tpkg 2.3.3 → 2.3.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (205) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +1 -0
  3. data/Gemfile +4 -0
  4. data/LICENSE +20 -0
  5. data/Portfile +39 -0
  6. data/Portfile.template +39 -0
  7. data/README.md +43 -0
  8. data/Rakefile +468 -18
  9. data/bin/gem2tpkg +2 -2
  10. data/bin/tpkg +18 -13
  11. data/bin/tpkg_uploader +132 -0
  12. data/ca.pem +1 -0
  13. data/control +7 -0
  14. data/depend +3 -0
  15. data/externals-etch/authorized_keys +40 -0
  16. data/externals-etch/group +9 -0
  17. data/externals-etch/iptables +38 -0
  18. data/externals-etch/limits +30 -0
  19. data/externals-etch/nfs +30 -0
  20. data/externals-etch/sudo +30 -0
  21. data/externals-etch/supplemental_groups +8 -0
  22. data/externals-etch/sysctl +30 -0
  23. data/externals-etch/user +41 -0
  24. data/externals/group +39 -0
  25. data/externals/supplemental_groups +48 -0
  26. data/externals/user +39 -0
  27. data/lib/tpkg.rb +260 -991
  28. data/lib/tpkg/os.rb +164 -0
  29. data/lib/tpkg/os/debian.rb +159 -0
  30. data/lib/tpkg/os/freebsd.rb +113 -0
  31. data/lib/tpkg/os/macosx.rb +113 -0
  32. data/lib/tpkg/os/redhat.rb +173 -0
  33. data/lib/tpkg/os/solaris.rb +101 -0
  34. data/lib/tpkg/os/windows.rb +26 -0
  35. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify.rb +67 -0
  36. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/errors.rb +127 -0
  37. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/kwalify.schema.yaml +58 -0
  38. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/main.rb +442 -0
  39. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/messages.rb +173 -0
  40. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/meta-validator.rb +275 -0
  41. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/parser/base.rb +127 -0
  42. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/parser/yaml.rb +841 -0
  43. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/rule.rb +559 -0
  44. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/templates/genclass-java.eruby +222 -0
  45. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/templates/genclass-php.eruby +104 -0
  46. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/templates/genclass-ruby.eruby +113 -0
  47. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/types.rb +156 -0
  48. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/util.rb +158 -0
  49. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/util/assert-text-equal.rb +46 -0
  50. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/util/hash-interface.rb +18 -0
  51. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/util/hashlike.rb +51 -0
  52. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/util/option-parser.rb +220 -0
  53. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/util/ordered-hash.rb +57 -0
  54. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/util/testcase-helper.rb +112 -0
  55. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/validator.rb +282 -0
  56. data/lib/tpkg/thirdparty/kwalify-0.7.2/lib/kwalify/yaml-parser.rb +870 -0
  57. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh.rb +219 -0
  58. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/authentication/agent.rb +179 -0
  59. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/authentication/constants.rb +18 -0
  60. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/authentication/key_manager.rb +219 -0
  61. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/authentication/methods/abstract.rb +60 -0
  62. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/authentication/methods/hostbased.rb +71 -0
  63. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/authentication/methods/keyboard_interactive.rb +66 -0
  64. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/authentication/methods/password.rb +39 -0
  65. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/authentication/methods/publickey.rb +92 -0
  66. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/authentication/pageant.rb +183 -0
  67. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/authentication/session.rb +134 -0
  68. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/buffer.rb +340 -0
  69. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/buffered_io.rb +198 -0
  70. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/config.rb +205 -0
  71. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/connection/channel.rb +630 -0
