rbvmomi 1.11.3 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 291486048aa5b6cbd7146d49d7324a4b236212d5
-  data.tar.gz: 1586964068b6036bbee0a7b2beb3c0ca430c8aa6
+SHA256:
+  metadata.gz: a94fe8a2f4faf96128119f1108856f73cd48ad979cb7f55da44d85628f7aae7a
+  data.tar.gz: 58f4de40f316bab9631062b8f5cad76f12eed1bf420ff9287b95788e7f1b58f5
 SHA512:
-  metadata.gz: 7869ac4308e5c56472c42bb1359a1808956d9f2f83b30066825e88b7ab9be434d94b42521a45c335bf7718d8ae624a9102565ffe8c5abb04d3027b735476ca79
-  data.tar.gz: 7779212ffb10678dcae454875a381ff0beed76488fc77106490506d032b7b166f348a8678ea5577cfe0e2be3bf61967775d001f5f3a0776b0f145078056b372c
+  metadata.gz: '08f70868de310a5b3c6b23d376058b02cfba807de7b3dd7bef71f2b976b7400ea1b48ad8e63f1461227a5f8b75eaf7cace3c7f4e73c6acf03378fffe55aaa635'
+  data.tar.gz: 6d49a75c34cb17b774a05eb6319818bd56a2762ee9f84da62730f70abf7a143ecf281dfe70884c1bb32040faa680443555f68a3770be0a25b201178d7f4ea93e

data/README.md

@@ -56,7 +56,7 @@ require 'rbvmomi'
 
 vim = RbVmomi::VIM.connect(host: 'foo', user: 'bar', password: 'baz')
 root_folder = vim.serviceInstance.content.rootFolder
-dc = rootFolder.childEntity.grep(RbVmomi::VIM::Datacenter).find { |x| x.name == 'mydatacenter' } || fail('datacenter not found')
+dc = root_folder.childEntity.grep(RbVmomi::VIM::Datacenter).find { |x| x.name == 'mydatacenter' } || fail('datacenter not found')
 vm = dc.vmFolder.childEntity.grep(RbVmomi::VIM::VirtualMachine).find { |x| x.name == 'my_vm' } || fail('VM not found')
 task = vm.PowerOnVM_Task
 filter = vim.propertyCollector.CreateFilter(
@@ -89,7 +89,7 @@ A few important points:
 *   Data object types can usually be inferred from context, so you may use a hash instead.
 *   Enumeration values are simply strings.
 *   Example code is included in the examples/ directory.
-*   A set of helper methods for Trollop is included to speed up development of
+*   A set of helper methods for Optimist is included to speed up development of
     command line apps. See the included examples for usage.
 *   If you don't have trusted SSL certificates installed on the host you're
     connecting to, you'll get an `OpenSSL::SSL::SSLError` "certificate verify

data/exe/rbvmomish

@@ -2,14 +2,14 @@
 # TODO keepalive
 # TODO rc file
 # TODO proxy support?
-require 'trollop'
+require 'optimist'
 require 'readline'
 require 'rbvmomi'
-require 'rbvmomi/trollop'
+require 'rbvmomi/optimist'
 
 VIM = RbVmomi::VIM
 
-opts = Trollop.options do
+opts = Optimist.options do
   banner <<-EOS
 vSphere API console.
 
@@ -35,7 +35,7 @@ VIM connection options:
 Other options:
   EOS
 
-  $trollop = self
+  $optimist = self
 end
 
 begin
@@ -102,7 +102,7 @@ def si
 end
 
 def help
-  $trollop.educate
+  $optimist.educate
   :no_result
 end
 

data/lib/rbvmomi/connection.rb

@@ -3,11 +3,11 @@
 
 require 'time'
 require 'date'
-require 'rbvmomi/trivial_soap'
-require 'rbvmomi/basic_types'
-require 'rbvmomi/fault'
-require 'rbvmomi/type_loader'
-require 'rbvmomi/deserialization'
+require_relative 'trivial_soap'
+require_relative 'basic_types'
+require_relative 'fault'
+require_relative 'type_loader'
+require_relative 'deserialization'
 
