RubyGems - net-ssh - Versions diffs - 6.2.0.rc2 → 6.3.0.beta1 - Mend

net-ssh 6.2.0.rc2 → 6.3.0.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (92) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/.github/workflows/ci.yml +27 -10
data/.rubocop.yml +11 -1
data/.rubocop_todo.yml +374 -173
data/.travis.yml +10 -11
data/CHANGES.txt +6 -0
data/Gemfile +2 -0
data/Gemfile.noed25519 +2 -0
data/README.md +2 -2
data/Rakefile +1 -0
data/lib/net/ssh.rb +1 -2
data/lib/net/ssh/authentication/agent.rb +4 -2
data/lib/net/ssh/authentication/certificate.rb +3 -1
data/lib/net/ssh/authentication/constants.rb +0 -1
data/lib/net/ssh/authentication/ed25519.rb +6 -2
data/lib/net/ssh/authentication/ed25519_loader.rb +4 -7
data/lib/net/ssh/authentication/key_manager.rb +28 -29
data/lib/net/ssh/authentication/methods/abstract.rb +0 -1
data/lib/net/ssh/authentication/methods/hostbased.rb +0 -2
data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +1 -1
data/lib/net/ssh/authentication/methods/none.rb +5 -8
data/lib/net/ssh/authentication/methods/password.rb +1 -2
data/lib/net/ssh/authentication/methods/publickey.rb +0 -2
data/lib/net/ssh/authentication/pageant.rb +89 -89
data/lib/net/ssh/authentication/session.rb +14 -15
data/lib/net/ssh/buffer.rb +10 -5
data/lib/net/ssh/buffered_io.rb +18 -19
data/lib/net/ssh/config.rb +29 -16
data/lib/net/ssh/connection/channel.rb +71 -69
data/lib/net/ssh/connection/constants.rb +0 -4
data/lib/net/ssh/connection/event_loop.rb +22 -16
data/lib/net/ssh/connection/keepalive.rb +12 -12
data/lib/net/ssh/connection/session.rb +95 -94
data/lib/net/ssh/connection/term.rb +56 -58
data/lib/net/ssh/errors.rb +10 -10
data/lib/net/ssh/key_factory.rb +0 -1
data/lib/net/ssh/known_hosts.rb +79 -11
data/lib/net/ssh/loggable.rb +8 -9
data/lib/net/ssh/packet.rb +1 -1
data/lib/net/ssh/prompt.rb +8 -10
data/lib/net/ssh/proxy/command.rb +1 -1
data/lib/net/ssh/proxy/errors.rb +2 -4
data/lib/net/ssh/proxy/http.rb +17 -19
data/lib/net/ssh/proxy/https.rb +6 -8
data/lib/net/ssh/proxy/jump.rb +8 -10
data/lib/net/ssh/proxy/socks4.rb +1 -3
data/lib/net/ssh/proxy/socks5.rb +2 -4
data/lib/net/ssh/service/forward.rb +3 -3
data/lib/net/ssh/test.rb +1 -2
data/lib/net/ssh/test/channel.rb +20 -22
data/lib/net/ssh/test/extensions.rb +29 -29
data/lib/net/ssh/test/kex.rb +6 -8
data/lib/net/ssh/test/local_packet.rb +0 -2
data/lib/net/ssh/test/packet.rb +2 -2
data/lib/net/ssh/test/remote_packet.rb +5 -7
data/lib/net/ssh/test/script.rb +21 -23
data/lib/net/ssh/test/socket.rb +11 -14
data/lib/net/ssh/transport/algorithms.rb +2 -1
data/lib/net/ssh/transport/cipher_factory.rb +13 -13
data/lib/net/ssh/transport/constants.rb +3 -3
data/lib/net/ssh/transport/ctr.rb +4 -4
data/lib/net/ssh/transport/hmac/abstract.rb +0 -1
data/lib/net/ssh/transport/hmac/md5.rb +0 -2
data/lib/net/ssh/transport/hmac/md5_96.rb +0 -2
data/lib/net/ssh/transport/hmac/none.rb +0 -2
data/lib/net/ssh/transport/hmac/ripemd160.rb +0 -2
data/lib/net/ssh/transport/hmac/sha1.rb +0 -2
data/lib/net/ssh/transport/hmac/sha1_96.rb +0 -2
data/lib/net/ssh/transport/identity_cipher.rb +10 -12
data/lib/net/ssh/transport/kex.rb +2 -0
data/lib/net/ssh/transport/kex/curve25519_sha256.rb +1 -0
data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +4 -4
data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha256.rb +11 -0
data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +0 -1
data/lib/net/ssh/transport/key_expander.rb +6 -7
data/lib/net/ssh/transport/openssl.rb +6 -11
data/lib/net/ssh/transport/packet_stream.rb +1 -2
data/lib/net/ssh/transport/server_version.rb +17 -16
data/lib/net/ssh/transport/session.rb +3 -1
data/lib/net/ssh/transport/state.rb +42 -42
data/lib/net/ssh/verifiers/accept_new.rb +0 -2
data/lib/net/ssh/verifiers/accept_new_or_local_tunnel.rb +1 -2
data/lib/net/ssh/verifiers/always.rb +6 -4
data/lib/net/ssh/verifiers/never.rb +0 -2
data/lib/net/ssh/version.rb +2 -2
data/net-ssh-public_cert.pem +8 -8
data/net-ssh.gemspec +2 -2
data/support/ssh_tunnel_bug.rb +3 -3
metadata +14 -13
metadata.gz.sig +0 -0

