rex-socket 0.1.29 → 0.1.30

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4d113479436231734487199007f644118a5e448686dc84c62c32d2cf0d8a3610
-  data.tar.gz: 10c82f7d6ec3995321f87e0414f5cb27bd2b991764f051be0f2014473a53b255
+  metadata.gz: 647d60dcc0fb176246243a7eaed1ca68a35c596c7034cf4de863ca233d08d9f0
+  data.tar.gz: 80fcd4c8fe671a6da97a5e262700331dfa5fe0292c679952b510abdc7af13cfa
 SHA512:
-  metadata.gz: 5c6cec9b71223968043ea4b96ac78f750ba27ec1ca087b5deda2ee3717c76340f96e8d730f9e16594732213d2429265891a8dd1dc64b02dc3bd6b1f4adec634e
-  data.tar.gz: c21137181b5ef64f7599c5ceb27f233c10d48a198a9ec0c5bffbe64efb6f02024eab4e408a5de7585c1a46dbff864f087dbee3cf32bdcd3129ad518db225d779
+  metadata.gz: a5c001e83da2f988ff40eefcd5175bdf0684b22c5529820be68c9eda4b6d862a6f88bbd39a950941a30bcccc5b9a21479a44982e56a4e351b353c0ce480bc9a9
+  data.tar.gz: bdc211d907a45d1a0701fbc34721712fec81dea7e9417d1b3e94259916e13779a1e91e1742fd2b9526aaf4c8839c62373e58183c3ac7ad7dea64c3b8fd5d093d

data/lib/rex/socket/parameters.rb

@@ -110,10 +110,7 @@ class Rex::Socket::Parameters
       self.sslctx = hash['SSLContext']
     end
 
-    supported_ssl_versions = ['Auto', 'SSL2', 'SSL23', 'TLS1', 'SSL3', :Auto, :SSLv2, :SSLv3, :SSLv23, :TLSv1]
-    if (hash['SSLVersion'] and supported_ssl_versions.include? hash['SSLVersion'])
-      self.ssl_version = hash['SSLVersion']
-    end
+    self.ssl_version = hash.fetch('SSLVersion', nil)
 
     supported_ssl_verifiers = %W{CLIENT_ONCE FAIL_IF_NO_PEER_CERT NONE PEER}
     if (hash['SSLVerifyMode'] and supported_ssl_verifiers.include? hash['SSLVerifyMode'])
@@ -383,7 +380,27 @@ class Rex::Socket::Parameters
 
   # What version of SSL to use (Auto, SSL2, SSL3, SSL23, TLS1)
   # @return [String,Symbol]
-  attr_accessor :ssl_version
+  attr_reader :ssl_version
+  def ssl_version=(version)
+    # Let the caller specify a particular SSL/TLS version
+    case version
+    when 'SSL2'
+      version = :SSLv2
+    # 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
+    when 'SSL23', 'TLS', 'Auto'
+      version = :SSLv23
+    when 'SSL3'
+      version = :SSLv3
+    when 'TLS1','TLS1.0'
+      version = :TLSv1
+    when 'TLS1.1'
+      version = :TLSv1_1
+    when 'TLS1.2'
+      version = :TLSv1_2
+    end
+
+    @ssl_version = version
+  end
 
   # What specific SSL Cipher(s) to use, may be a string containing the cipher
   # name or an array of strings containing cipher names e.g.

data/lib/rex/socket/ssl.rb

@@ -11,6 +11,9 @@ require 'openssl'
 ###
 module Rex::Socket::Ssl
 
+  # Default to SSLv23 (automatically negotiate)
+  DEFAULT_SSL_VERSION = :SSLv23
+
   module CertProvider
 
     def self.ssl_generate_subject(cn: nil, org: nil, loc: nil, st: nil)
@@ -122,7 +125,14 @@ module Rex::Socket::Ssl
       key, cert, chain = ssl_generate_certificate(cert_vars: {cn: params.ssl_cn})
     end
 
-    ctx = OpenSSL::SSL::SSLContext.new()
+    version = params&.ssl_version || DEFAULT_SSL_VERSION
+    # Raise an error if no selected versions are supported
+    unless Rex::Socket::SslTcp.system_ssl_methods.include? version
+      raise ArgumentError,
+        "This version of Ruby does not support the requested SSL/TLS version #{version}"
+    end
+
+    ctx = OpenSSL::SSL::SSLContext.new(version)
     ctx.key = key
     ctx.cert = cert
     ctx.extra_chain_cert = chain

data/lib/rex/socket/ssl_tcp.rb

@@ -65,35 +65,14 @@ begin
   def initsock(params = nil)
     super
 
-    # Default to SSLv23 (automatically negotiate)
-    version = :SSLv23
-
-    # Let the caller specify a particular SSL/TLS version
-    if params
-      case params.ssl_version
-      when 'SSL2', :SSLv2
-        version = :SSLv2
-      # 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
-      when 'SSL23', :SSLv23, 'TLS', 'Auto'
-        version = :SSLv23
-      when 'SSL3', :SSLv3
-        version = :SSLv3
-      when 'TLS1','TLS1.0', :TLSv1
-        version = :TLSv1
-      when 'TLS1.1', :TLSv1_1
-        version = :TLSv1_1
-      when 'TLS1.2', :TLSv1_2
-        version = :TLSv1_2
-      end
-    end
-
+    version = params&.ssl_version || Rex::Socket::Ssl::DEFAULT_SSL_VERSION
     # Raise an error if no selected versions are supported
     unless Rex::Socket::SslTcp.system_ssl_methods.include? version
       raise ArgumentError,
-        "This version of Ruby does not support the requested SSL/TLS version #{params.ssl_version}"
+        "This version of Ruby does not support the requested SSL/TLS version #{version}"
     end
 
-    # Try intializing the socket with this SSL/TLS version
+    # Try initializing the socket with this SSL/TLS version
     # This will throw an exception if it fails
     initsock_with_ssl_version(params, version)
 

data/lib/rex/socket/version.rb

@@ -1,5 +1,5 @@
 module Rex
   module Socket
-    VERSION = "0.1.29"
+    VERSION = "0.1.30"
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rex-socket
 version: !ruby/object:Gem::Version
-  version: 0.1.29
+  version: 0.1.30
 platform: ruby
 authors:
 - Metasploit Hackers
@@ -93,7 +93,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2021-03-25 00:00:00.000000000 Z
+date: 2021-08-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake

metadata.gz.sig

@@ -1,4 +1 @@
-$�N|�Z����5}vy7�XϠ�
-�;�n"7&F����+8f��V�3f�V���fzi���*�/d�����{G��Q
-��mN�ͤM^2*ʪh
P�]]p,E�7.���mž�!����z����C
-S����Di�9-z�j�k�8��b6�eae\��
���7Ͻ����9�̵����J�7j������]jt2��=�����4[a��	 Wj�����\��������s��j��TiYd�Xx��–�r�
+�D~�[8Yo�:�a�㎊� �<�|�iq����tp�I>��|@W��:�y'�x����/��1���(�%M��B��P\0?���f����O��K�W+�O�l,�y�����AdR�/��U��xe�_�3ʊqX�,Z���O��80)�����i�Rp;��+a/F��d�Y��']N��%)���r\�1=YJK�_�H�i6~����2�i4�**�ͭ�XY.�")5eފ"k�Wŋ����k	s