 module RbVmomi
 
@@ -23,7 +23,7 @@ class Connection < TrivialSoap
   attr_reader :profile_summary
   attr_accessor :profiling
   attr_reader :deserializer
-  
+
   def initialize opts
     @ns = opts[:ns] or fail "no namespace specified"
     @rev = opts[:rev] or fail "no revision specified"
@@ -32,7 +32,7 @@ class Connection < TrivialSoap
     @profiling = false
     super opts
   end
-  
+
   def reset_profiling
     @profile = {}
     @profile_summary = {:network_latency => 0, :request_emit => 0, :response_parse => 0, :num_calls => 0}
@@ -90,7 +90,7 @@ class Connection < TrivialSoap
 
     t3 = Time.now
     out = parse_response resp, desc['result']
-    
+
     if @profiling
       t4 = Time.now
       @profile[method] ||= []
@@ -98,8 +98,8 @@ class Connection < TrivialSoap
         :network_latency => (t3 - t2),
         :request_emit => t2 - t1,
         :response_parse => t4 - t3,
-        :params => params, 
-        :obj => this, 
+        :params => params,
+        :obj => this,
         :backtrace => caller,
         :request_size => body.length,
         :response_size => resp_size,
@@ -110,7 +110,7 @@ class Connection < TrivialSoap
       @profile_summary[:request_emit] += profile_info[:request_emit]
       @profile_summary[:num_calls] += 1
     end
-    
+
     out
   end
 
@@ -139,7 +139,7 @@ class Connection < TrivialSoap
     when BasicTypes::DataObject
       if expected and not expected >= o.class and not expected == BasicTypes::AnyType
         fail "expected #{expected.wsdl_name} for '#{name}', got #{o.class.wsdl_name} for field #{name.inspect}"
-      end 
+      end
       xml.tag! name, attrs.merge("xsi:type" => o.class.wsdl_name) do
         o.class.full_props_desc.each do |desc|
           if o.props.member? desc['name'].to_sym
@@ -223,7 +223,7 @@ class Connection < TrivialSoap
   def type name
     self.class.type name
   end
-  
+
   def instanceUuid
     nil
   end

data/lib/rbvmomi/deserialization.rb

@@ -101,7 +101,6 @@ class NewDeserializer
     obj = klass.new nil
     props = obj.props
     children = node.children.select(&:element?)
-    n = children.size
     i = 0
 
     klass.full_props_desc.each do |desc|
@@ -152,7 +151,7 @@ class NewDeserializer
       h[child.name] = child.content
     end
     [h['key'], h['value']]
-  end 
+  end
 end
 
 class OldDeserializer

data/lib/rbvmomi/{trollop.rb → optimist.rb}

@@ -1,19 +1,19 @@
 # Copyright (c) 2010-2017 VMware, Inc.  All Rights Reserved.
 # SPDX-License-Identifier: MIT
 
-require 'trollop'
+require 'optimist'
 
-# Convenience methods for Trollop, Ruby's premier option parser.
-# @see http://trollop.rubyforge.org/
-# @see Trollop::Parser
-module Trollop
+# Convenience methods for Optimist, Ruby's premier option parser.
+# @see http://optimist.rubyforge.org/
+# @see Optimist::Parser
+module Optimist
 
-# Convenience methods for Trollop, Ruby's premier option parser.
+# Convenience methods for Optimist, Ruby's premier option parser.
 #
 # See the examples directory for sample code.
 # Descriptions are of the form:
 #  <key>: <options> <environment variable> (<default>)
-# @see http://trollop.rubyforge.org/
+# @see http://optimist.rubyforge.org/
 class Parser
   # Options used by VIM.connect
   #

data/lib/rbvmomi/pbm.rb

@@ -1,7 +1,7 @@
 # Copyright (c) 2012-2017 VMware, Inc.  All Rights Reserved.
 # SPDX-License-Identifier: MIT
 
-require 'rbvmomi'
+require_relative '../rbvmomi'
 
 module RbVmomi
 

data/lib/rbvmomi/sms.rb

@@ -1,7 +1,7 @@
 # Copyright (c) 2013-2017 VMware, Inc.  All Rights Reserved.
 # SPDX-License-Identifier: MIT
 
