net-ssh 7.2.0.rc1 → 7.2.1.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/.github/workflows/ci.yml +3 -2
- data/.gitignore +2 -0
- data/CHANGES.txt +7 -0
- data/Dockerfile +3 -1
- data/Rakefile +41 -13
- data/docker-compose.yml +2 -0
- data/lib/net/ssh/authentication/key_manager.rb +19 -2
- data/lib/net/ssh/authentication/methods/publickey.rb +1 -1
- data/lib/net/ssh/authentication/session.rb +7 -0
- data/lib/net/ssh/buffered_io.rb +1 -1
- data/lib/net/ssh/version.rb +1 -1
- data/lib/net/ssh.rb +3 -1
- data/net-ssh.gemspec +2 -2
- data.tar.gz.sig +0 -0
- metadata +6 -6
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a17dfe9f90130318edc6753cf4f4a203a840425f3b08ba3c9613c2d64f619d00
|
|
4
|
+
data.tar.gz: d8b3be6e4d44328462c85dd423cf29a7089aae1ea2fe838859b8be798915a234
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 86f2886564ba68702ae6e82ed911af1912688b5104d79455510654109b72971ede576e2255bf88ef756a03be00f815c7f5320d5a1e24f63cac8261940e1bbad8
|
|
7
|
+
data.tar.gz: 6262e90adef7ef84d991295a6ba53bb0f4504b9ad3587674149a6cb619426f03ce578ab5032097b0bbdcfc4424252bdf3138a4bca98debae4dbc9f03e19f0b4a
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
data/.github/workflows/ci.yml
CHANGED
|
@@ -7,7 +7,7 @@ jobs:
|
|
|
7
7
|
runs-on: ubuntu-22.04
|
|
8
8
|
strategy:
|
|
9
9
|
matrix:
|
|
10
|
-
ruby-version: [2.6.10, 2.7.7, 3.0.
|
|
10
|
+
ruby-version: [2.6.10, 2.7.7, 3.0.6, 3.1.3, 3.2.1, '3.3.0-rc1']
|
|
11
11
|
steps:
|
|
12
12
|
- uses: actions/checkout@v3
|
|
13
13
|
|
|
@@ -39,13 +39,14 @@ jobs:
|
|
|
39
39
|
${{ runner.os }}-pip-v1
|
|
40
40
|
- name: Bundle install
|
|
41
41
|
run: |
|
|
42
|
-
gem install bundler
|
|
42
|
+
gem install bundler ${{ (startsWith(matrix.ruby-version, '2.6.') || startsWith(matrix.ruby-version, '2.7.')) && '-v 2.4.22' || '' }}
|
|
43
43
|
bundle config set path 'vendor/bundle'
|
|
44
44
|
bundle config set --local path 'vendor/bundle'
|
|
45
45
|
bundle install --jobs 4 --retry 3 --path vendor/bundle
|
|
46
46
|
BUNDLE_GEMFILE=./Gemfile.noed25519 bundle install --jobs 4 --retry 3 --path vendor/bundle
|
|
47
47
|
env:
|
|
48
48
|
BUNDLE_PATH: vendor/bundle
|
|
49
|
+
|
|
49
50
|
|
|
50
51
|
- name: Add to etc/hosts
|
|
51
52
|
run: |
|
data/.gitignore
CHANGED
data/CHANGES.txt
CHANGED
|
@@ -1,5 +1,12 @@
|
|
|
1
|
+
=== 7.2.1 rc1
|
|
2
|
+
|
|
3
|
+
* feat: allow load of certkey from string [#926]
|
|
4
|
+
* fix: fix for Socket#recv returning nil on ruby 3.3.0 [#928]
|
|
5
|
+
|
|
1
6
|
=== 7.2.0
|
|
2
7
|
|
|
8
|
+
* Add debugging information for algorithm of pubkey in use [#918]
|
|
9
|
+
|
|
3
10
|
=== 7.2.0 rc1
|
|
4
11
|
|
|
5
12
|
* Allow IdentityAgent as option to Net::SSH.start [#912]
|
data/Dockerfile
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
ARG RUBY_VERSION=3.1
|
|
2
2
|
FROM ruby:${RUBY_VERSION}
|
|
3
3
|
|
|
4
|
+
ARG BUNDLERV=
|
|
5
|
+
|
|
4
6
|
RUN apt update && apt install -y openssh-server sudo netcat-openbsd \
|
|
5
7
|
&& useradd --create-home --shell '/bin/bash' --comment 'NetSSH' 'net_ssh_1' \
|
