net-ssh 5.2.0 → 6.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (69) hide show
  1. checksums.yaml +5 -5
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/.gitignore +1 -0
  5. data/.rubocop.yml +7 -4
  6. data/.rubocop_todo.yml +392 -379
  7. data/.travis.yml +16 -17
  8. data/CHANGES.txt +11 -0
  9. data/Manifest +0 -1
  10. data/README.md +286 -0
  11. data/Rakefile +1 -2
  12. data/appveyor.yml +4 -2
  13. data/lib/net/ssh.rb +7 -2
  14. data/lib/net/ssh/authentication/certificate.rb +10 -1
  15. data/lib/net/ssh/authentication/ed25519.rb +2 -1
  16. data/lib/net/ssh/authentication/ed25519_loader.rb +1 -1
  17. data/lib/net/ssh/authentication/key_manager.rb +34 -5
  18. data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +3 -1
  19. data/lib/net/ssh/authentication/pub_key_fingerprint.rb +0 -1
  20. data/lib/net/ssh/authentication/session.rb +9 -6
  21. data/lib/net/ssh/buffer.rb +1 -10
  22. data/lib/net/ssh/buffered_io.rb +0 -1
  23. data/lib/net/ssh/config.rb +51 -32
  24. data/lib/net/ssh/connection/channel.rb +17 -5
  25. data/lib/net/ssh/connection/event_loop.rb +0 -1
  26. data/lib/net/ssh/connection/session.rb +7 -4
  27. data/lib/net/ssh/key_factory.rb +6 -8
  28. data/lib/net/ssh/known_hosts.rb +27 -29
  29. data/lib/net/ssh/loggable.rb +2 -2
  30. data/lib/net/ssh/proxy/command.rb +0 -1
  31. data/lib/net/ssh/proxy/socks5.rb +0 -1
  32. data/lib/net/ssh/service/forward.rb +2 -1
  33. data/lib/net/ssh/test.rb +3 -2
  34. data/lib/net/ssh/transport/algorithms.rb +67 -42
  35. data/lib/net/ssh/transport/cipher_factory.rb +11 -27
  36. data/lib/net/ssh/transport/constants.rb +10 -6
  37. data/lib/net/ssh/transport/ctr.rb +1 -7
  38. data/lib/net/ssh/transport/hmac.rb +15 -13
  39. data/lib/net/ssh/transport/hmac/abstract.rb +16 -0
  40. data/lib/net/ssh/transport/hmac/sha2_256.rb +7 -11
  41. data/lib/net/ssh/transport/hmac/sha2_256_96.rb +4 -8
  42. data/lib/net/ssh/transport/hmac/sha2_256_etm.rb +12 -0
  43. data/lib/net/ssh/transport/hmac/sha2_512.rb +6 -9
  44. data/lib/net/ssh/transport/hmac/sha2_512_96.rb +4 -8
  45. data/lib/net/ssh/transport/hmac/sha2_512_etm.rb +12 -0
  46. data/lib/net/ssh/transport/kex.rb +14 -11
  47. data/lib/net/ssh/transport/kex/abstract.rb +123 -0
  48. data/lib/net/ssh/transport/kex/abstract5656.rb +72 -0
  49. data/lib/net/ssh/transport/kex/curve25519_sha256.rb +38 -0
  50. data/lib/net/ssh/transport/kex/curve25519_sha256_loader.rb +30 -0
  51. data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +1 -15
  52. data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +9 -118
  53. data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +0 -6
  54. data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb +5 -9
  55. data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +18 -79
  56. data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +5 -4
  57. data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +5 -4
  58. data/lib/net/ssh/transport/openssl.rb +104 -107
  59. data/lib/net/ssh/transport/packet_stream.rb +44 -11
  60. data/lib/net/ssh/transport/state.rb +1 -1
  61. data/lib/net/ssh/version.rb +2 -2
  62. data/net-ssh-public_cert.pem +8 -8
  63. data/net-ssh.gemspec +9 -7
  64. metadata +46 -29
  65. metadata.gz.sig +2 -3
  66. data/Gemfile.noed25519.lock +0 -41
  67. data/README.rdoc +0 -194
  68. data/lib/net/ssh/ruby_compat.rb +0 -13
  69. data/support/arcfour_check.rb +0 -20
@@ -7,12 +7,12 @@ addon:
7
7
  gateway.netssh
8
8
 
9
9
  rvm:
10
- - 2.2.10
11
- - 2.3.7
12
- - 2.4.5
13
- - 2.5.3
14
- - 2.6.0-rc2
15
- - jruby-9.2.5.0
10
+ - 2.3.8
11
+ - 2.4.8
12
+ - 2.5.7
13
+ - 2.6.5
14
+ - 2.7.0
15
+ - jruby-9.2.11.1
16
16
  - rbx-3.107
17
17
  - ruby-head
18
