ruby-net-ssh 1:3.0.1-3 / usr / lib / ruby / vendor_ruby / net / ssh / verifiers / secure.rb

This file is indexed.

/usr/lib/ruby/vendor_ruby/net/ssh/verifiers/secure.rb is in ruby-net-ssh 1:3.0.1-3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
require 'net/ssh/errors'
require 'net/ssh/known_hosts'

module Net; module SSH; module Verifiers

  # Does a strict host verification, looking the server up in the known
  # host files to see if a key has already been seen for this server. If this
  # server does not appear in any host file, an exception will be raised
  # (HostKeyUnknown). This is in contrast to the "Strict" class, which will
  # silently add the key to your known_hosts file. If the server does appear at
  # least once, but the key given does not match any known for the server, an
  # exception will be raised (HostKeyMismatch).
  # Otherwise, this returns true.
  class Secure
    def verify(arguments)
      options = arguments[:session].options
      host = options[:host_key_alias] || arguments[:session].host_as_string
      matches = Net::SSH::KnownHosts.search_for(host, arguments[:session].options)

      # We've never seen this host before, so raise an exception.
      if matches.empty?
        process_cache_miss(host, arguments, HostKeyUnknown, "is unknown")
      end

      # If we found any matches, check to see that the key type and
      # blob also match.
      found = matches.any? do |key|
        key.ssh_type == arguments[:key].ssh_type &&
        key.to_blob  == arguments[:key].to_blob
      end

      # If a match was found, return true. Otherwise, raise an exception
      # indicating that the key was not recognized.
      unless found
        process_cache_miss(host, arguments, HostKeyMismatch, "does not match")
      end

      found
    end

    private

    def process_cache_miss(host, args, exc_class, message)
      exception = exc_class.new("fingerprint #{args[:fingerprint]} " +
                                "#{message} for #{host.inspect}")
      exception.data = args
      exception.callback = Proc.new do
        Net::SSH::KnownHosts.add(host, args[:key], args[:session].options)
      end
      raise exception
    end
  end

end; end; end

APT Browse - Built by Thomas Orozco.