net-ssh 6.0.0 → 7.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/.dockerignore +6 -0
- data/.github/config/rubocop_linter_action.yml +4 -0
- data/.github/workflows/ci-with-docker.yml +44 -0
- data/.github/workflows/ci.yml +87 -0
- data/.github/workflows/rubocop.yml +13 -0
- data/.gitignore +2 -0
- data/.rubocop.yml +12 -1
- data/.rubocop_todo.yml +474 -375
- data/CHANGES.txt +39 -2
- data/Dockerfile +27 -0
- data/Dockerfile.openssl3 +17 -0
- data/Gemfile +2 -0
- data/Gemfile.noed25519 +2 -0
- data/README.md +14 -7
- data/Rakefile +5 -0
- data/docker-compose.yml +23 -0
- data/lib/net/ssh/authentication/agent.rb +29 -13
- data/lib/net/ssh/authentication/certificate.rb +12 -9
- data/lib/net/ssh/authentication/constants.rb +0 -1
- data/lib/net/ssh/authentication/ed25519.rb +11 -7
- data/lib/net/ssh/authentication/ed25519_loader.rb +4 -7
- data/lib/net/ssh/authentication/key_manager.rb +46 -34
- data/lib/net/ssh/authentication/methods/abstract.rb +12 -3
- data/lib/net/ssh/authentication/methods/hostbased.rb +3 -5
- data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +2 -2
- data/lib/net/ssh/authentication/methods/none.rb +6 -9
- data/lib/net/ssh/authentication/methods/password.rb +2 -3
- data/lib/net/ssh/authentication/methods/publickey.rb +56 -16
- data/lib/net/ssh/authentication/pageant.rb +97 -97
- data/lib/net/ssh/authentication/pub_key_fingerprint.rb +2 -2
- data/lib/net/ssh/authentication/session.rb +18 -17
- data/lib/net/ssh/buffer.rb +50 -30
- data/lib/net/ssh/buffered_io.rb +24 -25
- data/lib/net/ssh/config.rb +33 -20
- data/lib/net/ssh/connection/channel.rb +84 -82
- data/lib/net/ssh/connection/constants.rb +0 -4
- data/lib/net/ssh/connection/event_loop.rb +30 -24
- data/lib/net/ssh/connection/keepalive.rb +12 -12
- data/lib/net/ssh/connection/session.rb +108 -107
- data/lib/net/ssh/connection/term.rb +56 -58
- data/lib/net/ssh/errors.rb +12 -12
- data/lib/net/ssh/key_factory.rb +7 -8
- data/lib/net/ssh/known_hosts.rb +84 -15
- data/lib/net/ssh/loggable.rb +8 -9
- data/lib/net/ssh/packet.rb +1 -1
- data/lib/net/ssh/prompt.rb +9 -11
- data/lib/net/ssh/proxy/command.rb +1 -1
- data/lib/net/ssh/proxy/errors.rb +2 -4
- data/lib/net/ssh/proxy/http.rb +18 -20
- data/lib/net/ssh/proxy/https.rb +8 -10
- data/lib/net/ssh/proxy/jump.rb +8 -10
- data/lib/net/ssh/proxy/socks4.rb +2 -4
- data/lib/net/ssh/proxy/socks5.rb +3 -5
- data/lib/net/ssh/service/forward.rb +7 -7
- data/lib/net/ssh/test/channel.rb +24 -26
- data/lib/net/ssh/test/extensions.rb +35 -35
- data/lib/net/ssh/test/kex.rb +6 -8
- data/lib/net/ssh/test/local_packet.rb +0 -2
- data/lib/net/ssh/test/packet.rb +3 -3
- data/lib/net/ssh/test/remote_packet.rb +6 -8
- data/lib/net/ssh/test/script.rb +25 -27
- data/lib/net/ssh/test/socket.rb +12 -15
- data/lib/net/ssh/test.rb +4 -5
- data/lib/net/ssh/transport/algorithms.rb +34 -17
- data/lib/net/ssh/transport/cipher_factory.rb +28 -28
- data/lib/net/ssh/transport/constants.rb +3 -3
- data/lib/net/ssh/transport/ctr.rb +7 -7
- data/lib/net/ssh/transport/hmac/abstract.rb +4 -5
- data/lib/net/ssh/transport/hmac/md5.rb +0 -2
- data/lib/net/ssh/transport/hmac/md5_96.rb +0 -2
- data/lib/net/ssh/transport/hmac/none.rb +0 -2
- data/lib/net/ssh/transport/hmac/ripemd160.rb +0 -2
- data/lib/net/ssh/transport/hmac/sha1.rb +0 -2
- data/lib/net/ssh/transport/hmac/sha1_96.rb +0 -2
- data/lib/net/ssh/transport/hmac.rb +12 -12
- data/lib/net/ssh/transport/identity_cipher.rb +11 -13
- data/lib/net/ssh/transport/kex/abstract.rb +12 -5
- data/lib/net/ssh/transport/kex/abstract5656.rb +1 -1
- data/lib/net/ssh/transport/kex/curve25519_sha256.rb +2 -1
- data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +4 -4
- data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha256.rb +11 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +21 -21
