poolparty 1.3.4 → 1.3.6

data/vendor/gems/net-ssh/README.rdoc

@@ -0,0 +1,110 @@
+= Net::SSH
+
+* http://net-ssh.rubyforge.org/ssh
+
+== DESCRIPTION:
+
+Net::SSH is a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2.
+
+== FEATURES:
+
+* Execute processes on remote servers and capture their output
+* Run multiple processes in parallel over a single SSH connection
+* Support for SSH subsystems
+* Forward local and remote ports via an SSH connection
+
+== SYNOPSIS:
+
+In a nutshell:
+
+  require 'net/ssh'
+
+  Net::SSH.start('host', 'user', :password => "password") do |ssh|
+    # capture all stderr and stdout output from a remote process
+    output = ssh.exec!("hostname")
+
+    # capture only stdout matching a particular pattern
+    stdout = ""
+    ssh.exec!("ls -l /home/jamis") do |channel, stream, data|
+      stdout << data if stream == :stdout
+    end
+    puts stdout
+
+    # run multiple processes in parallel to completion
+    ssh.exec "sed ..."
+    ssh.exec "awk ..."
+    ssh.exec "rm -rf ..."
+    ssh.loop
+
+    # open a new channel and configure a minimal set of callbacks, then run
+    # the event loop until the channel finishes (closes)
+    channel = ssh.open_channel do |ch|
+      ch.exec "/usr/local/bin/ruby /path/to/file.rb" do |ch, success|
+        raise "could not execute command" unless success
+
+        # "on_data" is called when the process writes something to stdout
+        ch.on_data do |c, data|
+          $STDOUT.print data
+        end
+
+        # "on_extended_data" is called when the process writes something to stderr
+        ch.on_extended_data do |c, type, data|
+          $STDERR.print data
+        end
+
+        ch.on_close { puts "done!" }
+      end
+    end
+
+    channel.wait
+
+    # forward connections on local port 1234 to port 80 of www.capify.org
+    ssh.forward.local(1234, "www.capify.org", 80)
+    ssh.loop { true }
+  end
+
+See Net::SSH for more documentation, and links to further information.
+
+== REQUIREMENTS:
+
+The only requirement you might be missing is the OpenSSL bindings for Ruby. These are built by default on most platforms, but you can verify that they're built and installed on your system by running the following command line:
+
+  ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'
+
+If that spits out something like "OpenSSL 0.9.8g 19 Oct 2007", then you're set. If you get an error, then you'll need to see about rebuilding ruby with OpenSSL support, or (if your platform supports it) installing the OpenSSL bindings separately.
+
+Additionally: if you are going to be having Net::SSH prompt you for things like passwords or certificate passphrases, you'll want to have either the Highline (recommended) or Termios (unix systems only) gem installed, so that the passwords don't echo in clear text.
+
+Lastly, if you want to run the tests or use any of the Rake tasks, you'll need:
+
+* Echoe (for the Rakefile)
+* Mocha (for the tests)
+
+== INSTALL:
+
+* gem install net-ssh (might need sudo privileges)
+
+== LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2008 Jamis Buck <jamis@37signals.com>
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/vendor/gems/net-ssh/Rakefile

@@ -0,0 +1,26 @@
+require './lib/net/ssh/version'
+
+begin
+  require 'echoe'
+rescue LoadError
+  abort "You'll need to have `echoe' installed to use Net::SSH's Rakefile"
+end
+
+version = Net::SSH::Version::STRING.dup
+if ENV['SNAPSHOT'].to_i == 1
+  version << "." << Time.now.utc.strftime("%Y%m%d%H%M%S")
+end
+
+Echoe.new('net-ssh', version) do |p|
+  p.changelog        = "CHANGELOG.rdoc"
+
+  p.author           = "Jamis Buck"
+  p.email            = "jamis@jamisbuck.org"
+  p.summary          = "a pure-Ruby implementation of the SSH2 client protocol"
+  p.url              = "http://net-ssh.rubyforge.org/ssh"
+
+  p.need_zip         = true
+  p.include_rakefile = true
+
+  p.rdoc_pattern     = /^(lib|README.rdoc|CHANGELOG.rdoc|THANKS.rdoc)/
+end

data/vendor/gems/net-ssh/THANKS.rdoc

@@ -0,0 +1,16 @@
+Net::SSH was originally written by Jamis Buck <jamis@37signals.com>. In
+addition, the following individuals are gratefully acknowledged for their
+contributions:
+
+GOTOU Yuuzou <gotoyuzo@notwork.org>
+  * help and code related to OpenSSL
+
+Guillaume Mar�ais <guillaume.marcais@free.fr>
+  * support for communicating with the the PuTTY "pageant" process
+
+Daniel Berger <djberg96@yahoo.com>
+  * help getting unit tests in earlier Net::SSH versions to pass in Windows
+  * initial version of Net::SSH::Config provided inspiration and encouragement
+
+Chris Andrews <chris@nodnol.org> and Lee Jensen <lee@outerim.com>
+  * support for ssh agent forwarding