  72. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/connection/constants.rb +33 -0
  73. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/connection/session.rb +597 -0
  74. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/connection/term.rb +178 -0
  75. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/errors.rb +85 -0
  76. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/key_factory.rb +102 -0
  77. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/known_hosts.rb +129 -0
  78. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/loggable.rb +61 -0
  79. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/packet.rb +102 -0
  80. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/prompt.rb +93 -0
  81. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/proxy/command.rb +75 -0
  82. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/proxy/errors.rb +14 -0
  83. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/proxy/http.rb +94 -0
  84. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/proxy/socks4.rb +70 -0
  85. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/proxy/socks5.rb +142 -0
  86. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/ruby_compat.rb +43 -0
  87. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/service/forward.rb +288 -0
  88. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/test.rb +89 -0
  89. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/test/channel.rb +129 -0
  90. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/test/extensions.rb +152 -0
  91. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/test/kex.rb +44 -0
  92. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/test/local_packet.rb +51 -0
  93. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/test/packet.rb +81 -0
  94. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/test/remote_packet.rb +38 -0
  95. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/test/script.rb +157 -0
  96. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/test/socket.rb +64 -0
  97. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/algorithms.rb +384 -0
  98. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/cipher_factory.rb +97 -0
  99. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/constants.rb +30 -0
  100. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/hmac.rb +31 -0
  101. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/hmac/abstract.rb +79 -0
  102. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/hmac/md5.rb +12 -0
  103. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/hmac/md5_96.rb +11 -0
  104. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/hmac/none.rb +15 -0
  105. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/hmac/sha1.rb +13 -0
  106. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/hmac/sha1_96.rb +11 -0
  107. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/identity_cipher.rb +55 -0
  108. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/kex.rb +13 -0
  109. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +208 -0
  110. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +77 -0
  111. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/openssl.rb +127 -0
  112. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/packet_stream.rb +235 -0
  113. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/server_version.rb +71 -0
  114. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/session.rb +276 -0
  115. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/transport/state.rb +206 -0
  116. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/verifiers/lenient.rb +30 -0
  117. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/verifiers/null.rb +12 -0
  118. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/verifiers/strict.rb +53 -0
  119. data/lib/tpkg/thirdparty/net-ssh-2.1.0/lib/net/ssh/version.rb +62 -0
  120. data/lib/tpkg/version.rb +3 -0
  121. data/man/man1/cpan2tpkg.1 +82 -0
  122. data/man/man1/gem2tpkg.1 +120 -0
  123. data/man/man1/tpkg.1 +411 -0
  124. data/pkginfo +8 -0
  125. data/postinstall.solaris +11 -0
  126. data/postremove.solaris +16 -0
  127. data/schema/schema-1.0.5.yml +0 -0
  128. data/schema/schema-1.0.6.yml +0 -0
  129. data/schema/schema-1.0.7.yml +0 -0
  130. data/schema/schema-1.0.8.yml +0 -0
  131. data/schema/schema-1.0.9.yml +0 -0
  132. data/schema/schema.yml +0 -0
  133. data/schema/tpkg-1.0.0.dtd +0 -0
  134. data/schema/tpkg-1.0.1.dtd +0 -0
