diff options
| author | Miklos Fazekas <mfazekas@szemafor.com> | 2018-03-21 16:09:10 +0100 |
|---|---|---|
| committer | Miklos Fazekas <mfazekas@szemafor.com> | 2018-03-21 16:09:18 +0100 |
| commit | 069c2e5c1036445d924d3a00a17111322473765a (patch) | |
| tree | defc9c72322b151ccdd9dafad7e24a19ef71405c | |
| parent | 8f545802bbf05931dfcb46434a54c1fdfdfb7fb4 (diff) | |
| download | net-ssh-whitespace-fixes.tar.gz | |
Whitespace fixeswhitespace-fixes
85 files changed, 561 insertions, 431 deletions
diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index c549c7f..f8a993f 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -19,8 +19,8 @@ Lint/EmptyWhen: Exclude: - 'lib/net/ssh/config.rb' -Layout/EndAlignment: - Enabled: false +# Layout/EndAlignment: +# Enabled: false # Offense count: 23 # Configuration parameters: MinNameLength, AllowNamesEndingInNumbers, AllowedNames, ForbiddenNames. diff --git a/CHANGES.txt b/CHANGES.txt index ab6a889..aec012a 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,3 +1,9 @@ +=== 5.0.0 + * Breaking change: ed25519 now requires ed25519 gem instead of RbNaCl gem [#563] + +=== 5.0.0.beta2 + * Support for sha256 pubkey fingerprint [Tom Maher, #585] + === 5.0.0.beta1 * Don't leave proxy command as zombie on timeout [DimitriosLisenko, #560] diff --git a/lib/net/ssh.rb b/lib/net/ssh.rb index 1440035..00425ae 100644 --- a/lib/net/ssh.rb +++ b/lib/net/ssh.rb @@ -231,7 +231,7 @@ module Net when :error then Logger::ERROR when :fatal then Logger::FATAL else raise ArgumentError, "can't convert #{options[:verbose].inspect} to any of the Logger level constants" - end + end end transport = Transport::Session.new(host, options) @@ -269,7 +269,7 @@ module Net when true then Net::SSH::Config.expandable_default_files when false, nil then return {} else Array(use_ssh_config) - end + end Net::SSH::Config.for(host, files) end diff --git a/lib/net/ssh/authentication/agent.rb b/lib/net/ssh/authentication/agent.rb index 08bbc60..6ba1730 100644 --- a/lib/net/ssh/authentication/agent.rb +++ b/lib/net/ssh/authentication/agent.rb @@ -8,8 +8,8 @@ require 'rubygems' require 'net/ssh/authentication/pageant' if Gem.win_platform? && RUBY_PLATFORM != "java" -module Net - module SSH +module Net + module SSH module Authentication # Class for representing agent-specific errors. class AgentError < Net::SSH::Exception; end @@ -24,13 +24,13 @@ module Net # some SSH2 functionality (like signing data). class Agent include Loggable - + # A simple module for extending keys, to allow comments to be specified # for them. module Comment attr_accessor :comment end - + SSH2_AGENT_REQUEST_VERSION = 1 SSH2_AGENT_REQUEST_IDENTITIES = 11 SSH2_AGENT_IDENTITIES_ANSWER = 12 @@ -42,24 +42,24 @@ module Net SSH2_AGENT_ADD_ID_CONSTRAINED = 25 SSH2_AGENT_FAILURE = 30 SSH2_AGENT_VERSION_RESPONSE = 103 - + SSH_COM_AGENT2_FAILURE = 102 - + SSH_AGENT_REQUEST_RSA_IDENTITIES = 1 SSH_AGENT_RSA_IDENTITIES_ANSWER1 = 2 SSH_AGENT_RSA_IDENTITIES_ANSWER2 = 5 SSH_AGENT_FAILURE = 5 SSH_AGENT_SUCCESS = 6 - + SSH_AGENT_CONSTRAIN_LIFETIME = 1 SSH_AGENT_CONSTRAIN_CONFIRM = 2 - + SSH_AGENT_RSA_SHA2_256 = 0x02 SSH_AGENT_RSA_SHA2_512 = 0x04 - + # The underlying socket being used to communicate with the SSH agent. attr_reader :socket - + # Instantiates a new agent object, connects to a running SSH agent, # negotiates the agent protocol version, and returns the agent object. def self.connect(logger=nil, agent_socket_factory = nil) @@ -68,13 +68,13 @@ module Net agent.negotiate! agent end - + # Creates a new Agent object, using the optional logger instance to # report status. def initialize(logger=nil) self.logger = logger end - + # Connect to the agent process using the socket factory and socket name # given by the attribute writers. If the agent on the other end of the # socket reports that it is an SSH2-compatible agent, this will fail @@ -95,13 +95,13 @@ module Net error { "could not connect to ssh-agent: #{e.message}" } raise AgentNotAvailable, $!.message end - + # Attempts to negotiate the SSH agent protocol version. Raises an error # if the version could not be negotiated successfully. def negotiate! # determine what type of agent we're communicating with type, body = send_and_wait(SSH2_AGENT_REQUEST_VERSION, :string, Transport::ServerVersion::PROTO_VERSION) - + raise AgentNotAvailable, "SSH2 agents are not yet supported" if type == SSH2_AGENT_VERSION_RESPONSE if type == SSH2_AGENT_FAILURE debug { "Unexpected response type==#{type}, this will be ignored" } @@ -109,7 +109,7 @@ module Net raise AgentNotAvailable, "unknown response from agent: #{type}, #{body.to_s.inspect}" end end - + # Return an array of all identities (public keys) known to the agent. # Each key returned is augmented with a +comment+ property which is set # to the comment returned by the agent for that key. @@ -117,7 +117,7 @@ module Net type, body = send_and_wait(SSH2_AGENT_REQUEST_IDENTITIES) raise AgentError, "could not get identity count" if agent_failed(type) raise AgentError, "bad authentication reply: #{type}" if type != SSH2_AGENT_IDENTITIES_ANSWER - + identities = [] body.read_long.times do key_str = body.read_string @@ -131,27 +131,27 @@ module Net error { "ignoring unimplemented key:#{e.message} #{comment_str}" } end end - + return identities end - + # Closes this socket. This agent reference is no longer able to # query the agent. def close @socket.close end - + # Using the agent and the given public key, sign the given data. The # signature is returned in SSH2 format. def sign(key, data, flags = 0) type, reply = send_and_wait(SSH2_AGENT_SIGN_REQUEST, :string, Buffer.from(:key, key), :string, data, :long, flags) - + raise AgentError, "agent could not sign data with requested identity" if agent_failed(type) raise AgentError, "bad authentication response #{type}" if type != SSH2_AGENT_SIGN_RESPONSE - + return reply.read_string end - + # Adds the private key with comment to the agent. # If lifetime is given, the key will automatically be removed after lifetime # seconds. @@ -164,31 +164,31 @@ module Net constraints.write_long(lifetime) end constraints.write_byte(SSH_AGENT_CONSTRAIN_CONFIRM) if confirm - + req_type = constraints.empty? ? SSH2_AGENT_ADD_IDENTITY : SSH2_AGENT_ADD_ID_CONSTRAINED type, = send_and_wait(req_type, :string, priv_key.ssh_type, :raw, blob_for_add(priv_key), :string, comment, :raw, constraints) raise AgentError, "could not add identity to agent" if type != SSH_AGENT_SUCCESS end - + # Removes key from the agent. def remove_identity(key) type, = send_and_wait(SSH2_AGENT_REMOVE_IDENTITY, :string, key.to_blob) raise AgentError, "could not remove identity from agent" if type != SSH_AGENT_SUCCESS end - + # Removes all identities from the agent. def remove_all_identities type, = send_and_wait(SSH2_AGENT_REMOVE_ALL_IDENTITIES) raise AgentError, "could not remove all identity from agent" if type != SSH_AGENT_SUCCESS end - + private - + def unix_socket_class defined?(UNIXSocket) && UNIXSocket end - + # Send a new packet of the given type, with the associated data. def send_packet(type, *args) buffer = Buffer.from(*args) @@ -196,7 +196,7 @@ module Net debug { "sending agent request #{type} len #{buffer.length}" } @socket.send data, 0 end - + # Read the next packet from the agent. This will return a two-part # tuple consisting of the packet type, and the packet's body (which # is returned as a Net::SSH::Buffer). @@ -207,14 +207,14 @@ module Net debug { "received agent packet #{type} len #{buffer.length - 4}" } return type, buffer end - + # Send the given packet and return the subsequent reply from the agent. # (See #send_packet and #read_packet). def send_and_wait(type, *args) send_packet(type, *args) read_packet end - + # Returns +true+ if the parameter indicates a "failure" response from # the agent, and +false+ otherwise. def agent_failed(type) @@ -222,7 +222,7 @@ module Net type == SSH2_AGENT_FAILURE || type == SSH_COM_AGENT2_FAILURE end - + def blob_for_add(priv_key) # Ideally we'd have something like `to_private_blob` on the various key types, but the # nuances with encoding (e.g. `n` and `e` are reversed for RSA keys) make this impractical. @@ -257,5 +257,6 @@ module Net end end end - -end; end; end + end + end +end diff --git a/lib/net/ssh/authentication/certificate.rb b/lib/net/ssh/authentication/certificate.rb index cfd8c4e..ecf5df8 100644 --- a/lib/net/ssh/authentication/certificate.rb +++ b/lib/net/ssh/authentication/certificate.rb @@ -1,7 +1,7 @@ require 'securerandom' -module Net - module SSH +module Net + module SSH module Authentication # Class for representing an SSH certificate. # @@ -20,7 +20,7 @@ module Net attr_accessor :reserved attr_accessor :signature_key attr_accessor :signature - + # Read a certificate blob associated with a key of the given type. def self.read_certblob(buffer, type) cert = Certificate.new @@ -39,15 +39,15 @@ module Net cert.signature = buffer.read_string cert end - + def ssh_type key.ssh_type + "-cert-v01@openssh.com" end - + def ssh_signature_type key.ssh_type end - + # Serializes the certificate (and key). def to_blob Buffer.from( @@ -55,23 +55,23 @@ module Net :string, signature ).to_s end - + def ssh_do_sign(data) key.ssh_do_sign(data) end - + def ssh_do_verify(sig, data) key.ssh_do_verify(sig, data) end - + def to_pem key.to_pem end - + def fingerprint key.fingerprint end - + # Signs the certificate with key. def sign!(key, sign_nonce=nil) # ssh-keygen uses 32 bytes of nonce. @@ -83,19 +83,19 @@ module Net ).to_s self end - + def sign(key, sign_nonce=nil) cert = clone cert.sign!