18
  env:
@@ -21,33 +21,32 @@ env:
21
21
  matrix:
22
22
  exclude:
23
23
  - rvm: rbx-3.107
24
- - rvm: jruby-9.2.5.0
25
24
  include:
26
25
  - rvm: rbx-3.107
27
26
  env: NET_SSH_RUN_INTEGRATION_TESTS=
28
- - rvm: jruby-9.2.5.0
27
+ - rvm: jruby-9.2.11.1
29
28
  env: JRUBY_OPTS='--client -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -Xcext.enabled=false -J-Xss2m -Xcompile.invokedynamic=false' NET_SSH_RUN_INTEGRATION_TESTS=
30
29
  fast_finish: true
31
30
  allow_failures:
32
31
  - rvm: rbx-3.107
33
- - rvm: jruby-9.2.5.0
32
+ - rvm: jruby-9.2.11.1
34
33
  - rvm: ruby-head
35
34
 
36
35
  install:
37
36
  - export JRUBY_OPTS='--client -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -Xcext.enabled=false -J-Xss2m -Xcompile.invokedynamic=false'
38
37
  - sudo pip install ansible urllib3 pyOpenSSL ndg-httpsclient pyasn1
39
- - gem install bundler -v "= 1.16"
38
+ - gem install bundler -v "= 1.17"
40
39
  - gem list bundler
41
- - bundle _1.16_ install
42
- - bundle _1.16_ -v
43
- - BUNDLE_GEMFILE=./Gemfile.noed25519 bundle _1.16_ install
40
+ - bundle _1.17_ install
41
+ - bundle _1.17_ -v
42
+ - BUNDLE_GEMFILE=./Gemfile.noed25519 bundle _1.17_ install
44
43
  - sudo ansible-galaxy install rvm.ruby
45
44
  - sudo chown -R travis:travis /home/travis/.ansible
46
45
  - ansible-playbook ./test/integration/playbook.yml -i "localhost," --become -c local -e 'no_rvm=true' -e 'myuser=travis' -e 'mygroup=travis' -e 'homedir=/home/travis'
47
46
 
48
47
  script:
49
48
  - ssh -V
50
- - bundle _1.16_ exec rake test
51
- - BUNDLE_GEMFILE=./Gemfile.noed25519 bundle _1.16_ exec rake test
52
- - bundle _1.16_ exec rake test_test
53
- - bundle _1.16_ exec rubocop
49
+ - bundle _1.17_ exec rake test
50
+ - BUNDLE_GEMFILE=./Gemfile.noed25519 bundle _1.17_ exec rake test
51
+ - bundle _1.17_ exec rake test_test
52
+ - bundle _1.17_ exec rubocop
@@ -1,3 +1,14 @@
1
+ === 6.0.0 beta2
2
+
3
+ * Support :certkeys and CertificateFile configuration option [Anders Carling, #722]
4
+
5
+ === 6.0.0 beta1
6
+
7
+ * curve25519sha256 support [Florian Wininger ,#690]
8
+ * disabled insecure algs [Florian Wininger , #709]
9
+
10
+ === 5.2.0
11
+
1
12
  === 5.2.0.rc3
2
13
 
3
14
  * Fix check_host_ip read from config
data/Manifest CHANGED
@@ -33,7 +33,6 @@ lib/net/ssh/proxy/errors.rb
33
33
  lib/net/ssh/proxy/http.rb
34
34
  lib/net/ssh/proxy/socks4.rb
35
35
  lib/net/ssh/proxy/socks5.rb
36
- lib/net/ssh/ruby_compat.rb
37
36
  lib/net/ssh/service/forward.rb
38
37
  lib/net/ssh/test.rb
39
38
  lib/net/ssh/test/channel.rb
@@ -0,0 +1,286 @@
1
+ [![Gem Version](https://badge.fury.io/rb/net-ssh.svg)](https://badge.fury.io/rb/net-ssh)
2
+ [![Join the chat at https://gitter.im/net-ssh/net-ssh](https://badges.gitter.im/net-ssh/net-ssh.svg)](https://gitter.im/net-ssh/net-ssh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
3
+ [![Build Status](https://travis-ci.org/net-ssh/net-ssh.svg?branch=master)](https://travis-ci.org/net-ssh/net-ssh)
4
+ [![Coverage status](https://codecov.io/gh/net-ssh/net-ssh/branch/master/graph/badge.svg)](https://codecov.io/gh/net-ssh/net-ssh)
5
+ [![Backers on Open Collective](https://opencollective.com/net-ssh/backers/badge.svg)](#backers])
6
+ [![Sponsors on Open Collective](https://opencollective.com/net-ssh/sponsors/badge.svg)](#sponsors)
7
+
8
+ # Net::SSH 6.x
9
+
10
+ * Docs: http://net-ssh.github.com/net-ssh
11
+ * Issues: https://github.com/net-ssh/net-ssh/issues
12
+ * Codes: https://github.com/net-ssh/net-ssh
13
+ * Email: net-ssh@solutious.com
14
+
15
+ *As of v2.6.4, all gem releases are signed. See [INSTALL](#install).*
16
+
17
+ ## DESCRIPTION:
18
+
19
+ Net::SSH is a pure-Ruby implementation of the SSH2 client protocol.