  135. data/schema/tpkg-1.0.2.dtd +0 -0
  136. data/schema/tpkg-1.0.3.dtd +0 -0
  137. data/schema/tpkg-1.0.4.dtd +0 -0
  138. data/schema/tpkg-1.0.5.dtd +0 -0
  139. data/schema/tpkg-1.0.6.dtd +0 -0
  140. data/schema/tpkg-1.0.7.dtd +0 -0
  141. data/schema/tpkg-1.0.8.dtd +0 -0
  142. data/schema/tpkg-1.0.9.dtd +0 -0
  143. data/schema/tpkg.dtd +0 -0
  144. data/test/TODO +30 -0
  145. data/test/premadetestpkg/pkg_without_file_metadata-1.0-1.tpkg +0 -0
  146. data/test/test_checksum.rb +53 -0
  147. data/test/test_compress.rb +55 -0
  148. data/test/test_conflict.rb +41 -0
  149. data/test/test_crontabs.rb +398 -0
  150. data/test/test_dependency.rb +1113 -0
  151. data/test/test_downgrade.rb +80 -0
  152. data/test/test_download.rb +95 -0
  153. data/test/test_encrypt.rb +136 -0
  154. data/test/test_filemetadata.rb +131 -0
  155. data/test/test_initscript.rb +93 -0
  156. data/test/test_install.rb +186 -0
  157. data/test/test_lock.rb +82 -0
  158. data/test/test_make.rb +410 -0
  159. data/test/test_metadata.rb +805 -0
  160. data/test/test_misc.rb +379 -0
  161. data/test/test_options.rb +1711 -0
  162. data/test/test_os.rb +193 -0
  163. data/test/test_os_debian.rb +99 -0
  164. data/test/test_os_freebsd.rb +89 -0
  165. data/test/test_os_macosx.rb +79 -0
  166. data/test/test_os_redhat.rb +124 -0
  167. data/test/test_os_solaris.rb +85 -0
  168. data/test/test_os_windows.rb +26 -0
  169. data/test/test_query.rb +134 -0
  170. data/test/test_remove.rb +539 -0
  171. data/test/test_tar.rb +99 -0
  172. data/test/test_unpack.rb +977 -0
  173. data/test/test_upgrade.rb +398 -0
  174. data/test/test_version.rb +54 -0
  175. data/test/testcmds/crontab +14 -0
  176. data/test/testcmds/debian/apt-cache +145 -0
  177. data/test/testcmds/debian/dpkg-query +16 -0
  178. data/test/testcmds/freebsd/pkg_info +13 -0
  179. data/test/testcmds/macosx/port +35 -0
  180. data/test/testcmds/redhat/rpmbuild +6 -0
  181. data/test/testcmds/redhat/yum +90 -0
  182. data/test/testcmds/solaris/pkginfo +25 -0
  183. data/test/testcmds/solaris/pkgutil +36 -0
  184. data/test/testpkg/reloc/encfile +2 -0
  185. data/test/testpkg/reloc/file +2 -0
  186. data/test/testpkg/reloc/precryptfile +1 -0
  187. data/test/testpkg/reloc/precryptfile.plaintext +3 -0
  188. data/test/testpkg/tpkg-bad-ownergroup.xml +25 -0
  189. data/test/testpkg/tpkg-bad-ownergroup.yml +18 -0
  190. data/test/testpkg/tpkg-default-perms.xml +28 -0
  191. data/test/testpkg/tpkg-default-perms.yml +20 -0
  192. data/test/testpkg/tpkg-good-ownergroup.xml +25 -0
  193. data/test/testpkg/tpkg-good-ownergroup.yml +18 -0
  194. data/test/testpkg/tpkg-nativedeps.yml +13 -0
  195. data/test/testpkg/tpkg-nofiles.xml +14 -0
  196. data/test/testpkg/tpkg-nofiles.yml +9 -0
  197. data/test/testpkg/tpkg.xml +35 -0
  198. data/test/testpkg/tpkg.yml +25 -0
  199. data/test/tpkgtest.rb +300 -0
  200. data/tpkg.conf +16 -0
  201. data/tpkg.gemspec +24 -0
  202. data/tpkg.spec +28 -0
  203. data/tpkg.xml +17 -0
  204. data/tpkg_profile.sh +32 -0
  205. metadata +306 -31
@@ -0,0 +1,60 @@
1
+ require 'net/ssh/buffer'
2
+ require 'net/ssh/errors'
3
+ require 'net/ssh/loggable'
4
+ require 'net/ssh/authentication/constants'
5
+
6
+ module Net; module SSH; module Authentication; module Methods
7
+
8
+ # The base class of all user authentication methods. It provides a few
9
+ # bits of common functionality.
10
+ class Abstract
11
+ include Constants, Loggable
12
+
13
+ # The authentication session object
14
+ attr_reader :session
15
+
16
+ # The key manager object. Not all authentication methods will require
17
+ # this.
18
+ attr_reader :key_manager
19
+
20
+ # Instantiates a new authentication method.
21
+ def initialize(session, options={})
22
+ @session = session
23
+ @key_manager = options[:key_manager]
24
+ @options = options
25
+ self.logger = session.logger
26
+ end
27
+
28
+ # Returns the session-id, as generated during the first key exchange of
29
+ # an SSH connection.
30
+ def session_id
31
+ session.transport.algorithms.session_id
32
+ end
33
+
34
+ # Sends a message via the underlying transport layer abstraction. This
35
+ # will block until the message is completely sent.
36
+ def send_message(msg)
37
+ session.transport.send_message(msg)
38
+ end
39
+
40
+ # Creates a new USERAUTH_REQUEST packet. The extra arguments on the end
41
+ # must be either boolean values or strings, and are tacked onto the end
42
+ # of the packet. The new packet is returned, ready for sending.