(key, sign_nonce) end - + # Checks whether the certificate's signature was signed by signature key. def signature_valid? buffer = Buffer.new(signature) buffer.read_string # skip signature format signature_key.ssh_do_verify(buffer.read_string, to_blob_without_signature) end - + def self.read_options(buffer) names = [] options = buffer.read_buffer.read_all do |b| @@ -105,33 +105,33 @@ module Net data = Buffer.new(data).read_string unless data.empty? [name, data] end - + raise ArgumentError, "option/extension names must be in sorted order" if names.sort != names - + Hash[options] end private_class_method :read_options - + def self.type_symbol(type) types = { 1 => :user, 2 => :host } raise ArgumentError("unsupported type: #{type}") unless types.include?(type) types.fetch(type) end private_class_method :type_symbol - + private - + def type_value(type) types = { user: 1, host: 2 } raise ArgumentError("unsupported type: #{type}") unless types.include?(type) types.fetch(type) end - + def ssh_time(t) # Times in certificates are represented as a uint64. [[t.to_i, 0].max, 2 << 64 - 1].min end - + def to_blob_without_signature Buffer.from( :string, ssh_type, @@ -149,14 +149,14 @@ module Net :string, signature_key.to_blob ).to_s end - + def key_without_type # key.to_blob gives us e.g. "ssh-rsa,<key>" but we just want "<key>". tmp = Buffer.new(key.to_blob) tmp.read_string # skip the underlying key type tmp.read end - + def options_to_blob(options) options.keys.sort.inject(Buffer.new) do |b, name| b.write_string(name) @@ -166,4 +166,6 @@ module Net end.to_s end end -end; end; end + end + end +end diff --git a/lib/net/ssh/authentication/constants.rb b/lib/net/ssh/authentication/constants.rb index d4a12e0..d0b88b0 100644 --- a/lib/net/ssh/authentication/constants.rb +++ b/lib/net/ssh/authentication/constants.rb @@ -1,5 +1,5 @@ -module Net - module SSH +module Net + module SSH module Authentication # Describes the constants used by the Net::SSH::Authentication components @@ -10,11 +10,12 @@ module Net USERAUTH_FAILURE = 51 USERAUTH_SUCCESS = 52 USERAUTH_BANNER = 53 - + USERAUTH_PASSWD_CHANGEREQ = 60 USERAUTH_PK_OK = 60 - + USERAUTH_METHOD_RANGE = 60..79 end - -end; end; end
\ No newline at end of file + end + end +end diff --git a/lib/net/ssh/authentication/ed25519.rb b/lib/net/ssh/authentication/ed25519.rb index 2f98fa1..3ab10b9 100644 --- a/lib/net/ssh/authentication/ed25519.rb +++ b/lib/net/ssh/authentication/ed25519.rb @@ -147,4 +147,6 @@ module Net end end end -end; end; end + end + end +end diff --git a/lib/net/ssh/authentication/ed25519_loader.rb b/lib/net/ssh/authentication/ed25519_loader.rb index 0e0cf30..8390f59 100644 --- a/lib/net/ssh/authentication/ed25519_loader.rb +++ b/lib/net/ssh/authentication/ed25519_loader.rb @@ -29,4 +29,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/authentication/methods/abstract.rb b/lib/net/ssh/authentication/methods/abstract.rb index 2da2eba..bcddd4f 100644 --- a/lib/net/ssh/authentication/methods/abstract.rb +++ b/lib/net/ssh/authentication/methods/abstract.rb @@ -3,9 +3,9 @@ require 'net/ssh/errors' require 'net/ssh/loggable' require 'net/ssh/authentication/constants' -module Net - module SSH - module Authentication +module Net + module SSH + module Authentication module Methods # The base class of all user authentication methods. It provides a few @@ -13,14 +13,14 @@ module Net class Abstract include Loggable include Constants - + # The authentication session object attr_reader :session - + # The key manager object. Not all authentication methods will require # this. attr_reader :key_manager - + # Instantiates a new authentication method. def initialize(session, options={}) @session = session @@ -29,26 +29,26 @@ module Net @prompt = options[:password_prompt] self.logger = session.logger end - + # Returns the session-id, as generated during the first key exchange of # an SSH connection. def session_id session.transport.algorithms.session_id end - + # Sends a message via the underlying transport layer abstraction. This # will block until the message is completely sent. def send_message(msg) session.transport.send_message(msg) end - + # Creates a new USERAUTH_REQUEST packet. The extra arguments on the end # must be either boolean values or strings, and are tacked onto the end # of the packet. The new packet is returned, ready for sending. def userauth_request(username, next_service, auth_method, *others) buffer = Net::SSH::Buffer.from(:byte, USERAUTH_REQUEST, :string, username, :string, next_service, :string, auth_method) - + others.each do |value| case value when true, false then buffer.write_bool(value) @@ -56,13 +56,15 @@ module Net else raise ArgumentError, "don't know how to write #{value.inspect}" end end - + buffer end - + private - + attr_reader :prompt end - -end; end; end; end
\ No newline at end of file + end + end + end +end diff --git a/lib/net/ssh/authentication/pageant.rb b/lib/net/ssh/authentication/pageant.rb index 3804afa..48dd3ab 100644 --- a/lib/net/ssh/authentication/pageant.rb +++ b/lib/net/ssh/authentication/pageant.rb @@ -492,4 +492,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/authentication/session.rb b/lib/net/ssh/authentication/session.rb index b52ce26..9724d8b 100644 --- a/lib/net/ssh/authentication/session.rb +++ b/lib/net/ssh/authentication/session.rb @@ -155,4 +155,6 @@ module Net Array(options[:key_data]) end end -end; end; end + end + end +end diff --git a/lib/net/ssh/buffer.rb b/lib/net/ssh/buffer.rb index df91591..8bdf65a 100644 --- a/lib/net/ssh/buffer.rb +++ b/lib/net/ssh/buffer.rb @@ -166,7 +166,7 @@ module Net when String then pattern.length when Integer then 1 when Regexp then $&.length - end + end index && read(index + length) end @@ -394,4 +394,5 @@ module Net self end end -end; end; + end +end; diff --git a/lib/net/ssh/buffered_io.rb b/lib/net/ssh/buffered_io.rb index 4547e56..a4864cc 100644 --- a/lib/net/ssh/buffered_io.rb +++ b/lib/net/ssh/buffered_io.rb @@ -200,4 +200,5 @@ module Net end end -end; end + end +end diff --git a/lib/net/ssh/config.rb b/lib/net/ssh/config.rb index 7e9456a..5689c74 100644 --- a/lib/net/ssh/config.rb +++ b/lib/net/ssh/config.rb @@ -1,4 +1,4 @@ -module Net +module Net module SSH # The Net::SSH::Config class is used to parse OpenSSH configuration files, @@ -46,17 +46,17 @@ module Net # "hostbased" is off and "none" is not supported but we allow it since # it's used by some clients to query the server for allowed auth methods @@default_auth_methods = %w[none publickey password keyboard-interactive] - + # Returns an array of locations of OpenSSH configuration files # to parse by default. def default_files @@default_files.clone end - + def default_auth_methods @@default_auth_methods.clone end - + # Loads the configuration data for the given +host+ from all of the # given +files+ (defaulting to the list of files returned by # #default_files), translates the resulting hash into the options @@ -66,7 +66,7 @@ module Net load(file, host, settings) }) end - + # Load the OpenSSH configuration settings in the given +file+ for the # given +host+. If +settings+ is given, the options are merged into # that hash, with existing values taking precedence over newly parsed @@ -77,47 +77,47 @@ module Net file = File.expand_path(path) base_dir ||= File.dirname(file) return settings unless File.readable?(file) - + globals = {} block_matched = false block_seen = false IO.foreach(file) do |line| next if line =~ /^\s*(?:#.*)?$/ - + if line =~ /^\s*(\S+)\s*=(.*)$/ key, value = $1, $2 else key, value = line.strip.split(/\s+/, 2) end - + # silently ignore malformed entries next if value.nil? - + key.downcase! value = $1 if value =~ /^"(.*)"$/ - + value = case value.strip when /^\d+$/ then value.to_i when /^no$/i then false when /^yes$/i then true else value - end - + end + if key == 'host' # Support "Host host1 host2 hostN". # See http://github.com/net-ssh/net-ssh/issues#issue/6 negative_hosts, positive_hosts = value.to_s.split(/\s+/).partition { |h| h.start_with?('!') } - + # Check for negative patterns first. If the host matches, that overrules any other positive match. # The host substring code is used to strip out the starting "!" so the regexp will be correct. negative_matched = negative_hosts.any? { |h| host =~ pattern2regex(h[1..-1]) } - + if negative_matched block_matched = false else block_matched = positive_hosts.any? { |h| host =~ pattern2regex(h) } end - + block_seen = true settings[key] = host elsif key == 'match' @@ -147,7 +147,7 @@ module Net end end end - + globals.merge(settings) do |key, oldval, newval| case key when 'identityfile' @@ -157,7 +157,7 @@ module Net end end end - + # Given a hash of OpenSSH configuration options, converts them into # a hash of Net::SSH options. Unrecognized options are ignored. The # +settings+ hash must have Strings for keys, all downcased, and @@ -170,7 +170,7 @@ module Net end merge_challenge_response_with_keyboard_interactive(ret) end - + # Filters default_files down to the files that are expandable. def expandable_default_files default_files.keep_if do |path| @@ -182,9 +182,9 @@ module Net end end end - + private - + def translate_config_key(hash, key, value, settings) rename = { bindaddress: :bind_address, @@ -271,7 +271,7 @@ module Net hash[rename[key]] = value end end - + # Converts an ssh_config pattern into a regex for matching against # host names. def pattern2regex(pattern) @@ -292,7 +292,7 @@ module Net end Regexp.new("^" + prefix + "$", true) end - + # Converts the given size into an integer number of bytes. def interpret_size(size) case size @@ -302,7 +302,7 @@ module Net else size.to_i end end - + def merge_challenge_response_with_keyboard_interactive(hash) if hash[:auth_methods].include?