ruby-vnc 1.2.0 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9b9252091b18c38896b7f1e8ee618dc77c1848c471c6f4eec36c9a2831b70640
-  data.tar.gz: d8599868187fa9f97649b68ded844306534609a9a9606bf022a629ab2174df1d
+  metadata.gz: 35b783e130f4558de029290d6987e7de00d69698852e9f042d35a9399356dcee
+  data.tar.gz: 65c200c7306c747e47a68b7ff122d26d3343b92da667f03686f0788e6e771de2
 SHA512:
-  metadata.gz: e671beb2f0319145b5c1f930c02245026adef5ef81accaf2530b42c25e5cca5bc996c4c67445d3c308a8b012c579bd49f4899633f0e42093921d4396aa594c54
-  data.tar.gz: eae517b3eb5295687fad89289ca0c3ca9067d12e3264c91057a9430ebc782d1a6f1b72ae8fdf94adac5e94e2f4abc786c14a4ce3483d2f2e08cb84e0207a95b8
+  metadata.gz: a19834bbdb4a03be6f4ab370b887b9d964a50b228e68b9c227a9819f83b7bceba54c241b18888bbe1e3a05a76275200f8d9e0dcffb31cb3862b688181ceb3280
+  data.tar.gz: 59f26fef289eacd35cd4c0c3dfdd67499910f3726b251f06e7ddda32178f8e2e28b58648b04f279c1e26b6e8229e42c5e1e1bcec04f70d12cadb05108bcff41b

data/Changelog.rdoc

@@ -1,5 +1,14 @@
 == Unreleased:
 
+N/A
+
+== 1.3.0 / 2023-10-30
+
+- Got rid of DES, it's no longer properly supported without nasty hacks. If
+you need security, wrap your connection over SSH or SSL.
+- Updated ChunkyPNG.
+- Require Ruby 3.0.0 or newer.
+
 == 1.2.0 / 2021-09-21
 
 - Replaced DES-algorithm with Ruby's built-in OpenSSL wrapper instead

data/lib/net/vnc/version.rb

@@ -1,5 +1,5 @@
 module Net
   class VNC
-    VERSION = '1.2.0'.freeze
+    VERSION = '1.3.0'.freeze
   end
 end

data/lib/net/vnc.rb

@@ -1,6 +1,5 @@
 require 'socket'
 require 'yaml'
-require 'cipher/vncdes'
 require 'net/vnc/version'
 
 module Net
@@ -13,7 +12,7 @@ module Net
   #   # launch xclock on localhost. note that there is an xterm in the top-left
   #
   #   require 'net/vnc'
-  #   Net::VNC.open 'localhost:0', :shared => true, :password => 'mypass' do |vnc|
+  #   Net::VNC.open 'localhost:0', :shared => true do |vnc|
   #     vnc.pointer_move 10, 10
   #     vnc.type 'xclock'
   #     vnc.key_press :return
@@ -124,12 +123,7 @@ module Net
       when 1
         # ok...
       when 2
-        password = @options[:password] or raise 'Need to authenticate but no password given'
-        challenge = socket.read CHALLENGE_SIZE
-        response = Cipher::VNCDES.new(password).encrypt(challenge)
-        socket.write response
-        ok = socket.read(4).to_s.unpack1('N')
-        raise 'Unable to authenticate - %p' % ok unless ok == 0
+        raise 'Unable to authenticate - DES no longer supported'
       else
         raise 'Unknown authentication scheme - %d' % auth
       end

data/spec/real_net_vnc_spec.rb

@@ -2,7 +2,6 @@ require 'spec_helper'
 require 'net/vnc'
 
 NO_AUTH_SERVER_DISPLAY   = ':1'.freeze
-WITH_AUTH_SERVER_DISPLAY = ':2'.freeze
 
 RSpec.describe Net::VNC do
   context 'no auth' do
@@ -26,29 +25,6 @@ RSpec.describe Net::VNC do
     end
   end
 
