rex-socket 0.1.29 → 0.1.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/.github/workflows/verify.yml +4 -15
  4. data/lib/rex/socket/parameters.rb +38 -7
  5. data/lib/rex/socket/ssl.rb +11 -1
  6. data/lib/rex/socket/ssl_tcp.rb +3 -24
  7. data/lib/rex/socket/version.rb +1 -1
  8. data/lib/rex/socket.rb +1 -1
  9. data.tar.gz.sig +2 -1
  10. metadata +2 -2
  11. metadata.gz.sig +3 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4d113479436231734487199007f644118a5e448686dc84c62c32d2cf0d8a3610
4
- data.tar.gz: 10c82f7d6ec3995321f87e0414f5cb27bd2b991764f051be0f2014473a53b255
3
+ metadata.gz: 6a97221671cad2ce1a9169e9b469a6e4d997f081ee3624a6a849c538310c3da0
4
+ data.tar.gz: 688b6872080a0ba1db00590ec33866863864a61e265cefcc2e41d416039cf9c7
5
5
  SHA512:
6
- metadata.gz: 5c6cec9b71223968043ea4b96ac78f750ba27ec1ca087b5deda2ee3717c76340f96e8d730f9e16594732213d2429265891a8dd1dc64b02dc3bd6b1f4adec634e
7
- data.tar.gz: c21137181b5ef64f7599c5ceb27f233c10d48a198a9ec0c5bffbe64efb6f02024eab4e408a5de7585c1a46dbff864f087dbee3cf32bdcd3129ad518db225d779
6
+ metadata.gz: badf3199ee38910229eccb31a6f03deebfed5eb91774fcf25e96ef8d4ab137a7d4fd09cdfbc1ceaec4c7efc96b3900e97a74142f72f8c1828fa965e50b13f45f
7
+ data.tar.gz: 2c600b3c7ea3cc45549512d7525a5f17e164a5c11daf18ab006060927bda060a019c13c0a0ca76b2b571494e63eecef75181734b3995e504a4d8a82cc942b90b
checksums.yaml.gz.sig CHANGED
Binary file
data/.github/workflows/verify.yml CHANGED
@@ -10,7 +10,7 @@ on:
10
10
 
11
11
  jobs:
12
12
  test:
13
- runs-on: ubuntu-16.04
13
+ runs-on: ubuntu-18.04
14
14
  timeout-minutes: 40
15
15
 
16
16
  strategy:
@@ -32,23 +32,12 @@ jobs:
32
32
  - name: Checkout code
33
33
  uses: actions/checkout@v2
34
34
 
35
- - uses: actions/setup-ruby@v1
35
+ - name: Setup Ruby
36
+ uses: ruby/setup-ruby@v1
36
37
  with:
37
38
  ruby-version: ${{ matrix.ruby }}
39
+ bundler-cache: true
38
40
 
39
- - name: Setup bundler
40
- run: |
41
- gem install bundler
42
- - uses: actions/cache@v2
43
- with:
44
- path: vendor/bundle
45
- key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
46
- restore-keys: |
47
- ${{ runner.os }}-gems-
48
- - name: Bundle install
49
- run: |
50
- bundle config path vendor/bundle
51
- bundle install --jobs 4 --retry 3
52
41
  - name: ${{ matrix.test_cmd }}
53
42
  run: |
54
43
  echo "${CMD}"
data/lib/rex/socket/parameters.rb CHANGED
@@ -110,10 +110,7 @@ class Rex::Socket::Parameters
110
110
  self.sslctx = hash['SSLContext']
111
111
  end
112
112
 
113
- supported_ssl_versions = ['Auto', 'SSL2', 'SSL23', 'TLS1', 'SSL3', :Auto, :SSLv2, :SSLv3, :SSLv23, :TLSv1]
114
- if (hash['SSLVersion'] and supported_ssl_versions.include? hash['SSLVersion'])
115
- self.ssl_version = hash['SSLVersion']
116
- end
113
+ self.ssl_version = hash.fetch('SSLVersion', nil)
117
114
 