|
6
8
|
&& useradd --create-home --shell '/bin/bash' --comment 'NetSSH' 'net_ssh_2' \
|
|
@@ -20,7 +22,7 @@ COPY Gemfile net-ssh.gemspec $INSTALL_PATH/
|
|
|
20
22
|
|
|
21
23
|
COPY lib/net/ssh/version.rb $INSTALL_PATH/lib/net/ssh/version.rb
|
|
22
24
|
|
|
23
|
-
RUN gem install bundler && bundle install
|
|
25
|
+
RUN gem install bundler ${BUNDLERV} && bundle install
|
|
24
26
|
|
|
25
27
|
COPY . $INSTALL_PATH/
|
|
26
28
|
|
data/Rakefile
CHANGED
|
@@ -59,29 +59,48 @@ def change_version(&block)
|
|
|
59
59
|
version_file = 'lib/net/ssh/version.rb'
|
|
60
60
|
require_relative version_file
|
|
61
61
|
pre = Net::SSH::Version::PRE
|
|
62
|
-
|
|
62
|
+
tiny = Net::SSH::Version::TINY
|
|
63
|
+
result = block[pre: pre, tiny: Net::SSH::Version::TINY]
|
|
63
64
|
raise "Version change logic should always return a pre", ArgumentError unless result.key?(:pre)
|
|
64
65
|
|
|
65
66
|
new_pre = result[:pre]
|
|
66
|
-
|
|
67
|
+
new_tiny = result[:tiny] || tiny
|
|
68
|
+
found = { pre: false, tiny: false }
|
|
67
69
|
File.open("#{version_file}.new", "w") do |f|
|
|
68
70
|
File.readlines(version_file).each do |line|
|
|
69
|
-
match =
|
|
71
|
+
match =
|
|
72
|
+
if pre.nil?
|
|
73
|
+
/^(\s+PRE\s+=\s+)nil(\s*)$/.match(line)
|
|
74
|
+
else
|
|
75
|
+
/^(\s+PRE\s+=\s+")#{pre}("\s*)$/.match(line)
|
|
76
|
+
end
|
|
70
77
|
if match
|
|
71
78
|
prefix = match[1]
|
|
72
79
|
postfix = match[2]
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
postfix.delete_prefix!('"')
|
|
76
|
-
end
|
|
80
|
+
prefix.delete_suffix!('"')
|
|
81
|
+
postfix.delete_prefix!('"')
|
|
77
82
|
new_line = "#{prefix}#{new_pre.inspect}#{postfix}"
|
|
78
83
|
puts "Changing:\n - #{line} + #{new_line}"
|
|
79
84
|
line = new_line
|
|
80
|
-
found = true
|
|
85
|
+
found[:pre] = true
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
if new_tiny != tiny
|
|
89
|
+
match = /^(\s+TINY\s+=\s+)#{tiny}(\s*)$/.match(line)
|
|
90
|
+
if match
|
|
91
|
+
prefix = match[1]
|
|
92
|
+
postfix = match[2]
|
|
93
|
+
new_line = "#{prefix}#{new_tiny}#{postfix}"
|
|
94
|
+
puts "Changing:\n - #{line} + #{new_line}"
|
|
95
|
+
line = new_line
|
|
96
|
+
found[:tiny] = true
|
|
97
|
+
end
|
|
81
98
|
end
|
|
99
|
+
|
|
82
100
|
f.write(line)
|
|
83
101
|
end
|
|
84
|
-
raise
|
|
102
|
+
raise ArgumentError, "Cound not find line: PRE = \"#{pre}\" in #{version_file}" unless found[:pre]
|
|
103
|
+
raise ArgumentError, "Cound not find line: TINY = \"#{tiny}\" in #{version_file}" unless found[:tiny]
|
|
85
104
|
end
|
|
86
105
|
|
|
87
106
|
FileUtils.mv version_file, "#{version_file}.old"
|
|
@@ -99,12 +118,21 @@ namespace :vbump do
|
|
|
99
118
|
end
|
|
100
119
|
|
|
101
120
|
desc "Increment prerelease"
|
|
102
|
-
task :pre do
|
|
103
|
-
change_version do |pre:|
|
|
121
|
+
task :pre, [:type] do |_t, args|
|
|
122
|
+
change_version do |pre:, tiny:|
|
|
123
|
+
puts " PRE => #{pre.inspect}"
|
|
104
124
|
match = /^([a-z]+)(\d+)/.match(pre)
|
|
105
|
-
raise ArgumentError, "Unexpected pre: #{pre}" if match.nil?