- data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +1 -2
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +2 -2
- data/lib/net/ssh/transport/kex.rb +8 -6
- data/lib/net/ssh/transport/key_expander.rb +7 -8
- data/lib/net/ssh/transport/openssl.rb +51 -26
- data/lib/net/ssh/transport/packet_stream.rb +6 -5
- data/lib/net/ssh/transport/server_version.rb +17 -16
- data/lib/net/ssh/transport/session.rb +9 -7
- data/lib/net/ssh/transport/state.rb +43 -43
- data/lib/net/ssh/verifiers/accept_new.rb +0 -2
- data/lib/net/ssh/verifiers/accept_new_or_local_tunnel.rb +1 -2
- data/lib/net/ssh/verifiers/always.rb +6 -4
- data/lib/net/ssh/verifiers/never.rb +0 -2
- data/lib/net/ssh/version.rb +2 -2
- data/lib/net/ssh.rb +5 -6
- data/net-ssh-public_cert.pem +8 -8
- data/net-ssh.gemspec +2 -2
- data/support/ssh_tunnel_bug.rb +3 -3
- data.tar.gz.sig +0 -0
- metadata +23 -15
- metadata.gz.sig +0 -0
- data/.travis.yml +0 -52
@@ -2,10 +2,9 @@ require 'zlib'
|
|
2
2
|
require 'net/ssh/transport/cipher_factory'
|
3
3
|
require 'net/ssh/transport/hmac'
|
4
4
|
|
5
|
-
module Net
|
6
|
-
module SSH
|
5
|
+
module Net
|
6
|
+
module SSH
|
7
7
|
module Transport
|
8
|
-
|
9
8
|
# Encapsulates state information about one end of an SSH connection. Such
|
10
9
|
# state includes the packet sequence number, the algorithms in use, how
|
11
10
|
# many packets and blocks have been processed since the last reset, and so
|
@@ -14,46 +13,46 @@ module Net
|
|
14
13
|
class State
|
15
14
|
# The socket object that owns this state object.
|
16
15
|
attr_reader :socket
|
17
|
-
|
16
|
+
|
18
17
|
# The next packet sequence number for this socket endpoint.
|
19
18
|
attr_reader :sequence_number
|
20
|
-
|
19
|
+
|
21
20
|
# The hmac algorithm in use for this endpoint.
|
22
21
|
attr_reader :hmac
|
23
|
-
|
22
|
+
|
24
23
|
# The compression algorithm in use for this endpoint.
|
25
24
|
attr_reader :compression
|
26
|
-
|
25
|
+
|
27
26
|
# The compression level to use when compressing data (or nil, for the default).
|
28
27
|
attr_reader :compression_level
|
29
|
-
|
28
|
+
|
30
29
|
# The number of packets processed since the last call to #reset!
|
31
30
|
attr_reader :packets
|
32
|
-
|
31
|
+
|
33
32
|
# The number of data blocks processed since the last call to #reset!
|
34
33
|
attr_reader :blocks
|
35
|
-
|
34
|
+
|
36
35
|
# The cipher algorithm in use for this socket endpoint.
|
37
36
|
attr_reader :cipher
|
38
|
-
|
37
|
+
|
39
38
|
# The block size for the cipher
|
40
39
|
attr_reader :block_size
|
41
|
-
|
40
|
+
|
42
41
|
# The role that this state plays (either :client or :server)
|
43
42
|
attr_reader :role
|
44
|
-
|
43
|
+
|
45
44
|
# The maximum number of packets that this endpoint wants to process before
|
46
45
|
# needing a rekey.
|
47
46
|
attr_accessor :max_packets
|
48
|
-
|
47
|
+
|
49
48
|
# The maximum number of blocks that this endpoint wants to process before
|
50
49
|
# needing a rekey.
|
51
50
|
attr_accessor :max_blocks
|
52
|
-
|
51
|
+
|
53
52
|
# The user-specified maximum number of bytes that this endpoint ought to
|
54
53
|
# process before needing a rekey.
|
55
54
|
attr_accessor :rekey_limit
|
56
|
-
|
55
|
+
|
57
56
|
# Creates a new state object, belonging to the given socket. Initializes
|
58
57
|
# the algorithms to "none".
|
59
58
|
def initialize(socket, role)
|
@@ -65,9 +64,9 @@ module Net
|
|
65
64
|
@hmac = HMAC.get("none")
|
66
65
|
@compression = nil
|
67
66
|
@compressor = @decompressor = nil
|
68
|
-
@next_iv =
|
67
|
+
@next_iv = String.new
|
69
68
|
end
|
70
|
-
|
69
|
+
|
71
70
|
# A convenience method for quickly setting multiple values in a single
|
72
71
|
# command.
|
73
72
|
def set(values)
|
@@ -76,19 +75,19 @@ module Net
|
|
76
75
|
end
|
77
76
|
reset!