20
+ It allows you to write programs that invoke and interact with processes on remote servers, via SSH2.
21
+
22
+ ## FEATURES:
23
+
24
+ * Execute processes on remote servers and capture their output
25
+ * Run multiple processes in parallel over a single SSH connection
26
+ * Support for SSH subsystems
27
+ * Forward local and remote ports via an SSH connection
28
+
29
+ ## Supported Algorithms
30
+
31
+ Net::SSH 6.0 disables by default the usage of weak algorithms.
32
+ We strongly recommend that you install a servers's version that supports the latest algorithms.
33
+
34
+ It is possible to return to the previous behavior by adding the option : `append_all_supported_algorithms: true`
35
+
36
+ Unsecure algoritms will be definively remove in Net::SSH 7.*.
37
+
38
+ ### Host Keys
39
+
40
+ | Name | Support | Details |
41
+ |----------------------|-----------------------|----------|
42
+ | ssh-rsa | OK | |
43
+ | ssh-ed25519 | OK | Require the gem `ed25519` |
44
+ | ecdsa-sha2-nistp521 | OK | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
45
+ | ecdsa-sha2-nistp384 | OK | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
46
+ | ecdsa-sha2-nistp256 | OK | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
47
+ | ssh-dss | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
48
+
49
+ ### Key Exchange
50
+
51
+ | Name | Support | Details |
52
+ |--------------------------------------|-----------------------|----------|
53
+ | curve25519-sha256 | OK | Require the gem `x25519` |
54
+ | ecdh-sha2-nistp521 | OK | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
55
+ | ecdh-sha2-nistp384 | OK | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
56
+ | ecdh-sha2-nistp256 | OK | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
57
+ | diffie-hellman-group1-sha1 | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
58
+ | diffie-hellman-group14-sha1 | OK | |
59
+ | diffie-hellman-group-exchange-sha1 | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
60
+ | diffie-hellman-group-exchange-sha256 | OK | |
61
+
62
+ ### Encryption algorithms (ciphers)
63
+
64
+ | Name | Support | Details |
65
+ |--------------------------------------|-----------------------|----------|
66
+ | aes256-ctr / aes192-ctr / aes128-ctr | OK | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
67
+ | aes256-cbc / aes192-cbc / aes128-cbc | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
68
+ | rijndael-cbc@lysator.liu.se | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
69
+ | blowfish-ctr blowfish-cbc | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
70
+ | cast128-ctr cast128-cbc | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
71
+ | 3des-ctr 3des-cbc | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
72
+ | idea-cbc | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
73
+ | none | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
74
+
75
+ ### Message Authentication Code algorithms
76
+
77
+ | Name | Support | Details |
78
+ |----------------------|-----------------------|----------|
79
+ | hmac-sha2-512-etm | OK | |
80
+ | hmac-sha2-256-etm | OK | |
81
+ | hmac-sha2-512 | OK | |
82
+ | hmac-sha2-256 | OK | |
83
+ | hmac-sha2-512-96 | Deprecated in 6.0 | removed from the specification, will be removed in 7.0 |
84
+ | hmac-sha2-256-96 | Deprecated in 6.0 | removed from the specification, will be removed in 7.0 |
85
+ | hmac-sha1 | OK | for backward compatibility |
86
+ | hmac-sha1-96 | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
87
+ | hmac-ripemd160 | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
88
+ | hmac-md5 | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
89
+ | hmac-md5-96 | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
90
+ | none | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
91
+
92
+ ## SYNOPSIS:
93
+
94
+ In a nutshell:
95
+
96
+ ```ruby
97
+ require 'net/ssh'
98
+
99
+ Net::SSH.start('host', 'user', password: "password") do |ssh|
100
+ # capture all stderr and stdout output from a remote process
101
+ output = ssh.exec!("hostname")
102
+ puts output
103
+
104
+ # capture only stdout matching a particular pattern
105
+ stdout = ""
106
+ ssh.exec!("ls -l /home/jamis") do |channel, stream, data|
107
+ stdout << data if stream == :stdout
108
+ end
109
+ puts stdout
110
+
111
+ # run multiple processes in parallel to completion
112
+ ssh.exec "sed ..."
