net-ssh 6.0.0.beta1 → 6.0.0.beta2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 16c438c23a0dc7ead21778dea22cff5dcb8c4ffa
4
- data.tar.gz: 19f4f5a5e082b1dbdd39aac4c1e90144e2b56540
2
+ SHA256:
3
+ metadata.gz: 5614d2fa5b1b6396aae6c99ee8dab8a7c4c9dfddfaed4ba2f2666539b56d22df
4
+ data.tar.gz: f999a5eb2e98e9e81efe4f628d02350fd33d3fd4e101f286ec36d83a538a7d60
5
5
  SHA512:
6
- metadata.gz: 593269d7a4788bb428ee0a2131d53bc87f4051b929da404eb6c8d7e560deedd35bd5ae0d6948b9463210efd2ec87d813bfcdd60ac017cee914253f5389130dbd
7
- data.tar.gz: c5548d70f356434795f87371c0be1638ec468b1b170207dec738d48af37d45ba2d9dced66c7d0b74f42f8d8bd640d1676dfc6d8b41590d89860c79be3d0578f5
6
+ metadata.gz: 389e60f10a0db01d775135b59837cd8d115777f6587d866c9afc821f239139d77f874cea4128672ef7a3d102a96c25be7dce025fda2667c89e9111f2ac6fc809
7
+ data.tar.gz: fed18846ef1d1e99407ae179b143f88338d258ed8e89bc5c18d4d31d0f15f8c75a004f0c93d25259c9f35e51cdaa581d4a066cc1f51a28e394b29d5afeda1910
checksums.yaml.gz.sig CHANGED
Binary file
data.tar.gz.sig CHANGED
Binary file
data/CHANGES.txt CHANGED
@@ -1,3 +1,7 @@
1
+ === 6.0.0 beta2
2
+
3
+ * Support :certkeys and CertificateFile configuration option [Ander Scarling, #722]
4
+
1
5
  === 6.0.0 beta1
2
6
 
3
7
  * curve25519sha256 support [Florian Wininger ,#690]
data/Manifest CHANGED
@@ -33,7 +33,6 @@ lib/net/ssh/proxy/errors.rb
33
33
  lib/net/ssh/proxy/http.rb
34
34
  lib/net/ssh/proxy/socks4.rb
35
35
  lib/net/ssh/proxy/socks5.rb
36
- lib/net/ssh/ruby_compat.rb
37
36
  lib/net/ssh/service/forward.rb
38
37
  lib/net/ssh/test.rb
39
38
  lib/net/ssh/test/channel.rb
data/lib/net/ssh.rb CHANGED
@@ -66,7 +66,7 @@ module Net
66
66
  auth_methods bind_address compression compression_level config
67
67
  encryption forward_agent hmac host_key remote_user
68
68
  keepalive keepalive_interval keepalive_maxcount kex keys key_data
69
- languages logger paranoid password port proxy
69
+ keycerts languages logger paranoid password port proxy
70
70
  rekey_blocks_limit rekey_limit rekey_packet_limit timeout verbose
71
71
  known_hosts global_known_hosts_file user_known_hosts_file host_key_alias
72
72
  host_name user properties passphrase keys_only max_pkt_size
@@ -144,6 +144,8 @@ module Net
144
144
  # * :kex => the key exchange algorithm (or algorithms) to use
145
145
  # * :keys => an array of file names of private keys to use for publickey
146
146
  # and hostbased authentication
147
+ # * :keycerts => an array of file names of key certificates to use
148
+ # with publickey authentication
147
149
  # * :key_data => an array of strings, with each element of the array being
148
150
  # a raw private key in PEM format.
149
151
  # * :keys_only => set to +true+ to use only private keys from +keys+ and
@@ -30,6 +30,9 @@ module Net
30
30
  # The list of user key data that will be examined
31
31
  attr_reader :key_data
32
32
 