|
78
77
|
end
|
79
|
-
|
78
|
+
|
80
79
|
def update_cipher(data)
|
81
80
|
result = cipher.update(data)
|
82
81
|
update_next_iv(role == :client ? result : data)
|
83
82
|
return result
|
84
83
|
end
|
85
|
-
|
84
|
+
|
86
85
|
def final_cipher
|
87
86
|
result = cipher.final
|
88
87
|
update_next_iv(role == :client ? result : "", true)
|
89
88
|
return result
|
90
89
|
end
|
91
|
-
|
90
|
+
|
92
91
|
# Increments the counters. The sequence number is incremented (and remapped
|
93
92
|
# so it always fits in a 32-bit integer). The number of packets and blocks
|
94
93
|
# are also incremented.
|
@@ -97,18 +96,18 @@ module Net
|
|
97
96
|
@packets += 1
|
98
97
|
@blocks += (packet_length + 4) / @block_size
|
99
98
|
end
|
100
|
-
|
99
|
+
|
101
100
|
# The compressor object to use when compressing data. This takes into account
|
102
101
|
# the desired compression level.
|
103
102
|
def compressor
|
104
103
|
@compressor ||= Zlib::Deflate.new(compression_level || Zlib::DEFAULT_COMPRESSION)
|
105
104
|
end
|
106
|
-
|
105
|
+
|
107
106
|
# The decompressor object to use when decompressing data.
|
108
107
|
def decompressor
|
109
108
|
@decompressor ||= Zlib::Inflate.new(nil)
|
110
109
|
end
|
111
|
-
|
110
|
+
|
112
111
|
# Returns true if data compression/decompression is enabled. This will
|
113
112
|
# return true if :standard compression is selected, or if :delayed
|
114
113
|
# compression is selected and the :authenticated hint has been received
|
@@ -116,33 +115,35 @@ module Net
|
|
116
115
|
def compression?
|
117
116
|
compression == :standard || (compression == :delayed && socket.hints[:authenticated])
|
118
117
|
end
|
119
|
-
|
118
|
+
|
120
119
|
# Compresses the data. If no compression is in effect, this will just return
|
121
120
|
# the data unmodified, otherwise it uses #compressor to compress the data.
|
122
121
|
def compress(data)
|
123
122
|
data = data.to_s
|
124
123
|
return data unless compression?
|
124
|
+
|
125
125
|
compressor.deflate(data, Zlib::SYNC_FLUSH)
|
126
126
|
end
|
127
|
-
|
127
|
+
|
128
128
|
# Deompresses the data. If no compression is in effect, this will just return
|
129
129
|
# the data unmodified, otherwise it uses #decompressor to decompress the data.
|
130
130
|
def decompress(data)
|
131
131
|
data = data.to_s
|
132
132
|
return data unless compression?
|
133
|
+
|
133
134
|
decompressor.inflate(data)
|
134
135
|
end
|
135
|
-
|
136
|
+
|
136
137
|
# Resets the counters on the state object, but leaves the sequence_number
|
137
138
|
# unchanged. It also sets defaults for and recomputes the max_packets and
|
138
139
|
# max_blocks values.
|
139
140
|
def reset!
|
140
141
|
@packets = @blocks = 0
|
141
|
-
|
142
|
+
|
142
143
|
@max_packets ||= 1 << 31
|
143
|
-
|
144
|
+
|
144
145
|
@block_size = cipher.block_size
|
145
|
-
|
146
|
+
|
146
147
|
if max_blocks.nil?
|
147
148
|
# cargo-culted from openssh. the idea is that "the 2^(blocksize*2)
|
148
149
|
# limit is too expensive for 3DES, blowfish, etc., so enforce a 1GB
|
@@ -152,16 +153,16 @@ module Net
|
|
152
153
|
else
|
153
154
|
@max_blocks = (1 << 30) / @block_size
|
154
155
|
end
|
155
|
-
|
156
|
+
|
156
157
|
# if a limit on the # of bytes has been given, convert that into a
|
157
158
|
# minimum number of blocks processed.
|
158
|
-
|
159
|
+
|
159
160
|
@max_blocks = [@max_blocks, rekey_limit / @block_size].min if rekey_limit
|
160
161
|
end
|
161
|
-
|
162
|
+
|
162
163
|
cleanup
|
163
164
|
end
|
164
|
-
|
165
|
+
|
165
166
|
# Closes any the compressor and/or decompressor objects that have been
|
166
167
|
# instantiated.
|
167
168
|
def cleanup
|
@@ -169,17 +170,17 @@ module Net
|
|
169
170
|
@compressor.finish if !@compressor.finished?
