net-ssh 6.0.0.rc1 → 6.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +3 -1
- data/.travis.yml +3 -4
- data/CHANGES.txt +24 -0
- data/README.md +5 -4
- data/lib/net/ssh.rb +1 -1
- data/lib/net/ssh/transport/algorithms.rb +17 -3
- data/lib/net/ssh/transport/packet_stream.rb +4 -2
- data/lib/net/ssh/version.rb +2 -2
- metadata +4 -4
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3871354412d3c8b53ef8bf56fccfc9b0bbbe76c7f1792005edeca4c90546f80f
|
4
|
+
data.tar.gz: 5d9c55ae9e77f57df83cdd68d3a707ea5583c05fa3ddfa718435b4706bc7da92
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 54f879420d7c34c5e190050506ab61ef5b7d0aae70cf417ff40ea78ed5cd7d595f7354b81bf9b6961b44b071df121612bdc153e141c77f1a4dc17d0c69946360
|
7
|
+
data.tar.gz: 5c98a21d3ca109e0fb406bba5a6e453732f8a87f52bda0f9233dfdf7af3eed4b56bc8eca732a1ff5191e9d7eb620fe80867db805932d062be224373875c8d56b
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
data/.travis.yml
CHANGED
@@ -12,7 +12,7 @@ rvm:
|
|
12
12
|
- 2.5.7
|
13
13
|
- 2.6.5
|
14
14
|
- 2.7.0
|
15
|
-
- jruby-9.2.
|
15
|
+
- jruby-9.2.11.1
|
16
16
|
- rbx-3.107
|
17
17
|
- ruby-head
|
18
18
|
env:
|
@@ -21,16 +21,15 @@ env:
|
|
21
21
|
matrix:
|
22
22
|
exclude:
|
23
23
|
- rvm: rbx-3.107
|
24
|
-
- rvm: jruby-9.2.8.0
|
25
24
|
include:
|
26
25
|
- rvm: rbx-3.107
|
27
26
|
env: NET_SSH_RUN_INTEGRATION_TESTS=
|
28
|
-
- rvm: jruby-9.2.
|
27
|
+
- rvm: jruby-9.2.11.1
|
29
28
|
env: JRUBY_OPTS='--client -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -Xcext.enabled=false -J-Xss2m -Xcompile.invokedynamic=false' NET_SSH_RUN_INTEGRATION_TESTS=
|
30
29
|
fast_finish: true
|
31
30
|
allow_failures:
|
32
31
|
- rvm: rbx-3.107
|
33
|
-
- rvm: jruby-9.2.
|
32
|
+
- rvm: jruby-9.2.11.1
|
34
33
|
- rvm: ruby-head
|
35
34
|
|
36
35
|
install:
|
data/CHANGES.txt
CHANGED
@@ -1,3 +1,27 @@
|
|
1
|
+
=== 6.1.0
|
2
|
+
|
3
|
+
* adapt to ssh's default bahaviors when no username is provided.
|
4
|
+
When Net::SSH.start user is nil and config has no entry
|
5
|
+
we default to Etc.getpwuid.name() instead of Etc.getlogin(). [#749]
|
6
|
+
|
7
|
+
=== 6.1.0.rc1
|
8
|
+
|
9
|
+
* Make sha2-{256,512}-etm@openssh.com MAC default again [#761]
|
10
|
+
* Support algorithm subtraction syntax from ssh_config [#751]
|
11
|
+
|
12
|
+
=== 6.0.2
|
13
|
+
|
14
|
+
* Fix corrupted hmac issue in etm hmac [#759]
|
15
|
+
|
16
|
+
=== 6.0.1
|
17
|
+
|
18
|
+
* Make sha2-{256,512}-etm@openssh.com MAC opt-in as they seems to have issues [#757]
|
19
|
+
|
20
|
+
=== 6.0.0
|
21
|
+
|
22
|
+
* Support empty lines and comments in known_hosts [donoghuc, #742]
|
23
|
+
* Add sha2-{256,512}-etm@openssh.com MAC algorithms [graaff, #714]
|
24
|
+
|
1
25
|
=== 6.0.0 beta2
|
2
26
|
|
3
27
|
* Support :certkeys and CertificateFile configuration option [Anders Carling, #722]
|
data/README.md
CHANGED
@@ -33,7 +33,7 @@ We strongly recommend that you install a servers's version that supports the lat
|
|
33
33
|
|
34
34
|
It is possible to return to the previous behavior by adding the option : `append_all_supported_algorithms: true`
|
35
35
|
|
36
|
-
Unsecure algoritms will be
|
36
|
+
Unsecure algoritms will definitely be removed in Net::SSH 7.*.