113
+ ssh.exec "awk ..."
114
+ ssh.exec "rm -rf ..."
115
+ ssh.loop
116
+
117
+ # open a new channel and configure a minimal set of callbacks, then run
118
+ # the event loop until the channel finishes (closes)
119
+ channel = ssh.open_channel do |ch|
120
+ ch.exec "/usr/local/bin/ruby /path/to/file.rb" do |ch, success|
121
+ raise "could not execute command" unless success
122
+
123
+ # "on_data" is called when the process writes something to stdout
124
+ ch.on_data do |c, data|
125
+ $stdout.print data
126
+ end
127
+
128
+ # "on_extended_data" is called when the process writes something to stderr
129
+ ch.on_extended_data do |c, type, data|
130
+ $stderr.print data
131
+ end
132
+
133
+ ch.on_close { puts "done!" }
134
+ end
135
+ end
136
+
137
+ channel.wait
138
+
139
+ # forward connections on local port 1234 to port 80 of www.capify.org
140
+ ssh.forward.local(1234, "www.capify.org", 80)
141
+ ssh.loop { true }
142
+ end
143
+ ```
144
+
145
+ See Net::SSH for more documentation, and links to further information.
146
+
147
+ ## REQUIREMENTS:
148
+
149
+ The only requirement you might be missing is the OpenSSL bindings for Ruby with a version greather than `1.0.1`.
150
+ These are built by default on most platforms, but you can verify that they're built and installed on your system by running the following command line:
151
+
152
+ ```sh
153
+ ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'
154
+ ```
155
+
156
+ If that spits out something like `OpenSSL 1.0.1 14 Mar 2012`, then you're set.
157
+ If you get an error, then you'll need to see about rebuilding ruby with OpenSSL support,
158
+ or (if your platform supports it) installing the OpenSSL bindings separately.
159
+
160
+ ## INSTALL:
161
+
162
+ ```sh
163
+ gem install net-ssh # might need sudo privileges
164
+ ```
165
+
166
+ NOTE: If you are running on jruby on windows you need to install `jruby-pageant` manually
167
+ (gemspec doesn't allow for platform specific dependencies).
168
+
169
+ However, in order to be sure the code you're installing hasn't been tampered with,
170
+ it's recommended that you verify the [signature](http://docs.rubygems.org/read/chapter/21).
171
+ To do this, you need to add my public key as a trusted certificate (you only need to do this once):
172
+
173
+ ```sh
174
+ # Add the public key as a trusted certificate
175
+ # (You only need to do this once)
176
+ curl -O https://raw.githubusercontent.com/net-ssh/net-ssh/master/net-ssh-public_cert.pem
177
+ gem cert --add net-ssh-public_cert.pem
178
+ ```
179
+
180
+ Then, when install the gem, do so with high security:
181
+
182
+ ```sh
183
+ gem install net-ssh -P HighSecurity
184
+ ```
185
+
186
+ If you don't add the public key, you'll see an error like "Couldn't verify data signature".
187
+ If you're still having trouble let me know and I'll give you a hand.
188
+
189
+ For ed25519 public key auth support your bundle file should contain `ed25519`, `bcrypt_pbkdf` dependencies.
190
+
191
+ ```sh
192
+ gem install ed25519
193
+ gem install bcrypt_pbkdf
194
+ ```
195
+
196
+ For curve25519-sha256 kex exchange support your bundle file should contain `x25519` dependency.