43
+ def userauth_request(username, next_service, auth_method, *others)
44
+ buffer = Net::SSH::Buffer.from(:byte, USERAUTH_REQUEST,
45
+ :string, username, :string, next_service, :string, auth_method)
46
+
47
+ others.each do |value|
48
+ case value
49
+ when true, false then buffer.write_bool(value)
50
+ when String then buffer.write_string(value)
51
+ else raise ArgumentError, "don't know how to write #{value.inspect}"
52
+ end
53
+ end
54
+
55
+ buffer
56
+ end
57
+
58
+ end
59
+
60
+ end; end; end; end
@@ -0,0 +1,71 @@
1
+ require 'net/ssh/authentication/methods/abstract'
2
+
3
+ module Net
4
+ module SSH
5
+ module Authentication
6
+ module Methods
7
+
8
+ # Implements the host-based SSH authentication method.
9
+ class Hostbased < Abstract
10
+ include Constants
11
+
12
+ # Attempts to perform host-based authorization of the user by trying
13
+ # all known keys.
14
+ def authenticate(next_service, username, password=nil)
15
+ return false unless key_manager
16
+
17
+ key_manager.each_identity do |identity|
18
+ return true if authenticate_with(identity, next_service,
19
+ username, key_manager)
20
+ end
21
+
22
+ return false
23
+ end
24
+
25
+ private
26
+
27
+ # Returns the hostname as reported by the underlying socket.
28
+ def hostname
29
+ session.transport.socket.client_name
30
+ end
31
+
32
+ # Attempts to perform host-based authentication of the user, using
33
+ # the given host identity (key).
34
+ def authenticate_with(identity, next_service, username, key_manager)
35
+ debug { "trying hostbased (#{identity.fingerprint})" }
36
+ client_username = ENV['USER'] || username
37
+
38
+ req = build_request(identity, next_service, username, "#{hostname}.", client_username)
39
+ sig_data = Buffer.from(:string, session_id, :raw, req)
40
+
41
+ sig = key_manager.sign(identity, sig_data.to_s)
42
+
43
+ message = Buffer.from(:raw, req, :string, sig)
44
+
45
+ send_message(message)
46
+ message = session.next_message
47
+
48
+ case message.type
49
+ when USERAUTH_SUCCESS
50
+ info { "hostbased succeeded (#{identity.fingerprint})" }
51
+ return true
52
+ when USERAUTH_FAILURE
53
+ info { "hostbased failed (#{identity.fingerprint})" }
54
+ return false
55
+ else
56
+ raise Net::SSH::Exception, "unexpected server response to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
57
+ end
58
+ end
59
+
60
+ # Build the "core" hostbased request string.
61
+ def build_request(identity, next_service, username, hostname, client_username)
62
+ userauth_request(username, next_service, "hostbased", identity.ssh_type,
63
+ Buffer.from(:key, identity).to_s, hostname, client_username).to_s
64
+ end
65
+
66
+ end
67
+
68
+ end
69
+ end
70
+ end
71
+ end
@@ -0,0 +1,66 @@
1
+ require 'net/ssh/prompt'
2
+ require 'net/ssh/authentication/methods/abstract'
3
+
4
+ module Net
5
+ module SSH
6
+ module Authentication
7
+ module Methods
8
+
9
+ # Implements the "keyboard-interactive" SSH authentication method.
10
+ class KeyboardInteractive < Abstract
11
+ include Prompt
12
+
13
+ USERAUTH_INFO_REQUEST = 60
14
+ USERAUTH_INFO_RESPONSE = 61
15
+
16
+ # Attempt to authenticate the given user for the given service.
17
+ def authenticate(next_service, username, password=nil)
18
+ debug { "trying keyboard-interactive" }
19
+ send_message(userauth_request(username, next_service, "keyboard-interactive", "", ""))
20
+
21
+ loop do
22
+ message = session.next_message
23
+
24
+ case message.type
25
+ when USERAUTH_SUCCESS
26
+ debug { "keyboard-interactive succeeded" }
27
+ return true
28
+ when USERAUTH_FAILURE
29
+ debug { "keyboard-interactive failed" }
30
+ return false
31
+ when USERAUTH_INFO_REQUEST
32
+ name = message.read_string
33
+ instruction = message.read_string
34
+ debug { "keyboard-interactive info request" }
35
+
36
+ unless password
37
+ puts(name) unless name.empty?
38
+ puts(instruction) unless instruction.empty?
