| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
Migrate all instances of the pattern EC.new(foo).generate_key to
EC.generate(foo), as the old pattern isn't supported when using OpenSSL
3.0, since one is not allowed to mess with the internal data of already
created objects now.
The new API has been introduced in Ruby 2.4.
Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The OpenSSL 3.0 changes don't allow for us to modify the private key
details directly, and there are no dedicated constructors as of Ruby
3.0, so we need to actually create a PEM certificate in-memory and load
that instead.
To add insult to injury, contrary to other types of keys such as RSA, we
need to actually build the full PEM data and not just pack the numbers
in a simple sequence, making the code even a bit more complicated.
Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
|
| |
|
|
|
|
|
|
|
| |
The OpenSSL 3.0 changes don't allow for us to modify the private key
details directly, and there are no dedicated constructors as of Ruby
3.0, so we need to actually create a PEM certificate in-memory and load
that instead.
Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
|
| |
|
|
| |
Lot of spacing issues :)
|
| | |
|
| |
|
|
| |
Signed-off-by: Florian Wininger <fw.centrale@gmail.com>
|
| |
|
|
|
|
|
| |
Fix an issue where writing an ECDSA public_key out to a Net::SSH::Buffer
fails when calling to_blob on the key due to the method being undefined.
Fixes https://github.com/net-ssh/net-ssh/issues/619
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Prior to this change, attempting to send UTF8 commands through
SSH, or attempting to copy files with UTF8 filenames could fail.
This was particularly easy to trigger by attempting to execute
commands that were 128 bytes or longer.
- monkey patch net-ssh gem to allow UTF-8 strings >= 128 bytes
The buffer @content is often built as a UTF-8 string, until the
point at which it appends data that cannot be encoded as a UTF-8
sequence.
One case occurs when the call to write_string is made to append a
string that exceeds 127 bytes in length. The SSH2 format says
that strings must be length prefixed, and when the value [128]
has pack("N*") called against it, the resultant 4 byte network
order representation does not have a valid UTF-8 equivalent,
resulting in an ASCII-8BIT / BINARY string.
[127].pack('N*').encode('utf-8')
=> "\u0000\u0000\u0000\u007F"
[128].pack('N*').encode('utf-8')
Encoding::UndefinedConversionError: "\x80" from ASCII-8BIT to UTF-8
Ruby has a subtle behavior where appending a BINARY string to
an existing UTF-8 string is allowed and the resultant string
changes encoding to BINARY. However, once this has happened,
the string can no longer have UTF-8 encoded strings appended as
Ruby will raise an Encoding:CompatibilityError
Appending BINARY to UTF-8 always creates BINARY:
"foo".encode('utf-8') << [128].pack('N*')
=> "foo\x00\x00\x00\x80"
Appending UTF-8 representable strings to existing strings:
Ruby 2.1.7 keeps the string as its default UTF-8
"foo" << [127].pack('N*')
=> "foo\u0000\u0000\u0000\u007F"
Ruby 1.9.3 keeps UTF-8 strings as UTF-8
"foo".encode('utf-8') << [127].pack('N*')
=> "foo\u0000\u0000\u0000\u007F"
Ruby 1.9.3 defaults to US-ASCII which changes it to BINARY
pry(main)> "foo" << [127].pack('N*')
=> "foo\x00\x00\x00\x7F"
The simple solution is to call force_encoding on UTF-8 strings
prior to appending them to @content, given it's always OK to
append ASCII-8BIT / BINARY strings to existing strings, but
appending UTF-8 to BINARY raises errors.
"\x80".force_encoding('ASCII-8BIT') << "\u16A0"
Encoding::CompatibilityError: incompatible character encodings: ASCII-8BIT and UTF-8
force_encoding in this case, will simply translate a valid UTF-8
string to its BINARY equivalent
"\u16A0".force_encoding('BINARY')
=> "\xE1\x9A\xA0"
Correct conversion per http://www.fileformat.info/info/unicode/char/16a0/index.htm
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, UTF-8 encoded strings would result in the error:
`final': data not multiple of block length (OpenSSL::Cipher::CipherError)
This is because cipher padding length was based on character length
instead of bytesize. When a UTF-8 character with a bytesize of e.g. 3
was encountered, Net::SSH would incorrectly add 2 more padding than was
needed, breaking the block size multiple.
Buffer also incorrectly identified the length of the string in
write_string using character length instead of bytesize.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Key Exchange
* diffie-hellman-group14-sha1
* ecdh-sha2-nistp{256,384,521}
* Host Key
* ecdsa-sha2-nistp{256,384,521}
* Authentication
* ecdsa-sha2-nistp{256,384,521}
* HMAC
* hmac-ripemd160
* Cipher:
* aes{128,192,256}-ctr
* camellia{128,192,256}-ctr
* blowfish-ctr
* cast128-ctr
* 3des-ctr
* arcfour (has problems with weak keys, and should be used with caution)
* camellia{128,192,256}-cbc
|
| | |
|
|
|
git-svn-id: http://svn.jamisbuck.org/net-ssh/branches/v2@183 1d2a57f2-1ded-0310-ad52-83097a15a5de
|