-  context 'with auth' do
-    it 'should connect with a password' do
-      Net::VNC.open(WITH_AUTH_SERVER_DISPLAY, password: 'matzisnicesowearenice') do |vnc|
-        vnc.pointer_move(10, 15)
-        expect(vnc.pointer.x).to eq 10
-        expect(vnc.pointer.y).to eq 15
-      end
-    end
-
-    it 'should give error with a wrong password' do
-      expect do
-        Net::VNC.open(WITH_AUTH_SERVER_DISPLAY,
-                      password: 'wrongPasssword')
-      end.to raise_error(RuntimeError, 'Unable to authenticate - 1')
-    end
-
-    it 'should give error with no password' do
-      expect do
-        Net::VNC.open(WITH_AUTH_SERVER_DISPLAY)
-      end.to raise_error(RuntimeError, 'Need to authenticate but no password given')
-    end
-  end
-
   context 'screenshotting' do
     def verify_screenshot(input)
       image_size = ImageSize.path(input)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ruby-vnc
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.3.0
 platform: ruby
 authors:
 - Charles Lowe
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-21 00:00:00.000000000 Z
+date: 2023-10-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chunky_png
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: 1.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: 1.4.0
 - !ruby/object:Gem::Dependency
   name: vncrec
   requirement: !ruby/object:Gem::Requirement
@@ -107,12 +107,9 @@ files:
 - README.rdoc
 - Rakefile
 - data/keys.yaml
-- lib/cipher/vncdes.rb
 - lib/net/rfb/frame_buffer.rb
 - lib/net/vnc.rb
 - lib/net/vnc/version.rb
-- spec/cipher_vncdes_spec.rb
-- spec/net_vnc_spec.rb
 - spec/real_net_vnc_spec.rb
 homepage: https://github.com/kaspergrubbe/ruby-vnc
 licenses:
@@ -132,14 +129,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.5.0
+      version: 3.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
+rubygems_version: 3.4.10
 signing_key:
 specification_version: 4
 summary: Ruby VNC library.

data/lib/cipher/vncdes.rb

@@ -1,54 +0,0 @@
-require 'openssl'
-
-# MIT-licensed code by Andrew Dorofeyev
-# from https://github.com/d-theus/vncrec-ruby
-
-# The server sends a random 16-byte challenge:
-#
-#      +--------------+--------------+-------------+
-#      | No. of bytes | Type [Value] | Description |
-#      +--------------+--------------+-------------+
-#      | 16           | U8           | challenge   |
-#      +--------------+--------------+-------------+
-#
-# The client encrypts the challenge with DES (ECB), using a password supplied
-# by the user as the key.  To form the key, the password is truncated
-# to eight characters, or padded with null bytes on the right.
-# Actually, each byte is also reversed. Challenge string is split
-# in two chunks of 8 bytes, which are encrypted separately and clashed together
-# again. The client then sends the resulting 16-byte response:
-#
-#      +--------------+--------------+-------------+
-#      | No. of bytes | Type [Value] | Description |
-#      +--------------+--------------+-------------+
-#      | 16           | U8           | response    |
-#      +--------------+--------------+-------------+
-#
-# The protocol continues with the SecurityResult message.
-
-module Cipher
-  class VNCDES
-    attr_reader :key
-
-    def initialize(key)
-      @key = normalized(key[0..7])
-      self
-    end
-
-    def encrypt(challenge)
-      chunks = [challenge.slice(0, 8), challenge.slice(8, 8)]
-      cipher = OpenSSL::Cipher::DES.new(:ECB)
-      cipher.encrypt
-      cipher.key = key
-      chunks.reduce('') { |a, e| cipher.reset; a << cipher.update(e) }.force_encoding('UTF-8')
-    end
-
-    private
-
-    def normalized(key)
-      rev = ->(n) { (0...8).reduce(0) { |a, e| a + 2**e * n[7 - e] } }
-      inv = key.each_byte.map { |b| rev[b].chr }.join
-      inv.ljust(8, "\x00")
-    end
-  end
-end

data/spec/cipher_vncdes_spec.rb

@@ -1,22 +0,0 @@
-require 'spec_helper'
-require 'cipher/vncdes'
-
-RSpec.describe Cipher::VNCDES do
-  it 'should pad key with zeroes if key is shorter than 8 characters' do
-    key = Cipher::VNCDES.new('test').key
-
-    expect(key.size).to eq 8
-    expect(key[4..7]).to eq(0.chr * 4)
-  end
-
-  it 'should cut the key if the key is longer than 8 characters' do
-    expect(Cipher::VNCDES.new('iamdefinitelylongerthan8characters').key.size).to eq 8
-  end
-
-  it 'should correctly encrypt keys' do
-    encrypted_string = Cipher::VNCDES.new('matzisnicesowearenice').encrypt("\x9D\xBBU\n\x05b\x96L \b'&\x18\xCE(\xD8")
-    expect(encrypted_string.encoding.to_s).to eq 'UTF-8'
-    expect(encrypted_string.size).to eq 16
-    expect(encrypted_string).to eq "2\x95\xA7\xAE\xD4A\xF3\xDCt\x82d\e\xAE\x8A\xB9c"
-  end
-end

