net-ssh 2.0.10 → 2.0.11

data/CHANGELOG.rdoc

@@ -1,3 +1,8 @@
+=== 2.0.11 / 24 Feb 2009
+
+* Add :key_data option for specifying raw private keys in PEM format [Alex Holems, Andrew Babkin]
+
+
 === 2.0.10 / 4 Feb 2009
 
 * Added Net::SSH.configuration_for to make it easier to query the SSH configuration file(s) [Jamis Buck]

data/lib/net/ssh.rb

@@ -62,7 +62,7 @@ module Net
     # Net::SSH.start for a description of each option.
     VALID_OPTIONS = [
       :auth_methods, :compression, :compression_level, :config, :encryption,
-      :forward_agent, :hmac, :host_key, :kex, :keys, :languages,
+      :forward_agent, :hmac, :host_key, :kex, :keys, :key_data, :languages,
       :logger, :paranoid, :password, :port, :proxy, :rekey_blocks_limit,
       :rekey_limit, :rekey_packet_limit, :timeout, :verbose,
       :global_known_hosts_file, :user_known_hosts_file, :host_key_alias,
@@ -123,6 +123,8 @@ module Net
     # * :kex => the key exchange algorithm (or algorithms) to use
     # * :keys => an array of file names of private keys to use for publickey
     #   and hostbased authentication
+    # * :key_data => an array of strings, with each element of the array being
+    #   a raw private key in PEM format.
     # * :logger => the logger instance to use when logging
     # * :paranoid => either true, false, or :very, specifying how strict
     #   host-key verification should be

data/lib/net/ssh/authentication/key_manager.rb

@@ -27,6 +27,9 @@ module Net
         # The list of user key files that will be examined
         attr_reader :key_files
 
+        # The list of user key data that will be examined
+        attr_reader :key_data
+
         # The map of loaded identities
         attr_reader :known_identities
 
@@ -38,6 +41,7 @@ module Net
         def initialize(logger, options={})
           self.logger = logger
           @key_files = []
+          @key_data = []
           @use_agent = true
           @known_identities = {}
           @agent = nil
@@ -50,6 +54,7 @@ module Net
         # files.
         def clear!
           key_files.clear
+          key_data.clear
           known_identities.clear
           self
         end
@@ -60,6 +65,12 @@ module Net
           self
         end
 
+        # Add the given key_file to the list of keys that will be used.
+        def add_key_data(key_data_)
+          key_data.push(key_data_).uniq!
+          self
+        end
+
         # This is used as a hint to the KeyManager indicating that the agent
         # connection is no longer needed. Any other open resources may be closed
         # at this time.
@@ -109,6 +120,13 @@ module Net
             end
           end
 
+          key_data.each do |data|
+            private_key = KeyFactory.load_data_private_key(data)
+            key = private_key.send(:public_key)
+            known_identities[key] = { :from => :key_data, :data => data, :key => private_key }
+            yield key
+          end
+
           self
         end
 

data/lib/net/ssh/authentication/session.rb

@@ -53,7 +53,8 @@ module Net; module SSH; module Authentication
       message = expect_message(SERVICE_ACCEPT)
 
       key_manager = KeyManager.new(logger, options)
-      keys.each { |key| key_manager.add(key) }
+      keys.each { |key| key_manager.add(key) } unless keys.empty?
+      key_data.each { |key2| key_manager.add_key_data(key2) } unless key_data.empty?
 
       attempted = []
 
@@ -123,5 +124,11 @@ module Net; module SSH; module Authentication
           %w(~/.ssh/id_dsa ~/.ssh/id_rsa ~/.ssh2/id_dsa ~/.ssh2/id_rsa)
         )
       end
+
+      # Returns an array of the key data that should be used when
+      # attempting any key-based authentication mechanism.
+      def key_data
+        Array(options[:key_data])
+      end
   end
 end; end; end

data/lib/net/ssh/key_factory.rb

@@ -35,23 +35,31 @@ module Net; module SSH
       # encrypted (requiring a passphrase to use), the user will be
       # prompted to enter their password unless passphrase works. 
       def load_private_key(filename, passphrase=nil)
-        file = File.read(File.expand_path(filename))
+        data = File.read(File.expand_path(filename))
+        load_data_private_key(data, passphrase, filename)
+      end
 
-        if file.match(/-----BEGIN DSA PRIVATE KEY-----/)
+      # Loads a private key. It will correctly determine
+      # whether the file describes an RSA or DSA key, and will load it
+      # appropriately. The new key is returned. If the key itself is
+      # encrypted (requiring a passphrase to use), the user will be
+      # prompted to enter their password unless passphrase works. 
+      def load_data_private_key(data, passphrase=nil, filename="")
+        if data.match(/-----BEGIN DSA PRIVATE KEY-----/)
           key_type = OpenSSL::PKey::DSA
-        elsif file.match(/-----BEGIN RSA PRIVATE KEY-----/)
+        elsif data.match(/-----BEGIN RSA PRIVATE KEY-----/)
           key_type = OpenSSL::PKey::RSA
-        elsif file.match(/-----BEGIN (.*) PRIVATE KEY-----/)
+        elsif data.match(/-----BEGIN (.*) PRIVATE KEY-----/)
           raise OpenSSL::PKey::PKeyError, "not a supported key type '#{$1}'"
         else
           raise OpenSSL::PKey::PKeyError, "not a private key (#{filename})"
         end
 