data/vendor/gems/net-ssh/lib/net/ssh/authentication/agent.rb

@@ -0,0 +1,176 @@
+require 'net/ssh/buffer'
+require 'net/ssh/errors'
+require 'net/ssh/loggable'
+require 'net/ssh/transport/server_version'
+
+require 'net/ssh/authentication/pageant' if File::ALT_SEPARATOR && !(RUBY_PLATFORM =~ /java/)
+
+module Net; module SSH; module Authentication
+
+  # A trivial exception class for representing agent-specific errors.
+  class AgentError < Net::SSH::Exception; end
+
+  # An exception for indicating that the SSH agent is not available.
+  class AgentNotAvailable < AgentError; end
+
+  # This class implements a simple client for the ssh-agent protocol. It
+  # does not implement any specific protocol, but instead copies the
+  # behavior of the ssh-agent functions in the OpenSSH library (3.8).
+  #
+  # This means that although it behaves like a SSH1 client, it also has
+  # some SSH2 functionality (like signing data).
+  class Agent
+    include Loggable
+
+    # A simple module for extending keys, to allow comments to be specified
+    # for them.
+    module Comment
+      attr_accessor :comment
+    end
+
+    SSH2_AGENT_REQUEST_VERSION    = 1
+    SSH2_AGENT_REQUEST_IDENTITIES = 11
+    SSH2_AGENT_IDENTITIES_ANSWER  = 12
+    SSH2_AGENT_SIGN_REQUEST       = 13
+    SSH2_AGENT_SIGN_RESPONSE      = 14
+    SSH2_AGENT_FAILURE            = 30
+    SSH2_AGENT_VERSION_RESPONSE   = 103
+
+    SSH_COM_AGENT2_FAILURE        = 102
+
+    SSH_AGENT_REQUEST_RSA_IDENTITIES = 1
+    SSH_AGENT_RSA_IDENTITIES_ANSWER1 = 2
+    SSH_AGENT_RSA_IDENTITIES_ANSWER2 = 5
+    SSH_AGENT_FAILURE                = 5
+
+    # The underlying socket being used to communicate with the SSH agent.
+    attr_reader :socket
+
+    # Instantiates a new agent object, connects to a running SSH agent,
+    # negotiates the agent protocol version, and returns the agent object.
+    def self.connect(logger=nil)
+      agent = new(logger)
+      agent.connect!
+      agent.negotiate!
+      agent
+    end
+
+    # Creates a new Agent object, using the optional logger instance to
+    # report status.
+    def initialize(logger=nil)
+      self.logger = logger
+    end
+
+    # Connect to the agent process using the socket factory and socket name
+    # given by the attribute writers. If the agent on the other end of the
+    # socket reports that it is an SSH2-compatible agent, this will fail
+    # (it only supports the ssh-agent distributed by OpenSSH).
+    def connect!
+      begin
+        debug { "connecting to ssh-agent" }
+        @socket = agent_socket_factory.open(ENV['SSH_AUTH_SOCK'])
+      rescue
+        error { "could not connect to ssh-agent" }
+        raise AgentNotAvailable, $!.message
+      end
+    end
+
+    # Attempts to negotiate the SSH agent protocol version. Raises an error
+    # if the version could not be negotiated successfully.
+    def negotiate!
+      # determine what type of agent we're communicating with
+      type, body = send_and_wait(SSH2_AGENT_REQUEST_VERSION, :string, Transport::ServerVersion::PROTO_VERSION)
+
+      if type == SSH2_AGENT_VERSION_RESPONSE
+        raise NotImplementedError, "SSH2 agents are not yet supported"
+      elsif type != SSH_AGENT_RSA_IDENTITIES_ANSWER1 && type != SSH_AGENT_RSA_IDENTITIES_ANSWER2
+        raise AgentError, "unknown response from agent: #{type}, #{body.to_s.inspect}"
+      end
+    end
+
+    # Return an array of all identities (public keys) known to the agent.
+    # Each key returned is augmented with a +comment+ property which is set
+    # to the comment returned by the agent for that key.
+    def identities
+      type, body = send_and_wait(SSH2_AGENT_REQUEST_IDENTITIES)
+      raise AgentError, "could not get identity count" if agent_failed(type)
+      raise AgentError, "bad authentication reply: #{type}" if type != SSH2_AGENT_IDENTITIES_ANSWER
+
+      identities = []
+      body.read_long.times do
+        key = Buffer.new(body.read_string).read_key
+        key.extend(Comment)
+        key.comment = body.read_string
+        identities.push key
+      end
+
+      return identities
+    end
+
+    # Closes this socket. This agent reference is no longer able to
+    # query the agent.
+    def close
+      @socket.close
+    end
+
+    # Using the agent and the given public key, sign the given data. The
+    # signature is returned in SSH2 format.
+    def sign(key, data)
+      type, reply = send_and_wait(SSH2_AGENT_SIGN_REQUEST, :string, Buffer.from(:key, key), :string, data, :long, 0)
+
+      if agent_failed(type)
+        raise AgentError, "agent could not sign data with requested identity"
+      elsif type != SSH2_AGENT_SIGN_RESPONSE
+        raise AgentError, "bad authentication response #{type}"
+      end
+
+      return reply.read_string
+    end
+
+    private
+
+      # Returns the agent socket factory to use.
+      def agent_socket_factory
+        if File::ALT_SEPARATOR
+          Pageant::Socket
+        else
+          UNIXSocket
+        end
+      end
+
+      # Send a new packet of the given type, with the associated data.
+      def send_packet(type, *args)
+        buffer = Buffer.from(*args)
+        data = [buffer.length + 1, type.to_i, buffer.to_s].pack("NCA*")
+        debug { "sending agent request #{type} len #{buffer.length}" }
+        @socket.send data, 0
+      end
+
+      # Read the next packet from the agent. This will return a two-part
+      # tuple consisting of the packet type, and the packet's body (which
+      # is returned as a Net::SSH::Buffer).
+      def read_packet
+        buffer = Net::SSH::Buffer.new(@socket.read(4))
+        buffer.append(@socket.read(buffer.read_long))
+        type = buffer.read_byte
+        debug { "received agent packet #{type} len #{buffer.length-4}" }
+        return type, buffer
+      end
+
+      # Send the given packet and return the subsequent reply from the agent.
+      # (See #send_packet and #read_packet).
+      def send_and_wait(type, *args)
+        send_packet(type, *args)
+        read_packet
+      end
+
+      # Returns +true+ if the parameter indicates a "failure" response from
+      # the agent, and +false+ otherwise.
+      def agent_failed(type)
+        type == SSH_AGENT_FAILURE ||
+        type == SSH2_AGENT_FAILURE ||
+        type == SSH_COM_AGENT2_FAILURE
+      end
+  end
+
+end; end; end