('challenge-response') hash[:auth_methods].delete('challenge-response') @@ -310,19 +310,19 @@ module Net end hash end - + def included_file_paths(base_dir, config_paths) tokenize_config_value(config_paths).flat_map do |path| Dir.glob(File.expand_path(path, base_dir)).select { |f| File.file?(f) } end end - + # Tokenize string into tokens. # A token is a word or a quoted sequence of words, separated by whitespaces. def tokenize_config_value(str) str.scan(/([^"\s]+)?(?:"([^"]+)")?\s*/).map(&:join) end - + def eval_match_condition(condition, host, settings) if condition.start_with?('!') negated = true @@ -330,17 +330,18 @@ module Net else negated = false end - + condition_met = case condition when 'all' true end - + # return false for unsupported conditions condition_met.nil? ? false : (negated ^ condition_met) end end end -end; end + end +end diff --git a/lib/net/ssh/connection/channel.rb b/lib/net/ssh/connection/channel.rb index 3867c9f..0ee83f8 100644 --- a/lib/net/ssh/connection/channel.rb +++ b/lib/net/ssh/connection/channel.rb @@ -672,4 +672,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/connection/constants.rb b/lib/net/ssh/connection/constants.rb index d96bc92..a2b0257 100644 --- a/lib/net/ssh/connection/constants.rb +++ b/lib/net/ssh/connection/constants.rb @@ -1,23 +1,23 @@ -module Net - module SSH +module Net + module SSH module Connection # Definitions of constants that are specific to the connection layer of the # SSH protocol. module Constants - + #-- # Connection protocol generic messages #++ - + GLOBAL_REQUEST = 80 REQUEST_SUCCESS = 81 REQUEST_FAILURE = 82 - + #-- # Channel related messages #++ - + CHANNEL_OPEN = 90 CHANNEL_OPEN_CONFIRMATION = 91 CHANNEL_OPEN_FAILURE = 92 @@ -29,7 +29,9 @@ module Net CHANNEL_REQUEST = 98 CHANNEL_SUCCESS = 99 CHANNEL_FAILURE = 100 - + end -end; end end
\ No newline at end of file + end + end +end diff --git a/lib/net/ssh/connection/event_loop.rb b/lib/net/ssh/connection/event_loop.rb index e160241..f7d174f 100644 --- a/lib/net/ssh/connection/event_loop.rb +++ b/lib/net/ssh/connection/event_loop.rb @@ -113,4 +113,6 @@ module Net session.ev_do_postprocess(!((readers.nil? || readers.empty?) && (writers.nil? || writers.empty?))) end end -end; end; end + end + end +end diff --git a/lib/net/ssh/connection/keepalive.rb b/lib/net/ssh/connection/keepalive.rb index 2672d0b..fb9be05 100644 --- a/lib/net/ssh/connection/keepalive.rb +++ b/lib/net/ssh/connection/keepalive.rb @@ -54,4 +54,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/connection/session.rb b/lib/net/ssh/connection/session.rb index 8419b1c..dd8bf5c 100644 --- a/lib/net/ssh/connection/session.rb +++ b/lib/net/ssh/connection/session.rb @@ -703,4 +703,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/connection/term.rb b/lib/net/ssh/connection/term.rb index 4820ef3..5b5a7de 100644 --- a/lib/net/ssh/connection/term.rb +++ b/lib/net/ssh/connection/term.rb @@ -177,4 +177,6 @@ module Net TTY_OP_OSPEED = 129 end -end; end; end + end + end +end diff --git a/lib/net/ssh/errors.rb b/lib/net/ssh/errors.rb index efd05fb..8fa8a4b 100644 --- a/lib/net/ssh/errors.rb +++ b/lib/net/ssh/errors.rb @@ -102,4 +102,5 @@ module Net # you want to proceed anyway, simply call the remember_host! method on the # exception, and then retry. class HostKeyUnknown < HostKeyError; end -end; end + end +end diff --git a/lib/net/ssh/key_factory.rb b/lib/net/ssh/key_factory.rb index bdfc37a..10a76b2 100644 --- a/lib/net/ssh/key_factory.rb +++ b/lib/net/ssh/key_factory.rb @@ -3,7 +3,7 @@ require 'net/ssh/prompt' require 'net/ssh/authentication/ed25519_loader' -module Net +module Net module SSH # A factory class for returning new Key classes. It is used for obtaining @@ -26,14 +26,14 @@ module Net MAP["ecdsa"] = OpenSSL::PKey::EC MAP["ed25519"] = Net::SSH::Authentication::ED25519::PrivKey if defined? Net::SSH::Authentication::ED25519 end - + class <<self # Fetch an OpenSSL key instance by its SSH name. It will be a new, # empty key of the given type. def get(name) MAP.fetch(name).new end - + # Loads a private key from a file. It will correctly determine # whether the file describes an RSA or DSA key, and will load it # appropriately. The new key is returned. If the key itself is @@ -43,7 +43,7 @@ module Net data = File.read(File.expand_path(filename)) load_data_private_key(data, passphrase, ask_passphrase, filename, prompt) end - + # Loads a private key. It will correctly determine # whether the file describes an RSA or DSA key, and will load it # appropriately. The new key is returned. If the key itself is @@ -51,10 +51,10 @@ module Net # prompted to enter their password unless passphrase works. def load_data_private_key(data, passphrase=nil, ask_passphrase=true, filename="", prompt=Prompt.default) key_read, error_classes = classify_key(data, filename) - + encrypted_key = data.match(/ENCRYPTED/) tries = 0 - + prompter = nil result = begin @@ -76,7 +76,7 @@ module Net prompter.success if prompter result end - + # Loads a public key from a file. It will correctly determine whether # the file describes an RSA or DSA key, and will load it # appropriately. The new public key is returned. @@ -84,28 +84,28 @@ module Net data = File.read(File.expand_path(filename)) load_data_public_key(data, filename) end - + # Loads a public key. It will correctly determine whether # the file describes an RSA or DSA key, and will load it # appropriately. The new public key is returned. def load_data_public_key(data, filename="") fields = data.split(/ /) - + blob = nil begin blob = fields.shift end while !blob.nil? && !/^(ssh-(rsa|dss|ed25519)|ecdsa-sha2-nistp\d+)(-cert-v01@openssh\.com)?$/.match(blob) blob = fields.shift - + raise Net::SSH::Exception, "public key at #{filename} is not valid" if blob.nil? - + blob = blob.unpack("m*").first reader = Net::SSH::Buffer.new(blob) reader.read_key or raise OpenSSL::PKey::PKeyError, "not a public key #{filename.inspect}" end - + private - + # Determine whether the file describes an RSA or DSA key, and return how load it # appropriately. def classify_key(data, filename) @@ -127,6 +127,6 @@ module Net end end end - end - -end; end + end + end +end diff --git a/lib/net/ssh/known_hosts.rb b/lib/net/ssh/known_hosts.rb index b262086..9fcb2c1 100644 --- a/lib/net/ssh/known_hosts.rb +++ b/lib/net/ssh/known_hosts.rb @@ -177,4 +177,5 @@ module Net end end end -end; end + end +end diff --git a/lib/net/ssh/loggable.rb b/lib/net/ssh/loggable.rb index 248e173..50b26bf 100644 --- a/lib/net/ssh/loggable.rb +++ b/lib/net/ssh/loggable.rb @@ -59,4 +59,5 @@ module Net @facility ||= self.class.name.gsub(/::/, ".").gsub(/([a-z])([A-Z])/, "\\1_\\2").downcase + "[%x]" % object_id end end -end; end
\ No newline at end of file + end +end
\ No newline at end of file diff --git a/lib/net/ssh/packet.rb b/lib/net/ssh/packet.rb index 89623c6..a379586 100644 --- a/lib/net/ssh/packet.rb +++ b/lib/net/ssh/packet.rb @@ -3,7 +3,7 @@ require 'net/ssh/transport/constants' require 'net/ssh/authentication/constants' require 'net/ssh/connection/constants' -module Net +module Net module SSH # A specialization of Buffer that knows the format of certain common @@ -22,7 +22,7 @@ module Net # never need to use this class directly. class Packet < Buffer @@types = {} - + # Register a new packet type that should be recognized and auto-parsed by # Net::SSH::Packet. Note that any packet type that is not preregistered # will not be autoparsed. @@ -35,17 +35,17 @@ module Net def self.register(type, *pairs) @@types[type] = pairs end - + include Connection::Constants include Authentication::Constants include Transport::Constants - + #-- # These are the recognized packet types. All other packet types will be # accepted, but not auto-parsed, requiring the client to parse the # fields using the methods provided by Net::SSH::Buffer. #++ - + register DISCONNECT, %i[reason_code long], %i[description string], %i[language string] register IGNORE, %i[data string] register UNIMPLEMENTED, %i[number long] @@ -65,10 +65,10 @@ module Net register CHANNEL_REQUEST, %i[local_id long], %i[request string], %i[want_reply bool], %i[request_data buffer] register CHANNEL_SUCCESS, %i[local_id long] register CHANNEL_FAILURE, %i[local_id long] - + # The (integer) type of this packet. attr_reader :type - + # Create a new packet from the given payload. This will automatically # parse the packet if it is one that has been previously registered with # Packet.register; otherwise, the packet will need to be manually parsed @@ -79,7 +79,7 @@ module Net @type = read_byte instantiate! end - + # Access one of the auto-parsed fields by name. Raises an error if no # element by the given name exists. def [](name) @@ -87,9 +87,9 @@ module Net raise ArgumentError, "no such element #{name}" unless @named_elements.key?(name) @named_elements[name] end - + private - + # Parse the packet's contents and assign the named elements, as described # by the registered format for the packet. def instantiate! @@ -98,8 +98,9 @@ module Net remainder_as_buffer else send("read_#{datatype}") - end + end end end end -end; end