|
37
37
|
|
38
38
|
### Host Keys
|
39
39
|
|
@@ -63,7 +63,7 @@ Unsecure algoritms will be definively remove in Net::SSH 7.*.
|
|
63
63
|
|
64
64
|
| Name | Support | Details |
|
65
65
|
|--------------------------------------|-----------------------|----------|
|
66
|
-
| aes256-ctr / aes192-ctr / aes128-ctr | OK |
|
66
|
+
| aes256-ctr / aes192-ctr / aes128-ctr | OK | |
|
67
67
|
| aes256-cbc / aes192-cbc / aes128-cbc | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
|
68
68
|
| rijndael-cbc@lysator.liu.se | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
|
69
69
|
| blowfish-ctr blowfish-cbc | Deprecated in 6.0 | unsecure, will be removed in 7.0 |
|
@@ -97,6 +97,7 @@ In a nutshell:
|
|
97
97
|
require 'net/ssh'
|
98
98
|
|
99
99
|
Net::SSH.start('host', 'user', password: "password") do |ssh|
|
100
|
+
|
100
101
|
# capture all stderr and stdout output from a remote process
|
101
102
|
output = ssh.exec!("hostname")
|
102
103
|
puts output
|
@@ -104,7 +105,7 @@ puts output
|
|
104
105
|
# capture only stdout matching a particular pattern
|
105
106
|
stdout = ""
|
106
107
|
ssh.exec!("ls -l /home/jamis") do |channel, stream, data|
|
107
|
-
stdout << data if stream == :stdout
|
108
|
+
stdout << data if stream == :stdout && /foo/.match(data)
|
108
109
|
end
|
109
110
|
puts stdout
|
110
111
|
|
@@ -164,7 +165,7 @@ gem install net-ssh # might need sudo privileges
|
|
164
165
|
```
|
165
166
|
|
166
167
|
NOTE: If you are running on jruby on windows you need to install `jruby-pageant` manually
|
167
|
-
(gemspec doesn't allow for platform specific dependencies).
|
168
|
+
(gemspec doesn't allow for platform specific dependencies at gem installation time).
|
168
169
|
|
169
170
|
However, in order to be sure the code you're installing hasn't been tampered with,
|
170
171
|
it's recommended that you verify the [signature](http://docs.rubygems.org/read/chapter/21).
|
data/lib/net/ssh.rb
CHANGED
@@ -251,7 +251,7 @@ module Net
|
|
251
251
|
transport = Transport::Session.new(host, options)
|
252
252
|
auth = Authentication::Session.new(transport, options)
|
253
253
|
|
254
|
-
user = options.fetch(:user, user) || Etc.
|
254
|
+
user = options.fetch(:user, user) || Etc.getpwuid.name
|
255
255
|
if auth.authenticate("ssh-connection", user, options[:password])
|
256
256
|
connection = Connection::Session.new(transport, options)
|
257
257
|
if block_given?
|
@@ -290,10 +290,24 @@ module Net
|
|
290
290
|
list = []
|
291
291
|
option = Array(option).compact.uniq
|
292
292
|
|
293
|
-
if option.first && option.first.start_with?('+')
|
293
|
+
if option.first && option.first.start_with?('+', '-')
|
294
294
|
list = supported.dup
|
295
|
-
|
296
|
-
|
295
|
+
|
296
|
+
appends = option.select { |opt| opt.start_with?('+') }.map { |opt| opt[1..-1] }
|
297
|
+
deletions = option.select { |opt| opt.start_with?('-') }.map { |opt| opt[1..-1] }
|
298
|
+
|
299
|
+
list.concat(appends)
|
300
|
+
|
301
|
+
deletions.each do |opt|
|
302
|
+
if opt.include?('*')
|
303
|
+
opt_escaped = Regexp.escape(opt)
|
304
|
+
algo_re = /\A#{opt_escaped.gsub('\*', '[A-Za-z\d\-@\.]*')}\z/
|
305
|
+
list.delete_if { |existing_opt| algo_re.match(existing_opt) }
|
306
|
+
else
|
307
|
+
list.delete(opt)
|
308
|
+
end
|
309
|
+
end
|
310
|
+
|
297
311
|
list.uniq!