data/vendor/gems/net-ssh/lib/net/ssh/authentication/constants.rb

@@ -0,0 +1,18 @@
+module Net; module SSH; module Authentication
+
+  # Describes the constants used by the Net::SSH::Authentication components
+  # of the Net::SSH library. Individual authentication method implemenations
+  # may define yet more constants that are specific to their implementation.
+  module Constants
+    USERAUTH_REQUEST          = 50
+    USERAUTH_FAILURE          = 51
+    USERAUTH_SUCCESS          = 52
+    USERAUTH_BANNER           = 53
+
+    USERAUTH_PASSWD_CHANGEREQ = 60
+    USERAUTH_PK_OK            = 60
+
+    USERAUTH_METHOD_RANGE     = 60..79
+  end
+
+end; end; end

data/vendor/gems/net-ssh/lib/net/ssh/authentication/key_manager.rb

@@ -0,0 +1,193 @@
+require 'net/ssh/errors'
+require 'net/ssh/key_factory'
+require 'net/ssh/loggable'
+require 'net/ssh/authentication/agent'
+
+module Net
+  module SSH
+    module Authentication
+
+      # A trivial exception class used to report errors in the key manager.
+      class KeyManagerError < Net::SSH::Exception; end
+
+      # This class encapsulates all operations done by clients on a user's
+      # private keys. In practice, the client should never need a reference
+      # to a private key; instead, they grab a list of "identities" (public 
+      # keys) that are available from the KeyManager, and then use
+      # the KeyManager to do various private key operations using those
+      # identities.
+      #
+      # The KeyManager also uses the Agent class to encapsulate the
+      # ssh-agent. Thus, from a client's perspective it is completely
+      # hidden whether an identity comes from the ssh-agent or from a file
+      # on disk.
+      class KeyManager
+        include Loggable
+
+        # The list of user key files that will be examined
+        attr_reader :key_files
+
+        # The list of user key data that will be examined
+        attr_reader :key_data
+
+        # The map of loaded identities
+        attr_reader :known_identities
+
+        # The map of options that were passed to the key-manager
+        attr_reader :options
+
+        # Create a new KeyManager. By default, the manager will
+        # use the ssh-agent (if it is running).
+        def initialize(logger, options={})
+          self.logger = logger
+          @key_files = []
+          @key_data = []
+          @use_agent = true
+          @known_identities = {}
+          @agent = nil
+          @options = options
+        end
+
+        # Clear all knowledge of any loaded user keys. This also clears the list
+        # of default identity files that are to be loaded, thus making it
+        # appropriate to use if a client wishes to NOT use the default identity
+        # files.
+        def clear!
+          key_files.clear
+          key_data.clear
+          known_identities.clear
+          self
+        end
+
+        # Add the given key_file to the list of key files that will be used.
+        def add(key_file)
+          key_files.push(File.expand_path(key_file)).uniq!
+          self
+        end
+
+        # Add the given key_file to the list of keys that will be used.
+        def add_key_data(key_data_)
+          key_data.push(key_data_).uniq!
+          self
+        end
+
+        # This is used as a hint to the KeyManager indicating that the agent
+        # connection is no longer needed. Any other open resources may be closed
+        # at this time.
+        #
+        # Calling this does NOT indicate that the KeyManager will no longer
+        # be used. Identities may still be requested and operations done on
+        # loaded identities, in which case, the agent will be automatically
+        # reconnected. This method simply allows the client connection to be
+        # closed when it will not be used in the immediate future.
+        def finish
+          @agent.close if @agent
+          @agent = nil
+        end
+
+        # Iterates over all available identities (public keys) known to this
+        # manager. As it finds one, it will then yield it to the caller.
+        # The origin of the identities may be from files on disk or from an