\ No newline at end of file + end +end diff --git a/lib/net/ssh/prompt.rb b/lib/net/ssh/prompt.rb index f8207d3..bffe458 100644 --- a/lib/net/ssh/prompt.rb +++ b/lib/net/ssh/prompt.rb @@ -60,4 +60,5 @@ module Net end end -end; end + end +end diff --git a/lib/net/ssh/proxy/command.rb b/lib/net/ssh/proxy/command.rb index 0229ae7..02cf472 100644 --- a/lib/net/ssh/proxy/command.rb +++ b/lib/net/ssh/proxy/command.rb @@ -3,8 +3,8 @@ require 'rubygems' require 'net/ssh/proxy/errors' require 'net/ssh/ruby_compat' -module Net - module SSH +module Net + module SSH module Proxy # An implementation of a command proxy. To use it, instantiate it, @@ -20,13 +20,13 @@ module Net class Command # The command line template attr_reader :command_line_template - + # The command line for the session attr_reader :command_line - + # Timeout in seconds in open, defaults to 60 attr_accessor :timeout - + # Create a new socket factory that tunnels via a command executed # with the user's shell, which is composed from the given command # template. In the command template, `%h' will be substituted by @@ -36,7 +36,7 @@ module Net @command_line = nil @timeout = 60 end - + # Return a new socket connected to the given host and port via the # proxy that was requested when the socket factory was instantiated. def open(host, port, connection_options = nil) @@ -83,7 +83,7 @@ module Net def io.send(data, flag) syswrite(data) end - + def io.recv(size) sysread(size) end @@ -97,7 +97,7 @@ module Net end result end - + def io.recv(size) begin result = read_nonblock(size) @@ -113,11 +113,12 @@ module Net end io end - + def close_on_error(io) Process.kill('TERM', io.pid) Thread.new { io.close } end - end - -end; end; end + end + end + end +end diff --git a/lib/net/ssh/proxy/errors.rb b/lib/net/ssh/proxy/errors.rb index b7a3863..bbaf5dd 100644 --- a/lib/net/ssh/proxy/errors.rb +++ b/lib/net/ssh/proxy/errors.rb @@ -13,4 +13,6 @@ module Net # Used when the server doesn't recognize the user's credentials. class UnauthorizedError < Error; end -end; end; end + end + end +end diff --git a/lib/net/ssh/proxy/http.rb b/lib/net/ssh/proxy/http.rb index e6edb6f..92c75a7 100644 --- a/lib/net/ssh/proxy/http.rb +++ b/lib/net/ssh/proxy/http.rb @@ -94,4 +94,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/proxy/https.rb b/lib/net/ssh/proxy/https.rb index 9a7aacc..298d537 100644 --- a/lib/net/ssh/proxy/https.rb +++ b/lib/net/ssh/proxy/https.rb @@ -47,4 +47,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/proxy/jump.rb b/lib/net/ssh/proxy/jump.rb index 8723850..ab67e84 100644 --- a/lib/net/ssh/proxy/jump.rb +++ b/lib/net/ssh/proxy/jump.rb @@ -51,4 +51,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/service/forward.rb b/lib/net/ssh/service/forward.rb index 3ebaf6d..7e536e9 100644 --- a/lib/net/ssh/service/forward.rb +++ b/lib/net/ssh/service/forward.rb @@ -1,7 +1,7 @@ require 'net/ssh/loggable' -module Net - module SSH +module Net + module SSH module Service # This class implements various port forwarding services for use by @@ -12,14 +12,14 @@ module Net # ssh.forward.local(1234, "www.capify.org", 80) class Forward include Loggable - + # The underlying connection service instance that the port-forwarding # services employ. attr_reader :session - + # A simple class for representing a requested remote forwarded port. Remote = Struct.new(:host, :port) #:nodoc: - + # Instantiates a new Forward service instance atop the given connection # service session. This will register new channel open handlers to handle # the specialized channels that the SSH port forwarding protocols employ. @@ -30,12 +30,12 @@ module Net @local_forwarded_ports = {} @agent_forwarded = false @local_forwarded_sockets = {} - + session.on_open_channel('forwarded-tcpip', &method(:forwarded_tcpip)) session.on_open_channel('auth-agent', &method(:auth_agent_channel)) session.on_open_channel('auth-agent@openssh.com', &method(:auth_agent_channel)) end - + # Starts listening for connections on the local host, and forwards them # to the specified remote host/port via the SSH connection. This method # accepts either three or four arguments. When four arguments are given, @@ -59,9 +59,9 @@ module Net if args.length < 3 || args.length > 4 raise ArgumentError, "expected 3 or 4 parameters, got #{args.length}" end - + local_port_type = :long - + socket = begin if defined?(UNIXServer) and args.first.class == UNIXServer local_port_type = :string @@ -74,33 +74,33 @@ module Net TCPServer.new(bind_address, local_port) end end - + local_port = socket.addr[1] if local_port == 0 # ephemeral port was requested remote_host = args.shift remote_port = args.shift.to_i - + @local_forwarded_ports[[local_port, bind_address]] = socket - + session.listen_to(socket) do |server| client = server.accept debug { "received connection on #{socket}" } - + channel = session.open_channel("direct-tcpip", :string, remote_host, :long, remote_port, :string, bind_address, local_port_type, local_port) do |achannel| achannel.info { "direct channel established" } end - + prepare_client(client, channel, :local) - + channel.on_open_failed do |ch, code, description| channel.error { "could not establish direct channel: #{description} (#{code})" } session.stop_listening_to(channel[:socket]) channel[:socket].close end end - + local_port end - + # Terminates an active local forwarded port. # # ssh.forward.cancel_local(1234) @@ -111,7 +111,7 @@ module Net socket.close rescue nil session.stop_listening_to(socket) end - + # Returns a list of all active locally forwarded ports. The returned value # is an array of arrays, where each element is a two-element tuple # consisting of the local port and bind address corresponding to the @@ -119,7 +119,7 @@ module Net def active_locals @local_forwarded_ports.keys end - + # Starts listening for connections on the local host, and forwards them # to the specified remote socket via the SSH connection. This will # (re)create the local socket file. The remote server needs to have the @@ -129,32 +129,32 @@ module Net def local_socket(local_socket_path, remote_socket_path) File.delete(local_socket_path) if File.exist?(local_socket_path) socket = Socket.unix_server_socket(local_socket_path) - + @local_forwarded_sockets[local_socket_path] = socket - + session.listen_to(socket) do |server| client = server.accept[0] debug { "received connection on #{socket}" } - + channel = session.open_channel("direct-streamlocal@openssh.com", :string, remote_socket_path, :string, nil, :long, 0) do |achannel| achannel.info { "direct channel established" } end - + prepare_client(client, channel, :local) - + channel.on_open_failed do |ch, code, description| channel.error { "could not establish direct channel: #{description} (#{code})" } session.stop_listening_to(channel[:socket]) channel[:socket].close end end - + local_socket_path end - + # Terminates an active local forwarded socket. # # ssh.forward.cancel_local_socket('/tmp/foo.sock') @@ -164,13 +164,13 @@ module Net socket.close rescue nil session.stop_listening_to(socket) end - + # Returns a list of all active locally forwarded sockets. The returned value # is an array of Unix domain socket file paths. def active_local_sockets @local_forwarded_sockets.keys end - + # Requests that all connections on the given remote-port be forwarded via # the local host to the given port/host. The last argument describes the # bind address on the remote host, and defaults to 127.0.0.1. @@ -224,7 +224,7 @@ module Net else instruction = if block_given? yield :error - end + end unless instruction == :no_exception error { "remote forwarding request failed" } raise Net::SSH::Exception, "remote forwarding request failed" @@ -232,10 +232,10 @@ module Net end end end - + # an alias, for token backwards compatibility with the 1.x API alias :remote_to :remote - + # Requests that a remote forwarded port be cancelled. The remote forwarded # port on the remote host, bound to the given address on the remote host, # will be terminated, but not immediately. This method returns immediately @@ -257,14 +257,14 @@ module Net end end end - + # Returns all active forwarded remote ports. The returned value is an # array of two-element tuples, where the first element is the port on the # remote host and the second is the bind address. def active_remotes @remote_forwarded_ports.keys end - + # Returns all active remote forwarded ports and where they forward to. The # returned value is a hash from [<forwarding port on the local host>, <local forwarding address>] # to [<port on the remote host>, <remote bind address>]. @@ -273,7 +273,7 @@ module Net result[[local.port, local.host]] = remote end end - + # Enables SSH agent forwarding on the given channel. The forwarded agent # will remain active even after the channel closes--the channel is only # used as the transport for enabling the forwarded connection. You should @@ -290,7 +290,7 @@ module Net def agent(channel) return if @agent_forwarded @agent_forwarded = true - + channel.send_channel_request("auth-agent-req@openssh.com") do |achannel, success| if success debug { "authentication agent forwarding is active" } @@ -305,9 +305,9 @@ module Net end end end - + private - + # Perform setup operations that are common to all forwarded channels. # +client+ is a socket, +channel+ is the channel that was just created, # and +type+ is an arbitrary string describing the type of the channel. @@ -315,15 +315,15 @@ module Net client.extend(Net::SSH::BufferedIo) client.extend(Net::SSH::ForwardedBufferedIo) client.logger = logger - + session.listen_to(client) channel[:socket] = client - + channel.on_data do |ch, data| debug { "data:#{data.length} on #{type} forwarded channel" } ch[:socket].enqueue(data) end - + channel.on_eof do |ch| debug { "eof #{type} on #{type} forwarded channel" } begin @@ -341,13 +341,13 @@ module Net debug { "enotconn in on_eof => shallowing exception:#{e}" } end end - + channel.on_close do |ch| debug { "closing #{type} forwarded channel" } ch[:socket].close if !client.closed? session.stop_listening_to(ch[:socket]) end - + channel.on_process do |ch| if ch[:socket].closed? ch.info { "#{type} forwarded connection closed" } @@ -359,16 +359,16 @@ module Net end end end - + # not a real socket, so use a simpler behaviour def prepare_simple_client(client, channel, type) channel[:socket] = client - + channel.on_data do |ch, data| ch.debug { "data:#{data.length} on #{type} forwarded channel" } ch[:socket].send(data) end - + channel.on_process do |ch| data = ch[:socket].read(8192) if data @@ -377,7 +377,7 @@ module Net end end end - + # The callback used when a new "forwarded-tcpip" channel is requested # by the server. This will open a new socket to the host/port specified # when the forwarded connection was first requested. @@ -386,26 +386,26 @@ module Net connected_port = packet.read_long originator_address = packet.read_string originator_port = packet.read_long - + remote = @remote_forwarded_ports[[connected_port, connected_address]] - + if remote.nil? raise Net::SSH::ChannelOpenFailed.new(1, "unknown request from remote forwarded connection on #{connected_address}:#{connected_port}") end - + client = TCPSocket.new(remote.host, remote.port) info { "connected #{connected_address}:#{connected_port} originator #{originator_address}:#{originator_port}" } - + prepare_client(client, channel, :remote) rescue SocketError => err raise Net::SSH::ChannelOpenFailed.new(2, "could not connect to remote host (#{remote.host}:#{remote.port}): #{err.message}") end - + # The callback used when an auth-agent channel is requested by the server. def auth_agent_channel(session, channel, packet) info { "opening auth-agent channel" } channel[:invisible] = true - + begin agent = Authentication::Agent.connect(logger, session.options[:agent_socket_factory]) if (agent.socket.is_a? ::IO) @@ -420,4 +420,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/test.rb b/lib/net/ssh/test.rb index 5b8c0d6..7bf33da 100644 --- a/lib/net/ssh/test.rb +++ b/lib/net/ssh/test.rb @@ -90,4 +90,5 @@ module Net end end -end; end + end +end diff --git a/lib/net/ssh/test/channel.rb b/lib/net/ssh/test/channel.rb index 8676f55..ea17019 100644 --- a/lib/net/ssh/test/channel.rb +++ b/lib/net/ssh/test/channel.rb @@ -144,4 +144,6 @@ module Net end end -end; end; end
\ No newline at end of file + end + end +end
\ No newline at end of file diff --git a/lib/net/ssh/test/extensions.rb b/lib/net/ssh/test/extensions.rb index b52323c..a51114f 100644 --- a/lib/net/ssh/test/extensions.rb +++ b/lib/net/ssh/test/extensions.rb @@ -161,7 +161,9 @@ module Net end end -end; end; end + end + end +end Net::SSH::BufferedIo.send(:include, Net::SSH::Test::Extensions::BufferedIo) Net::SSH::Transport::PacketStream.send(:include, Net::SSH::Test::Extensions::PacketStream) diff --git a/lib/net/ssh/test/kex.rb b/lib/net/ssh/test/kex.rb index 8d96eb4..415f841 100644 --- a/lib/net/ssh/test/kex.rb +++ b/lib/net/ssh/test/kex.rb @@ -40,7 +40,9 @@ module Net end end -end; end; end + end + end +end Net::SSH::Transport::Algorithms::ALGORITHMS[:kex] << "test" Net::SSH::Transport::Kex::MAP["test"] = Net::SSH::Test::Kex diff --git a/lib/net/ssh/test/local_packet.rb b/lib/net/ssh/test/local_packet.rb index f6ac627..998edb7 100644 --- a/lib/net/ssh/test/local_packet.rb +++ b/lib/net/ssh/test/local_packet.rb @@ -1,8 +1,8 @@ require 'net/ssh/packet' require 'net/ssh/test/packet' -module Net - module SSH +module Net + module SSH module Test # This is a specialization of Net::SSH::Test::Packet for representing mock @@ -11,7 +11,7 @@ module Net # of the sends_* methods. class LocalPacket < Packet attr_reader :init - + # Extend the default Net::SSH::Test::Packet constructor to also accept an # optional block, which is used to finalize the initialization of the # packet when #process is first called. @@ -19,12 +19,12 @@ module Net super(type, *args) @init = block end - + # Returns +true+; this is a local packet. def local? true end - + # Called by Net::SSH::Test::Extensions::PacketStream#test_enqueue_packet # to mimic remote processing of a locally-sent packet. It compares the # packet it was given with the contents of this LocalPacket's data, to see @@ -34,15 +34,15 @@ module Net @init.call(Net::SSH::Packet.new(packet.to_s)) if @init type = packet.read_byte raise "expected #{@type}, but got #{type}" if @type != type - + @data.zip(types).each do |expected, _type| _type ||= case expected when nil then break when Numeric then :long when String then :string when TrueClass, FalseClass then :bool - end - + end + actual = packet.send("read_#{_type}") next if expected.nil? raise "expected #{_type} #{expected.inspect} but got #{actual.inspect}" unless expected == actual @@ -50,4 +50,6 @@ module Net end end -end; end; end
\ No newline at end of file + end + end +end diff --git a/lib/net/ssh/test/packet.rb b/lib/net/ssh/test/packet.rb index ad4a334..8d7dc8c 100644 --- a/lib/net/ssh/test/packet.rb +++ b/lib/net/ssh/test/packet.rb @@ -93,8 +93,9 @@ module Net parts.concat(request[:extra_parts]) end else raise "don't know how to parse packet type #{@type}" - end + end end end - -end; end; end + end + end +end diff --git a/lib/net/ssh/test/remote_packet.rb b/lib/net/ssh/test/remote_packet.rb index a3d3c05..90f6008 100644 --- a/lib/net/ssh/test/remote_packet.rb +++ b/lib/net/ssh/test/remote_packet.rb @@ -37,4 +37,6 @@ module Net end end -end; end; end
\ No newline at end of file + end + end +end
\ No newline at end of file diff --git a/lib/net/ssh/test/script.rb b/lib/net/ssh/test/script.rb index 20fa78e..4c51a7d 100644 --- a/lib/net/ssh/test/script.rb +++ b/lib/net/ssh/test/script.rb @@ -177,4 +177,6 @@ module Net end end -end; end; end
\ No newline at end of file + end + end +end
\ No newline at end of file diff --git a/lib/net/ssh/test/socket.rb b/lib/net/ssh/test/socket.rb index 003981d..57fe8f6 100644 --- a/lib/net/ssh/test/socket.rb +++ b/lib/net/ssh/test/socket.rb @@ -63,4 +63,6 @@ module Net end -end; end; end + end + end +end diff --git a/lib/net/ssh/transport/algorithms.rb b/lib/net/ssh/transport/algorithms.rb index 4cbd1cf..8d2c94a 100644 --- a/lib/net/ssh/transport/algorithms.rb +++ b/lib/net/ssh/transport/algorithms.rb @@ -429,4 +429,6 @@ module Net end end end -end; end; end + end + end +end diff --git a/lib/net/ssh/transport/cipher_factory.rb b/lib/net/ssh/transport/cipher_factory.rb index 7a3d9f6..ed79918 100644 --- a/lib/net/ssh/transport/cipher_factory.rb +++ b/lib/net/ssh/transport/cipher_factory.rb @@ -114,4 +114,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/transport/constants.rb b/lib/net/ssh/transport/constants.rb index b7b419d..64761f9 100644 --- a/lib/net/ssh/transport/constants.rb +++ b/lib/net/ssh/transport/constants.rb @@ -31,4 +31,6 @@ module Net KEXECDH_INIT = 30 KEXECDH_REPLY = 31 end -end; end; end + end + end +end diff --git a/lib/net/ssh/transport/hmac/abstract.rb b/lib/net/ssh/transport/hmac/abstract.rb index 827f750..22ad9a6 100644 --- a/lib/net/ssh/transport/hmac/abstract.rb +++ b/lib/net/ssh/transport/hmac/abstract.rb @@ -1,9 +1,9 @@ require 'openssl' require 'openssl/digest' -module Net - module SSH - module Transport +module Net + module SSH + module Transport module HMAC # The base class of all OpenSSL-based HMAC algorithm wrappers. @@ -20,7 +20,7 @@ module Net raise ArgumentError, "wrong number of arguments (#{v.length} for 1)" end end - + def mac_length(*v) @mac_length = nil if !defined?(@mac_length) if v.empty? @@ -32,7 +32,7 @@ module Net raise ArgumentError, "wrong number of arguments (#{v.length} for 1)" end end - + def digest_class(*v) @digest_class = nil if !defined?