Merge branch '281_ssh_config_bugfix' of github.com:mfazekas/net-ssh into mfazekas-281_ssh_config_bugfixmfazekas-281_ssh_config_bugfix

3 files changed, 52 insertions, 9 deletions

diff --git a/lib/net/ssh/config.rb b/lib/net/ssh/config.rb
index 137897c..fb605b2 100644
--- a/lib/net/ssh/config.rb
+++ b/lib/net/ssh/config.rb
@@ -8,7 +8,8 @@ module Net; module SSH
   #
   # Only a subset of OpenSSH configuration options are understood:
   #
-  # * ChallengeResponseAuthentication => maps to the :auth_methods option
+  # * ChallengeResponseAuthentication => maps to the :auth_methods option challenge-response (then coleasced into keyboard-interactive)
+  # * KbdInteractiveAuthentication => maps to the :auth_methods keyboard-interactive
   # * Ciphers => maps to the :encryption option
   # * Compression => :compression
   # * CompressionLevel => :compression_level
@@ -22,7 +23,7 @@ module Net; module SSH
   # * IdentityFile => maps to the :keys option
   # * IdentitiesOnly => :keys_only
   # * Macs => maps to the :hmac option
-  # * PasswordAuthentication => maps to the :auth_methods option
+  # * PasswordAuthentication => maps to the :auth_methods option password
   # * Port => :port
   # * PreferredAuthentications => maps to the :auth_methods option
   # * ProxyCommand => maps to the :proxy option
@@ -73,8 +74,6 @@ module Net; module SSH
         file = File.expand_path(path)
         return settings unless File.readable?(file)
 
-        settings[:auth_methods] ||= default_auth_methods.clone
-
         globals = {}
         matched_host = nil
         multi_host = []
@@ -133,7 +132,9 @@ module Net; module SSH
       # +settings+ hash must have Strings for keys, all downcased, and
       # the returned hash will have Symbols for keys.
       def translate(settings)
-        settings.inject({:auth_methods=>default_auth_methods.clone}) do |hash, (key, value)|
+        auth_methods = default_auth_methods.clone
+        (auth_methods << 'challenge-response').uniq!
+        ret = settings.inject({:auth_methods=>auth_methods}) do |hash, (key, value)|
           case key
           when 'bindaddress' then
             hash[:bind_address] = value
@@ -175,6 +176,12 @@ module Net; module SSH
             end
           when 'challengeresponseauthentication'
             if value
+              (hash[:auth_methods] << 'challenge-response').uniq!
+            else
+              hash[:auth_methods].delete('challenge-response')
+            end
+          when 'kbdinteractiveauthentication'
+            if value
               (hash[:auth_methods] << 'keyboard-interactive').uniq!
             else
               hash[:auth_methods].delete('keyboard-interactive')
@@ -182,7 +189,7 @@ module Net; module SSH
           when 'port'
             hash[:port] = value
           when 'preferredauthentications'
-            hash[:auth_methods] = value.split(/,/)
+            hash[:auth_methods] = value.split(/,/) # TODO we should place to preferred_auth_methods rather than auth_methods
           when 'proxycommand'
             if value and !(value =~ /^none$/)
               require 'net/ssh/proxy/command'
@@ -206,6 +213,7 @@ module Net; module SSH
           end
           hash
         end
+        merge_challenge_response_with_keyboard_interactive(ret)
       end
 
       private
@@ -229,6 +237,14 @@ module Net; module SSH
           else size.to_i
           end
         end
+        
+        def merge_challenge_response_with_keyboard_interactive(hash)
+          if hash[:auth_methods].include?('challenge-response')
+            hash[:auth_methods].delete('challenge-response')
+            (hash[:auth_methods] << 'keyboard-interactive').uniq!
+          end
+          hash
+        end
     end
   end
 
diff --git a/test/configs/auth_off b/test/configs/auth_off
index 6b1b6ef..cf13bd5 100644
--- a/test/configs/auth_off
+++ b/test/configs/auth_off
@@ -1,4 +1,5 @@
 HostBasedAuthentication no
 PasswordAuthentication no
 PubKeyAuthentication no
-ChallengeResponseAuthentication no
\ No newline at end of file
+ChallengeResponseAuthentication no
+KbdInteractiveAuthentication no
diff --git a/test/test_config.rb b/test/test_config.rb
index cb462de..761299d 100644
--- a/test/test_config.rb
+++ b/test/test_config.rb
@@ -112,7 +112,8 @@ class TestConfig < Test::Unit::TestCase
       'hostbasedauthentication'         => false,
       'passwordauthentication'          => false,
       'pubkeyauthentication'            => false,
-      'challengeresponseauthentication' => false
+      'challengeresponseauthentication' => false,
+      'kbdinteractiveauthentication'    => false
     }
 
     net_ssh = Net::SSH::Config.translate(open_ssh)
@@ -125,7 +126,8 @@ class TestConfig < Test::Unit::TestCase
       'hostbasedauthentication'         => true,
       'passwordauthentication'          => true,
       'pubkeyauthentication'            => true,
-      'challengeresponseauthentication' => true
+      'challengeresponseauthentication' => true,
+      'kbdinteractiveauthentication'    => true
     }
 
     net_ssh = Net::SSH::Config.translate(open_ssh)
@@ -133,6 +135,30 @@ class TestConfig < Test::Unit::TestCase
     assert_equal %w(hostbased keyboard-interactive none password publickey), net_ssh[:auth_methods].sort
   end
 
+  def test_translate_should_not_disable_keyboard_interactive_when_challange_or_keyboardinterective_is_on
+    open_ssh = {
+      'kbdinteractiveauthentication' => false
+    }
+    net_ssh = Net::SSH::Config.translate(open_ssh)
+    assert_equal %w(keyboard-interactive none password publickey), net_ssh[:auth_methods].sort
+
+    open_ssh = {
+      'challengeresponseauthentication' => false
+    }
+    net_ssh = Net::SSH::Config.translate(open_ssh)
+    assert_equal %w(keyboard-interactive none password publickey), net_ssh[:auth_methods].sort
+  end
+  
+  def test_should_ddisable_keyboard_interactive_when_challeng_and_keyboardinteractive_is_off
+    open_ssh = {
+      'challengeresponseauthentication' => false,
+      'kbdinteractiveauthentication' => false
+    }
+
+    net_ssh = Net::SSH::Config.translate(open_ssh)
+    assert_equal %w(none password publickey), net_ssh[:auth_methods].sort
+  end
+
   def test_for_should_turn_off_authentication_methods
     config = Net::SSH::Config.for("test.host", [config(:empty), config(:auth_off), config(:auth_on)])
     assert_equal %w(none), config[:auth_methods].sort