+        # ssh-agent. Note that identities from an ssh-agent are always listed
+        # first in the array, with other identities coming after.
+        def each_identity
+          if agent
+            agent.identities.each do |key|
+              known_identities[key] = { :from => :agent }
+              yield key
+            end
+          end
+          
+          key_files.each do |file|
+            public_key_file = file + ".pub"
+            if File.readable?(public_key_file)
+              begin
+                key = KeyFactory.load_public_key(public_key_file)
+                known_identities[key] = { :from => :file, :file => file }
+                yield key
+              rescue Exception => e
+                error { "could not load public key file `#{public_key_file}': #{e.class} (#{e.message})" }
+              end
+            elsif File.readable?(file)
+              begin
+                private_key = KeyFactory.load_private_key(file, options[:passphrase])
+                key = private_key.send(:public_key)
+                known_identities[key] = { :from => :file, :file => file, :key => private_key }
+                yield key
+              rescue Exception => e
+                error { "could not load private key file `#{file}': #{e.class} (#{e.message})" }
+              end
+            end
+          end
+
+          key_data.each do |data|
+            private_key = KeyFactory.load_data_private_key(data)
+            key = private_key.send(:public_key)
+            known_identities[key] = { :from => :key_data, :data => data, :key => private_key }
+            yield key
+          end
+
+          self
+        end
+
+        # Sign the given data, using the corresponding private key of the given
+        # identity. If the identity was originally obtained from an ssh-agent,
+        # then the ssh-agent will be used to sign the data, otherwise the
+        # private key for the identity will be loaded from disk (if it hasn't
+        # been loaded already) and will then be used to sign the data.
+        #
+        # Regardless of the identity's origin or who does the signing, this
+        # will always return the signature in an SSH2-specified "signature
+        # blob" format.
+        def sign(identity, data)
+          info = known_identities[identity] or raise KeyManagerError, "the given identity is unknown to the key manager"
+
+          if info[:key].nil? && info[:from] == :file
+            begin
+              info[:key] = KeyFactory.load_private_key(info[:file], options[:passphrase])
+            rescue Exception => e 
+              raise KeyManagerError, "the given identity is known, but the private key could not be loaded: #{e.class} (#{e.message})"
+            end
+          end
+
+          if info[:key]
+            return Net::SSH::Buffer.from(:string, identity.ssh_type,
+              :string, info[:key].ssh_do_sign(data.to_s)).to_s
+          end
+
+          if info[:from] == :agent
+            raise KeyManagerError, "the agent is no longer available" unless agent
+            return agent.sign(identity, data.to_s)
+          end
+
+          raise KeyManagerError, "[BUG] can't determine identity origin (#{info.inspect})"
+        end
+
+        # Identifies whether the ssh-agent will be used or not.
+        def use_agent?
+          @use_agent
+        end
+
+        # Toggles whether the ssh-agent will be used or not. If true, an
+        # attempt will be made to use the ssh-agent. If false, any existing
+        # connection to an agent is closed and the agent will not be used.
+        def use_agent=(use_agent)
+          finish if !use_agent
+          @use_agent = use_agent
+        end
+
+        # Returns an Agent instance to use for communicating with an SSH
+        # agent process. Returns nil if use of an SSH agent has been disabled,
+        # or if the agent is otherwise not available.
+        def agent
+          return unless use_agent?
+          @agent ||= Agent.connect(logger)
+        rescue AgentNotAvailable
+          @use_agent = false
+          nil
+        end
+      end
+
+    end
+  end
+end