(@digest_class) if v.empty? @@ -45,36 +45,38 @@ module Net end end end - + def key_length self.class.key_length end - + def mac_length self.class.mac_length end - + def digest_class self.class.digest_class end - + # The key in use for this instance. attr_reader :key - + def initialize(key=nil) self.key = key end - + # Sets the key to the given value, truncating it so that it is the correct # length. def key=(value) @key = value ? value.to_s[0,key_length] : nil end - + # Compute the HMAC digest for the given data string. def digest(data) OpenSSL::HMAC.digest(digest_class.new, key, data)[0,mac_length] end - end - -end; end; end; end + end + end + end + end +end diff --git a/lib/net/ssh/transport/identity_cipher.rb b/lib/net/ssh/transport/identity_cipher.rb index f718ae6..c690e9f 100644 --- a/lib/net/ssh/transport/identity_cipher.rb +++ b/lib/net/ssh/transport/identity_cipher.rb @@ -54,4 +54,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb b/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb index b20b86b..9289f16 100644 --- a/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +++ b/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb @@ -45,4 +45,7 @@ module Net G end end -end; end; end; end + end + end + end +end diff --git a/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb b/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb index 5f0be7d..41cde5c 100644 --- a/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +++ b/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb @@ -224,4 +224,7 @@ module Net end end -end; end; end; end + end + end + end +end diff --git a/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb b/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb index 6875cb3..3cf54b7 100644 --- a/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +++ b/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb @@ -94,4 +94,7 @@ module Net return result end end -end; end; end; end + end + end + end +end diff --git a/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb b/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb index da99d9f..038bf0d 100644 --- a/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +++ b/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb @@ -14,4 +14,7 @@ module Net OpenSSL::PKey::EC::CurveNameAlias['nistp384'] end end -end; end; end; end + end + end + end +end diff --git a/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb b/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb index fae4349..bb29d34 100644 --- a/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +++ b/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb @@ -14,4 +14,7 @@ module Net OpenSSL::PKey::EC::CurveNameAlias['nistp521'] end end -end; end; end; end + end + end + end +end diff --git a/lib/net/ssh/transport/key_expander.rb b/lib/net/ssh/transport/key_expander.rb index 45d7e04..108e9b9 100644 --- a/lib/net/ssh/transport/key_expander.rb +++ b/lib/net/ssh/transport/key_expander.rb @@ -26,4 +26,6 @@ module Net return k end end -end; end; end + end + end +end diff --git a/lib/net/ssh/transport/packet_stream.rb b/lib/net/ssh/transport/packet_stream.rb index 03c5bfd..3888597 100644 --- a/lib/net/ssh/transport/packet_stream.rb +++ b/lib/net/ssh/transport/packet_stream.rb @@ -244,4 +244,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/transport/server_version.rb b/lib/net/ssh/transport/server_version.rb index 2c4ad18..1012685 100644 --- a/lib/net/ssh/transport/server_version.rb +++ b/lib/net/ssh/transport/server_version.rb @@ -71,4 +71,6 @@ module Net raise Net::SSH::ConnectionTimeout, "timeout during client version negotiating" if timeout && !IO.select(nil, [socket], nil, timeout) end end -end; end; end + end + end +end diff --git a/lib/net/ssh/transport/session.rb b/lib/net/ssh/transport/session.rb index 259f94a..ab1da15 100644 --- a/lib/net/ssh/transport/session.rb +++ b/lib/net/ssh/transport/session.rb @@ -304,4 +304,6 @@ module Net end end end -end; end; end + end + end +end diff --git a/lib/net/ssh/transport/state.rb b/lib/net/ssh/transport/state.rb index 69ff69c..875b60a 100644 --- a/lib/net/ssh/transport/state.rb +++ b/lib/net/ssh/transport/state.rb @@ -203,4 +203,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/verifiers/lenient.rb b/lib/net/ssh/verifiers/lenient.rb index d1ea7a0..92ed480 100644 --- a/lib/net/ssh/verifiers/lenient.rb +++ b/lib/net/ssh/verifiers/lenient.rb @@ -29,4 +29,6 @@ module Net end end -end; end; end
\ No newline at end of file + end + end +end
\ No newline at end of file diff --git a/lib/net/ssh/verifiers/null.rb b/lib/net/ssh/verifiers/null.rb index 375f860..6a0e2b9 100644 --- a/lib/net/ssh/verifiers/null.rb +++ b/lib/net/ssh/verifiers/null.rb @@ -11,4 +11,6 @@ module Net end end -end; end; end
\ No newline at end of file + end + end +end
\ No newline at end of file diff --git a/lib/net/ssh/verifiers/secure.rb b/lib/net/ssh/verifiers/secure.rb index c03e2e9..be4e3af 100644 --- a/lib/net/ssh/verifiers/secure.rb +++ b/lib/net/ssh/verifiers/secure.rb @@ -47,4 +47,6 @@ module Net end end -end; end; end + end + end +end diff --git a/lib/net/ssh/verifiers/strict.rb b/lib/net/ssh/verifiers/strict.rb index 9a774e2..d64cc32 100644 --- a/lib/net/ssh/verifiers/strict.rb +++ b/lib/net/ssh/verifiers/strict.rb @@ -23,4 +23,6 @@ module Net end end -end; end; end + end + end +end diff --git a/test/authentication/methods/common.rb b/test/authentication/methods/common.rb index 4143497..77c6289 100644 --- a/test/authentication/methods/common.rb +++ b/test/authentication/methods/common.rb @@ -32,4 +32,5 @@ module Authentication end -end; end
\ No newline at end of file + end +end
\ No newline at end of file diff --git a/test/authentication/methods/test_abstract.rb b/test/authentication/methods/test_abstract.rb index c9702ac..a839699 100644 --- a/test/authentication/methods/test_abstract.rb +++ b/test/authentication/methods/test_abstract.rb @@ -2,50 +2,50 @@ require 'common' require 'authentication/methods/common' require 'net/ssh/authentication/methods/abstract' -module Authentication +module Authentication module Methods class TestAbstract < NetSSHTest include Common - + def test_constructor_should_set_defaults assert_nil subject.key_manager end - + def test_constructor_should_honor_options assert_equal :manager, subject(key_manager: :manager).key_manager end - + def test_session_id_should_query_session_id_from_key_exchange transport.stubs(:algorithms).returns(stub("algorithms", session_id: "abcxyz123")) assert_equal "abcxyz123", subject.session_id end - + def test_send_message_should_delegate_to_transport transport.expects(:send_message).with("abcxyz123") subject.send_message("abcxyz123") end - + def test_userauth_request_should_build_well_formed_userauth_packet packet = subject.userauth_request("jamis", "ssh-connection", "password") assert_equal "\062\0\0\0\005jamis\0\0\0\016ssh-connection\0\0\0\010password", packet.to_s end - + def test_userauth_request_should_translate_extra_booleans_onto_end packet = subject.userauth_request("jamis", "ssh-connection", "password", true, false) assert_equal "\062\0\0\0\005jamis\0\0\0\016ssh-connection\0\0\0\010password\1\0", packet.to_s end - + def test_userauth_request_should_translate_extra_strings_onto_end packet = subject.userauth_request("jamis", "ssh-connection", "password", "foo", "bar") assert_equal "\062\0\0\0\005jamis\0\0\0\016ssh-connection\0\0\0\010password\0\0\0\3foo\0\0\0\3bar", packet.to_s end - + private - + def subject(options={}) @subject ||= Net::SSH::Authentication::Methods::Abstract.new(session(options), options) end - end - -end; end
\ No newline at end of file + end + end +end diff --git a/test/authentication/methods/test_hostbased.rb b/test/authentication/methods/test_hostbased.rb index ea7ea0d..4fbd37a 100644 --- a/test/authentication/methods/test_hostbased.rb +++ b/test/authentication/methods/test_hostbased.rb @@ -2,31 +2,31 @@ require 'common' require 'net/ssh/authentication/methods/hostbased' require 'authentication/methods/common' -module Authentication +module Authentication module Methods class TestHostbased < NetSSHTest include Common - + def test_authenticate_should_return_false_when_no_key_manager_has_been_set assert_equal false, subject(key_manager: nil).authenticate("ssh-connection", "jamis") end - + def test_authenticate_should_return_false_when_key_manager_has_no_keys assert_equal false, subject(keys: []).authenticate("ssh-connection", "jamis") end - + def test_authenticate_should_return_false_if_no_keys_can_authenticate ENV.stubs(:[]).with('USER').returns(nil) key_manager.expects(:sign).with(&signature_parameters(keys.first)).returns("sig-one") key_manager.expects(:sign).with(&signature_parameters(keys.last)).returns("sig-two") - + transport.expect do |t, packet| assert_equal USERAUTH_REQUEST, packet.type assert verify_userauth_request_packet(packet, keys.first) assert_equal "sig-one", packet.read_string t.return(USERAUTH_FAILURE, :string, "hostbased,password") - + t.expect do |t2, packet2| assert_equal USERAUTH_REQUEST, packet2.type assert verify_userauth_request_packet(packet2, keys.last) @@ -34,26 +34,26 @@ module Authentication t2.return(USERAUTH_FAILURE, :string, "hostbased,password") end end - + assert_equal false, subject.authenticate("ssh-connection", "jamis") end - + def test_authenticate_should_return_true_if_any_key_can_authenticate ENV.stubs(:[]).with('USER').returns(nil) key_manager.expects(:sign).with(&signature_parameters(keys.first)).returns("sig-one") - + transport.expect do |t, packet| assert_equal USERAUTH_REQUEST, packet.type assert verify_userauth_request_packet(packet, keys.first) assert_equal "sig-one", packet.read_string t.return(USERAUTH_SUCCESS) end - + assert subject.authenticate("ssh-connection", "jamis") end - + private - + def signature_parameters(key) Proc.new do |given_key, data| next false unless given_key.to_blob == key.to_blob @@ -63,7 +63,7 @@ module Authentication verify_userauth_request_packet(buffer, key) end end - + def verify_userauth_request_packet(packet, key) packet.read_string == "jamis" && # user-name packet.read_string == "ssh-connection" && # next service @@ -73,12 +73,12 @@ module Authentication packet.read_string == "me.ssh.test." && # client hostname packet.read_string == "jamis" # client username end - + @@keys = nil def keys @@keys ||= [OpenSSL::PKey::RSA.new(512), OpenSSL::PKey::DSA.new(512)] end - + def key_manager(options={}) @key_manager ||= begin manager = stub("key_manager") @@ -86,20 +86,20 @@ module Authentication manager end end - + def subject(options={}) options[:key_manager] = key_manager(options) unless options.key?