rex-socket 0.1.29 → 0.1.33

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/.github/workflows/verify.yml +4 -15
  4. data/lib/rex/socket/parameters.rb +38 -7
  5. data/lib/rex/socket/ssl.rb +11 -1
  6. data/lib/rex/socket/ssl_tcp.rb +3 -24
  7. data/lib/rex/socket/version.rb +1 -1
  8. data/lib/rex/socket.rb +1 -1
  9. data.tar.gz.sig +2 -1
  10. metadata +2 -2
  11. metadata.gz.sig +3 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4d113479436231734487199007f644118a5e448686dc84c62c32d2cf0d8a3610
4
- data.tar.gz: 10c82f7d6ec3995321f87e0414f5cb27bd2b991764f051be0f2014473a53b255
3
+ metadata.gz: 6a97221671cad2ce1a9169e9b469a6e4d997f081ee3624a6a849c538310c3da0
4
+ data.tar.gz: 688b6872080a0ba1db00590ec33866863864a61e265cefcc2e41d416039cf9c7
5
5
  SHA512:
6
- metadata.gz: 5c6cec9b71223968043ea4b96ac78f750ba27ec1ca087b5deda2ee3717c76340f96e8d730f9e16594732213d2429265891a8dd1dc64b02dc3bd6b1f4adec634e
7
- data.tar.gz: c21137181b5ef64f7599c5ceb27f233c10d48a198a9ec0c5bffbe64efb6f02024eab4e408a5de7585c1a46dbff864f087dbee3cf32bdcd3129ad518db225d779
6
+ metadata.gz: badf3199ee38910229eccb31a6f03deebfed5eb91774fcf25e96ef8d4ab137a7d4fd09cdfbc1ceaec4c7efc96b3900e97a74142f72f8c1828fa965e50b13f45f
7
+ data.tar.gz: 2c600b3c7ea3cc45549512d7525a5f17e164a5c11daf18ab006060927bda060a019c13c0a0ca76b2b571494e63eecef75181734b3995e504a4d8a82cc942b90b
checksums.yaml.gz.sig CHANGED
Binary file
data/.github/workflows/verify.yml CHANGED
@@ -10,7 +10,7 @@ on:
10
10
 
11
11
  jobs:
12
12
  test:
13
- runs-on: ubuntu-16.04
13
+ runs-on: ubuntu-18.04
14
14
  timeout-minutes: 40
15
15
 
16
16
  strategy:
@@ -32,23 +32,12 @@ jobs:
32
32
  - name: Checkout code
33
33
  uses: actions/checkout@v2
34
34
 
35
- - uses: actions/setup-ruby@v1
35
+ - name: Setup Ruby
36
+ uses: ruby/setup-ruby@v1
36
37
  with:
37
38
  ruby-version: ${{ matrix.ruby }}
39
+ bundler-cache: true
38
40
 
39
- - name: Setup bundler
40
- run: |
41
- gem install bundler
42
- - uses: actions/cache@v2
43
- with:
44
- path: vendor/bundle
45
- key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
46
- restore-keys: |
47
- ${{ runner.os }}-gems-
48
- - name: Bundle install
49
- run: |
50
- bundle config path vendor/bundle
51
- bundle install --jobs 4 --retry 3
52
41
  - name: ${{ matrix.test_cmd }}
53
42
  run: |
54
43
  echo "${CMD}"
data/lib/rex/socket/parameters.rb CHANGED
@@ -110,10 +110,7 @@ class Rex::Socket::Parameters
110
110
  self.sslctx = hash['SSLContext']
111
111
  end
112
112
 
113
- supported_ssl_versions = ['Auto', 'SSL2', 'SSL23', 'TLS1', 'SSL3', :Auto, :SSLv2, :SSLv3, :SSLv23, :TLSv1]
114
- if (hash['SSLVersion'] and supported_ssl_versions.include? hash['SSLVersion'])
115
- self.ssl_version = hash['SSLVersion']
116
- end
113
+ self.ssl_version = hash.fetch('SSLVersion', nil)
117
114
 
