net-ssh 2.0.24 → 2.1.0

data/CHANGELOG.rdoc

@@ -1,4 +1,11 @@
 
+
+=== 2.1 / 19 Jan 2011
+
+* Support "IdentitiesOnly" directive [Edmund Haselwanter]
+* Speeding up the Loggable module [robbebob]
+
+
 === 2.0.24 / 14 Jan 2011
 
 * Fix for process code to correctly wait until remote_id is set before sending any output, including eof. [Daniel Pittman, Markus Roberts]

data/lib/net/ssh.rb

@@ -66,7 +66,7 @@ module Net
       :logger, :paranoid, :password, :port, :proxy, :rekey_blocks_limit,
       :rekey_limit, :rekey_packet_limit, :timeout, :verbose,
       :global_known_hosts_file, :user_known_hosts_file, :host_key_alias,
-      :host_name, :user, :properties, :passphrase
+      :host_name, :user, :properties, :passphrase, :keys_only
     ]
 
     # The standard means of starting a new SSH connection. When used with a
@@ -125,6 +125,10 @@ module Net
     #   and hostbased authentication
     # * :key_data => an array of strings, with each element of the array being
     #   a raw private key in PEM format.
+    # * :keys_only => set to +true+ to use only private keys from +keys+ and
+    #   +key_data+ parameters, even if ssh-agent offers more identities. This
+    #   option is intended for situations where ssh-agent offers many different
+    #   identites.
     # * :logger => the logger instance to use when logging
     # * :paranoid => either true, false, or :very, specifying how strict
     #   host-key verification should be

data/lib/net/ssh/authentication/key_manager.rb

@@ -90,40 +90,30 @@ module Net
         # The origin of the identities may be from files on disk or from an
         # ssh-agent. Note that identities from an ssh-agent are always listed
         # first in the array, with other identities coming after.
+        #
+        # If key manager was created with :keys_only option, any identity
+        # from ssh-agent will be ignored unless it present in key_files or
+        # key_data.
         def each_identity
+          user_identities = load_identities_from_files + load_identities_from_data
+
           if agent
             agent.identities.each do |key|
-              known_identities[key] = { :from => :agent }
-              yield key
-            end
-          end
-          
-          key_files.each do |file|
-            public_key_file = file + ".pub"
-            if File.readable?(public_key_file)
-              begin
-                key = KeyFactory.load_public_key(public_key_file)
-                known_identities[key] = { :from => :file, :file => file }
-                yield key
-              rescue Exception => e
-                error { "could not load public key file `#{public_key_file}': #{e.class} (#{e.message})" }
-              end
-            elsif File.readable?(file)
-              begin
-                private_key = KeyFactory.load_private_key(file, options[:passphrase])
-                key = private_key.send(:public_key)
-                known_identities[key] = { :from => :file, :file => file, :key => private_key }
+              corresponding_user_identity = user_identities.detect { |identity|
+                identity[:public_key].to_pem == key.to_pem
+              }
+              user_identities.delete(corresponding_user_identity) if corresponding_user_identity
+
+              if !options[:keys_only] || corresponding_user_identity
+                known_identities[key] = { :from => :agent }
                 yield key
-              rescue Exception => e
-                error { "could not load private key file `#{file}': #{e.class} (#{e.message})" }
               end
             end
           end
 
-          key_data.each do |data|
-            private_key = KeyFactory.load_data_private_key(data)
-            key = private_key.send(:public_key)
-            known_identities[key] = { :from => :key_data, :data => data, :key => private_key }
+          user_identities.each do |identity|
+            key = identity.delete(:public_key)
+            known_identities[key] = identity
             yield key
           end
 
@@ -186,8 +176,44 @@ module Net
           @use_agent = false
           nil
         end
-      end
 
+        private
+
+        # Extracts identities from user key_files, preserving their order and sources.
+        def load_identities_from_files
+          key_files.map do |file|
+            public_key_file = file + ".pub"
+            if File.readable?(public_key_file)
+              begin
+                key = KeyFactory.load_public_key(public_key_file)
+                { :public_key => key, :from => :file, :file => file }
+              rescue Exception => e
+                error { "could not load public key file `#{public_key_file}': #{e.class} (#{e.message})" }
+                nil
+              end
+            elsif File.readable?(file)
+              begin
+                private_key = KeyFactory.load_private_key(file, options[:passphrase])
+                key = private_key.send(:public_key)
+                { :public_key => key, :from => :file, :file => file, :key => private_key }
+              rescue Exception => e
+                error { "could not load private key file `#{file}': #{e.class} (#{e.message})" }
+                nil
+              end
+            end
+          end.compact
+        end
+
+        # Extraccts identities from user key_data, preserving their order and sources.
+        def load_identities_from_data
+          key_data.map do |data|
+            private_key = KeyFactory.load_data_private_key(data)
+            key = private_key.send(:public_key)
+            { :public_key => key, :from => :key_data, :data => data, :key => private_key }
+          end
+        end
+
+      end
     end
   end
 end