(:key_manager) @subject ||= Net::SSH::Authentication::Methods::Hostbased.new(session(options), options) end - + def socket(options={}) @socket ||= stub("socket", client_name: "me.ssh.test") end - + def transport(options={}) @transport ||= MockTransport.new(options.merge(socket: socket)) end - + def session(options={}) @session ||= begin sess = stub("auth-session", logger: nil, transport: transport(options)) @@ -109,6 +109,6 @@ module Authentication sess end end - end - -end; end + end + end +end diff --git a/test/authentication/methods/test_keyboard_interactive.rb b/test/authentication/methods/test_keyboard_interactive.rb index d52beaa..9fad914 100644 --- a/test/authentication/methods/test_keyboard_interactive.rb +++ b/test/authentication/methods/test_keyboard_interactive.rb @@ -129,4 +129,5 @@ module Authentication end end -end; end + end +end diff --git a/test/authentication/methods/test_none.rb b/test/authentication/methods/test_none.rb index 87fb056..8e31c08 100644 --- a/test/authentication/methods/test_none.rb +++ b/test/authentication/methods/test_none.rb @@ -39,4 +39,5 @@ module Authentication end end -end; end + end +end diff --git a/test/authentication/methods/test_password.rb b/test/authentication/methods/test_password.rb index 211733b..d119fae 100644 --- a/test/authentication/methods/test_password.rb +++ b/test/authentication/methods/test_password.rb @@ -94,4 +94,5 @@ module Authentication end end -end; end + end +end diff --git a/test/authentication/methods/test_publickey.rb b/test/authentication/methods/test_publickey.rb index 663be81..8f2cc73 100644 --- a/test/authentication/methods/test_publickey.rb +++ b/test/authentication/methods/test_publickey.rb @@ -2,44 +2,44 @@ require 'common' require 'net/ssh/authentication/methods/publickey' require 'authentication/methods/common' -module Authentication +module Authentication module Methods class TestPublickey < NetSSHTest include Common - + def test_authenticate_should_return_false_when_no_key_manager_has_been_set assert_equal false, subject(key_manager: nil).authenticate("ssh-connection", "jamis") end - + def test_authenticate_should_return_false_when_key_manager_has_no_keys assert_equal false, subject(keys: []).authenticate("ssh-connection", "jamis") end - + def test_authenticate_should_return_false_if_no_keys_can_authenticate transport.expect do |t, packet| assert_equal USERAUTH_REQUEST, packet.type assert verify_userauth_request_packet(packet, keys.first, false) t.return(USERAUTH_FAILURE, :string, "hostbased,password") - + t.expect do |t2, packet2| assert_equal USERAUTH_REQUEST, packet2.type assert verify_userauth_request_packet(packet2, keys.last, false) t2.return(USERAUTH_FAILURE, :string, "hostbased,password") end end - + assert_equal false, subject.authenticate("ssh-connection", "jamis") end - + def test_authenticate_should_raise_if_publickey_disallowed key_manager.expects(:sign).with(&signature_parameters(keys.first)).returns("sig-one") - + transport.expect do |t, packet| assert_equal USERAUTH_REQUEST, packet.type assert verify_userauth_request_packet(packet, keys.first, false) t.return(USERAUTH_PK_OK, :string, keys.first.ssh_type, :string, Net::SSH::Buffer.from(:key, keys.first)) - + t.expect do |t2,packet2| assert_equal USERAUTH_REQUEST, packet2.type assert verify_userauth_request_packet(packet2, keys.first, true) @@ -47,32 +47,32 @@ module Authentication t2.return(USERAUTH_FAILURE, :string, "hostbased,password") end end - + assert_raises Net::SSH::Authentication::DisallowedMethod do subject.authenticate("ssh-connection", "jamis") end end - + def test_authenticate_should_return_false_if_signature_exchange_fails key_manager.expects(:sign).with(&signature_parameters(keys.first)).returns("sig-one") key_manager.expects(:sign).with(&signature_parameters(keys.last)).returns("sig-two") - + transport.expect do |t, packet| assert_equal USERAUTH_REQUEST, packet.type assert verify_userauth_request_packet(packet, keys.first, false) t.return(USERAUTH_PK_OK, :string, keys.first.ssh_type, :string, Net::SSH::Buffer.from(:key, keys.first)) - + t.expect do |t2,packet2| assert_equal USERAUTH_REQUEST, packet2.type assert verify_userauth_request_packet(packet2, keys.first, true) assert_equal "sig-one", packet2.read_string t2.return(USERAUTH_FAILURE, :string, "publickey") - + t2.expect do |t3, packet3| assert_equal USERAUTH_REQUEST, packet3.type assert verify_userauth_request_packet(packet3, keys.last, false) t3.return(USERAUTH_PK_OK, :string, keys.last.ssh_type, :string, Net::SSH::Buffer.from(:key, keys.last)) - + t3.expect do |t4,packet4| assert_equal USERAUTH_REQUEST, packet4.type assert verify_userauth_request_packet(packet4, keys.last, true) @@ -82,18 +82,18 @@ module Authentication end end end - + assert !subject.authenticate("ssh-connection", "jamis") end - + def test_authenticate_should_return_true_if_any_key_can_authenticate key_manager.expects(:sign).with(&signature_parameters(keys.first)).returns("sig-one") - + transport.expect do |t, packet| assert_equal USERAUTH_REQUEST, packet.type assert verify_userauth_request_packet(packet, keys.first, false) t.return(USERAUTH_PK_OK, :string, keys.first.ssh_type, :string, Net::SSH::Buffer.from(:key, keys.first)) - + t.expect do |t2,packet2| assert_equal USERAUTH_REQUEST, packet2.type assert verify_userauth_request_packet(packet2, keys.first, true) @@ -101,12 +101,12 @@ module Authentication t2.return(USERAUTH_SUCCESS) end end - + assert subject.authenticate("ssh-connection", "jamis") end - + private - + def signature_parameters(key) Proc.new do |given_key, data| next false unless given_key.to_blob == key.to_blob @@ -116,7 +116,7 @@ module Authentication verify_userauth_request_packet(buffer, key, true) end end - + def verify_userauth_request_packet(packet, key, has_sig) packet.read_string == "jamis" && # user-name packet.read_string == "ssh-connection" && # next service @@ -125,12 +125,12 @@ module Authentication packet.read_string == key.ssh_type && # ssh key type packet.read_buffer.read_key.to_blob == key.to_blob # key end - + @@keys = nil def keys @@keys ||= [OpenSSL::PKey::RSA.new(512), OpenSSL::PKey::DSA.new(512)] end - + def key_manager(options={}) @key_manager ||= begin manager = stub("key_manager") @@ -138,11 +138,11 @@ module Authentication manager end end - + def subject(options={}) options[:key_manager] = key_manager(options) unless options.key?(:key_manager) @subject ||= Net::SSH::Authentication::Methods::Publickey.new(session(options), options) end - end - -end; end + end + end +end diff --git a/test/transport/hmac/test_md5.rb b/test/transport/hmac/test_md5.rb index c7424a9..e0abccc 100644 --- a/test/transport/hmac/test_md5.rb +++ b/test/transport/hmac/test_md5.rb @@ -39,4 +39,5 @@ module Transport end end -end; end
\ No newline at end of file + end +end
\ No newline at end of file diff --git a/test/transport/hmac/test_md5_96.rb b/test/transport/hmac/test_md5_96.rb index 0874685..4ee1680 100644 --- a/test/transport/hmac/test_md5_96.rb +++ b/test/transport/hmac/test_md5_96.rb @@ -25,4 +25,5 @@ module Transport end end -end; end
\ No newline at end of file + end +end
\ No newline at end of file diff --git a/test/transport/hmac/test_none.rb b/test/transport/hmac/test_none.rb index 8d5022d..ae8fe7e 100644 --- a/test/transport/hmac/test_none.rb +++ b/test/transport/hmac/test_none.rb @@ -32,4 +32,5 @@ module Transport end end -end; end + end +end diff --git a/test/transport/hmac/test_ripemd160.rb b/test/transport/hmac/test_ripemd160.rb index 90705e2..bcc14f8 100644 --- a/test/transport/hmac/test_ripemd160.rb +++ b/test/transport/hmac/test_ripemd160.rb @@ -34,4 +34,5 @@ module Transport end end -end; end + end +end diff --git a/test/transport/hmac/test_sha1.rb b/test/transport/hmac/test_sha1.rb index eb622d6..be64bf6 100644 --- a/test/transport/hmac/test_sha1.rb +++ b/test/transport/hmac/test_sha1.rb @@ -34,4 +34,5 @@ module Transport end end -end; end
\ No newline at end of file + end +end
\ No newline at end of file diff --git a/test/transport/hmac/test_sha1_96.rb b/test/transport/hmac/test_sha1_96.rb index d726b42..d5dec22 100644 --- a/test/transport/hmac/test_sha1_96.rb +++ b/test/transport/hmac/test_sha1_96.rb @@ -25,4 +25,5 @@ module Transport end end -end; end
\ No newline at end of file + end +end
\ No newline at end of file diff --git a/test/transport/hmac/test_sha2_256.rb b/test/transport/hmac/test_sha2_256.rb index 81d2b30..dbf0ffc 100644 --- a/test/transport/hmac/test_sha2_256.rb +++ b/test/transport/hmac/test_sha2_256.rb @@ -3,7 +3,7 @@ require 'common' require 'net/ssh/transport/hmac/sha2_256' -module Transport +module Transport module HMAC class TestSHA2_256 < NetSSHTest @@ -11,27 +11,27 @@ module Transport assert_equal OpenSSL::Digest::SHA256, subject.digest_class assert_equal OpenSSL::Digest::SHA256, subject.new.digest_class end - + def test_expected_key_length assert_equal 32, subject.key_length assert_equal 32, subject.new.key_length end - + def test_expected_mac_length assert_equal 32, subject.mac_length assert_equal 32, subject.new.mac_length end - + def test_expected_digest hmac = subject.new("1234567890123456") assert_equal "\x16^>\x9FhO}\xB1>(\xBAF\xFBW\xB8\xF2\xFA\x824+\xC0\x94\x95\xC2\r\xE6\x88/\xEF\t\xF5%", hmac.digest("hello world") - end - + end + private - + def subject Net::SSH::Transport::HMAC::SHA2_256 end end - -end; end + end +end diff --git a/test/transport/hmac/test_sha2_256_96.rb b/test/transport/hmac/test_sha2_256_96.rb index 1241eb2..07799fe 100644 --- a/test/transport/hmac/test_sha2_256_96.rb +++ b/test/transport/hmac/test_sha2_256_96.rb @@ -25,4 +25,5 @@ module Transport end end -end; end + end +end diff --git a/test/transport/hmac/test_sha2_512.rb b/test/transport/hmac/test_sha2_512.rb index 