39
+ end
40
+
41
+ lang_tag = message.read_string
42
+ responses =[]
43
+
44
+ message.read_long.times do
45
+ text = message.read_string
46
+ echo = message.read_bool
47
+ responses << (password || prompt(text, echo))
48
+ end
49
+
50
+ # if the password failed the first time around, don't try
51
+ # and use it on subsequent requests.
52
+ password = nil
53
+
54
+ msg = Buffer.from(:byte, USERAUTH_INFO_RESPONSE, :long, responses.length, :string, responses)
55
+ send_message(msg)
56
+ else
57
+ raise Net::SSH::Exception, "unexpected reply in keyboard interactive: #{message.type} (#{message.inspect})"
58
+ end
59
+ end
60
+ end
61
+ end
62
+
63
+ end
64
+ end
65
+ end
66
+ end
@@ -0,0 +1,39 @@
1
+ require 'net/ssh/errors'
2
+ require 'net/ssh/authentication/methods/abstract'
3
+
4
+ module Net
5
+ module SSH
6
+ module Authentication
7
+ module Methods
8
+
9
+ # Implements the "password" SSH authentication method.
10
+ class Password < Abstract
11
+ # Attempt to authenticate the given user for the given service. If
12
+ # the password parameter is nil, this will never do anything except
13
+ # return false.
14
+ def authenticate(next_service, username, password=nil)
15
+ return false unless password
16
+
17
+ send_message(userauth_request(username, next_service, "password", false, password))
18
+ message = session.next_message
19
+
20
+ case message.type
21
+ when USERAUTH_SUCCESS
22
+ debug { "password succeeded" }
23
+ return true
24
+ when USERAUTH_FAILURE
25
+ debug { "password failed" }
26
+ return false
27
+ when USERAUTH_PASSWD_CHANGEREQ
28
+ debug { "password change request received, failing" }
29
+ return false
30
+ else
31
+ raise Net::SSH::Exception, "unexpected reply to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
32
+ end
33
+ end
34
+ end
35
+
36
+ end
37
+ end
38
+ end
39
+ end
@@ -0,0 +1,92 @@
1
+ require 'net/ssh/buffer'
2
+ require 'net/ssh/errors'
3
+ require 'net/ssh/authentication/methods/abstract'
4
+
5
+ module Net
6
+ module SSH
7
+ module Authentication
8
+ module Methods
9
+
10
+ # Implements the "publickey" SSH authentication method.
11
+ class Publickey < Abstract
12
+ # Attempts to perform public-key authentication for the given
13
+ # username, trying each identity known to the key manager. If any of
14
+ # them succeed, returns +true+, otherwise returns +false+. This
15
+ # requires the presence of a key manager.
16
+ def authenticate(next_service, username, password=nil)
17
+ return false unless key_manager
18
+
19
+ key_manager.each_identity do |identity|
20
+ return true if authenticate_with(identity, next_service, username)
21
+ end
22
+
23
+ return false
24
+ end
25
+
26
+ private
27
+
28
+ # Builds a packet that contains the request formatted for sending
29
+ # a public-key request to the server.
30
+ def build_request(pub_key, username, next_service, has_sig)
31
+ blob = Net::SSH::Buffer.new
32
+ blob.write_key pub_key
33
+
34
+ userauth_request(username, next_service, "publickey", has_sig,
35
+ pub_key.ssh_type, blob.to_s)
36
+ end
37
+
38
+ # Builds and sends a request formatted for a public-key
39
+ # authentication request.
40
+ def send_request(pub_key, username, next_service, signature=nil)
41
+ msg = build_request(pub_key, username, next_service, !signature.nil?)
42
+ msg.write_string(signature) if signature
43
+ send_message(msg)
44
+ end
45
+
46
+ # Attempts to perform public-key authentication for the given
47
+ # username, with the given identity (public key). Returns +true+ if
48
+ # successful, or +false+ otherwise.