|
|
125
|
+
raise ArgumentError, "Unexpected pre: #{pre}" if match.nil? && args[:type].nil?
|
|
106
126
|
|
|
107
|
-
|
|
127
|
+
if match.nil? || (!args[:type].nil? && args[:type] != match[1])
|
|
128
|
+
if pre.nil?
|
|
129
|
+
{ pre: "#{args[:type]}1", tiny: tiny + 1 }
|
|
130
|
+
else
|
|
131
|
+
{ pre: "#{args[:type]}1" }
|
|
132
|
+
end
|
|
133
|
+
else
|
|
134
|
+
{ pre: "#{match[1]}#{match[2].to_i + 1}" }
|
|
135
|
+
end
|
|
108
136
|
end
|
|
109
137
|
end
|
|
110
138
|
end
|
data/docker-compose.yml
CHANGED
|
@@ -32,6 +32,9 @@ module Net
|
|
|
32
32
|
# The list of user key certificate files that will be examined
|
|
33
33
|
attr_reader :keycert_files
|
|
34
34
|
|
|
35
|
+
# The list of user key certificate data that will be examined
|
|
36
|
+
attr_reader :keycert_data
|
|
37
|
+
|
|
35
38
|
# The map of loaded identities
|
|
36
39
|
attr_reader :known_identities
|
|
37
40
|
|
|
@@ -46,6 +49,7 @@ module Net
|
|
|
46
49
|
@key_files = []
|
|
47
50
|
@key_data = []
|
|
48
51
|
@keycert_files = []
|
|
52
|
+
@keycert_data = []
|
|
49
53
|
@use_agent = options[:use_agent] != false
|
|
50
54
|
@known_identities = {}
|
|
51
55
|
@agent = nil
|
|
@@ -59,6 +63,7 @@ module Net
|
|
|
59
63
|
def clear!
|
|
60
64
|
key_files.clear
|
|
61
65
|
key_data.clear
|
|
66
|
+
keycert_data.clear
|
|
62
67
|
known_identities.clear
|
|
63
68
|
self
|
|
64
69
|
end
|
|
@@ -75,6 +80,12 @@ module Net
|
|
|
75
80
|
self
|
|
76
81
|
end
|
|
77
82
|
|
|
83
|
+
# Add the given keycert_data to the list of keycerts that will be used.
|
|
84
|
+
def add_keycert_data(keycert_data_)
|
|
85
|
+
keycert_data.push(keycert_data_).uniq!
|
|
86
|
+
self
|
|
87
|
+
end
|
|
88
|
+
|
|
78
89
|
# Add the given key_file to the list of keys that will be used.
|
|
79
90
|
def add_key_data(key_data_)
|
|
80
91
|
key_data.push(key_data_).uniq!