4559159..dc25fd8 100644 --- a/test/transport/hmac/test_sha2_512.rb +++ b/test/transport/hmac/test_sha2_512.rb @@ -3,7 +3,7 @@ require 'common' require 'net/ssh/transport/hmac/sha2_512' -module Transport +module Transport module HMAC class TestSHA2_512 < NetSSHTest @@ -11,27 +11,27 @@ module Transport assert_equal OpenSSL::Digest::SHA512, subject.digest_class assert_equal OpenSSL::Digest::SHA512, subject.new.digest_class end - + def test_expected_key_length assert_equal 64, subject.key_length assert_equal 64, subject.new.key_length end - + def test_expected_mac_length assert_equal 64, subject.mac_length assert_equal 64, subject.new.mac_length end - + def test_expected_digest hmac = subject.new("1234567890123456") assert_equal "^\xB6\"\xED\x8B\xC4\xDE\xD4\xCF\xD0\r\x18\xA0<\xF4\xB5\x01Efz\xA80i\xFC\x18\xC1\x9A+\xDD\xFE<\xA2\xFDE1Ac\xF4\xADU\r\xFB^0\x90= \x837z\xCC\xD5p4a4\x83\xC6\x04m\xAA\xC1\xC0m", hmac.digest("hello world") - end - + end + private - + def subject Net::SSH::Transport::HMAC::SHA2_512 end end - -end; end + end +end diff --git a/test/transport/hmac/test_sha2_512_96.rb b/test/transport/hmac/test_sha2_512_96.rb index 2f7f7b2..955da06 100644 --- a/test/transport/hmac/test_sha2_512_96.rb +++ b/test/transport/hmac/test_sha2_512_96.rb @@ -25,4 +25,5 @@ module Transport end end -end; end + end +end diff --git a/test/transport/kex/test_diffie_hellman_group14_sha1.rb b/test/transport/kex/test_diffie_hellman_group14_sha1.rb index b3cd24a..5d006e1 100644 --- a/test/transport/kex/test_diffie_hellman_group14_sha1.rb +++ b/test/transport/kex/test_diffie_hellman_group14_sha1.rb @@ -11,4 +11,5 @@ module Transport Net::SSH::Transport::Kex::DiffieHellmanGroup14SHA1 end end -end; end + end +end diff --git a/test/transport/kex/test_diffie_hellman_group1_sha1.rb b/test/transport/kex/test_diffie_hellman_group1_sha1.rb index 8b5abd6..fd96132 100644 --- a/test/transport/kex/test_diffie_hellman_group1_sha1.rb +++ b/test/transport/kex/test_diffie_hellman_group1_sha1.rb @@ -148,4 +148,5 @@ module Transport end end -end; end
\ No newline at end of file + end +end
\ No newline at end of file diff --git a/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb b/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb index da92463..800a8c6 100644 --- a/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb +++ b/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb @@ -105,4 +105,5 @@ module Transport end end -end; end + end +end diff --git a/test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb b/test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb index dfbe5a7..7f7815d 100644 --- a/test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb +++ b/test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb @@ -17,4 +17,5 @@ module Transport end end -end; end + end +end diff --git a/test/transport/kex/test_ecdh_sha2_nistp256.rb b/test/transport/kex/test_ecdh_sha2_nistp256.rb index 4105556..5d0a6b1 100644 --- a/test/transport/kex/test_ecdh_sha2_nistp256.rb +++ b/test/transport/kex/test_ecdh_sha2_nistp256.rb @@ -8,17 +8,17 @@ else require 'net/ssh/transport/kex/ecdh_sha2_nistp256' require 'ostruct' - module Transport + module Transport module Kex class TestEcdhSHA2NistP256 < NetSSHTest include Net::SSH::Transport::Constants - + def setup - @ecdh = @algorithms = @connection = @server_key = + @ecdh = @algorithms = @connection = @server_key = @packet_data = @shared_secret = nil end - + def test_exchange_keys_should_return_expected_results_when_successful result = exchange! assert_equal session_id, result[:session_id] @@ -26,64 +26,64 @@ else assert_equal shared_secret, result[:shared_secret] assert_equal digester, result[:hashing_algorithm] end - + def test_exchange_keys_with_unverifiable_host_should_raise_exception connection.verifier { false } assert_raises(Net::SSH::Exception) { exchange! } end - + def test_exchange_keys_with_signature_key_type_mismatch_should_raise_exception assert_raises(Net::SSH::Exception) { exchange! key_type: "ssh-dss" } end - + def test_exchange_keys_with_host_key_type_mismatch_should_raise_exception algorithms host_key: "ssh-dss" assert_raises(Net::SSH::Exception) { exchange! key_type: "ssh-dss" } end - + def test_exchange_keys_when_server_signature_could_not_be_verified_should_raise_exception @signature = "1234567890" assert_raises(Net::SSH::Exception) { exchange! } end - + def test_exchange_keys_should_pass_expected_parameters_to_host_key_verifier verified = false connection.verifier do |data| verified = true assert_equal server_host_key.to_blob, data[:key].to_blob - + blob = b(:key, data[:key]).to_s fingerprint = OpenSSL::Digest::MD5.hexdigest(blob).scan(/../).join(":") - + assert_equal blob, data[:key_blob] assert_equal fingerprint, data[:fingerprint] assert_equal connection, data[:session] - + true end - + assert_nothing_raised { exchange! } assert verified end - + private - + def digester OpenSSL::Digest::SHA256 end - + def subject Net::SSH::Transport::Kex::EcdhSHA2NistP256 end - + def ecparam "prime256v1" end - + def key_type "ecdsa-sha2-nistp256" end - + def exchange!(options={}) connection.expect do |t, buffer| assert_equal KEXECDH_INIT, buffer.type @@ -100,42 +100,42 @@ else end ecdh.exchange_keys end - + def ecdh @ecdh ||= subject.new(algorithms, connection, packet_data) end - + def algorithms(options={}) @algorithms ||= OpenStruct.new(host_key: options[:server_host_key] || "ecdsa-sha2-nistp256") end - + def connection @connection ||= MockTransport.new end - + def server_key @server_key ||= OpenSSL::PKey::EC.new(ecparam).generate_key end - + def server_host_key @server_host_key ||= OpenSSL::PKey::EC.new("prime256v1").generate_key end - + def packet_data @packet_data ||= { client_version_string: "client version string", server_version_string: "server version string", server_algorithm_packet: "server algorithm packet", client_algorithm_packet: "client algorithm packet" } end - + def server_ecdh_pubkey @server_ecdh_pubkey ||= server_key.public_key end - + def shared_secret @shared_secret ||= OpenSSL::BN.new(ecdh.ecdh.dh_compute_key(server_ecdh_pubkey), 2) end - + def session_id @session_id ||= begin buffer = Net::SSH::Buffer.from(:string, packet_data[:client_version_string], @@ -149,14 +149,15 @@ else digester.digest(buffer.to_s) end end - + def signature @signature ||= server_host_key.ssh_do_sign(session_id) end - + def b(*args) Net::SSH::Buffer.from(*args) end end - end; end; + end + end end diff --git a/test/transport/kex/test_ecdh_sha2_nistp384.rb b/test/transport/kex/test_ecdh_sha2_nistp384.rb index 066b4a2..8011234 100644 --- a/test/transport/kex/test_ecdh_sha2_nistp384.rb +++ b/test/transport/kex/test_ecdh_sha2_nistp384.rb @@ -4,14 +4,14 @@ unless defined?(OpenSSL::PKey::EC) puts "Skipping tests for ecdh-sha2-nistp384 key exchange" else require 'transport/kex/test_ecdh_sha2_nistp256' - module Transport + module Transport module Kex class TestEcdhSHA2NistP384 < TestEcdhSHA2NistP256 def setup - @ecdh = @algorithms = @connection = @server_key = + @ecdh = @algorithms = @connection = @server_key = @packet_data = @shared_secret = nil end - + def test_exchange_keys_should_return_expected_results_when_successful result = exchange! assert_equal session_id, result[:session_id] @@ -19,20 +19,21 @@ else assert_equal shared_secret, result[:shared_secret] assert_equal digester, result[:hashing_algorithm] end - + private - + def digester OpenSSL::Digest::SHA384 end - + def subject Net::SSH::Transport::Kex::EcdhSHA2NistP384 end - + def ecparam "secp384r1" end end - end; end + end + end end diff --git a/test/transport/kex/test_ecdh_sha2_nistp521.rb b/test/transport/kex/test_ecdh_sha2_nistp521.rb index 39ef476..6fa6e24 100644 --- a/test/transport/kex/test_ecdh_sha2_nistp521.rb +++ b/test/transport/kex/test_ecdh_sha2_nistp521.rb @@ -4,14 +4,14 @@ unless defined?(OpenSSL::PKey::EC) puts "Skipping tests for ecdh-sha2-nistp521 key exchange" else require 'transport/kex/test_ecdh_sha2_nistp256' - module Transport + module Transport module Kex class TestEcdhSHA2NistP521 < TestEcdhSHA2NistP256 def setup - @ecdh = @algorithms = @connection = @server_key = + @ecdh = @algorithms = @connection = @server_key = @packet_data = @shared_secret = nil end - + def test_exchange_keys_should_return_expected_results_when_successful result = exchange! assert_equal session_id, result[:session_id] @@ -19,20 +19,21 @@ else assert_equal shared_secret, result[:shared_secret] assert_equal digester, result[:hashing_algorithm] end - + private - + def digester OpenSSL::Digest::SHA512 end - + def subject Net::SSH::Transport::Kex::EcdhSHA2NistP521 end - + def ecparam "secp521r1" end end - end; end + end + end end diff --git a/test/transport/test_algorithms.rb b/test/transport/test_algorithms.rb index 34f7496..41adc4d 100644 --- a/test/transport/test_algorithms.rb +++ b/test/transport/test_algorithms.rb @@ -23,7 +23,8 @@ module Transport if defined?(OpenSSL::Digest::SHA256) assert_equal %w[hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none], algorithms[:hmac] else - assert_equal %w[hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-ripemd160 hmac-ripemd160@openssh.com none umac-128-etm@openssh.com], algorithms[:hmac] end + assert_equal %w[hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-ripemd160 hmac-ripemd160@openssh.com none umac-128-etm@openssh.com], algorithms[:hmac] + end assert_equal %w[none zlib@openssh.com zlib], algorithms[:compression] assert_equal %w[], algorithms[:language] end |