-require 'rbvmomi'
+require_relative '../rbvmomi'
 module RbVmomi
 
 # A connection to one vSphere SMS endpoint.

data/lib/rbvmomi/sso.rb

@@ -0,0 +1,313 @@
+require 'base64'
+require 'net/https'
+require 'nokogiri'
+require 'openssl'
+require 'securerandom'
+require 'time'
+
+module RbVmomi
+  # Provides access to vCenter Single Sign-On
+  class SSO
+    BST_PROFILE = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'.freeze
+    C14N_CLASS = Nokogiri::XML::XML_C14N_EXCLUSIVE_1_0
+    C14N_METHOD = 'http://www.w3.org/2001/10/xml-exc-c14n#'.freeze
+    DIGEST_METHOD = 'http://www.w3.org/2001/04/xmlenc#sha512'.freeze
+    ENCODING_METHOD = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary'.freeze
+    SIGNATURE_METHOD = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'.freeze
+    STS_PATH = '/sts/STSService'.freeze
+    TOKEN_TYPE = 'urn:oasis:names:tc:SAML:2.0:assertion'.freeze
+    TOKEN_PROFILE = 'http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0'.freeze
+    NAMESPACES = {
+      :ds => 'http://www.w3.org/2000/09/xmldsig#',
+      :soap => 'http://schemas.xmlsoap.org/soap/envelope/',
+      :wsse => 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd',
+      :wsse11 => 'http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd',
+      :wst => 'http://docs.oasis-open.org/ws-sx/ws-trust/200512',
+      :wsu => 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
+    }.freeze
+
+    attr_reader :assertion,
+                :assertion_id,
+                :certificate,
+                :host,
+                :user,
+                :password,
+                :path,
+                :port,
+                :private_key
+
+    # Creates an instance of an SSO object
+    #
+    # @param [Hash] opts the options to create the object with
+    # @option opts [String] :host the host to connect to
+    # @option opts [Fixnum] :port (443) the port to connect to
+    # @option opts [String] :path the path to call
+    # @option opts [String] :user the user to authenticate with
+    # @option opts [String] :password the password to authenticate with
+    # @option opts [String] :private_key the private key to use
+    # @option opts [String] :certificate the certificate to use
+    # @option opts [Boolean] :insecure (false) whether to connect insecurely
+    def initialize(opts = {})
+      @host     = opts[:host]
+      @insecure = opts.fetch(:insecure, false)
+      @password = opts[:password]
+      @path     = opts.fetch(:path, STS_PATH)
+      @port     = opts.fetch(:port, 443)
+      @user     = opts[:user]
+
+      load_x509(opts[:private_key], opts[:certificate])
+    end
+
+    def request_token
+      req = sso_call(hok_token_request)
+
+      unless req.is_a?(Net::HTTPSuccess)
+        resp = Nokogiri::XML(req.body)
+        resp.remove_namespaces!
+        raise(resp.at_xpath('//Envelope/Body/Fault/faultstring/text()'))
+      end
+
+      extract_assertion(req.body)
+    end
+
+    def sign_request(request)
+      raise('Need SAML2 assertion') unless @assertion
+      raise('No SAML2 assertion ID') unless @assertion_id
+
+      request_id = generate_id
+      timestamp_id = generate_id
+
+      request = request.is_a?(String) ? Nokogiri::XML(request) : request
+      builder = Nokogiri::XML::Builder.new do |xml|
+        xml[:soap].Header(Hash[NAMESPACES.map { |ns, uri| ["xmlns:#{ns}", uri] }]) do
+          xml[:wsse].Security do
+            wsu_timestamp(xml, timestamp_id)
+            ds_signature(xml, request_id, timestamp_id) do |x|
+              x[:wsse].SecurityTokenReference('wsse11:TokenType' => TOKEN_PROFILE) do
+                x[:wsse].KeyIdentifier(
+                  @assertion_id,
+                  'ValueType' => 'http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID'
+                )
+              end
+            end
+          end
+        end
+      end
+
+      # To avoid Nokogiri mangling the token, we replace it as a string
+      # later on. Figure out a way around this.
+      builder.doc.at_xpath('//soap:Header/wsse:Security/wsu:Timestamp').add_previous_sibling(Nokogiri::XML::Text.new('SAML_ASSERTION_PLACEHOLDER', builder.doc))
+