data/vendor/gems/net-ssh/lib/net/ssh/authentication/methods/abstract.rb

@@ -0,0 +1,60 @@
+require 'net/ssh/buffer'
+require 'net/ssh/errors'
+require 'net/ssh/loggable'
+require 'net/ssh/authentication/constants'
+
+module Net; module SSH; module Authentication; module Methods
+
+  # The base class of all user authentication methods. It provides a few
+  # bits of common functionality.
+  class Abstract
+    include Constants, Loggable
+
+    # The authentication session object
+    attr_reader :session
+
+    # The key manager object. Not all authentication methods will require
+    # this.
+    attr_reader :key_manager
+
+    # Instantiates a new authentication method.
+    def initialize(session, options={})
+      @session = session
+      @key_manager = options[:key_manager]
+      @options = options
+      self.logger = session.logger
+    end
+
+    # Returns the session-id, as generated during the first key exchange of
+    # an SSH connection.
+    def session_id
+      session.transport.algorithms.session_id
+    end
+
+    # Sends a message via the underlying transport layer abstraction. This
+    # will block until the message is completely sent.
+    def send_message(msg)
+      session.transport.send_message(msg)
+    end
+
+    # Creates a new USERAUTH_REQUEST packet. The extra arguments on the end
+    # must be either boolean values or strings, and are tacked onto the end
+    # of the packet. The new packet is returned, ready for sending.
+    def userauth_request(username, next_service, auth_method, *others)
+      buffer = Net::SSH::Buffer.from(:byte, USERAUTH_REQUEST,
+        :string, username, :string, next_service, :string, auth_method)
+
+      others.each do |value|
+        case value
+        when true, false then buffer.write_bool(value)
+        when String      then buffer.write_string(value)
+        else raise ArgumentError, "don't know how to write #{value.inspect}"
+        end
+      end
+
+      buffer
+    end
+
+  end
+
+end; end; end; end

data/vendor/gems/net-ssh/lib/net/ssh/authentication/methods/hostbased.rb

@@ -0,0 +1,71 @@
+require 'net/ssh/authentication/methods/abstract'
+
+module Net
+  module SSH
+    module Authentication
+      module Methods
+
+        # Implements the host-based SSH authentication method.
+        class Hostbased < Abstract
+          include Constants
+
+          # Attempts to perform host-based authorization of the user by trying
+          # all known keys.
+          def authenticate(next_service, username, password=nil)
+            return false unless key_manager
+
+            key_manager.each_identity do |identity|
+              return true if authenticate_with(identity, next_service,
+                username, key_manager)
+            end
+
+            return false
+          end
+
+          private
+
+            # Returns the hostname as reported by the underlying socket.
+            def hostname
+              session.transport.socket.client_name
+            end
+
+            # Attempts to perform host-based authentication of the user, using
+            # the given host identity (key).
+            def authenticate_with(identity, next_service, username, key_manager)
+              debug { "trying hostbased (#{identity.fingerprint})" }
+              client_username = ENV['USER'] || username
+
+              req = build_request(identity, next_service, username, "#{hostname}.", client_username)
+              sig_data = Buffer.from(:string, session_id, :raw, req)
+
+              sig = key_manager.sign(identity, sig_data.to_s)
+
+              message = Buffer.from(:raw, req, :string, sig)
+
+              send_message(message)
+              message = session.next_message
+
+              case message.type
+                when USERAUTH_SUCCESS
+                  info { "hostbased succeeded (#{identity.fingerprint})" }
+                  return true
+                when USERAUTH_FAILURE
+                  info { "hostbased failed (#{identity.fingerprint})" }
+                  return false
+                else
+                  raise Net::SSH::Exception, "unexpected server response to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
+              end
+            end
+
+            # Build the "core" hostbased request string.
+            def build_request(identity, next_service, username, hostname, client_username)
+              userauth_request(username, next_service, "hostbased", identity.ssh_type,
+                Buffer.from(:key, identity).to_s, hostname, client_username).to_s
+            end
+
+        end
+
+      end
+    end
+  end
+end