33
+ # The list of user key certificate files that will be examined
34
+ attr_reader :keycert_files
35
+
33
36
  # The map of loaded identities
34
37
  attr_reader :known_identities
35
38
 
@@ -43,6 +46,7 @@ module Net
43
46
  self.logger = logger
44
47
  @key_files = []
45
48
  @key_data = []
49
+ @keycert_files = []
46
50
  @use_agent = options[:use_agent] != false
47
51
  @known_identities = {}
48
52
  @agent = nil
@@ -66,6 +70,12 @@ module Net
66
70
  self
67
71
  end
68
72
 
73
+ # Add the given keycert_file to the list of keycert files that will be used.
74
+ def add_keycert(keycert_file)
75
+ keycert_files.push(File.expand_path(keycert_file)).uniq!
76
+ self
77
+ end
78
+
69
79
  # Add the given key_file to the list of keys that will be used.
70
80
  def add_key_data(key_data_)
71
81
  key_data.push(key_data_).uniq!
@@ -108,7 +118,7 @@ module Net
108
118
  user_identities.delete(corresponding_user_identity) if corresponding_user_identity
109
119
 
110
120
  if !options[:keys_only] || corresponding_user_identity
111
- known_identities[key] = { from: :agent }
121
+ known_identities[key] = { from: :agent, identity: key }
112
122
  yield key
113
123
  end
114
124
  end
@@ -122,6 +132,21 @@ module Net
122
132
  yield key
123
133
  end
124
134
 
135
+ known_identity_blobs = known_identities.keys.map(&:to_blob)
136
+ keycert_files.each do |keycert_file|
137
+ keycert = KeyFactory.load_public_key(keycert_file)
138
+ next if known_identity_blobs.include?(keycert.to_blob)
139
+
140
+ (_, corresponding_identity) = known_identities.detect { |public_key, _|
141
+ public_key.to_pem == keycert.to_pem
142
+ }
143
+
144
+ if corresponding_identity
145
+ known_identities[keycert] = corresponding_identity
146
+ yield keycert
147
+ end
148
+ end
149
+
125
150
  self
126
151
  end
127
152
 
@@ -152,7 +177,7 @@ module Net
152
177
 
153
178
  if info[:from] == :agent
154
179
  raise KeyManagerError, "the agent is no longer available" unless agent
155
- return agent.sign(identity, data.to_s)
180
+ return agent.sign(info[:identity], data.to_s)
156
181
  end
157
182
 
158
183
  raise KeyManagerError, "[BUG] can't determine identity origin (#{info.inspect})"
@@ -63,6 +63,7 @@ module Net
63
63
 
64
64
  key_manager = KeyManager.new(logger, options)
65
65
  keys.each { |key| key_manager.add(key) } unless keys.empty?
66
+ keycerts.each { |keycert| key_manager.add_keycert(keycert) } unless keycerts.empty?
66
67
  key_data.each { |key2| key_manager.add_key_data(key2) } unless key_data.empty?
67
68
  default_keys.each { |key| key_manager.add(key) } unless options.key?(:keys) || options.key?(:key_data)
68
69
 
@@ -146,6 +147,12 @@ module Net
146
147
  Array(options[:keys])
147
148
  end
148
149
 
150
+ # Returns an array of paths to the keycert files that should be used when
151
+ # attempting any key-based authentication mechanism.
152
+ def keycerts
153
+ Array(options[:keycerts])
154
+ end
155
+
149
156
  # Returns an array of the key data that should be used when
150
157
  # attempting any key-based authentication mechanism.
151
158
  def key_data
@@ -1,4 +1,3 @@
1
- require 'net/ssh/ruby_compat'
2
1
  require 'net/ssh/transport/openssl'
3
2
 
4
3
  require 'net/ssh/authentication/certificate'
@@ -1,6 +1,5 @@
1
1
  require 'net/ssh/buffer'
2
2
  require 'net/ssh/loggable'
3
- require 'net/ssh/ruby_compat'
4
3
 