118
115
  supported_ssl_verifiers = %W{CLIENT_ONCE FAIL_IF_NO_PEER_CERT NONE PEER}
119
116
  if (hash['SSLVerifyMode'] and supported_ssl_verifiers.include? hash['SSLVerifyMode'])
@@ -195,7 +192,15 @@ class Rex::Socket::Parameters
195
192
  end
196
193
 
197
194
  # Whether to force IPv6 addressing
198
- self.v6 = hash['IPv6']
195
+ if hash['IPv6'].nil?
196
+ # if IPv6 isn't specified and at least one host is an IPv6 address and the
197
+ # other is either nil, a hostname or an IPv6 address, then use IPv6
198
+ self.v6 = (Rex::Socket.is_ipv6?(self.localhost) || Rex::Socket.is_ipv6?(self.peerhost)) && \
199
+ (self.localhost.nil? || !Rex::Socket.is_ipv4?(self.localhost)) && \
200
+ (self.peerhost.nil? || !Rex::Socket.is_ipv4?(self.peerhost))
201
+ else
202
+ self.v6 = hash['IPv6']
203
+ end
199
204
  end
200
205
 
201
206
  def merge(other)
@@ -297,7 +302,13 @@ class Rex::Socket::Parameters
297
302
  # @return [String]
298
303
  attr_writer :localhost
299
304
  def localhost
300
- @localhost || '0.0.0.0'
305
+ return @localhost if @localhost
306
+
307
+ if @v6 || (@peerhost && Rex::Socket.is_ipv6?(@peerhost))
308
+ '::'
309
+ else
310
+ '0.0.0.0'
311
+ end
301
312
  end
302
313
 
303
314
  # The local port. Equivalent to the LocalPort parameter hash key.
@@ -383,7 +394,27 @@ class Rex::Socket::Parameters
383
394
 
384
395
  # What version of SSL to use (Auto, SSL2, SSL3, SSL23, TLS1)
385
396
  # @return [String,Symbol]
386
- attr_accessor :ssl_version
397
+ attr_reader :ssl_version
398
+ def ssl_version=(version)
399
+ # Let the caller specify a particular SSL/TLS version
400
+ case version
401
+ when 'SSL2'
402
+ version = :SSLv2
403
+ # 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
404
+ when 'SSL23', 'TLS', 'Auto'
405
+ version = :SSLv23
406
+ when 'SSL3'
407
+ version = :SSLv3
408
+ when 'TLS1','TLS1.0'
409
+ version = :TLSv1
410
+ when 'TLS1.1'
411
+ version = :TLSv1_1
412
+ when 'TLS1.2'
413
+ version = :TLSv1_2
414
+ end
415
+
416
+ @ssl_version = version
417
+ end
387
418
 
388
419
  # What specific SSL Cipher(s) to use, may be a string containing the cipher
389
420
  # name or an array of strings containing cipher names e.g.
data/lib/rex/socket/ssl.rb CHANGED
@@ -11,6 +11,9 @@ require 'openssl'
11
11
  ###
12
12
  module Rex::Socket::Ssl
13
13
 
14
+ # Default to SSLv23 (automatically negotiate)
15
+ DEFAULT_SSL_VERSION = :SSLv23
16
+
14
17
  module CertProvider
15
18
 
16
19
  def self.ssl_generate_subject(cn: nil, org: nil, loc: nil, st: nil)
@@ -122,7 +125,14 @@ module Rex::Socket::Ssl
122
125
  key, cert, chain = ssl_generate_certificate(cert_vars: {cn: params.ssl_cn})
123
126
  end
124
127
 
125
- ctx = OpenSSL::SSL::SSLContext.new()
128
+ version = params&.ssl_version || DEFAULT_SSL_VERSION
129
+ # Raise an error if no selected versions are supported
130
+ unless Rex::Socket::SslTcp.system_ssl_methods.include? version
131
+ raise ArgumentError,
132
+ "This version of Ruby does not support the requested SSL/TLS version #{version}"
133
+ end
134
+
135
+ ctx = OpenSSL::SSL::SSLContext.new(version)
126
136
  ctx.key = key
127
137
  ctx.cert = cert
128
138
  ctx.extra_chain_cert = chain
data/lib/rex/socket/ssl_tcp.rb CHANGED
@@ -65,35 +65,14 @@ begin
65
65
  def initsock(params = nil)
66
66
  super
67
67
 