data/spec/net_vnc_spec.rb

@@ -1,133 +0,0 @@
-require 'spec_helper'
-require 'net/vnc'
-
-# class SocketMock
-#   class MockIOError < IOError
-#   end
-#
-#   def initialize
-#     # this can be used to make detailed assertions
-#     @trace = []
-#     @read_buf  = ''
-#     @write_buf = ''
-#   end
-#
-#   def read len
-#     @trace << [:read, len]
-#     if @read_buf.length < len
-#       msg = 'bad socket read sequence - read(%d) but only %d byte(s) available' % [len, @read_buf.length]
-#       raise MockIOError, msg
-#     end
-#     @read_buf.slice! 0, len
-#   end
-#
-#   def write data
-#     @trace << [:write, data]
-#     @write_buf << data
-#   end
-# end
-#
-# class VNCServerSocketMock < SocketMock
-#   TICK_TIME = 0.1
-#
-#   def initialize(&block)
-#     super
-#
-#     @pending_read = nil
-#     obj = self
-#     @t = Thread.new { block.call obj; @pending_read = nil }
-#     100.times do |i|
-#       break if @pending_read
-#       if i == 99
-#         msg = 'blah'
-#         raise MockIOError, msg
-#       end
-#       sleep TICK_TIME
-#     end
-#   end
-#
-#   def run
-#     yield
-#     100.times do |i|
-#       break unless @pending_read
-#       if i == 99
-#         msg = 'missing socket write sequence'
-#         raise MockIOError, msg
-#       end
-#       sleep TICK_TIME
-#     end
-#     raise 'wrote to much' if @write_buf.length != 0
-#     raise 'did not read enough' if @read_buf.length != 0
-#   end
-#
-#   def read len
-#     @trace << [:read, len]
-#     100.times do |i|
-#       break if @read_buf.length >= len
-#       if i == 99
-#         msg = 'timeout during socket read sequence - read(%d) but only %d byte(s) available' % [len, @read_buf.length]
-#         raise MockIOError, msg
-#       end
-#       sleep TICK_TIME
-#     end
-#     @read_buf.slice! 0, len
-#   end
-#
-#   def write data
-#     unless @read_buf.empty?
-#       raise MockIOError, 'tried to write with non empty read buffer - (%p, %p)' % [@read_buf, data]
-#     end
-#     super
-#     if !@pending_read
-#       raise MockIOError, "wrote to socket but server is not expecting it"
-#     end
-#     if @write_buf.length >= @pending_read
-#       @pending_read = @write_buf.slice!(0, @pending_read)
-#       sleep TICK_TIME while @pending_read.is_a? String
-#     end
-#   end
-#
-#   def provide_data data
-#     @read_buf << data
-#   end
-#
-#   def expect_data len
-#     @pending_read = len
-#     sleep TICK_TIME while @pending_read.is_a? Fixnum
-#     @pending_read
-#   end
-# end
-#
-# describe 'Net::VNC' do
-#   VNC = Net::VNC
-#
-#   it 'should do something' do
-# =begin
-#     socket_mock.should_receive(:read).once.ordered.with(12).and_return("RFB 003.003\n")
-#     socket_mock.should_receive(:write).once.ordered.with(/^RFB (\d{3}.\d{3})\n$/)
-#     socket_mock.should_receive(:read).once.ordered.with(4).and_return([1].pack('N'))
-#     socket_mock.should_receive(:write).once.ordered.with("\000")
-#     socket_mock.should_receive(:read).once.ordered.with(20).and_return('')
-#     socket_mock.should_receive(:read).once.ordered.with(4).and_return([0].pack('N'))
-#     #m = mock('my mock')
-#     #m.should_receive(:test1).ordered.once.with('argument').and_return(1)
-#     #m.should_receive(:test2).ordered.once.with('argument').and_return(2)
-#     #p m.test1('argument')
-#     #p m.test2('argument')
-#     vnc = VNC.open('192.168.0.1:0')
-#=end
-#
-#     server = VNCServerSocketMock.new do |s|
-#       s.provide_data "RFB 003.003\n"
-#       p :read => s.expect_data(12)
-#       s.provide_data [1].pack('N')
-#       p :read => s.expect_data(1)
-#       s.provide_data ' ' * 20
-#       s.provide_data [0].pack('N')
-#     end
-#     server.run do
-#       TCPSocket.should_receive(:open).with('192.168.0.1', 5900).and_return(server)
-#       vnc = VNC.open('192.168.0.1:0')
-#     end
-#   end
-# end