+      request.at_xpath('//soap:Envelope', NAMESPACES).tap do |e|
+        NAMESPACES.each do |ns, uri|
+          e.add_namespace(ns.to_s, uri)
+        end
+      end
+      request.xpath('//soap:Envelope/soap:Body').each do |body|
+        body.add_previous_sibling(builder.doc.root)
+        body.add_namespace('wsu', NAMESPACES[:wsu])
+        body['wsu:Id'] = request_id
+      end
+
+      signed = sign(request)
+      signed.gsub!('SAML_ASSERTION_PLACEHOLDER', @assertion.to_xml(:indent => 0, :save_with => Nokogiri::XML::Node::SaveOptions::AS_XML).strip)
+
+      signed
+    end
+
+    # We default to Issue, since that's all we currently need.
+    def sso_call(body)
+      sso_url = URI::HTTPS.build(:host => @host, :port => @port, :path => @path)
+      http = Net::HTTP.new(sso_url.host, sso_url.port)
+      http.use_ssl = true
+      http.verify_mode = OpenSSL::SSL::VERIFY_NONE if @insecure
+
+      req = Net::HTTP::Post.new(sso_url.request_uri)
+      req.add_field('Accept', 'text/xml, multipart/related')
+      req.add_field('User-Agent', "VMware/RbVmomi #{RbVmomi::VERSION}")
+      req.add_field('SOAPAction', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue')
+      req.content_type = 'text/xml; charset="UTF-8"'
+      req.body = body
+
+      http.request(req)
+    end
+
+    private
+
+    def hok_token_request
+      request_id = generate_id
+      security_token_id = generate_id
+      signature_id = generate_id
+      timestamp_id = generate_id
+
+      datum = Time.now.utc
+      created_at = datum.iso8601
+      token_expires_at = (datum + 1800).iso8601
+
+      builder = Nokogiri::XML::Builder.new do |xml|
+        xml[:soap].Envelope(Hash[NAMESPACES.map { |ns, uri| ["xmlns:#{ns}", uri] }]) do
+          xml[:soap].Header do
+            xml[:wsse].Security do
+              wsu_timestamp(xml, timestamp_id, datum)
+              wsse_username_token(xml)
+              wsse_binary_security_token(xml, security_token_id)
+              ds_signature(xml, request_id, timestamp_id, signature_id) do |x|
+                x[:wsse].SecurityTokenReference do
+                  x[:wsse].Reference(
+                    'URI' => "##{security_token_id}",
+                    'ValueType' => BST_PROFILE
+                  )
+                end
+              end
+            end
+          end
+          xml[:soap].Body('wsu:Id' => request_id) do
+            xml[:wst].RequestSecurityToken do
+              xml[:wst].TokenType(TOKEN_TYPE)
+              xml[:wst].RequestType('http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue')
+              xml[:wst].Lifetime do
+                xml[:wsu].Created(created_at)
+                xml[:wsu].Expires(token_expires_at)
+              end
+              xml[:wst].Renewing('Allow' => 'false', 'OK' => 'false')
+              xml[:wst].KeyType('http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey')
+              xml[:wst].SignatureAlgorithm(SIGNATURE_METHOD)
+              xml[:wst].Delegatable('false')
+            end
+            xml[:wst].UseKey('Sig' => signature_id)
+          end
+        end
+      end
+
+      sign(builder.doc)
+    end
+
+    def extract_assertion(sso_response)
+      sso_response = Nokogiri::XML(sso_response) if sso_response.is_a?(String)
+      namespaces = sso_response.collect_namespaces
+
+      # Doesn't matter that usually there's more than one NS with the same
+      # URI - either will work for XPath. We just don't want to hardcode
+      # xmlns:saml2.
+      token_ns = namespaces.find { |_, uri| uri == TOKEN_TYPE }.first.gsub(/^xmlns:/, '')
+
+      @assertion = sso_response.at_xpath("//#{token_ns}:Assertion", namespaces)
+      @assertion_id = @assertion.at_xpath("//#{token_ns}:Assertion/@ID", namespaces).value
+    end
+
+    def sign(doc)
+      signature_digest_references = doc.xpath('/soap:Envelope/soap:Header/wsse:Security/ds:Signature/ds:SignedInfo/ds:Reference/@URI', doc.collect_namespaces).map { |a| a.value.sub(/^#/, '') }
+      signature_digest_references.each do |ref|
+        data = doc.at_xpath("//*[@wsu:Id='#{ref}']", doc.collect_namespaces)
+        digest = Base64.strict_encode64(Digest::SHA2.new(512).digest(data.canonicalize(C14N_CLASS)))