49
+ def authenticate_with(identity, next_service, username)
50
+ debug { "trying publickey (#{identity.fingerprint})" }
51
+ send_request(identity, username, next_service)
52
+
53
+ message = session.next_message
54
+
55
+ case message.type
56
+ when USERAUTH_PK_OK
57
+ buffer = build_request(identity, username, next_service, true)
58
+ sig_data = Net::SSH::Buffer.new
59
+ sig_data.write_string(session_id)
60
+ sig_data.append(buffer.to_s)
61
+
62
+ sig_blob = key_manager.sign(identity, sig_data)
63
+
64
+ send_request(identity, username, next_service, sig_blob.to_s)
65
+ message = session.next_message
66
+
67
+ case message.type
68
+ when USERAUTH_SUCCESS
69
+ debug { "publickey succeeded (#{identity.fingerprint})" }
70
+ return true
71
+ when USERAUTH_FAILURE
72
+ debug { "publickey failed (#{identity.fingerprint})" }
73
+ return false
74
+ else
75
+ raise Net::SSH::Exception,
76
+ "unexpected server response to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
77
+ end
78
+
79
+ when USERAUTH_FAILURE
80
+ return false
81
+
82
+ else
83
+ raise Net::SSH::Exception, "unexpected reply to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
84
+ end
85
+ end
86
+
87
+ end
88
+
89
+ end
90
+ end
91
+ end
92
+ end
@@ -0,0 +1,183 @@
1
+ require 'dl/import'
2
+ require 'dl/struct'
3
+
4
+ require 'net/ssh/errors'
5
+
6
+ module Net; module SSH; module Authentication
7
+
8
+ # This module encapsulates the implementation of a socket factory that
9
+ # uses the PuTTY "pageant" utility to obtain information about SSH
10
+ # identities.
11
+ #
12
+ # This code is a slightly modified version of the original implementation
13
+ # by Guillaume Mar�ais (guillaume.marcais@free.fr). It is used and
14
+ # relicensed by permission.
15
+ module Pageant
16
+
17
+ # From Putty pageant.c
18
+ AGENT_MAX_MSGLEN = 8192
19
+ AGENT_COPYDATA_ID = 0x804e50ba
20
+
21
+ # The definition of the Windows methods and data structures used in
22
+ # communicating with the pageant process.
23
+ module Win
24
+ extend DL::Importable
25
+
26
+ dlload 'user32'
27
+ dlload 'kernel32'
28
+
29
+ typealias("LPCTSTR", "char *") # From winnt.h
30
+ typealias("LPVOID", "void *") # From winnt.h
31
+ typealias("LPCVOID", "const void *") # From windef.h
32
+ typealias("LRESULT", "long") # From windef.h
33
+ typealias("WPARAM", "unsigned int *") # From windef.h
34
+ typealias("LPARAM", "long *") # From windef.h
35
+ typealias("PDWORD_PTR", "long *") # From basetsd.h
36
+
37
+ # From winbase.h, winnt.h
38
+ INVALID_HANDLE_VALUE = -1
39
+ NULL = nil
40
+ PAGE_READWRITE = 0x0004
41
+ FILE_MAP_WRITE = 2
42
+ WM_COPYDATA = 74
43
+
44
+ SMTO_NORMAL = 0 # From winuser.h
45
+
46
+ # args: lpClassName, lpWindowName
47
+ extern 'HWND FindWindow(LPCTSTR, LPCTSTR)'
48
+
49
+ # args: none
50
+ extern 'DWORD GetCurrentThreadId()'
51
+
52
+ # args: hFile, (ignored), flProtect, dwMaximumSizeHigh,
53
+ # dwMaximumSizeLow, lpName
54
+ extern 'HANDLE CreateFileMapping(HANDLE, void *, DWORD, DWORD, ' +
55
+ 'DWORD, LPCTSTR)'
56
+
57
+ # args: hFileMappingObject, dwDesiredAccess, dwFileOffsetHigh,
58
+ # dwfileOffsetLow, dwNumberOfBytesToMap
59
+ extern 'LPVOID MapViewOfFile(HANDLE, DWORD, DWORD, DWORD, DWORD)'
60
+
61
+ # args: lpBaseAddress
62
+ extern 'BOOL UnmapViewOfFile(LPCVOID)'
63
+
64
+ # args: hObject
65
+ extern 'BOOL CloseHandle(HANDLE)'
66
+
67
+ # args: hWnd, Msg, wParam, lParam, fuFlags, uTimeout, lpdwResult
68
+ extern 'LRESULT SendMessageTimeout(HWND, UINT, WPARAM, LPARAM, ' +
69
+ 'UINT, UINT, PDWORD_PTR)'
70
+ end
71
+
72
+ # This is the pseudo-socket implementation that mimics the interface of
73
+ # a socket, translating each request into a Windows messaging call to
74
+ # the pageant daemon. This allows pageant support to be implemented
75
+ # simply by replacing the socket factory used by the Agent class.