118
115
  supported_ssl_verifiers = %W{CLIENT_ONCE FAIL_IF_NO_PEER_CERT NONE PEER}
119
116
  if (hash['SSLVerifyMode'] and supported_ssl_verifiers.include? hash['SSLVerifyMode'])
@@ -195,7 +192,15 @@ class Rex::Socket::Parameters
195
192
  end
196
193
 
197
194
  # Whether to force IPv6 addressing
198
- self.v6 = hash['IPv6']
195
+ if hash['IPv6'].nil?
196
+ # if IPv6 isn't specified and at least one host is an IPv6 address and the
197
+ # other is either nil, a hostname or an IPv6 address, then use IPv6
198
+ self.v6 = (Rex::Socket.is_ipv6?(self.localhost) || Rex::Socket.is_ipv6?(self.peerhost)) && \
199
+ (self.localhost.nil? || !Rex::Socket.is_ipv4?(self.localhost)) && \
200
+ (self.peerhost.nil? || !Rex::Socket.is_ipv4?(self.peerhost))
201
+ else
202
+ self.v6 = hash['IPv6']
203
+ end
199
204
  end
200
205
 
201
206
  def merge(other)
@@ -297,7 +302,13 @@ class Rex::Socket::Parameters
297
302
  # @return [String]
298
303
  attr_writer :localhost
299
304
  def localhost
300
- @localhost || '0.0.0.0'
305
+ return @localhost if @localhost
306
+
307
+ if @v6 || (@peerhost && Rex::Socket.is_ipv6?(@peerhost))
308
+ '::'
309
+ else
310
+ '0.0.0.0'
311
+ end
301
312
  end
302
313
 
303
314
  # The local port. Equivalent to the LocalPort parameter hash key.
@@ -383,7 +394,27 @@ class Rex::Socket::Parameters
383
394
 
384
395
  # What version of SSL to use (Auto, SSL2, SSL3, SSL23, TLS1)
385
396
  # @return [String,Symbol]
386
- attr_accessor :ssl_version
397
+ attr_reader :ssl_version
398
+ def ssl_version=(version)
399
+ # Let the caller specify a particular SSL/TLS version
400
+ case version
401
+ when 'SSL2'
402
+ version = :SSLv2
403
+ # 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
404
+ when 'SSL23', 'TLS', 'Auto'
405
+ version = :SSLv23
406
+ when 'SSL3'
407
+ version = :SSLv3
408
+ when 'TLS1','TLS1.0'
409
+ version = :TLSv1
410
+ when 'TLS1.1'
411
+ version = :TLSv1_1
412
+ when 'TLS1.2'
413
+ version = :TLSv1_2
414
+ end
415
+
416
+ @ssl_version = version
417
+ end
387
418
 
388
419
  # What specific SSL Cipher(s) to use, may be a string containing the cipher
389
420
  # name or an array of strings containing cipher names e.g.
data/lib/rex/socket/ssl.rb CHANGED
@@ -11,6 +11,9 @@ require 'openssl'
11
11
  ###
12
12
  module Rex::Socket::Ssl
13
13
 
14
+ # Default to SSLv23 (automatically negotiate)
15
+ DEFAULT_SSL_VERSION = :SSLv23
16
+
14
17
  module CertProvider
15
18
 
16
19
  def self.ssl_generate_subject(cn: nil, org: nil, loc: nil, st: nil)
@@ -122,7 +125,14 @@ module Rex::Socket::Ssl
122
125
  key, cert, chain = ssl_generate_certificate(cert_vars: {cn: params.ssl_cn})
123
126
  end
124
127
 
125
- ctx = OpenSSL::SSL::SSLContext.new()
128
+ version = params&.ssl_version || DEFAULT_SSL_VERSION
129
+ # Raise an error if no selected versions are supported
130
+ unless Rex::Socket::SslTcp.system_ssl_methods.include? version
131
+ raise ArgumentError,
132
+ "This version of Ruby does not support the requested SSL/TLS version #{version}"
133
+ end
134
+
135
+ ctx = OpenSSL::SSL::SSLContext.new(version)
126
136
  ctx.key = key
127
137
  ctx.cert = cert
128
138
  ctx.extra_chain_cert = chain
data/lib/rex/socket/ssl_tcp.rb CHANGED
@@ -65,35 +65,14 @@ begin
65
65
  def initsock(params = nil)
66
66
  super
67
67
 