data/lib/net/ssh/test/socket.rb CHANGED Viewed

@@ -3,66 +3,63 @@ require 'stringio'
 require 'net/ssh/test/extensions'
 require 'net/ssh/test/script'
-module Net
-  module SSH
+module Net
+  module SSH
     module Test
       # A mock socket implementation for use in testing. It implements the minimum
       # necessary interface for interacting with the rest of the Net::SSH::Test
       # system.
       class Socket < StringIO
         attr_reader :host, :port
         # The Net::SSH::Test::Script object in use by this socket. This is the
         # canonical script instance that should be used for any test depending on
         # this socket instance.
         attr_reader :script
         # Create a new test socket. This will also instantiate a new Net::SSH::Test::Script
         # and seed it with the necessary events to power the initialization of the
         # connection.
         def initialize
           extend(Net::SSH::Transport::PacketStream)
           super "SSH-2.0-Test\r\n"
           @script = Script.new
           script.sends(:kexinit)
           script.gets(:kexinit, 1, 2, 3, 4, "test", "ssh-rsa", "none", "none", "none", "none", "none", "none", "", "", false)
           script.sends(:newkeys)
           script.gets(:newkeys)
         end
         # This doesn't actually do anything, since we don't really care what gets
         # written.
         def write(data)
           # black hole, because we don't actually care about what gets written
         end
         # Allows the socket to also mimic a socket factory, simply returning
         # +self+.
         def open(host, port, options={})
           @host, @port = host, port
           self
         end
         # Returns a sockaddr struct for the port and host that were used when the
         # socket was instantiated.
         def getpeername
           ::Socket.sockaddr_in(port, host)
         end
         # Alias to #read, but never returns nil (returns an empty string instead).
         def recv(n)
           read(n) || ""
         end
         def readpartial(n)
           recv(n)
         end
       end
     end
   end
 end

data/lib/net/ssh/transport/algorithms.rb CHANGED Viewed

@@ -41,6 +41,7 @@ module Net
                   ecdh-sha2-nistp384
                   ecdh-sha2-nistp256
                   diffie-hellman-group-exchange-sha256
+                  diffie-hellman-group14-sha256
                   diffie-hellman-group14-sha1],
           encryption: %w[aes256-ctr aes192-ctr aes128-ctr],
@@ -277,7 +278,7 @@ module Net
             # existing known key for the host has preference.
             existing_keys = session.host_keys
-            host_keys = existing_keys.map { |key| key.ssh_type }.uniq
+            host_keys = existing_keys.flat_map { |key| key.respond_to?(:ssh_types) ? key.ssh_types : [key.ssh_type] }.uniq
             algorithms[:host_key].each do |name|
               host_keys << name unless host_keys.include?(name)
             end

