lib/net/ssh/authentication/methods/abstract.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

require 'net/ssh/buffer'
require 'net/ssh/errors'
require 'net/ssh/loggable'
require 'net/ssh/authentication/constants'

module Net
  module SSH
    module Authentication
      module Methods
        # The base class of all user authentication methods. It provides a few
        # bits of common functionality.
        class Abstract
          include Loggable
          include Constants

          # The authentication session object
          attr_reader :session

          # The key manager object. Not all authentication methods will require
          # this.
          attr_reader :key_manager

          # So far only affects algorithms used for rsa keys, but can be
          # extended to other keys, e.g after reading of
          # PubkeyAcceptedAlgorithms option from ssh_config file is implemented.
          attr_reader :pubkey_algorithms

          # Instantiates a new authentication method.
          def initialize(session, options = {})
            @session = session
            @key_manager = options[:key_manager]
            @options = options
            @prompt = options[:password_prompt]
            @pubkey_algorithms = options[:pubkey_algorithms] \
              || %w[rsa-sha2-256-cert-v01@openssh.com
                    ssh-rsa-cert-v01@openssh.com
                    rsa-sha2-256
                    ssh-rsa]
            self.logger = session.logger
          end

          # Returns the session-id, as generated during the first key exchange of
          # an SSH connection.
          def session_id
            session.transport.algorithms.session_id
          end

          # Sends a message via the underlying transport layer abstraction. This
          # will block until the message is completely sent.
          def send_message(msg)
            session.transport.send_message(msg)
          end

          # Creates a new USERAUTH_REQUEST packet. The extra arguments on the end
          # must be either boolean values or strings, and are tacked onto the end
          # of the packet. The new packet is returned, ready for sending.
          def userauth_request(username, next_service, auth_method, *others)
            buffer = Net::SSH::Buffer.from(:byte, USERAUTH_REQUEST,
                                           :string, username, :string, next_service, :string, auth_method)

            others.each do |value|
              case value
              when true, false then buffer.write_bool(value)
              when String      then buffer.write_string(value)
              else raise ArgumentError, "don't know how to write #{value.inspect}"
              end
            end

            buffer
          end

          private

          attr_reader :prompt
        end
      end
    end
  end
end