68
- # Default to SSLv23 (automatically negotiate)
69
- version = :SSLv23
70
-
71
- # Let the caller specify a particular SSL/TLS version
72
- if params
73
- case params.ssl_version
74
- when 'SSL2', :SSLv2
75
- version = :SSLv2
76
- # 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
77
- when 'SSL23', :SSLv23, 'TLS', 'Auto'
78
- version = :SSLv23
79
- when 'SSL3', :SSLv3
80
- version = :SSLv3
81
- when 'TLS1','TLS1.0', :TLSv1
82
- version = :TLSv1
83
- when 'TLS1.1', :TLSv1_1
84
- version = :TLSv1_1
85
- when 'TLS1.2', :TLSv1_2
86
- version = :TLSv1_2
87
- end
88
- end
89
-
68
+ version = params&.ssl_version || Rex::Socket::Ssl::DEFAULT_SSL_VERSION
90
69
  # Raise an error if no selected versions are supported
91
70
  unless Rex::Socket::SslTcp.system_ssl_methods.include? version
92
71
  raise ArgumentError,
93
- "This version of Ruby does not support the requested SSL/TLS version #{params.ssl_version}"
72
+ "This version of Ruby does not support the requested SSL/TLS version #{version}"
94
73
  end
95
74
 
96
- # Try intializing the socket with this SSL/TLS version
75
+ # Try initializing the socket with this SSL/TLS version
97
76
  # This will throw an exception if it fails
98
77
  initsock_with_ssl_version(params, version)
99
78
 
data/lib/rex/socket/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rex
2
2
  module Socket
3
- VERSION = "0.1.29"
3
+ VERSION = "0.1.33"
4
4
  end
5
5
  end
data/lib/rex/socket.rb CHANGED
@@ -730,7 +730,7 @@ module Socket
730
730
  # Wrapper around getsockname that stores the local address and local port values.
731
731
  #
732
732
  def getlocalname
733
- if self.localhost.nil? && self.localport.nil?
733
+ if [nil, '0.0.0.0', '::'].include?(self.localhost) && [nil, 0].include?(self.localport)
734
734
  _, self.localhost, self.localport = getsockname
735
735
  end
736
736
 
data.tar.gz.sig CHANGED
@@ -1 +1,2 @@
1
- '�s����\Uڒ]kN�F���z
1
+ } ��vm�������tƺ�/���!�!�k��ս!\�\u�LzqY���$p6a��[F�ղ�01u4S�%���X���"x��&�l���-W������6r��H����`��~��g�,���+#rb��F���|JA��yT��
2
+ A.E��B������izI��#�/;e��|��~leƨj4= �<���D�<�������1#
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rex-socket
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.29
4
+ version: 0.1.33
5
5
  platform: ruby
6
6
  authors:
7
7
  - Metasploit Hackers
@@ -93,7 +93,7 @@ cert_chain:
93
93
  EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
94
94
  9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
95
95
  -----END CERTIFICATE-----
96
- date: 2021-03-25 00:00:00.000000000 Z
96
+ date: 2021-09-16 00:00:00.000000000 Z
97
97
  dependencies:
98
98
  - !ruby/object:Gem::Dependency
99
99
  name: rake
metadata.gz.sig CHANGED
@@ -1,4 +1,3 @@
1
- $�N|�Z����5}vy7XϠ�
2
- �;�n"7&F����+8f��V�3f�V���fzi���*�/d�����{G��Q
3
- ��mN�ͤM^2*ʪhP]]p,E�7.���mž�!����z����C
4
- S����Di�9-z�j�k�8��b6�eae\�����7Ͻ����9�̵����J�7j������]jt2��=�����4[a�� Wj�����\��������s��j��TiYd�Xx��–�r�
1
+ tx�)^���˱L_��r��;6)2�F�<z �]l �.�#F�Y��%PE�Ÿ�6���Wd�{7h�L���X2LF�L����l)��$Ћ��R�C�উ�NS���:�Y��g�Nh�����
2
+ 4"V�W��l�@T�{����=)ݹS��U�D
3
+ ��;F����+OG�皉���J��oء��LF����-��oHj0:�{�y1"d��_�do��"ǜ�s��