|
|
@@ -132,8 +143,8 @@ module Net
|
|
|
132
143
|
end
|
|
133
144
|
|
|
134
145
|
known_identity_blobs = known_identities.keys.map(&:to_blob)
|
|
135
|
-
|
|
136
|
-
|
|
146
|
+
|
|
147
|
+
keycerts.each do |keycert|
|
|
137
148
|
next if known_identity_blobs.include?(keycert.to_blob)
|
|
138
149
|
|
|
139
150
|
(_, corresponding_identity) = known_identities.detect { |public_key, _|
|
|
@@ -227,6 +238,12 @@ module Net
|
|
|
227
238
|
|
|
228
239
|
private
|
|
229
240
|
|
|
241
|
+
# Load keycerts from files and data.
|
|
242
|
+
def keycerts
|
|
243
|
+
keycert_files.map { |keycert_file| KeyFactory.load_public_key(keycert_file) } +
|
|
244
|
+
keycert_data.map { |data| KeyFactory.load_data_public_key(data) }
|
|
245
|
+
end
|
|
246
|
+
|
|
230
247
|
# Prepares identities from user key_files for loading, preserving their order and sources.
|
|
231
248
|
def prepare_identities_from_files
|
|
232
249
|
key_files.map do |file|
|
|
@@ -44,7 +44,7 @@ module Net
|
|
|
44
44
|
end
|
|
45
45
|
|
|
46
46
|
def authenticate_with_alg(identity, next_service, username, alg, sig_alg = nil)
|
|
47
|
-
debug { "trying publickey (#{identity.fingerprint})" }
|
|
47
|
+
debug { "trying publickey (#{identity.fingerprint}) alg #{alg}" }
|
|
48
48
|
send_request(identity, username, next_service, alg)
|
|
49
49
|
|
|
50
50
|
message = session.next_message
|
|
@@ -63,6 +63,7 @@ module Net
|
|
|
63
63
|
key_manager = KeyManager.new(logger, options)
|
|
64
64
|
keys.each { |key| key_manager.add(key) } unless keys.empty?
|
|
65
65
|
keycerts.each { |keycert| key_manager.add_keycert(keycert) } unless keycerts.empty?
|
|
66
|
+
keycert_data.each { |data| key_manager.add_keycert_data(data) } unless keycert_data.empty?
|
|
66
67
|
key_data.each { |key2| key_manager.add_key_data(key2) } unless key_data.empty?
|
|
67
68
|
default_keys.each { |key| key_manager.add(key) } unless options.key?(:keys) || options.key?(:key_data)
|
|
68
69
|
|
|
@@ -154,6 +155,12 @@ module Net
|
|
|
154
155
|
Array(options[:keycerts])
|
|
155
156
|
end
|
|
156
157
|
|
|
158
|
+
# Returns an array of the keycert data that should be used when
|
|
159
|
+
# attempting any key-based authentication mechanism.
|
|
160
|
+
def keycert_data
|
|
161
|
+
Array(options[:keycert_data])