-        encrypted_key = file.match(/ENCRYPTED/)
+        encrypted_key = data.match(/ENCRYPTED/)
         tries = 0
 
         begin
-          return key_type.new(file, passphrase || 'invalid')
+          return key_type.new(data, passphrase || 'invalid')
         rescue OpenSSL::PKey::RSAError, OpenSSL::PKey::DSAError => e
           if encrypted_key
             tries += 1
@@ -72,6 +80,13 @@ module Net; module SSH
       # appropriately. The new public key is returned.
       def load_public_key(filename)
         data = File.read(File.expand_path(filename))
+        load_data_public_key(data, filename)
+      end
+
+      # Loads a public key. It will correctly determine whether
+      # the file describes an RSA or DSA key, and will load it
+      # appropriately. The new public key is returned.
+      def load_data_public_key(data, filename="")
         type, blob = data.split(/ /)
 
         raise Net::SSH::Exception, "public key at #{filename} is not valid" if blob.nil?

data/lib/net/ssh/version.rb

@@ -51,7 +51,7 @@ module Net; module SSH
     MINOR = 0
 
     # The tiny component of this version of the Net::SSH library
-    TINY  = 10
+    TINY  = 11
 
     # The current version of the Net::SSH library as a Version instance
     CURRENT = new(MAJOR, MINOR, TINY)

data/net-ssh.gemspec

@@ -1,10 +1,10 @@
 Gem::Specification.new do |s|
   s.name = %q{net-ssh}
-  s.version = "2.0.10"
+  s.version = "2.0.11"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
   s.authors = ["Jamis Buck"]
-  s.date = %q{2009-02-04}
+  s.date = %q{2009-02-24}
   s.description = %q{a pure-Ruby implementation of the SSH2 client protocol}
   s.email = %q{jamis@jamisbuck.org}
   s.extra_rdoc_files = ["CHANGELOG.rdoc", "lib/net/ssh/authentication/agent.rb", "lib/net/ssh/authentication/constants.rb", "lib/net/ssh/authentication/key_manager.rb", "lib/net/ssh/authentication/methods/abstract.rb", "lib/net/ssh/authentication/methods/hostbased.rb", "lib/net/ssh/authentication/methods/keyboard_interactive.rb", "lib/net/ssh/authentication/methods/password.rb", "lib/net/ssh/authentication/methods/publickey.rb", "lib/net/ssh/authentication/pageant.rb", "lib/net/ssh/authentication/session.rb", "lib/net/ssh/buffer.rb", "lib/net/ssh/buffered_io.rb", "lib/net/ssh/config.rb", "lib/net/ssh/connection/channel.rb", "lib/net/ssh/connection/constants.rb", "lib/net/ssh/connection/session.rb", "lib/net/ssh/connection/term.rb", "lib/net/ssh/errors.rb", "lib/net/ssh/key_factory.rb", "lib/net/ssh/known_hosts.rb", "lib/net/ssh/loggable.rb", "lib/net/ssh/packet.rb", "lib/net/ssh/prompt.rb", "lib/net/ssh/proxy/errors.rb", "lib/net/ssh/proxy/http.rb", "lib/net/ssh/proxy/socks4.rb", "lib/net/ssh/proxy/socks5.rb", "lib/net/ssh/ruby_compat.rb", "lib/net/ssh/service/forward.rb", "lib/net/ssh/test/channel.rb", "lib/net/ssh/test/extensions.rb", "lib/net/ssh/test/kex.rb", "lib/net/ssh/test/local_packet.rb", "lib/net/ssh/test/packet.rb", "lib/net/ssh/test/remote_packet.rb", "lib/net/ssh/test/script.rb", "lib/net/ssh/test/socket.rb", "lib/net/ssh/test.rb", "lib/net/ssh/transport/algorithms.rb", "lib/net/ssh/transport/cipher_factory.rb", "lib/net/ssh/transport/constants.rb", "lib/net/ssh/transport/hmac/abstract.rb", "lib/net/ssh/transport/hmac/md5.rb", "lib/net/ssh/transport/hmac/md5_96.rb", "lib/net/ssh/transport/hmac/none.rb", "lib/net/ssh/transport/hmac/sha1.rb", "lib/net/ssh/transport/hmac/sha1_96.rb", "lib/net/ssh/transport/hmac.rb", "lib/net/ssh/transport/identity_cipher.rb", "lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb", "lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb", "lib/net/ssh/transport/kex.rb", "lib/net/ssh/transport/openssl.rb", "lib/net/ssh/transport/packet_stream.rb", "lib/net/ssh/transport/server_version.rb", "lib/net/ssh/transport/session.rb", "lib/net/ssh/transport/state.rb", "lib/net/ssh/verifiers/lenient.rb", "lib/net/ssh/verifiers/null.rb", "lib/net/ssh/verifiers/strict.rb", "lib/net/ssh/version.rb", "lib/net/ssh.rb", "README.rdoc", "THANKS.rdoc"]

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: net-ssh
 version: !ruby/object:Gem::Version 
-  version: 2.0.10
+  version: 2.0.11
 platform: ruby
 authors: 
 - Jamis Buck
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-02-04 00:00:00 -07:00
+date: 2009-02-24 00:00:00 -07:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency