RubyGems - net-ssh - Versions diffs - 6.0.0.rc1 → 6.1.0 - Diffend - OSS supply chain security and management platform

net-ssh 6.0.0.rc1 → 6.1.0

Files changed (12) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +3 -1
data/.travis.yml +3 -4
data/CHANGES.txt +24 -0
data/README.md +5 -4
data/lib/net/ssh.rb +1 -1
data/lib/net/ssh/transport/algorithms.rb +17 -3
data/lib/net/ssh/transport/packet_stream.rb +4 -2
data/lib/net/ssh/version.rb +2 -2
metadata +4 -4
metadata.gz.sig +0 -0

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e826fa24d57e2f9f2e4ce6424282dc5e8912f1cdd8d5ab6bcfaefc94f7488c0a
-  data.tar.gz: 94c14149e603eb570116d1c079c4f6ff8b3905b7f44153056a0bd417054ab62e
+  metadata.gz: 3871354412d3c8b53ef8bf56fccfc9b0bbbe76c7f1792005edeca4c90546f80f
+  data.tar.gz: 5d9c55ae9e77f57df83cdd68d3a707ea5583c05fa3ddfa718435b4706bc7da92
 SHA512:
-  metadata.gz: 9165be4e0cc1805d5a2d21f022e13ec81e0508cddc3db5d440b7b785a8725d46626bc1b4fc913b6e57339baf15ccc4be4efe0a390cc0db0e156d63bc8a5f4d3f
-  data.tar.gz: 849355397eb35de823d9244b923983a82fd4014941be88b3cb62dbbf7965851d50b406e655a38767e842534d6ba9a3c3783d60ac4be17272bee7a0d9011010af
+  metadata.gz: 54f879420d7c34c5e190050506ab61ef5b7d0aae70cf417ff40ea78ed5cd7d595f7354b81bf9b6961b44b071df121612bdc153e141c77f1a4dc17d0c69946360
+  data.tar.gz: 5c98a21d3ca109e0fb406bba5a6e453732f8a87f52bda0f9233dfdf7af3eed4b56bc8eca732a1ff5191e9d7eb620fe80867db805932d062be224373875c8d56b

checksums.yaml.gz.sig CHANGED

Binary file

data.tar.gz.sig CHANGED

@@ -1 +1,3 @@
-4��)���E;Lv����e�S����\]D:�wn@��i�$�T�
+�3���f����;��jG}��[�7@���G>�콳)��0�q��hO�1�Nۙ*u�%�IT��z��w�4t����J:w�EZw4vE�'p5�HI<
+ƿ!�Z>E3�s� �����r�(�^y���7nJ+Ay�<0�V�	�dEy��#�b�H?��aQ�CS�ϕb�y�M�c�B~C�f�Kv�-"�{?�Z����W
+�`��!$�M�i]k���m��i��oy���=�=TpV�G����U���F���

data/.travis.yml CHANGED

@@ -12,7 +12,7 @@ rvm:
   - 2.5.7
   - 2.6.5
   - 2.7.0
-  - jruby-9.2.8.0
+  - jruby-9.2.11.1
   - rbx-3.107
   - ruby-head
 env:
@@ -21,16 +21,15 @@ env:
 matrix:
   exclude:
     - rvm: rbx-3.107
-    - rvm: jruby-9.2.8.0
   include:
     - rvm: rbx-3.107
       env: NET_SSH_RUN_INTEGRATION_TESTS=
-    - rvm: jruby-9.2.8.0
+    - rvm: jruby-9.2.11.1
       env: JRUBY_OPTS='--client -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -Xcext.enabled=false -J-Xss2m -Xcompile.invokedynamic=false' NET_SSH_RUN_INTEGRATION_TESTS=
   fast_finish: true
   allow_failures:
     - rvm: rbx-3.107
-    - rvm: jruby-9.2.8.0
+    - rvm: jruby-9.2.11.1
     - rvm: ruby-head
 install:

data/CHANGES.txt CHANGED

@@ -1,3 +1,27 @@
+=== 6.1.0
+  * adapt to ssh's default bahaviors when no username is provided.
+    When Net::SSH.start user is nil and config has no entry
+    we default to Etc.getpwuid.name() instead of Etc.getlogin(). [#749]
+=== 6.1.0.rc1
+  * Make sha2-{256,512}-etm@openssh.com MAC default again [#761]
+  * Support algorithm subtraction syntax from ssh_config [#751]
+=== 6.0.2
+  * Fix corrupted hmac issue in etm hmac [#759]
+=== 6.0.1
+  * Make sha2-{256,512}-etm@openssh.com MAC opt-in as they seems to have issues [#757]
+=== 6.0.0
+  * Support empty lines and comments in known_hosts [donoghuc, #742]
+  * Add sha2-{256,512}-etm@openssh.com MAC algorithms [graaff, #714]
 === 6.0.0 beta2
   * Support :certkeys and CertificateFile configuration option  [Anders Carling, #722]

data/README.md CHANGED

@@ -33,7 +33,7 @@ We strongly recommend that you install a servers's version that supports the lat
 It is possible to return to the previous behavior by adding the option : `append_all_supported_algorithms: true`
-Unsecure algoritms will be definively remove in Net::SSH 7.*.
+Unsecure algoritms will definitely be removed in Net::SSH 7.*.
 ### Host Keys
@@ -63,7 +63,7 @@ Unsecure algoritms will be definively remove in Net::SSH 7.*.
 | Name                                 | Support               | Details  |
 |--------------------------------------|-----------------------|----------|
-| aes256-ctr / aes192-ctr / aes128-ctr | OK                    | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
+| aes256-ctr / aes192-ctr / aes128-ctr | OK                    |          |
 | aes256-cbc / aes192-cbc / aes128-cbc | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
 | rijndael-cbc@lysator.liu.se          | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
 | blowfish-ctr blowfish-cbc            | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
@@ -97,6 +97,7 @@ In a nutshell:
 require 'net/ssh'
 Net::SSH.start('host', 'user', password: "password") do |ssh|
 # capture all stderr and stdout output from a remote process
 output = ssh.exec!("hostname")
 puts output
@@ -104,7 +105,7 @@ puts output
 # capture only stdout matching a particular pattern
 stdout = ""
 ssh.exec!("ls -l /home/jamis") do |channel, stream, data|
-  stdout << data if stream == :stdout
+  stdout << data if stream == :stdout && /foo/.match(data)
 end
 puts stdout
@@ -164,7 +165,7 @@ gem install net-ssh # might need sudo privileges
 ```
 NOTE: If you are running on jruby on windows you need to install `jruby-pageant` manually
-(gemspec doesn't allow for platform specific dependencies).
+(gemspec doesn't allow for platform specific dependencies at gem installation time).
 However, in order to be sure the code you're installing hasn't been tampered with,
 it's recommended that you verify the [signature](http://docs.rubygems.org/read/chapter/21).

data/lib/net/ssh.rb CHANGED

@@ -251,7 +251,7 @@ module Net
       transport = Transport::Session.new(host, options)
       auth = Authentication::Session.new(transport, options)
-      user = options.fetch(:user, user) || Etc.getlogin
+      user = options.fetch(:user, user) || Etc.getpwuid.name
       if auth.authenticate("ssh-connection", user, options[:password])
         connection = Connection::Session.new(transport, options)
         if block_given?

data/lib/net/ssh/transport/algorithms.rb CHANGED

@@ -290,10 +290,24 @@ module Net
           list = []
           option = Array(option).compact.uniq
-          if option.first && option.first.start_with?('+')
+          if option.first && option.first.start_with?('+', '-')
             list = supported.dup
-            list << option.first[1..-1]
-            list.concat(option[1..-1])
+            appends = option.select { |opt| opt.start_with?('+') }.map { |opt| opt[1..-1] }
+            deletions = option.select { |opt| opt.start_with?('-') }.map { |opt| opt[1..-1] }
+            list.concat(appends)
+            deletions.each do |opt|
+              if opt.include?('*')
+                opt_escaped = Regexp.escape(opt)
+                algo_re = /\A#{opt_escaped.gsub('\*', '[A-Za-z\d\-@\.]*')}\z/
+                list.delete_if { |existing_opt| algo_re.match(existing_opt) }
+              else
+                list.delete(opt)
+              end
+            end
             list.uniq!
           else
             list = option

data/lib/net/ssh/transport/packet_stream.rb CHANGED

@@ -215,12 +215,13 @@ module Net
         # read, post-processed according to the cipher, hmac, and compression
         # algorithms specified in the server state object, and returned as a
         # new Packet object.
+        # rubocop:disable Metrics/AbcSize
         def poll_next_packet
           aad_length = server.hmac.etm ? 4 : 0
           if @packet.nil?
             minimum = server.block_size < 4 ? 4 : server.block_size
-            return nil if available < minimum
+            return nil if available < minimum + aad_length
             data = read_available(minimum + aad_length)
             # decipher it
@@ -260,7 +261,7 @@ module Net
                              else
                                server.hmac.digest([server.sequence_number, @packet.content].pack("NA*"))
                              end
-          raise Net::SSH::Exception, "corrupted hmac detected" if real_hmac != my_computed_hmac
+          raise Net::SSH::Exception, "corrupted hmac detected #{server.hmac.class}" if real_hmac != my_computed_hmac
           # try to decompress the payload, in case compression is active
           payload = server.decompress(payload)
@@ -273,6 +274,7 @@ module Net
           return Packet.new(payload)
         end
       end
+      # rubocop:enable Metrics/AbcSize
     end
   end

data/lib/net/ssh/version.rb CHANGED

@@ -49,14 +49,14 @@ module Net
       MAJOR = 6
       # The minor component of this version of the Net::SSH library
-      MINOR = 0
+      MINOR = 1
       # The tiny component of this version of the Net::SSH library
       TINY  = 0
       # The prerelease component of this version of the Net::SSH library
       # nil allowed
-      PRE   = "rc1"
+      PRE   = nil
       # The current version of the Net::SSH library as a Version instance
       CURRENT = new(*[MAJOR, MINOR, TINY, PRE].compact)

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: net-ssh
 version: !ruby/object:Gem::Version
-  version: 6.0.0.rc1
+  version: 6.1.0
 platform: ruby
 authors:
 - Jamis Buck
@@ -31,7 +31,7 @@ cert_chain:
   voajiJNS75Pw/2j13WnPB4Q6w7dHSb57E/VluBpVKmcQZN0dGdAkEIVty3v7kw9g
   y++VpCpWM/PstIFv4ApZMf501UY=
   -----END CERTIFICATE-----
-date: 2020-04-11 00:00:00.000000000 Z
+date: 2020-06-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt_pbkdf
@@ -279,9 +279,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.0.3
 signing_key:

metadata.gz.sig CHANGED

Binary file