+        digest_tag = doc.at_xpath("/soap:Envelope/soap:Header/wsse:Security/ds:Signature/ds:SignedInfo/ds:Reference[@URI='##{ref}']/ds:DigestValue", doc.collect_namespaces)
+        digest_tag.add_child(Nokogiri::XML::Text.new(digest, doc))
+      end
+
+      signed_info = doc.at_xpath('/soap:Envelope/soap:Header/wsse:Security/ds:Signature/ds:SignedInfo', doc.collect_namespaces)
+      signature = Base64.strict_encode64(@private_key.sign(OpenSSL::Digest::SHA512.new, signed_info.canonicalize(C14N_CLASS)))
+      signature_value_tag = doc.at_xpath('/soap:Envelope/soap:Header/wsse:Security/ds:Signature/ds:SignatureValue', doc.collect_namespaces)
+      signature_value_tag.add_child(Nokogiri::XML::Text.new(signature, doc))
+
+      doc.to_xml(:indent => 0, :save_with => Nokogiri::XML::Node::SaveOptions::AS_XML).strip
+    end
+
+    def load_x509(private_key, certificate)
+      @private_key = private_key ? private_key : OpenSSL::PKey::RSA.new(2048)
+      if @private_key.is_a? String
+        @private_key = OpenSSL::PKey::RSA.new(@private_key)
+      end
+
+      @certificate = certificate
+      if @certificate && !private_key
+        raise(ArgumentError, "Can't generate private key from a certificate")
+      end
+
+      if @certificate.is_a? String
+        @certificate = OpenSSL::X509::Certificate.new(@certificate)
+      end
+      # If only a private key is specified, we will generate a certificate.
+      unless @certificate
+        timestamp = Time.now.utc
+        @certificate = OpenSSL::X509::Certificate.new
+        @certificate.not_before = timestamp
+        @certificate.not_after = timestamp + 3600 # 3600 is 1 hour
+        @certificate.subject = OpenSSL::X509::Name.new([
+                                                         %w[O VMware],
+                                                         %w[OU RbVmomi],
+                                                         %W[CN #{@user}]
+                                                       ])
+        @certificate.issuer = @certificate.subject
+        @certificate.serial = rand(2**160)
+        @certificate.public_key = @private_key.public_key
+        @certificate.sign(@private_key, OpenSSL::Digest::SHA512.new)
+      end
+
+      true
+    end
+
+    def ds_signature(xml, request_id, timestamp_id, id = nil)
+      signature_id = {}
+      signature_id['Id'] = id if id
+      xml[:ds].Signature(signature_id) do
+        ds_signed_info(xml, request_id, timestamp_id)
+        xml[:ds].SignatureValue
+        xml[:ds].KeyInfo do
+          yield xml
+        end
+      end
+    end
+
+    def ds_signed_info(xml, request_id, timestamp_id)
+      xml[:ds].SignedInfo do
+        xml[:ds].CanonicalizationMethod('Algorithm' => C14N_METHOD)
+        xml[:ds].SignatureMethod('Algorithm' => SIGNATURE_METHOD)
+        xml[:ds].Reference('URI' => "##{request_id}") do
+          xml[:ds].Transforms do
+            xml[:ds].Transform('Algorithm' => C14N_METHOD)
+          end
+          xml[:ds].DigestMethod('Algorithm' => DIGEST_METHOD)
+          xml[:ds].DigestValue
+        end
+        xml[:ds].Reference('URI' => "##{timestamp_id}") do
+          xml[:ds].Transforms do
+            xml[:ds].Transform('Algorithm' => C14N_METHOD)
+          end
+          xml[:ds].DigestMethod('Algorithm' => DIGEST_METHOD)
+          xml[:ds].DigestValue
+        end
+      end
+    end
+
+    def wsu_timestamp(xml, id, datum = nil)
+      datum ||= Time.now.utc
+      created_at = datum.iso8601
+      expires_at = (datum + 600).iso8601
+
+      xml[:wsu].Timestamp('wsu:Id' => id) do
+        xml[:wsu].Created(created_at)
+        xml[:wsu].Expires(expires_at)
+      end
+    end
+
+    def wsse_username_token(xml)
+      xml[:wsse].UsernameToken do
+        xml[:wsse].Username(@user)
+        xml[:wsse].Password(@password)
+      end
+    end
+
+    def wsse_binary_security_token(xml, id)
+      xml[:wsse].BinarySecurityToken(
+        Base64.strict_encode64(@certificate.to_der),
+        'EncodingType' => ENCODING_METHOD,
+        'ValueType' => BST_PROFILE,
+        'wsu:Id' => id
+      )
+    end
+
+    def generate_id
+      "_#{SecureRandom.uuid}"
+    end
+  end
+end