data/lib/net/ssh/config.rb

@@ -19,6 +19,7 @@ module Net; module SSH
   # * HostKeyAlias => :host_key_alias
   # * HostName => :host_name
   # * IdentityFile => maps to the :keys option
+  # * IdentitiesOnly => :keys_only
   # * Macs => maps to the :hmac option
   # * PasswordAuthentication => maps to the :auth_methods option
   # * Port => :port
@@ -128,6 +129,8 @@ module Net; module SSH
             hash[:timeout] = value
           when 'forwardagent' then
             hash[:forward_agent] = value
+          when 'identitiesonly' then
+            hash[:keys_only] = value
           when 'globalknownhostsfile'
             hash[:global_known_hosts_file] = value
           when 'hostbasedauthentication' then

data/lib/net/ssh/loggable.rb

@@ -22,31 +22,31 @@ module Net; module SSH
     # Displays the result of yielding if the log level is Logger::DEBUG or
     # greater.
     def debug
-      logger.add(Logger::DEBUG, nil, facility) { yield } if logger
+      logger.add(Logger::DEBUG, nil, facility) { yield } if logger && logger.debug?
     end
 
     # Displays the result of yielding if the log level is Logger::INFO or
     # greater.
     def info
-      logger.add(Logger::INFO, nil, facility) { yield } if logger
+      logger.add(Logger::INFO, nil, facility) { yield } if logger && logger.info?
     end
 
     # Displays the result of yielding if the log level is Logger::WARN or
     # greater. (Called lwarn to avoid shadowing with Kernel#warn.)
     def lwarn
-      logger.add(Logger::WARN, nil, facility) { yield } if logger
+      logger.add(Logger::WARN, nil, facility) { yield } if logger && logger.warn?
     end
 
     # Displays the result of yielding if the log level is Logger:ERROR or
     # greater.
     def error
-      logger.add(Logger::ERROR, nil, facility) { yield } if logger
+      logger.add(Logger::ERROR, nil, facility) { yield } if logger && logger.error?
     end
 
     # Displays the result of yielding if the log level is Logger::FATAL or
     # greater.
     def fatal
-      logger.add(Logger::FATAL, nil, facility) { yield } if logger
+      logger.add(Logger::FATAL, nil, facility) { yield } if logger && logger.fatal?
     end
 
     private

data/lib/net/ssh/version.rb

@@ -48,10 +48,10 @@ module Net; module SSH
     MAJOR = 2
 
     # The minor component of this version of the Net::SSH library
-    MINOR = 0
+    MINOR = 1
 
     # The tiny component of this version of the Net::SSH library
-    TINY  = 24
+    TINY  = 0
 
     # The current version of the Net::SSH library as a Version instance
     CURRENT = new(MAJOR, MINOR, TINY)

data/net-ssh.gemspec

@@ -1,7 +1,7 @@
 @spec = Gem::Specification.new do |s|
 	s.name = "net-ssh"
         s.rubyforge_project = 'net-ssh'
-	s.version = "2.0.24"
+	s.version = "2.1.0"
 	s.summary = "Net::SSH: a pure-Ruby implementation of the SSH2 client protocol."
 	s.description = s.summary
 	s.authors = ["Jamis Buck", "Delano Mandelbaum"]

data/test/authentication/test_key_manager.rb

@@ -59,6 +59,20 @@ module Authentication
       assert_equal({:from => :agent}, manager.known_identities[dsa])
     end
 
+    def test_only_identities_with_key_files_should_load_from_agent_of_keys_only_set
+      manager(:keys_only => true).stubs(:agent).returns(agent)
+
+      stub_file_key "/first", rsa
+
+      identities = []
+      manager.each_identity { |identity| identities << identity }
+
+      assert_equal 1, identities.length
+      assert_equal rsa.to_blob, identities.first.to_blob
+
+      assert_equal({:from => :agent}, manager.known_identities[rsa])
+    end
+
     def test_sign_with_agent_originated_key_should_request_signature_from_agent
       manager.stubs(:agent).returns(agent)
       manager.each_identity { |identity| } # preload the known_identities
@@ -96,8 +110,8 @@ module Authentication
         @agent ||= stub("agent", :identities => [rsa, dsa])
       end
 
-      def manager
-        @manager ||= Net::SSH::Authentication::KeyManager.new(nil)
+      def manager(options = {})
+        @manager ||= Net::SSH::Authentication::KeyManager.new(nil, options)
       end
 
   end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: net-ssh
 version: !ruby/object:Gem::Version 
-  hash: 63
+  hash: 11
   prerelease: false
   segments: 
   - 2
+  - 1
   - 0
-  - 24
-  version: 2.0.24
+  version: 2.1.0
 platform: ruby
 authors: 
 - Jamis Buck
@@ -16,7 +16,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-01-14 00:00:00 -05:00
+date: 2011-01-20 00:00:00 -05:00
 default_executable: 
 dependencies: []