5
4
  module Net
6
5
  module SSH
@@ -11,6 +11,7 @@ module Net
11
11
  #
12
12
  # * ChallengeResponseAuthentication => maps to the :auth_methods option challenge-response (then coleasced into keyboard-interactive)
13
13
  # * KbdInteractiveAuthentication => maps to the :auth_methods keyboard-interactive
14
+ # * CertificateFile => maps to the :keycerts option
14
15
  # * Ciphers => maps to the :encryption option
15
16
  # * Compression => :compression
16
17
  # * CompressionLevel => :compression_level
@@ -129,7 +130,7 @@ module Net
129
130
  block_seen = true
130
131
  elsif !block_seen
131
132
  case key
132
- when 'identityfile'
133
+ when 'identityfile', 'certificatefile'
133
134
  (globals[key] ||= []) << value
134
135
  when 'include'
135
136
  included_file_paths(base_dir, value).each do |file_path|
@@ -140,7 +141,7 @@ module Net
140
141
  end
141
142
  elsif block_matched
142
143
  case key
143
- when 'identityfile'
144
+ when 'identityfile', 'certificatefile'
144
145
  (settings[key] ||= []) << value
145
146
  when 'include'
146
147
  included_file_paths(base_dir, value).each do |file_path|
@@ -161,7 +162,7 @@ module Net
161
162
 
162
163
  globals.merge(settings) do |key, oldval, newval|
163
164
  case key
164
- when 'identityfile'
165
+ when 'identityfile', 'certificatefile'
165
166
  oldval + newval
166
167
  else
167
168
  newval
@@ -196,25 +197,26 @@ module Net
196
197
 
197
198
  private
198
199
 
200
+ TRANSLATE_CONFIG_KEY_RENAME_MAP = {
201
+ bindaddress: :bind_address,
202
+ compression: :compression,
203
+ compressionlevel: :compression_level,
204
+ certificatefile: :keycerts,
205
+ connecttimeout: :timeout,
206
+ forwardagent: :forward_agent,
207
+ identitiesonly: :keys_only,
208
+ identityagent: :identity_agent,
209
+ globalknownhostsfile: :global_known_hosts_file,
210
+ hostkeyalias: :host_key_alias,
211
+ identityfile: :keys,
212
+ fingerprinthash: :fingerprint_hash,
213
+ port: :port,
214
+ stricthostkeychecking: :strict_host_key_checking,
215
+ user: :user,
216
+ userknownhostsfile: :user_known_hosts_file,
217
+ checkhostip: :check_host_ip
218
+ }.freeze
199
219
  def translate_config_key(hash, key, value, settings)
200
- rename = {
201
- bindaddress: :bind_address,
202
- compression: :compression,
203
- compressionlevel: :compression_level,
204
- connecttimeout: :timeout,
205
- forwardagent: :forward_agent,
206
- identitiesonly: :keys_only,
207
- identityagent: :identity_agent,
208
- globalknownhostsfile: :global_known_hosts_file,
209
- hostkeyalias: :host_key_alias,
210
- identityfile: :keys,
211
- fingerprinthash: :fingerprint_hash,
212
- port: :port,
213
- stricthostkeychecking: :strict_host_key_checking,
214
- user: :user,
215
- userknownhostsfile: :user_known_hosts_file,
216
- checkhostip: :check_host_ip
217
- }
218
220
  case key
219
221
  when :ciphers
220
222
  hash[:encryption] = value.split(/,/)
@@ -276,8 +278,8 @@ module Net
276
278
  hash[:send_env] = multi_send_env.map { |e| Regexp.new pattern2regex(e).source, false }
277
279
  when :numberofpasswordprompts
278
280
  hash[:number_of_password_prompts] = value.to_i
279
- when *rename.keys
280
- hash[rename[key]] = value
281
+ when *TRANSLATE_CONFIG_KEY_RENAME_MAP.keys
282
+ hash[TRANSLATE_CONFIG_KEY_RENAME_MAP[key]] = value
281
283
  end
282
284
  end
283
285
 