|
170
171
|
@compressor.close
|
171
172
|
end
|
172
|
-
|
173
|
+
|
173
174
|
if @decompressor
|
174
175
|
# we call reset here so that we don't get warnings when we try to
|
175
176
|
# close the decompressor
|
176
177
|
@decompressor.reset
|
177
178
|
@decompressor.close
|
178
179
|
end
|
179
|
-
|
180
|
+
|
180
181
|
@compressor = @decompressor = nil
|
181
182
|
end
|
182
|
-
|
183
|
+
|
183
184
|
# Returns true if the number of packets processed exceeds the maximum
|
184
185
|
# number of packets, or if the number of blocks processed exceeds the
|
185
186
|
# maximum number of blocks.
|
@@ -187,22 +188,21 @@ module Net
|
|
187
188
|
max_packets && packets > max_packets ||
|
188
189
|
max_blocks && blocks > max_blocks
|
189
190
|
end
|
190
|
-
|
191
|
+
|
191
192
|
private
|
192
|
-
|
193
|
-
def update_next_iv(data, reset=false)
|
193
|
+
|
194
|
+
def update_next_iv(data, reset = false)
|
194
195
|
@next_iv << data
|
195
196
|
@next_iv = @next_iv[@next_iv.size - cipher.iv_len..-1]
|
196
|
-
|
197
|
+
|
197
198
|
if reset
|
198
199
|
cipher.reset
|
199
200
|
cipher.iv = @next_iv
|
200
201
|
end
|
201
|
-
|
202
|
+
|
202
203
|
return data
|
203
204
|
end
|
204
205
|
end
|
205
|
-
|
206
206
|
end
|
207
207
|
end
|
208
208
|
end
|
@@ -5,7 +5,6 @@ require 'net/ssh/verifiers/always'
|
|
5
5
|
module Net
|
6
6
|
module SSH
|
7
7
|
module Verifiers
|
8
|
-
|
9
8
|
# Does a strict host verification, looking the server up in the known
|
10
9
|
# host files to see if a key has already been seen for this server. If this
|
11
10
|
# server does not appear in any host file, this will silently add the
|
@@ -29,7 +28,6 @@ module Net
|
|
29
28
|
return true
|
30
29
|
end
|
31
30
|
end
|
32
|
-
|
33
31
|
end
|
34
32
|
end
|
35
33
|
end
|
@@ -3,7 +3,6 @@ require 'net/ssh/verifiers/accept_new'
|
|
3
3
|
module Net
|
4
4
|
module SSH
|
5
5
|
module Verifiers
|
6
|
-
|
7
6
|
# Basically the same as the AcceptNew verifier, but does not try to actually
|
8
7
|
# verify a connection if the server is the localhost and the port is a
|
9
8
|
# nonstandard port number. Those two conditions will typically mean the
|
@@ -14,6 +13,7 @@ module Net
|
|
14
13
|
# returns true. Otherwise, performs the standard strict verification.
|
15
14
|
def verify(arguments)
|
16
15
|
return true if tunnelled?(arguments)
|
16
|
+
|
17
17
|
super
|
18
18
|
end
|
19
19
|
|
@@ -28,7 +28,6 @@ module Net
|
|
28
28
|
return ip == "127.0.0.1" || ip == "::1"
|
29
29
|
end
|
30
30
|
end
|
31
|
-
|
32
31
|
end
|
33
32
|
end
|
34
33
|
end
|
@@ -4,7 +4,6 @@ require 'net/ssh/known_hosts'
|
|
4
4
|
module Net
|
5
5
|
module SSH
|
6
6
|
module Verifiers
|
7
|
-
|
8
7
|
# Does a strict host verification, looking the server up in the known
|
9
8
|
# host files to see if a key has already been seen for this server. If this
|
10
9
|
# server does not appear in any host file, an exception will be raised
|
@@ -22,9 +21,13 @@ module Net
|
|
22
21
|
|
23
22
|
# If we found any matches, check to see that the key type and
|
24
23
|
# blob also match.
|
24
|
+
|
25
25
|
found = host_keys.any? do |key|
|
26
|
-
key.
|
27
|
-
|
26
|
+
if key.respond_to?(:matches_key?)