|
|
162
|
+
end
|
|
163
|
+
|
|
157
164
|
# Returns an array of the key data that should be used when
|
|
158
165
|
# attempting any key-based authentication mechanism.
|
|
159
166
|
def key_data
|
data/lib/net/ssh/buffered_io.rb
CHANGED
data/lib/net/ssh/version.rb
CHANGED
data/lib/net/ssh.rb
CHANGED
|
@@ -66,7 +66,7 @@ module Net
|
|
|
66
66
|
auth_methods bind_address compression compression_level config
|
|
67
67
|
encryption forward_agent hmac host_key identity_agent remote_user
|
|
68
68
|
keepalive keepalive_interval keepalive_maxcount kex keys key_data
|
|
69
|
-
keycerts languages logger paranoid password port proxy
|
|
69
|
+
keycerts keycert_data languages logger paranoid password port proxy
|
|
70
70
|
rekey_blocks_limit rekey_limit rekey_packet_limit timeout verbose
|
|
71
71
|
known_hosts global_known_hosts_file user_known_hosts_file host_key_alias
|
|
72
72
|
host_name user properties passphrase keys_only max_pkt_size
|
|
@@ -146,6 +146,8 @@ module Net
|
|
|
146
146
|
# and hostbased authentication
|
|
147
147
|
# * :keycerts => an array of file names of key certificates to use
|
|
148
148
|
# with publickey authentication
|
|
149
|
+
# * :keycert_data => an array of strings, which each element of the array
|
|
150
|
+
# being a key certificate to use with publickey authentication
|
|
149
151
|
# * :key_data => an array of strings, with each element of the array being
|
|
150
152
|
# a raw private key in PEM format.
|
|
151
153
|
# * :keys_only => set to +true+ to use only private keys from +keys+ and
|
data/net-ssh.gemspec
CHANGED
|
@@ -39,8 +39,8 @@ Gem::Specification.new do |spec|
|
|
|
39
39
|
spec.add_development_dependency('rbnacl', '~> 7.1') unless ENV['NET_SSH_NO_RBNACL']
|
|
40
40
|
|
|
41
41
|
spec.add_development_dependency "bundler", ">= 1.17"
|
|
42
|
-
spec.add_development_dependency "minitest", "~> 5.
|
|
43
|
-
spec.add_development_dependency "mocha", "~> 1.
|
|
42
|
+
spec.add_development_dependency "minitest", "~> 5.19"
|
|
43
|
+
spec.add_development_dependency "mocha", "~> 2.1.0"
|
|
44
44
|
spec.add_development_dependency "rake", "~> 12.0"
|
|
45
45
|
spec.add_development_dependency "rubocop", "~> 1.28.0"
|
|
46
46
|
end
|
data.tar.gz.sig
CHANGED
|
Binary file
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: net-ssh
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 7.2.
|
|
4
|
+
version: 7.2.1.rc1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jamis Buck
|
|
@@ -31,7 +31,7 @@ cert_chain:
|
|
|
31
31
|
v84waVXQ2i5M7pJaHVBF7DxxeW/q8W3VCnsq8vmmvULSThD18QqYGaFDJeN8sTR4
|
|
32
32
|
6tfjgZ6OvGSScvbCMHkCE9XjonE=
|
|
33
33
|
-----END CERTIFICATE-----
|
|
34
|
-
date: 2023-
|
|
34
|
+
date: 2023-12-16 00:00:00.000000000 Z
|
|
35
35
|
dependencies:
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: bcrypt_pbkdf
|
|
@@ -109,28 +109,28 @@ dependencies:
|
|
|
109
109
|
requirements:
|
|
110
110
|
- - "~>"
|
|
111
111
|
- !ruby/object:Gem::Version
|
|
112
|
-
version: '5.
|
|
112
|
+
version: '5.19'
|
|
113
113
|
type: :development
|
|
114
114
|
prerelease: false
|
|
115
115
|
version_requirements: !ruby/object:Gem::Requirement
|
|
116
116
|
requirements:
|
|
117
117
|
- - "~>"
|
|
118
118
|
- !ruby/object:Gem::Version
|
|
119
|
-
version: '5.
|
|
119
|
+
version: '5.19'
|
|
120
120
|
- !ruby/object:Gem::Dependency
|
|
121
121
|
name: mocha
|
|
122
122
|
requirement: !ruby/object:Gem::Requirement
|
|
123
123
|
requirements:
|
|
124
124
|
- - "~>"
|
|
125
125
|
- !ruby/object:Gem::Version
|
|
126
|
-
version: 1.
|
|
126
|
+
version: 2.1.0
|
|
127
127
|
type: :development
|
|
128
128
|
prerelease: false
|
|
129
129
|
version_requirements: !ruby/object:Gem::Requirement
|
|
130
130
|
requirements:
|
|
131
131
|
- - "~>"
|
|
132
132
|
- !ruby/object:Gem::Version
|
|
133
|
-
version: 1.
|
|
133
|
+
version: 2.1.0
|
|
134
134
|
- !ruby/object:Gem::Dependency
|
|
135
135
|
name: rake
|
|
136
136
|
requirement: !ruby/object:Gem::Requirement
|
metadata.gz.sig
CHANGED
|
Binary file
|