diff options
author | Matt Whiteley <mwhiteley@fastly.com> | 2017-09-06 09:38:34 -0700 |
---|---|---|
committer | Matt Whiteley <mwhiteley@fastly.com> | 2017-09-06 13:05:58 -0700 |
commit | 5711bdff067711b03d5fa385b558e7782275364b (patch) | |
tree | 171f7600a4b5d3007ec73a5625bf5f0cb7da566b /lib | |
parent | 283d9877cb82722c9cb5d59d6c6975925d5370f7 (diff) | |
download | mixlib-authentication-5711bdff067711b03d5fa385b558e7782275364b.tar.gz |
make net-ssh optional
Signed-off-by: Matt Whiteley <mwhiteley@fastly.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/mixlib/authentication/signedheaderauth.rb | 37 |
1 files changed, 22 insertions, 15 deletions
diff --git a/lib/mixlib/authentication/signedheaderauth.rb b/lib/mixlib/authentication/signedheaderauth.rb index 4a19092..8ca2230 100644 --- a/lib/mixlib/authentication/signedheaderauth.rb +++ b/lib/mixlib/authentication/signedheaderauth.rb @@ -22,7 +22,6 @@ require "base64" require "openssl/digest" require "mixlib/authentication" require "mixlib/authentication/digester" -require "net/ssh" module Mixlib module Authentication @@ -257,26 +256,34 @@ module Mixlib if keypair.private? keypair.sign(digest.new, string_to_sign) else - Mixlib::Authentication::Log.debug "No private key supplied, attempt to sign with ssh-agent." - begin - agent = Net::SSH::Authentication::Agent.connect - rescue => e - raise AuthenticationError, "Could not connect to ssh-agent. Make sure the SSH_AUTH_SOCK environment variable is set properly! (#{e.class.name}: #{e.message})" - end - begin - ssh2_signature = agent.sign(keypair.public_key, string_to_sign, Net::SSH::Authentication::Agent::SSH_AGENT_RSA_SHA2_256) - rescue => e - raise AuthenticationError, "Ssh-agent could not sign your request. Make sure your key is loaded with ssh-add! (#{e.class.name}: #{e.message})" - end - # extract signature from SSH Agent response => skip first 15 bytes for RSA keys - # (see http://api.libssh.org/rfc/PROTOCOL.agent for details) - ssh2_signature[20..-1] + Mixlib::Authentication.logger.debug "No private key supplied, will attempt to sign with ssh-agent." + do_sign_ssh_agent(keypair, string_to_sign) end else keypair.private_encrypt(string_to_sign) end end + def do_sign_ssh_agent(keypair, string_to_sign) + begin + require "net/ssh" + agent = Net::SSH::Authentication::Agent.connect + rescue LoadError + raise AuthenticationError, "net-ssh is not available, unable to sign with ssh-agent and no private key supplied." + rescue => e + raise AuthenticationError, "Could not connect to ssh-agent. Make sure the SSH_AUTH_SOCK environment variable is set properly! (#{e.class.name}: #{e.message})" + end + + begin + ssh2_signature = agent.sign(keypair.public_key, string_to_sign, Net::SSH::Authentication::Agent::SSH_AGENT_RSA_SHA2_256) + rescue => e + raise AuthenticationError, "Unable to sign request with ssh-agent. Make sure your key is loaded with ssh-add! (#{e.class.name}: #{e.message})" + end + # extract signature from SSH Agent response => skip first 15 bytes for RSA keys + # (see http://api.libssh.org/rfc/PROTOCOL.agent for details) + ssh2_signature[20..-1] + end + private :canonical_time, :canonical_path, :parse_signing_description, :digester, :canonicalize_user_id end |