
       end
+      # rubocop:enable Metrics/AbcSize
     end
   end

data/lib/net/ssh/transport/session.rb CHANGED

@@ -190,7 +190,7 @@ module Net
           loop do
             return @queue.shift if consume_queue && @queue.any? && algorithms.allow?(@queue.first)
-            packet = socket.next_packet(mode)
+            packet = socket.next_packet(mode, options[:timeout])
             return nil if packet.nil?
             case packet.type
@@ -274,6 +274,23 @@ module Net
         private
+        # Compatibility verifier which allows users to keep using
+        # custom verifier code without adding new :verify_signature
+        # method.
+        class CompatibleVerifier
+          def initialize(verifier)
+            @verifier = verifier
+          end
+          def verify(arguments)
+            @verifier.verify(arguments)
+          end
+          def verify_signature(&block)
+            yield
+          end
+        end
         # Instantiates a new host-key verification class, based on the value of
         # the parameter.
         #
@@ -285,8 +302,8 @@ module Net
         # - :accept_new (insecure)
         # - :always (secure)
         #
-        # If the argument happens to respond to :verify, it is returned
-        # directly. Otherwise, an exception is raised.
+        # If the argument happens to respond to :verify and :verify_signature,
+        # it is returned directly. Otherwise, an exception is raised.
         #
         # Values false, true, and :very were deprecated in
         # [#595](https://github.com/net-ssh/net-ssh/pull/595)
@@ -314,7 +331,12 @@ module Net
             Net::SSH::Verifiers::Always.new
           else
             if verifier.respond_to?(:verify)
-              verifier
+              if verifier.respond_to?(:verify_signature)
+                verifier
+              else
+                Kernel.warn("Warning: verifier without :verify_signature is deprecated")
+                CompatibleVerifier.new(verifier)
+              end
             else
               raise(
                 ArgumentError,