data/lib/net/ssh/transport/cipher_factory.rb CHANGED Viewed

@@ -3,10 +3,9 @@ require 'net/ssh/transport/ctr.rb'
 require 'net/ssh/transport/key_expander'
 require 'net/ssh/transport/identity_cipher'
-module Net
-  module SSH
+module Net
+  module SSH
     module Transport
       # Implements a factory of OpenSSL cipher algorithms.
       class CipherFactory
         # Maps the SSH name of a cipher to it's corresponding OpenSSL name
@@ -35,9 +34,10 @@ module Net
         def self.supported?(name)
           ossl_name = SSH_TO_OSSL[name] or raise NotImplementedError, "unimplemented cipher `#{name}'"
           return true if ossl_name == "none"
           return OpenSSL::Cipher.ciphers.include?(ossl_name)
         end
         # Retrieves a new instance of the named algorithm. The new instance
         # will be initialized using an iv and key generated from the given
         # iv, key, shared, hash and digester values. Additionally, the
@@ -46,12 +46,13 @@ module Net
         def self.get(name, options={})
           ossl_name = SSH_TO_OSSL[name] or raise NotImplementedError, "unimplemented cipher `#{name}'"
           return IdentityCipher if ossl_name == "none"
           cipher = OpenSSL::Cipher.new(ossl_name)
           cipher.send(options[:encrypt] ? :encrypt : :decrypt)
           cipher.padding = 0
           if name =~ /-ctr(@openssh.org)?$/
             if ossl_name !~ /-ctr/
               cipher.extend(Net::SSH::Transport::CTR)
@@ -60,14 +61,14 @@ module Net
             end
           end
           cipher.iv = Net::SSH::Transport::KeyExpander.expand_key(cipher.iv_len, options[:iv], options)
           key_len = cipher.key_len
           cipher.key_len = key_len
           cipher.key = Net::SSH::Transport::KeyExpander.expand_key(key_len, options[:key], options)
           return cipher
         end
         # Returns a two-element array containing the [ key-length,
         # block-size ] for the named cipher algorithm. If the cipher
         # algorithm is unknown, or is "none", 0 is returned for both elements
@@ -82,7 +83,7 @@ module Net
             cipher = OpenSSL::Cipher.new(ossl_name)
             key_len = cipher.key_len
             cipher.key_len = key_len
             block_size =
               case ossl_name
               when /\-ctr/
@@ -90,14 +91,13 @@ module Net
               else
                 cipher.block_size
               end
             result = [key_len, block_size]
             result << cipher.iv_len if options[:iv_len]
           end
           result
         end
       end
     end
   end
 end

data/lib/net/ssh/transport/constants.rb CHANGED Viewed

@@ -1,5 +1,5 @@
-module Net
-  module SSH
+module Net
+  module SSH
     module Transport
       module Constants
         #--
@@ -12,7 +12,7 @@ module Net
         DEBUG                     = 4
         SERVICE_REQUEST           = 5
         SERVICE_ACCEPT            = 6
         #--
         # Algorithm negotiation messages
         #++

data/lib/net/ssh/transport/ctr.rb CHANGED Viewed

@@ -32,7 +32,7 @@ module Net::SSH::Transport
   module CTR
     def self.extended(orig)
       orig.instance_eval {
-        @remaining = ""
+        @remaining = String.new
         @counter = nil
         @counter_len = orig.block_size
         orig.encrypt
@@ -67,13 +67,13 @@ module Net::SSH::Transport
         end
         def reset
-          @remaining = ""
+          @remaining = String.new
         end
         def update(data)
           @remaining += data
-          encrypted = ""
+          encrypted = String.new
           offset = 0
           while (@remaining.bytesize - offset) >= block_size
@@ -89,7 +89,7 @@ module Net::SSH::Transport
         def final
           s = @remaining.empty? ? '' : xor!(@remaining, _update(@counter))
-          @remaining = ""
+          @remaining = String.new
           s
         end

data/lib/net/ssh/transport/hmac/abstract.rb CHANGED Viewed

@@ -5,7 +5,6 @@ module Net
   module SSH
     module Transport
       module HMAC
         # The base class of all OpenSSL-based HMAC algorithm wrappers.
         class Abstract
           class <<self

data/lib/net/ssh/transport/hmac/md5.rb CHANGED Viewed

@@ -1,12 +1,10 @@
 require 'net/ssh/transport/hmac/abstract'
 module Net::SSH::Transport::HMAC
   # The MD5 HMAC algorithm.
   class MD5 < Abstract
     mac_length   16
     key_length   16
     digest_class OpenSSL::Digest::MD5
   end
 end

data/lib/net/ssh/transport/hmac/md5_96.rb CHANGED Viewed

@@ -1,11 +1,9 @@
 require 'net/ssh/transport/hmac/md5'
 module Net::SSH::Transport::HMAC
   # The MD5-96 HMAC algorithm. This returns only the first 12 bytes of
   # the digest.
   class MD5_96 < MD5
     mac_length 12
   end
 end

data/lib/net/ssh/transport/hmac/none.rb CHANGED Viewed

@@ -1,7 +1,6 @@
 require 'net/ssh/transport/hmac/abstract'
 module Net::SSH::Transport::HMAC
   # The "none" algorithm. This has a key and mac length of 0.
   class None < Abstract
     key_length 0
@@ -11,5 +10,4 @@ module Net::SSH::Transport::HMAC
       ""
     end
   end
 end

data/lib/net/ssh/transport/hmac/ripemd160.rb CHANGED Viewed

@@ -1,7 +1,6 @@
 require 'net/ssh/transport/hmac/abstract'
 module Net::SSH::Transport::HMAC
   # The RIPEMD-160 HMAC algorithm. This has a mac and key length of 20, and
   # uses the RIPEMD-160 digest algorithm.
   class RIPEMD160 < Abstract
@@ -9,5 +8,4 @@ module Net::SSH::Transport::HMAC
     key_length   20
     digest_class OpenSSL::Digest::RIPEMD160
   end
 end

