summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* | (GH-737) Allow known_hosts to have empty lines and commentsdonoghuc2020-02-151-1/+2
| | | | | | | | Previously empty lines in a known_hosts file would result in an exception parsing the file. This commit updates the parser to allow empty lines as well as comments. Note that comments were already supported.
* | One more fixAlexander Pyatkin2020-02-111-0/+1
| |
* | Fix kex algorithm nameAlexander Pyatkin2020-02-111-1/+1
| |
* | Merge pull request #733 from ↵Miklós Fazekas2020-02-111-2/+2
|\ \ | | | | | | | | | | | | hirura/fix-loggable_facility_to_use_to_s_method_instead_of_name_method_for_self_class Fix Loggable to use to_s method instead of name method for self.class
| * | Fix Loggable to use to_s method instead of name method for self.classhirura2020-01-111-2/+2
| |/
* | allow multiple newlines for OPENSSH PRIVATE KEYsawanoboly2020-01-231-1/+2
| |
* | beta2 preparev6.0.0.beta2Miklos Fazekas2020-01-191-1/+1
| |
* | Merge pull request #722 from anderscarling/certkeysMiklós Fazekas2020-01-194-26/+62
|\ \ | |/ |/| Support :certkeys and CertificateFile configuration option
| * Reduce number of lines in method to satisfy rubocopAnders Carling2019-10-311-21/+21
| |
| * Restore accidentally reordered valueAnders Carling2019-10-311-1/+1
| |
| * Reduce number of lines in block to satisfy rubocopAnders Carling2019-10-311-6/+2
| |
| * Place value in globals if we're in a global contextAnders Carling2019-10-311-1/+1
| |
| * Fix rubocop complaintsAnders Carling2019-10-311-1/+0
| |
| * Remove disused variableAnders Carling2019-10-311-1/+1
| |
| * Fix signing with private key file existing both on disk and in agent, ↵Anders Carling2019-10-311-7/+2
| | | | | | | | without corresponding public key on disk
| * Support :certkeys and CertificateFile configuration optionAnders Carling2019-10-294-4/+50
| |
* | Remove ruby_compat to comply with the new Ruby >= 2.3 requirementMaxime Alay-Eddine2019-11-138-20/+0
|/
* 6.0.0 beta1 prepareMiklos Fazekas2019-10-251-3/+3
|
* Original (brbrady) Add support for all algorithms in ↵Brandon Weaver2019-10-251-2/+2
| | | | Transport::Algorithms#host_key_format
* Define rubocop metric lengthFlorian Wininger2019-09-2511-21/+48
| | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* Add sha2-{256,512}-etm@openssh.com MAC algorithmsHans de Graaff2019-09-176-22/+101
| | | | | | | | | | | | | | | Implement the Encrypt-Then-Mac versions of the SHA2-256 and SHA2-512 MACs. These MACs are implemented by openssh and may be the only MACs available on a hardened installation of openssh. With EtM the MAC is calculated over the unencrypted packet length and the encrypted payload (which includes padding length and padding). The main benefit of EtM schemes is that it allows the encrypted payload to be authenticated before it gets passed to the encryption engine. This patch does not implement that mechanism, but this can be added later to the poll_next_packet method. Note that all current MACs already pass unauthenticated data to the encryption engine.
* Add Curve25519Sha256Florian Wininger2019-09-104-18/+99
| | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* Merge pull request #708 from fwininger/refactoring_kexMiklós Fazekas2019-09-044-65/+95
|\ | | | | Refactoring kex ecdh with RFC5656
| * Refactoring kex ecdh RFC5656Florian Wininger2019-08-284-65/+95
| | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* | Disable by default unsecure algorithmFlorian Wininger2019-09-022-26/+42
|/ | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* Merge pull request #704 from fwininger/rubocop_small_copMiklós Fazekas2019-08-281-7/+1
|\ | | | | Enhance some code
| * Refactoring style unlesselse.Florian Wininger2019-08-231-7/+1
| | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* | Merge pull request #703 from fwininger/openssl4Miklós Fazekas2019-08-281-11/+9
|\ \ | | | | | | Modernize OpenSSL SHA2 implementation
| * | Modernize OpenSSL SHA2 implementationFlorian Wininger2019-08-231-11/+9
| |/ | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* | Merge pull request #702 from fwininger/refactoring_kex2Miklós Fazekas2019-08-285-136/+130
|\ \ | | | | | | Refactoring kex
| * | Add Abstract Kex classFlorian Wininger2019-08-243-113/+121
| | | | | | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
| * | Refactor DH get_parametersFlorian Wininger2019-08-231-16/+5
| | | | | | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
| * | Update digesterFlorian Wininger2019-08-234-11/+8
| |/ | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* | Remove check because Openssl 1.0.1 introduice aes-ctrFlorian Wininger2019-08-231-9/+8
|/ | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* Merge pull request #699 from fwininger/refactoring_kexMiklós Fazekas2019-08-237-48/+27
|\ | | | | Refactoring kex
| * Remove include already include.Florian Wininger2019-08-231-5/+1
| | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
| * Remove already include modulesFlorian Wininger2019-08-233-20/+14
| | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
| * Define properly the get_p and get_g method to handle inheritance.Florian Wininger2019-08-232-12/+2
| | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
| * Move KEXDH Constant into the Constants ModulesFlorian Wininger2019-08-232-11/+10
| | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* | Remove unnecessary defined?(OpenSSL::PKey::EC) in KexFlorian Wininger2019-08-231-13/+10
| | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* | Remove unnecessary defined?(OpenSSL::PKey::EC) in OpenSSL overrideFlorian Wininger2019-08-231-105/+99
| | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* | Remove unnecessary defined?(OpenSSL::PKey::EC) and ↵Florian Wininger2019-08-2310-95/+56
|/ | | | | | defined?(OpenSSL::Digest::SHA256) Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
* Extract proxy setup into methodJoshua Morgan2019-08-201-11/+15
|
* Fix style violationsJoshua Morgan2019-08-201-2/+2
|
* Remove nil value checkJoshua Morgan2019-08-201-5/+3
| | | | Check in now done when inserting the proxy values
* Consider ProxyCommand and ProxyJump togeatherJoshua Morgan2019-08-181-10/+21
| | | | | ProxyCommand and ProxyJump override each other so they need to be tracked together so the first one set takes precedence
* Improve performance of known_hosts parsingNick Lewis2019-07-111-20/+18
| | | | | | | | | | | | | This makes two changes to known_hosts parsing: * Only go through the work of building a regex for pattern matching if the entry has pattern characters (* and ?). This was ~75% performance improvement in the case where no patterns are being used. * Use simple string splitting instead of a string scanner when parsing a single line. This was ~20% performance improvement. Together these changes entail ~80% reduction in parsing time with no change in behavior. In a case with a large (20k entries) known_hosts file, the time was reduced from 350ms to 65ms.
* Expose StrictHostKeyChecking from SSH configMichael Smith2019-06-201-0/+2
| | | | | | | | Make this setting available so it can be used when deciding how to configure `verify_host_key` so that users of this library can enable behavior consistent with `ssh`. Resolves #678.
* Merge pull request #671 from jmutkawoa/masterMiklós Fazekas2019-05-293-20/+5
|\ | | | | Deprecating RC4 as per https://tools.ietf.org/html/draft-ietf-curdle-rc4-die-die-die-10
| * fix to key_len_overridejmutkawoa2019-03-231-1/+1
| |
View Lorry Controller Status