|
27
|
+
key.matches_key?(arguments[:key])
|
28
|
+
else
|
29
|
+
key.ssh_type == arguments[:key].ssh_type && key.to_blob == arguments[:key].to_blob
|
30
|
+
end
|
28
31
|
end
|
29
32
|
|
30
33
|
# If a match was found, return true. Otherwise, raise an exception
|
@@ -50,7 +53,6 @@ module Net
|
|
50
53
|
raise exception
|
51
54
|
end
|
52
55
|
end
|
53
|
-
|
54
56
|
end
|
55
57
|
end
|
56
58
|
end
|
@@ -1,7 +1,6 @@
|
|
1
1
|
module Net
|
2
2
|
module SSH
|
3
3
|
module Verifiers
|
4
|
-
|
5
4
|
# This host key verifier simply allows every key it sees, without
|
6
5
|
# any verification. This is simple, but very insecure because it
|
7
6
|
# exposes you to MiTM attacks.
|
@@ -15,7 +14,6 @@ module Net
|
|
15
14
|
true
|
16
15
|
end
|
17
16
|
end
|
18
|
-
|
19
17
|
end
|
20
18
|
end
|
21
19
|
end
|
data/lib/net/ssh/version.rb
CHANGED
@@ -46,13 +46,13 @@ module Net
|
|
46
46
|
end
|
47
47
|
|
48
48
|
# The major component of this version of the Net::SSH library
|
49
|
-
MAJOR =
|
49
|
+
MAJOR = 7
|
50
50
|
|
51
51
|
# The minor component of this version of the Net::SSH library
|
52
52
|
MINOR = 0
|
53
53
|
|
54
54
|
# The tiny component of this version of the Net::SSH library
|
55
|
-
TINY =
|
55
|
+
TINY = 1
|
56
56
|
|
57
57
|
# The prerelease component of this version of the Net::SSH library
|
58
58
|
# nil allowed
|
data/lib/net/ssh.rb
CHANGED
@@ -15,7 +15,6 @@ require 'net/ssh/connection/session'
|
|
15
15
|
require 'net/ssh/prompt'
|
16
16
|
|
17
17
|
module Net
|
18
|
-
|
19
18
|
# Net::SSH is a library for interacting, programmatically, with remote
|
20
19
|
# processes via the SSH2 protocol. Sessions are always initiated via
|
21
20
|
# Net::SSH.start. From there, a program interacts with the new SSH session
|
@@ -122,7 +121,7 @@ module Net
|
|
122
121
|
# * :forward_agent => set to true if you want the SSH agent connection to
|
123
122
|
# be forwarded
|
124
123
|
# * :known_hosts => a custom object holding known hosts records.
|
125
|
-
# It must implement #search_for and add in a similiar manner as KnownHosts.
|
124
|
+
# It must implement #search_for and `add` in a similiar manner as KnownHosts.
|
126
125
|
# * :global_known_hosts_file => the location of the global known hosts
|
127
126
|
# file. Set to an array if you want to specify multiple global known
|
128
127
|
# hosts files. Defaults to %w(/etc/ssh/ssh_known_hosts /etc/ssh/ssh_known_hosts2).
|
@@ -215,7 +214,7 @@ module Net
|
|
215
214
|
# * :fingerprint_hash => 'MD5' or 'SHA256', defaults to 'SHA256'
|
216
215
|
# If +user+ parameter is nil it defaults to USER from ssh_config, or
|
217
216
|
# local username
|
218
|
-
def self.start(host, user=nil, options={}, &block)
|
217
|
+
def self.start(host, user = nil, options = {}, &block)
|
219
218
|
invalid_options = options.keys - VALID_OPTIONS
|
220
219
|
if invalid_options.any?
|
221
220
|
raise ArgumentError, "invalid option(s): #{invalid_options.join(', ')}"
|
@@ -251,7 +250,7 @@ module Net
|
|
251
250
|
transport = Transport::Session.new(host, options)
|
252
251
|
auth = Authentication::Session.new(transport, options)
|
253
252
|
|
254
|
-
user = options.fetch(:user, user) || Etc.
|
253
|
+
user = options.fetch(:user, user) || Etc.getpwuid.name
|
255
254
|
if auth.authenticate("ssh-connection", user, options[:password])
|
256
255
|
connection = Connection::Session.new(transport, options)
|
257
256
|
if block_given?
|
@@ -302,9 +301,9 @@ module Net
|
|
302
301
|
end
|
303
302
|
|
304
303
|
def self._sanitize_options(options)
|
305
|
-
invalid_option_values = [nil,[nil]]
|
304
|
+
invalid_option_values = [nil, [nil]]
|
306
305
|
unless (options.values & invalid_option_values).empty?