197
+
198
+ ## RUBY SUPPORT
199
+
200
+ * See [net-ssh.gemspec](https://github.com/net-ssh/net-ssh/blob/master/net-ssh.gemspec) for current versions ruby requirements
201
+
202
+ ## RUNNING TESTS
203
+
204
+ If you want to run the tests or use any of the Rake tasks, you'll need Mocha and
205
+ other dependencies listed in Gemfile
206
+
207
+ Run the test suite from the net-ssh directory with the following command:
208
+
209
+ ```sh
210
+ bundle exec rake test
211
+ ```
212
+
213
+ Run a single test file like this:
214
+
215
+ ```sh
216
+ ruby -Ilib -Itest test/transport/test_server_version.rb
217
+ ```
218
+
219
+ To run integration tests see test/integration/README.txt
220
+
221
+ ### BUILDING GEM
222
+
223
+ ```sh
224
+ rake build
225
+ ```
226
+
227
+ ### GEM SIGNING (for maintainers)
228
+
229
+ If you have the net-ssh private signing key, you will be able to create signed release builds. Make sure the private key path matches the `signing_key` path set in `net-ssh.gemspec` and tell rake to sign the gem by setting the `NET_SSH_BUILDGEM_SIGNED` flag:
230
+
231
+ ```sh
232
+ NET_SSH_BUILDGEM_SIGNED=true rake build
233
+ ```
234
+
235
+ For time to time, the public certificate associated to the private key needs to be renewed. You can do this with the following command:
236
+
237
+ ```sh
238
+ gem cert --build netssh@solutious.com --private-key path/2/net-ssh-private_key.pem
239
+ mv gem-public_cert.pem net-ssh-public_cert.pem
240
+ gem cert --add net-ssh-public_cert.pem
241
+ ```
242
+
243
+ ## CREDITS
244
+
245
+ ### Contributors
246
+
247
+ This project exists thanks to all the people who contribute.
248
+
249
+ [![contributors](https://opencollective.com/net-ssh/contributors.svg?width=890&button=false)](graphs/contributors)
250
+
251
+ ### Backers
252
+
253
+ Thank you to all our backers! 🙏 [Become a backer](https://opencollective.com/net-ssh#backer)
254
+
255
+ [![backers](https://opencollective.com/net-ssh/backers.svg?width=890)](https://opencollective.com/net-ssh#backers)
256
+
257
+ ### Sponsors
258
+
259
+ Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor](https://opencollective.com/net-ssh#sponsor)
260
+
261
+ [![Sponsor](https://opencollective.com/net-ssh/sponsor/0/avatar.svg)](https://opencollective.com/net-ssh/sponsor/0/website)
262
+
263
+ ## LICENSE:
264
+
265
+ (The MIT License)
266
+
267
+ Copyright (c) 2008 Jamis Buck
268
+
269
+ Permission is hereby granted, free of charge, to any person obtaining
270
+ a copy of this software and associated documentation files (the
271
+ 'Software'), to deal in the Software without restriction, including
272
+ without limitation the rights to use, copy, modify, merge, publish,
273
+ distribute, sublicense, and/or sell copies of the Software, and to
274
+ permit persons to whom the Software is furnished to do so, subject to
275
+ the following conditions:
276
+
277
+ The above copyright notice and this permission notice shall be
278
+ included in all copies or substantial portions of the Software.
279
+
280
+ THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
281
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
282
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
283
+ IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
284
+ CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
285
+ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
286
+ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/Rakefile CHANGED
@@ -1,4 +1,3 @@
1
-
2
1
  #
3
2
  # Also in your terminal environment run:
4
3
  # $ export LANG=en_US.UTF-8
@@ -32,7 +31,7 @@ RDoc::Task.new do |rdoc|
32
31
  rdoc.rdoc_dir = "rdoc"
33
32
  rdoc.title = "#{name} #{version}"
34
33
  rdoc.generator = 'hanna' # gem install hanna-nouveau
35
- rdoc.main = 'README.rdoc'
34
+ rdoc.main = 'README.md'
36
35
  rdoc.rdoc_files.include("README*")
37
36
  rdoc.rdoc_files.include("bin/*.rb")
38
37
  rdoc.rdoc_files.include("lib/**/*.rb")
@@ -5,9 +5,11 @@ skip_tags: true
5
5
  environment:
6
6
  matrix:
7
7
  - ruby_version: "jruby-9.1.2.0"
8
+ - ruby_version: "26-x64"
9
+ - ruby_version: "25-x64"
10
+ - ruby_version: "24-x64"
8
11
  - ruby_version: "23"
9
12
  - ruby_version: "23-x64"
10
- - ruby_version: "22-x64"
11
13
 
12
14
  matrix:
13
15
  allow_failures:
@@ -29,7 +31,7 @@ install:
29
31
  - if "%ruby_version%" == "jruby-9.1.2.0" ( cinst jruby --version 9.1.2.0 -i --allow-empty-checksums )
30
32
  - if "%ruby_version%" == "jruby-9.1.2.0" ( SET "PATH=C:\jruby-9.1.2.0\bin\;%PATH%" )
31
33
  - ruby --version
32
- - gem install bundler --no-document --user-install -v 1.16
34
+ - gem install bundler --no-document --user-install -v 1.17
33
35
  - SET BUNDLE_GEMFILE=Gemfile.noed25519
34
36
  - bundle install --retry=3
35
37
  - cinst freesshd
@@ -4,6 +4,7 @@ ENV['HOME'] ||= ENV['HOMEPATH'] ? "#{ENV['HOMEDRIVE']}#{ENV['HOMEPATH']}" : Dir.