76
+ class Socket
77
+
78
+ private_class_method :new
79
+
80
+ # The factory method for creating a new Socket instance. The location
81
+ # parameter is ignored, and is only needed for compatibility with
82
+ # the general Socket interface.
83
+ def self.open(location=nil)
84
+ new
85
+ end
86
+
87
+ # Create a new instance that communicates with the running pageant
88
+ # instance. If no such instance is running, this will cause an error.
89
+ def initialize
90
+ @win = Win.findWindow("Pageant", "Pageant")
91
+
92
+ if @win == 0
93
+ raise Net::SSH::Exception,
94
+ "pageant process not running"
95
+ end
96
+
97
+ @res = nil
98
+ @pos = 0
99
+ end
100
+
101
+ # Forwards the data to #send_query, ignoring any arguments after
102
+ # the first. Returns 0.
103
+ def send(data, *args)
104
+ @res = send_query(data)
105
+ @pos = 0
106
+ end
107
+
108
+ # Packages the given query string and sends it to the pageant
109
+ # process via the Windows messaging subsystem. The result is
110
+ # cached, to be returned piece-wise when #read is called.
111
+ def send_query(query)
112
+ res = nil
113
+ filemap = 0
114
+ ptr = nil
115
+ id = DL::PtrData.malloc(DL.sizeof("L"))
116
+
117
+ mapname = "PageantRequest%08x\000" % Win.getCurrentThreadId()
118
+ filemap = Win.createFileMapping(Win::INVALID_HANDLE_VALUE,
119
+ Win::NULL,
120
+ Win::PAGE_READWRITE, 0,
121
+ AGENT_MAX_MSGLEN, mapname)
122
+ if filemap == 0
123
+ raise Net::SSH::Exception,
124
+ "Creation of file mapping failed"
125
+ end
126
+
127
+ ptr = Win.mapViewOfFile(filemap, Win::FILE_MAP_WRITE, 0, 0,
128
+ AGENT_MAX_MSGLEN)
129
+
130
+ if ptr.nil? || ptr.null?
131
+ raise Net::SSH::Exception, "Mapping of file failed"
132
+ end
133
+
134
+ ptr[0] = query
135
+
136
+ cds = [AGENT_COPYDATA_ID, mapname.size + 1, mapname].
137
+ pack("LLp").to_ptr
138
+ succ = Win.sendMessageTimeout(@win, Win::WM_COPYDATA, Win::NULL,
139
+ cds, Win::SMTO_NORMAL, 5000, id)
140
+
141
+ if succ > 0
142
+ retlen = 4 + ptr.to_s(4).unpack("N")[0]
143
+ res = ptr.to_s(retlen)
144
+ end
145
+
146
+ return res
147
+ ensure
148
+ Win.unmapViewOfFile(ptr) unless ptr.nil? || ptr.null?
149
+ Win.closeHandle(filemap) if filemap != 0
150
+ end
151
+
152
+ # Conceptually close the socket. This doesn't really do anthing
153
+ # significant, but merely complies with the Socket interface.
154
+ def close
155
+ @res = nil
156
+ @pos = 0
157
+ end
158
+
159
+ # Conceptually asks if the socket is closed. As with #close,
160
+ # this doesn't really do anything significant, but merely
161
+ # complies with the Socket interface.
162
+ def closed?
163
+ @res.nil? && @pos.zero?
164
+ end
165
+
166
+ # Reads +n+ bytes from the cached result of the last query. If +n+
167
+ # is +nil+, returns all remaining data from the last query.
168
+ def read(n = nil)
169
+ return nil unless @res
170
+ if n.nil?
171
+ start, @pos = @pos, @res.size
172
+ return @res[start..-1]
173
+ else
174
+ start, @pos = @pos, @pos + n
175
+ return @res[start, n]
176
+ end
177
+ end
178
+
179
+ end
180
+
181
+ end
182
+
183
+ end; end; end