|
307
|
-
nil_options = options.select { |_k,v| invalid_option_values.include?(v) }.map(&:first)
|
306
|
+
nil_options = options.select { |_k, v| invalid_option_values.include?(v) }.map(&:first)
|
308
307
|
Kernel.warn "#{caller_locations(2, 1)[0]}: Passing nil, or [nil] to Net::SSH.start is deprecated for keys: #{nil_options.join(', ')}"
|
309
308
|
end
|
310
309
|
end
|
data/net-ssh-public_cert.pem
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
-----BEGIN CERTIFICATE-----
|
2
2
|
MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDDBpuZXRz
|
3
|
-
|
4
|
-
|
3
|
+
c2gvREM9c29sdXRpb3VzL0RDPWNvbTAeFw0yMTA4MTAwODMyMzBaFw0yMjA4MTAw
|
4
|
+
ODMyMzBaMCUxIzAhBgNVBAMMGm5ldHNzaC9EQz1zb2x1dGlvdXMvREM9Y29tMIIB
|
5
5
|
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxieE22fR/qmdPKUHyYTyUx2g
|
6
6
|
wskLwrCkxay+Tvc97ZZUOwf85LDDDPqhQaTWLvRwnIOMgQE2nBPzwalVclK6a+pW
|
7
7
|
x/18KDeZY15vm3Qn5p42b0wi9hUxOqPm3J2hdCLCcgtENgdX21nVzejn39WVqFJO
|
@@ -11,10 +11,10 @@ fBbmDnsMLAtAtauMOxORrbx3EOY7sHku/kSrMg3FXFay7jc6BkbbUij+MjJ/k82l
|
|
11
11
|
AQABo3sweTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQUBfKiwO2e
|
12
12
|
M4NEiRrVG793qEPLYyMwHwYDVR0RBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20w
|
13
13
|
HwYDVR0SBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20wDQYJKoZIhvcNAQELBQAD
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
14
|
+
ggEBABRChgo0Jo+iXSnTpODNongzZoU0sWqwx3/FQVo8nyAyr1qFuiqpSPb4bDbU
|
15
|
+
DsVnUn3t0X/gGA8qJhutlmfTpEQCjUeyj2x9rWpD3lvttlGWV6btQ0qN4Dfc2gsw
|
16
|
+
rCp9Jpful0HGWhiwfjWfsarqAdtLzIG0UC47IN7LGeCMRJIijOsXQhiZ915eNBEw
|
17
|
+
g9+WSSGHkMFt/7vi2pFkvXSC0+RF8ovvRWf4Zw2aYXtJ1GElgi4ZS/s6ZU0gmv20
|
18
|
+
i4SfC5m5UXIVZvOBYiMuZ/1B2m6R9xU41027zfOVwRFNtlVDiNfQRq6sDmz44At/
|
19
|
+
dv8pkxXDgySe41vzlRXFsgIgz5A=
|
20
20
|
-----END CERTIFICATE-----
|
data/net-ssh.gemspec
CHANGED
@@ -15,7 +15,7 @@ Gem::Specification.new do |spec|
|
|
15
15
|
spec.description = %q{Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2.}
|
16
16
|
spec.homepage = "https://github.com/net-ssh/net-ssh"
|
17
17
|
spec.license = "MIT"
|
18
|
-
spec.required_ruby_version = Gem::Requirement.new(">= 2.
|
18
|
+
spec.required_ruby_version = Gem::Requirement.new(">= 2.6")
|
19
19
|
spec.metadata = {
|
20
20
|
"changelog_uri" => "https://github.com/net-ssh/net-ssh/blob/master/CHANGES.txt"
|
21
21
|
}
|
@@ -40,5 +40,5 @@ Gem::Specification.new do |spec|
|
|
40
40
|
spec.add_development_dependency "minitest", "~> 5.10"
|
41
41
|
spec.add_development_dependency "mocha", "~> 1.11.2"
|
42
42
|
spec.add_development_dependency "rake", "~> 12.0"
|
43
|
-
spec.add_development_dependency "rubocop", "~>
|
43
|
+
spec.add_development_dependency "rubocop", "~> 1.28.0"