|
298
312
|
else
|
299
313
|
list = option
|
@@ -215,12 +215,13 @@ module Net
|
|
215
215
|
# read, post-processed according to the cipher, hmac, and compression
|
216
216
|
# algorithms specified in the server state object, and returned as a
|
217
217
|
# new Packet object.
|
218
|
+
# rubocop:disable Metrics/AbcSize
|
218
219
|
def poll_next_packet
|
219
220
|
aad_length = server.hmac.etm ? 4 : 0
|
220
221
|
|
221
222
|
if @packet.nil?
|
222
223
|
minimum = server.block_size < 4 ? 4 : server.block_size
|
223
|
-
return nil if available < minimum
|
224
|
+
return nil if available < minimum + aad_length
|
224
225
|
data = read_available(minimum + aad_length)
|
225
226
|
|
226
227
|
# decipher it
|
@@ -260,7 +261,7 @@ module Net
|
|
260
261
|
else
|
261
262
|
server.hmac.digest([server.sequence_number, @packet.content].pack("NA*"))
|
262
263
|
end
|
263
|
-
raise Net::SSH::Exception, "corrupted hmac detected" if real_hmac != my_computed_hmac
|
264
|
+
raise Net::SSH::Exception, "corrupted hmac detected #{server.hmac.class}" if real_hmac != my_computed_hmac
|
264
265
|
|
265
266
|
# try to decompress the payload, in case compression is active
|
266
267
|
payload = server.decompress(payload)
|
@@ -273,6 +274,7 @@ module Net
|
|
273
274
|
return Packet.new(payload)
|
274
275
|
end
|
275
276
|
end
|
277
|
+
# rubocop:enable Metrics/AbcSize
|
276
278
|
|
277
279
|
end
|
278
280
|
end
|
data/lib/net/ssh/version.rb
CHANGED
@@ -49,14 +49,14 @@ module Net
|
|
49
49
|
MAJOR = 6
|
50
50
|
|
51
51
|
# The minor component of this version of the Net::SSH library
|
52
|
-
MINOR =
|
52
|
+
MINOR = 1
|
53
53
|
|
54
54
|
# The tiny component of this version of the Net::SSH library
|
55
55
|
TINY = 0
|
56
56
|
|
57
57
|
# The prerelease component of this version of the Net::SSH library
|
58
58
|
# nil allowed
|
59
|
-
PRE =
|
59
|
+
PRE = nil
|
60
60
|
|
61
61
|
# The current version of the Net::SSH library as a Version instance
|
62
62
|
CURRENT = new(*[MAJOR, MINOR, TINY, PRE].compact)
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: net-ssh
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.
|
4
|
+
version: 6.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jamis Buck
|
@@ -31,7 +31,7 @@ cert_chain:
|
|
31
31
|
voajiJNS75Pw/2j13WnPB4Q6w7dHSb57E/VluBpVKmcQZN0dGdAkEIVty3v7kw9g
|
32
32
|
y++VpCpWM/PstIFv4ApZMf501UY=
|
33
33
|
-----END CERTIFICATE-----
|
34
|
-
date: 2020-
|
34
|
+
date: 2020-06-09 00:00:00.000000000 Z
|
35
35
|
dependencies:
|
36
36
|
- !ruby/object:Gem::Dependency
|
37
37
|
name: bcrypt_pbkdf
|
@@ -279,9 +279,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
279
279
|
version: '2.3'
|
280
280
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
281
281
|
requirements:
|
282
|
-
- - "
|
282
|
+
- - ">="
|
283
283
|
- !ruby/object:Gem::Version
|
284
|
-
version:
|
284
|
+
version: '0'
|
285
285
|
requirements: []
|
286
286
|
rubygems_version: 3.0.3
|
287
287
|
signing_key:
|
metadata.gz.sig
CHANGED
Binary file
|