4
4
 
5
5
  require 'logger'
6
6
  require 'etc'
7
+ require 'shellwords'
7
8
 
8
9
  require 'net/ssh/config'
9
10
  require 'net/ssh/errors'
@@ -66,11 +67,11 @@ module Net
66
67
  auth_methods bind_address compression compression_level config
67
68
  encryption forward_agent hmac host_key remote_user
68
69
  keepalive keepalive_interval keepalive_maxcount kex keys key_data
69
- languages logger paranoid password port proxy
70
+ keycerts languages logger paranoid password port proxy
70
71
  rekey_blocks_limit rekey_limit rekey_packet_limit timeout verbose
71
72
  known_hosts global_known_hosts_file user_known_hosts_file host_key_alias
72
73
  host_name user properties passphrase keys_only max_pkt_size
73
- max_win_size send_env use_agent number_of_password_prompts
74
+ max_win_size send_env set_env use_agent number_of_password_prompts
74
75
  append_all_supported_algorithms non_interactive password_prompt
75
76
  agent_socket_factory minimum_dh_bits verify_host_key
76
77
  fingerprint_hash check_host_ip
@@ -144,6 +145,8 @@ module Net
144
145
  # * :kex => the key exchange algorithm (or algorithms) to use
145
146
  # * :keys => an array of file names of private keys to use for publickey
146
147
  # and hostbased authentication
148
+ # * :keycerts => an array of file names of key certificates to use
149
+ # with publickey authentication
147
150
  # * :key_data => an array of strings, with each element of the array being
148
151
  # a raw private key in PEM format.
149
152
  # * :keys_only => set to +true+ to use only private keys from +keys+ and
@@ -173,6 +176,8 @@ module Net
173
176
  # * :rekey_packet_limit => the max number of packets to process before rekeying
174
177
  # * :send_env => an array of local environment variable names to export to the
175
178
  # remote environment. Names may be given as String or Regexp.
179
+ # * :set_env => a hash of environment variable names and values to set to the
180
+ # remote environment. Override the ones if specified in +send_env+.
176
181
  # * :timeout => how long to wait for the initial connection to be made
177
182
  # * :user => the user name to log in as; this overrides the +user+
178
183
  # parameter, and is primarily only useful when provided via an SSH
@@ -31,7 +31,16 @@ module Net
31
31
  cert.key_id = buffer.read_string
32
32
  cert.valid_principals = buffer.read_buffer.read_all(&:read_string)
33
33
  cert.valid_after = Time.at(buffer.read_int64)
34
- cert.valid_before = Time.at(buffer.read_int64)
34
+
35
+ cert.valid_before = if RUBY_PLATFORM == "java"
36
+ # 0x20c49ba5e353f7 = 0x7fffffffffffffff/1000, the largest value possible for JRuby
37
+ # JRuby Time.at multiplies the arg by 1000, and then stores it in a signed long.
38
+ # 0x20c49ba5e353f7 = 292278994-08-17 01:12:55 -0600
39
+ Time.at([0x20c49ba5e353f7, buffer.read_int64].min)
40
+ else
41
+ Time.at(buffer.read_int64)
42
+ end
43
+
35
44
  cert.critical_options = read_options(buffer)
36
45
  cert.extensions = read_options(buffer)
37
46
  cert.reserved = buffer.read_string