|
44
44
|
end
|
data/support/ssh_tunnel_bug.rb
CHANGED
@@ -15,12 +15,12 @@
|
|
15
15
|
# visible_hostname netsshtest
|
16
16
|
# * Start squid squid -N -d 1 -D
|
17
17
|
# * Run this script
|
18
|
-
# * Configure browser proxy to use localhost with LOCAL_PORT.
|
18
|
+
# * Configure browser proxy to use localhost with LOCAL_PORT.
|
19
19
|
# * Load any page, wait for it to load fully. If the page loads
|
20
20
|
# correctly, move on. If not, something needs to be corrected.
|
21
21
|
# * Refresh the page several times. This should cause this
|
22
22
|
# script to failed with the error: "closed stream". You may
|
23
|
-
# need to try a few times.
|
23
|
+
# need to try a few times.
|
24
24
|
#
|
25
25
|
|
26
26
|
require 'highline/import'
|
@@ -37,7 +37,7 @@ pass = ask("Password: ") { |q| q.echo = "*" }
|
|
37
37
|
puts "Configure your browser proxy to localhost:#{LOCAL_PORT}"
|
38
38
|
|
39
39
|
begin
|
40
|
-
session = Net::SSH.start(host, user, password: pass)
|
40
|
+
session = Net::SSH.start(host, user, password: pass)
|
41
41
|
session.forward.local(LOCAL_PORT, host, PROXY_PORT)
|
42
42
|
session.loop {true}
|
43
43
|
rescue StandardError => e
|
data.tar.gz.sig
CHANGED
Binary file
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: net-ssh
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 7.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jamis Buck
|
@@ -13,8 +13,8 @@ cert_chain:
|
|
13
13
|
- |
|
14
14
|
-----BEGIN CERTIFICATE-----
|
15
15
|
MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDDBpuZXRz
|
16
|
-
|
17
|
-
|
16
|
+
c2gvREM9c29sdXRpb3VzL0RDPWNvbTAeFw0yMTA4MTAwODMyMzBaFw0yMjA4MTAw
|
17
|
+
ODMyMzBaMCUxIzAhBgNVBAMMGm5ldHNzaC9EQz1zb2x1dGlvdXMvREM9Y29tMIIB
|
18
18
|
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxieE22fR/qmdPKUHyYTyUx2g
|
19
19
|
wskLwrCkxay+Tvc97ZZUOwf85LDDDPqhQaTWLvRwnIOMgQE2nBPzwalVclK6a+pW
|
20
20
|
x/18KDeZY15vm3Qn5p42b0wi9hUxOqPm3J2hdCLCcgtENgdX21nVzejn39WVqFJO
|
@@ -24,14 +24,14 @@ cert_chain:
|
|
24
24
|
AQABo3sweTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQUBfKiwO2e
|
25
25
|
M4NEiRrVG793qEPLYyMwHwYDVR0RBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20w
|
26
26
|
HwYDVR0SBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20wDQYJKoZIhvcNAQELBQAD
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
27
|
+
ggEBABRChgo0Jo+iXSnTpODNongzZoU0sWqwx3/FQVo8nyAyr1qFuiqpSPb4bDbU
|
28
|
+
DsVnUn3t0X/gGA8qJhutlmfTpEQCjUeyj2x9rWpD3lvttlGWV6btQ0qN4Dfc2gsw
|
29
|
+
rCp9Jpful0HGWhiwfjWfsarqAdtLzIG0UC47IN7LGeCMRJIijOsXQhiZ915eNBEw
|
30
|
+
g9+WSSGHkMFt/7vi2pFkvXSC0+RF8ovvRWf4Zw2aYXtJ1GElgi4ZS/s6ZU0gmv20
|
31
|
+
i4SfC5m5UXIVZvOBYiMuZ/1B2m6R9xU41027zfOVwRFNtlVDiNfQRq6sDmz44At/
|
32
|
+
dv8pkxXDgySe41vzlRXFsgIgz5A=
|
33
33
|
-----END CERTIFICATE-----
|
34
|
-
date:
|
34
|
+
date: 2022-06-26 00:00:00.000000000 Z
|
35
35
|
dependencies:
|
36
36
|
- !ruby/object:Gem::Dependency
|
37
37
|
name: bcrypt_pbkdf
|
@@ -137,14 +137,14 @@ dependencies:
|
|
137
137
|
requirements:
|
138
138
|
- - "~>"
|
139
139
|
- !ruby/object:Gem::Version
|
140
|
-
version:
|
140
|
+
version: 1.28.0
|
141
141
|
type: :development
|
142
142
|
prerelease: false
|
143
143
|
version_requirements: !ruby/object:Gem::Requirement
|
144
144
|
requirements:
|
145
145
|
- - "~>"
|
146
146
|
- !ruby/object:Gem::Version
|
147
|
-
version:
|
147
|
+
version: 1.28.0
|
148
148
|
description: 'Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It
|
149
149
|
allows you to write programs that invoke and interact with processes on remote servers,
|
150
150
|
via SSH2.'