68
- # Default to SSLv23 (automatically negotiate)
69
- version = :SSLv23
70
-
71
- # Let the caller specify a particular SSL/TLS version
72
- if params
73
- case params.ssl_version
74
- when 'SSL2', :SSLv2
75
- version = :SSLv2
76
- # 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
77
- when 'SSL23', :SSLv23, 'TLS', 'Auto'
78
- version = :SSLv23
79
- when 'SSL3', :SSLv3
80
- version = :SSLv3
81
- when 'TLS1','TLS1.0', :TLSv1
82
- version = :TLSv1
83
- when 'TLS1.1', :TLSv1_1
84
- version = :TLSv1_1
85
- when 'TLS1.2', :TLSv1_2
86
- version = :TLSv1_2
87
- end
88
- end
89
-
68
+ version = params&.ssl_version || Rex::Socket::Ssl::DEFAULT_SSL_VERSION
90
69
  # Raise an error if no selected versions are supported
91
70
  unless Rex::Socket::SslTcp.system_ssl_methods.include? version
92
71
  raise ArgumentError,
93
- "This version of Ruby does not support the requested SSL/TLS version #{params.ssl_version}"
72
+ "This version of Ruby does not support the requested SSL/TLS version #{version}"
94
73
  end
95
74
 
96
- # Try intializing the socket with this SSL/TLS version
75
+ # Try initializing the socket with this SSL/TLS version
97
76
  # This will throw an exception if it fails
98
77
  initsock_with_ssl_version(params, version)
99
78
 
data/lib/rex/socket/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rex
2
2
  module Socket
3
- VERSION = "0.1.29"
3
+ VERSION = "0.1.33"
4
4
  end
5
5
  end
data/lib/rex/socket.rb CHANGED
@@ -730,7 +730,7 @@ module Socket
730
730
  # Wrapper around getsockname that stores the local address and local port values.
731
731
  #
732
732
  def getlocalname
733
- if self.localhost.nil? && self.localport.nil?
733
+ if [nil, '0.0.0.0', '::'].include?(self.localhost) && [nil, 0].include?(self.localport)
734
734
  _, self.localhost, self.localport = getsockname
735
735
  end
736
736
 
data.tar.gz.sig CHANGED
@@ -1 +1,2 @@
1
- '�s����\Uڒ]kN�F���z
1
+ } ��vm�������tƺ�/���!�!�k��ս!\�\u�LzqY���$p6a��[F�ղ�01u4S�%���X���"x��&�l���-W������6r��H����`��~��g�,���+#rb��F���|JA��yT��
2
+ A.E��B������izI��#�/;e��|��~leƨj4= �<���D�<�������1#
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rex-socket
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.29
4
+ version: 0.1.33
5
5
  platform: ruby
6
6
  authors:
7
7
  - Metasploit Hackers
@@ -93,7 +93,7 @@ cert_chain:
93
93
  EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
94
94
  9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
95
95
  -----END CERTIFICATE-----
96
- date: 2021-03-25 00:00:00.000000000 Z
96
+ date: 2021-09-16 00:00:00.000000000 Z
97
97
  dependencies:
98
98
  - !ruby/object:Gem::Dependency
99
99
  name: rake
metadata.gz.sig CHANGED
@@ -1,4 +1,3 @@
1
- $�N|�Z����5}vy7XϠ�
2
- �;�n"7&F����+8f��V�3f�V���fzi���*�/d�����{G��Q
3
- ��mN�ͤM^2*ʪhP]]p,E�7.���mž�!����z����C
4
- S����Di�9-z�j�k�8��b6�eae\�����7Ͻ����9�̵����J�7j������]jt2��=�����4[a�� Wj�����\��������s��j��TiYd�Xx��–�r�
1
+ tx�)^���˱L_��r��;6)2�F�<z �]l �.�#F�Y��%PE�Ÿ�6���Wd�{7h�L���X2LF�L����l)��$Ћ��R�C�উ�NS���:�Y��g�Nh�����
2
+ 4"V�W��l�@T�{����=)ݹS��U�D
3
+ ��;F����+OG�皉���J��oء��LF����-��oHj0:�{�y1"d��_�do��"ǜ�s��