@@ -1,5 +1,4 @@
1
1
  require 'net/ssh/loggable'
2
- require 'net/ssh/ruby_compat'
3
2
 
4
3
  module Net
5
4
  module SSH
@@ -1,5 +1,4 @@
1
1
  require 'net/ssh/loggable'
2
- require 'net/ssh/ruby_compat'
3
2
  require 'net/ssh/connection/channel'
4
3
  require 'net/ssh/connection/constants'
5
4
  require 'net/ssh/service/forward'
@@ -1,7 +1,6 @@
1
1
  require 'socket'
2
2
  require 'rubygems'
3
3
  require 'net/ssh/proxy/errors'
4
- require 'net/ssh/ruby_compat'
5
4
 
6
5
  module Net
7
6
  module SSH
@@ -1,5 +1,4 @@
1
1
  require 'socket'
2
- require 'net/ssh/ruby_compat'
3
2
  require 'net/ssh/proxy/errors'
4
3
 
5
4
  module Net
@@ -1,7 +1,6 @@
1
1
  require 'net/ssh/buffered_io'
2
2
  require 'net/ssh/errors'
3
3
  require 'net/ssh/packet'
4
- require 'net/ssh/ruby_compat'
5
4
  require 'net/ssh/transport/cipher_factory'
6
5
  require 'net/ssh/transport/hmac'
7
6
  require 'net/ssh/transport/state'
@@ -56,7 +56,7 @@ module Net
56
56
 
57
57
  # The prerelease component of this version of the Net::SSH library
58
58
  # nil allowed
59
- PRE = "beta1"
59
+ PRE = "beta2"
60
60
 
61
61
  # The current version of the Net::SSH library as a Version instance
62
62
  CURRENT = new(*[MAJOR, MINOR, TINY, PRE].compact)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: net-ssh
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.0.0.beta1
4
+ version: 6.0.0.beta2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jamis Buck
@@ -31,7 +31,7 @@ cert_chain:
31
31
  +MqVFjDxsJA7cDfACke51RypSH1gZoPjzoW6w0sMRAzZT8hU1eGyqtNuBiSZ1UKv
32
32
  B/ztNLEP0OWhpj/NZ1fnGRvo/T0=
33
33
  -----END CERTIFICATE-----
34
- date: 2019-10-25 00:00:00.000000000 Z
34
+ date: 2020-01-19 00:00:00.000000000 Z
35
35
  dependencies:
36
36
  - !ruby/object:Gem::Dependency
37
37
  name: bcrypt_pbkdf
@@ -208,7 +208,6 @@ files:
208
208
  - lib/net/ssh/proxy/jump.rb
209
209
  - lib/net/ssh/proxy/socks4.rb
210
210
  - lib/net/ssh/proxy/socks5.rb
211
- - lib/net/ssh/ruby_compat.rb
212
211
  - lib/net/ssh/service/forward.rb
213
212
  - lib/net/ssh/test.rb
214
213
  - lib/net/ssh/test/channel.rb
@@ -284,8 +283,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
284
283
  - !ruby/object:Gem::Version
285
284
  version: 1.3.1
286
285
  requirements: []
287
- rubyforge_project:
288
- rubygems_version: 2.6.8
286
+ rubygems_version: 3.0.3
289
287
  signing_key:
290
288
  specification_version: 4
291
289
  summary: 'Net::SSH: a pure-Ruby implementation of the SSH2 client protocol.'
metadata.gz.sig CHANGED
Binary file
@@ -1,13 +0,0 @@
1
- require 'thread'
2
-
3
- class String
4
- if RUBY_VERSION < "1.9"
5
- def getbyte(index)
6
- self[index]
7
- end
8
-
9
- def setbyte(index, c)
10
- self[index] = c
11
- end
12
- end
13
- end