diff options
author | Miklos Fazekas <mfazekas@szemafor.com> | 2020-06-10 09:16:42 +0200 |
---|---|---|
committer | Miklos Fazekas <mfazekas@szemafor.com> | 2020-06-10 09:16:42 +0200 |
commit | f623a96537dd5f8b83bd582098849205469dc4e7 (patch) | |
tree | 55da5c639eaec159678434c2a2e8f9df415fb640 /lib | |
parent | d9b2f09005bf95b6af3e263794f70dd6b9bda10a (diff) | |
download | net-ssh-f623a96537dd5f8b83bd582098849205469dc4e7.tar.gz |
Rubocop fixes
Diffstat (limited to 'lib')
-rw-r--r-- | lib/net/ssh/transport/algorithms.rb | 3 | ||||
-rw-r--r-- | lib/net/ssh/transport/kex/abstract.rb | 12 |
2 files changed, 7 insertions, 8 deletions
diff --git a/lib/net/ssh/transport/algorithms.rb b/lib/net/ssh/transport/algorithms.rb index 0fb8546..9ab87b6 100644 --- a/lib/net/ssh/transport/algorithms.rb +++ b/lib/net/ssh/transport/algorithms.rb @@ -35,8 +35,7 @@ module Net ssh-rsa-cert-v00@openssh.com ssh-rsa rsa-sha2-256 - rsa-sha2-512 - ], + rsa-sha2-512], kex: %w[ecdh-sha2-nistp521 ecdh-sha2-nistp384 diff --git a/lib/net/ssh/transport/kex/abstract.rb b/lib/net/ssh/transport/kex/abstract.rb index b71ac0a..3fd8c3c 100644 --- a/lib/net/ssh/transport/kex/abstract.rb +++ b/lib/net/ssh/transport/kex/abstract.rb @@ -64,18 +64,16 @@ module Net private - def is_matching(key_ssh_type, host_key_alg) + def matching?(key_ssh_type, host_key_alg) return true if key_ssh_type == host_key_alg - if key_ssh_type == 'ssh-rsa' && (host_key_alg == 'rsa-sha2-512' || host_key_alg == 'rsa-sha2-256') - return true - end + return true if key_ssh_type == 'ssh-rsa' && ['rsa-sha2-512', 'rsa-sha2-256'].include?(host_key_alg) end # Verify that the given key is of the expected type, and that it # really is the key for the session's host. Raise Net::SSH::Exception # if it is not. def verify_server_key(key) #:nodoc: - if !is_matching(key.ssh_type, algorithms.host_key) + unless matching?(key.ssh_type, algorithms.host_key) raise Net::SSH::Exception, "host key algorithm mismatch '#{key.ssh_type}' != '#{algorithms.host_key}'" end @@ -104,7 +102,9 @@ module Net hash = digester.digest(response.to_s) - unless connection.host_key_verifier.verify_signature { result[:server_key].ssh_do_verify(result[:server_sig], hash, {host_key: algorithms.host_key}) } + server_key = result[:server_key] + server_sig = result[:server_sig] + unless connection.host_key_verifier.verify_signature { server_key.ssh_do_verify(server_sig, hash, host_key: algorithms.host_key) } raise Net::SSH::Exception, 'could not verify server signature' end |