data/lib/rbvmomi/trivial_soap.rb

@@ -17,6 +17,7 @@ class RbVmomi::TrivialSoap
     return unless @opts[:host] # for testcases
     @debug = @opts[:debug]
     @cookie = @opts[:cookie]
+    @sso = @opts[:sso]
     @operation_id = @opts[:operation_id]
     @lock = Mutex.new
     @http = nil
@@ -42,11 +43,8 @@ class RbVmomi::TrivialSoap
     if @opts[:ssl]
       require 'net/https'
       @http.use_ssl = true
-      if @opts[:insecure]
-        @http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-      else
-        @http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-      end
+      @http.verify_mode = OpenSSL::SSL::VERIFY_NONE if @opts[:insecure]
+      @http.ca_file = @opts[:ca_file] if @opts[:ca_file]
       @http.cert = OpenSSL::X509::Certificate.new(@opts[:cert]) if @opts[:cert]
       @http.key = OpenSSL::PKey::RSA.new(@opts[:key]) if @opts[:key]
     end
@@ -89,6 +87,11 @@ class RbVmomi::TrivialSoap
       $stderr.puts
     end
 
+    if @cookie.nil? && @sso
+      @sso.request_token unless @sso.assertion_id
+      body = @sso.sign_request(body)
+    end
+
     start_time = Time.now
     response = @lock.synchronize do
       begin

data/lib/rbvmomi/type_loader.rb

@@ -95,7 +95,7 @@ class TypeLoader
 
   def load_extension name
     @extension_dirs.map { |x| File.join(x, "#{name}.rb") }.
-                    select { |x| File.exists? x }.
+                    select { |x| File.exist? x }.
                     each { |x| load x }
   end
 

data/lib/rbvmomi/utils/deploy.rb

@@ -3,7 +3,7 @@
 
 require 'open-uri'
 require 'nokogiri'
-require 'rbvmomi'
+require_relative '../../rbvmomi'
 
 # The cached ovf deployer is an optimization on top of regular OVF deployment
 # as it is offered by the VIM::OVFManager. Creating a VM becomes a multi-stage

data/lib/rbvmomi/version.rb

@@ -1,6 +1,6 @@
-# Copyright (c) 2016-2017 VMware, Inc.  All Rights Reserved.
+# Copyright (c) 2016-2020 VMware, Inc.  All Rights Reserved.
 # SPDX-License-Identifier: MIT
 
 module RbVmomi
-  VERSION = '1.11.3'.freeze
+  VERSION = '3.0.0'.freeze
 end

data/lib/rbvmomi/vim/Folder.rb

@@ -67,7 +67,7 @@ class RbVmomi::VIM::Folder
     propSpecs = {
       :entity => self, :inventoryPath => path
     }
-    x = _connection.searchIndex.FindByInventoryPath(propSpecs)
+    _connection.searchIndex.FindByInventoryPath(propSpecs)
   end
 
   # Alias to <tt>traverse path, type, true</tt>

data/lib/rbvmomi/vim/HostSystem.rb

@@ -115,12 +115,12 @@ class VIM::EsxcliNamespace
     conn.type(@type_info.wsdlName).new(conn, @instance)
   end
 
-  def method_missing name, *args
+  def method_missing(name, *args)
     name = name.to_s
     if @namespaces.member? name and args.empty?
       @namespaces[name]
     elsif @commands.member? name
-      @commands[name].call *args
+      @commands[name].call(*args)
     else
       raise NoMethodError
     end

data/lib/rbvmomi/vim/ManagedObject.rb

@@ -52,7 +52,7 @@ class RbVmomi::VIM::ManagedObject
   # @return [Array] Property values in same order as +pathSet+, or the return
   #                 value from the block if it is given.
   def collect *pathSet
-    h = collect! *pathSet
+    h = collect!(*pathSet)
     a = pathSet.map { |k| h[k.to_s] }
     if block_given?
       yield a

data/lib/rbvmomi/vim/OvfManager.rb

@@ -139,7 +139,7 @@ class RbVmomi::VIM::OvfManager
         # to the uploadCmd. It is not clear to me why, but that leads to 
         # trucation of the uploaded disk. Without this option curl can't tell
         # the progress, but who cares
-        system("#{downloadCmd} | #{uploadCmd}", STDOUT => "/dev/null")
+        system("#{downloadCmd} | #{uploadCmd}", :out => "/dev/null")
         
         keepAliveThread.kill
         keepAliveThread.join