data/lib/net/ssh/transport/hmac/sha1.rb CHANGED Viewed

@@ -1,7 +1,6 @@
 require 'net/ssh/transport/hmac/abstract'
 module Net::SSH::Transport::HMAC
   # The SHA1 HMAC algorithm. This has a mac and key length of 20, and
   # uses the SHA1 digest algorithm.
   class SHA1 < Abstract
@@ -9,5 +8,4 @@ module Net::SSH::Transport::HMAC
     key_length   20
     digest_class OpenSSL::Digest::SHA1
   end
 end

data/lib/net/ssh/transport/hmac/sha1_96.rb CHANGED Viewed

@@ -1,11 +1,9 @@
 require 'net/ssh/transport/hmac/sha1'
 module Net::SSH::Transport::HMAC
   # The SHA1-96 HMAC algorithm. This returns only the first 12 bytes of
   # the digest.
   class SHA1_96 < SHA1
     mac_length 12
   end
 end

data/lib/net/ssh/transport/identity_cipher.rb CHANGED Viewed

@@ -1,7 +1,6 @@
-module Net
-  module SSH
+module Net
+  module SSH
     module Transport
       # A cipher that does nothing but pass the data through, unchanged. This
       # keeps things in the code nice and clean when a cipher has not yet been
       # determined (i.e., during key exchange).
@@ -11,49 +10,48 @@ module Net
           def block_size
             8
           end
           # Returns an arbitrary integer.
           def iv_len
             4
           end
           # Does nothing. Returns self.
           def encrypt
             self
           end
           # Does nothing. Returns self.
           def decrypt
             self
           end
           # Passes its single argument through unchanged.
           def update(text)
             text
           end
           # Returns the empty string.
           def final
             ""
           end
           # The name of this cipher, which is "identity".
           def name
             "identity"
           end
           # Does nothing. Returns nil.
           def iv=(v)
             nil
           end
           # Does nothing. Returns self.
           def reset
             self
           end
         end
       end
     end
   end
 end

data/lib/net/ssh/transport/kex.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 require 'net/ssh/transport/kex/diffie_hellman_group1_sha1'
 require 'net/ssh/transport/kex/diffie_hellman_group14_sha1'
+require 'net/ssh/transport/kex/diffie_hellman_group14_sha256'
 require 'net/ssh/transport/kex/diffie_hellman_group_exchange_sha1'
 require 'net/ssh/transport/kex/diffie_hellman_group_exchange_sha256'
 require 'net/ssh/transport/kex/ecdh_sha2_nistp256'
@@ -14,6 +15,7 @@ module Net::SSH::Transport
     MAP = {
       'diffie-hellman-group1-sha1'           => DiffieHellmanGroup1SHA1,
       'diffie-hellman-group14-sha1'          => DiffieHellmanGroup14SHA1,
+      'diffie-hellman-group14-sha256'        => DiffieHellmanGroup14SHA256,
       'diffie-hellman-group-exchange-sha1'   => DiffieHellmanGroupExchangeSHA1,
       'diffie-hellman-group-exchange-sha256' => DiffieHellmanGroupExchangeSHA256,
       'ecdh-sha2-nistp256'                   => EcdhSHA2NistP256,

data/lib/net/ssh/transport/kex/curve25519_sha256.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 gem 'x25519' # raise if the gem x25519 is not installed
 require 'x25519'
 require 'net/ssh/transport/constants'
 require 'net/ssh/transport/kex/abstract5656'

data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 require 'net/ssh/transport/kex/diffie_hellman_group1_sha1'
-module Net
-  module SSH
-    module Transport
+module Net
+  module SSH
+    module Transport
       module Kex
         # A key-exchange service implementing the "diffie-hellman-group14-sha1"
         # key-exchange algorithm. (defined in RFC 4253)
@@ -24,7 +24,7 @@ module Net
                 "B5C55DF0" "6F4C52C9" "DE2BCBF6" "95581718" +
                 "3995497C" "EA956AE5" "15D22618" "98FA0510" +
                 "15728E5A" "8AACAA68" "FFFFFFFF" "FFFFFFFF"
           # The radix in which P_s represents the value of P
           P_r = 16

data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha256.rb ADDED Viewed

@@ -0,0 +1,11 @@
+require 'net/ssh/transport/kex/diffie_hellman_group14_sha1'
+module Net::SSH::Transport::Kex
+  # A key-exchange service implementing the "diffie-hellman-group14-sha256"
+  # key-exchange algorithm.
+  class DiffieHellmanGroup14SHA256 < DiffieHellmanGroup14SHA1
+    def digester
+      OpenSSL::Digest::SHA256
+    end
+  end
+end