|
@@ -156,11 +156,17 @@ extra_rdoc_files:
|
|
156
156
|
- LICENSE.txt
|
157
157
|
- README.md
|
158
158
|
files:
|
159
|
+
- ".dockerignore"
|
160
|
+
- ".github/config/rubocop_linter_action.yml"
|
161
|
+
- ".github/workflows/ci-with-docker.yml"
|
162
|
+
- ".github/workflows/ci.yml"
|
163
|
+
- ".github/workflows/rubocop.yml"
|
159
164
|
- ".gitignore"
|
160
165
|
- ".rubocop.yml"
|
161
166
|
- ".rubocop_todo.yml"
|
162
|
-
- ".travis.yml"
|
163
167
|
- CHANGES.txt
|
168
|
+
- Dockerfile
|
169
|
+
- Dockerfile.openssl3
|
164
170
|
- Gemfile
|
165
171
|
- Gemfile.noed25519
|
166
172
|
- ISSUE_TEMPLATE.md
|
@@ -170,6 +176,7 @@ files:
|
|
170
176
|
- Rakefile
|
171
177
|
- THANKS.txt
|
172
178
|
- appveyor.yml
|
179
|
+
- docker-compose.yml
|
173
180
|
- lib/net/ssh.rb
|
174
181
|
- lib/net/ssh/authentication/agent.rb
|
175
182
|
- lib/net/ssh/authentication/certificate.rb
|
@@ -243,6 +250,7 @@ files:
|
|
243
250
|
- lib/net/ssh/transport/kex/curve25519_sha256.rb
|
244
251
|
- lib/net/ssh/transport/kex/curve25519_sha256_loader.rb
|
245
252
|
- lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb
|
253
|
+
- lib/net/ssh/transport/kex/diffie_hellman_group14_sha256.rb
|
246
254
|
- lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb
|
247
255
|
- lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb
|
248
256
|
- lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb
|
@@ -276,14 +284,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
276
284
|
requirements:
|
277
285
|
- - ">="
|
278
286
|
- !ruby/object:Gem::Version
|
279
|
-
version: '2.
|
287
|
+
version: '2.6'
|
280
288
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
281
289
|
requirements:
|
282
290
|
- - ">="
|
283
291
|
- !ruby/object:Gem::Version
|
284
292
|
version: '0'
|
285
293
|
requirements: []
|
286
|
-
rubygems_version: 3.
|
294
|
+
rubygems_version: 3.1.6
|
287
295
|
signing_key:
|
288
296
|
specification_version: 4
|
289
297
|
summary: 'Net::SSH: a pure-Ruby implementation of the SSH2 client protocol.'
|
metadata.gz.sig
CHANGED
Binary file
|
data/.travis.yml
DELETED
@@ -1,52 +0,0 @@
|
|
1
|
-
language: ruby
|
2
|
-
sudo: true
|
3
|
-
dist: trusty
|
4
|
-
|
5
|
-
addon:
|
6
|
-
hosts:
|
7
|
-
gateway.netssh
|
8
|
-
|
9
|
-
rvm:
|
10
|
-
- 2.3.8
|
11
|
-
- 2.4.8
|
12
|
-
- 2.5.7
|
13
|
-
- 2.6.5
|
14
|
-
- 2.7.0
|
15
|
-
- jruby-9.2.11.1
|
16
|
-
- rbx-3.107
|
17
|
-
- ruby-head
|
18
|
-
env:
|
19
|
-
NET_SSH_RUN_INTEGRATION_TESTS=1
|
20
|
-
|
21
|
-
matrix:
|
22
|
-
exclude:
|
23
|
-
- rvm: rbx-3.107
|
24
|
-
include:
|
25
|
-
- rvm: rbx-3.107
|
26
|
-
env: NET_SSH_RUN_INTEGRATION_TESTS=
|
27
|
-
- rvm: jruby-9.2.11.1
|
28
|
-
env: JRUBY_OPTS='--client -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -Xcext.enabled=false -J-Xss2m -Xcompile.invokedynamic=false' NET_SSH_RUN_INTEGRATION_TESTS=
|
29
|
-
fast_finish: true
|
30
|
-
allow_failures:
|
31
|
-
- rvm: rbx-3.107
|
32
|
-
- rvm: jruby-9.2.11.1
|
33
|
-
- rvm: ruby-head
|
34
|
-
|
35
|
-
install:
|
36
|
-
- export JRUBY_OPTS='--client -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -Xcext.enabled=false -J-Xss2m -Xcompile.invokedynamic=false'
|
37
|
-
- sudo pip install ansible urllib3 pyOpenSSL ndg-httpsclient pyasn1
|
38
|
-
- gem install bundler -v "= 1.17"
|
39
|
-
- gem list bundler
|
40
|
-
- bundle _1.17_ install
|
41
|
-
- bundle _1.17_ -v
|
42
|
-
- BUNDLE_GEMFILE=./Gemfile.noed25519 bundle _1.17_ install
|
43
|
-
- sudo ansible-galaxy install rvm.ruby
|
44
|
-
- sudo chown -R travis:travis /home/travis/.ansible
|
45
|
-
- ansible-playbook ./test/integration/playbook.yml -i "localhost," --become -c local -e 'no_rvm=true' -e 'myuser=travis' -e 'mygroup=travis' -e 'homedir=/home/travis'
|
46
|
-
|
47
|
-
script:
|
48
|
-
- ssh -V
|
49
|
-
- bundle _1.17_ exec rake test
|
50
|
-
- BUNDLE_GEMFILE=./Gemfile.noed25519 bundle _1.17_ exec rake test
|
51
|
-
- bundle _1.17_ exec rake test_test
|
52
|
-
- bundle _1.17_ exec rubocop
|