diff options
author | Wild Kat <wk@users.noreply.github.com> | 2018-05-26 23:49:29 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-05-26 23:49:29 +0200 |
commit | 39dbb74c527c054007e26ad34c8921d4be6cb638 (patch) | |
tree | d55745153153450fb40e1f591eb861495a6068d9 /lib/oxidized/input | |
parent | defdc69f92b3bcf62b1fd3b5ceac63a7a4e637ae (diff) | |
parent | 42bf10b7bce34ff577c469f6c2f659f3913cbf4a (diff) |
Merge branch 'master' into FortiOS-Push
Diffstat (limited to 'lib/oxidized/input')
-rw-r--r-- | lib/oxidized/input/cli.rb | 11 | ||||
-rw-r--r-- | lib/oxidized/input/ftp.rb | 13 | ||||
-rw-r--r-- | lib/oxidized/input/ssh.rb | 46 | ||||
-rw-r--r-- | lib/oxidized/input/telnet.rb | 70 |
4 files changed, 73 insertions, 67 deletions
diff --git a/lib/oxidized/input/cli.rb b/lib/oxidized/input/cli.rb index 660e173..d434e33 100644 --- a/lib/oxidized/input/cli.rb +++ b/lib/oxidized/input/cli.rb @@ -32,26 +32,25 @@ module Oxidized @pre_logout.each { |command, block| block ? block.call : (cmd command, nil) } end - def post_login _post_login=nil, &block + def post_login _post_login = nil, &block unless @exec @post_login << [_post_login, block] end end - def pre_logout _pre_logout=nil, &block + def pre_logout _pre_logout = nil, &block unless @exec - @pre_logout << [_pre_logout, block] + @pre_logout << [_pre_logout, block] end end - def username re=/^(Username|login)/ + def username re = /^(Username|login)/ @username or @username = re end - def password re=/^Password/ + def password re = /^Password/ @password or @password = re end - end end end diff --git a/lib/oxidized/input/ftp.rb b/lib/oxidized/input/ftp.rb index cdf3688..ebe50ef 100644 --- a/lib/oxidized/input/ftp.rb +++ b/lib/oxidized/input/ftp.rb @@ -6,22 +6,22 @@ module Oxidized class FTP < Input RescueFail = { :debug => [ - #Net::SSH::Disconnect, + # Net::SSH::Disconnect, ], :warn => [ - #RuntimeError, - #Net::SSH::AuthenticationFailed, + # RuntimeError, + # Net::SSH::AuthenticationFailed, ], } include Input::CLI def connect node - @node = node + @node = node @node.model.cfg['ftp'].each { |cb| instance_exec(&cb) } @log = File.open(Oxidized::Config::Log + "/#{@node.ip}-ftp", 'w') if Oxidized.config.input.debug? @ftp = Net::FTP.new(@node.ip) @ftp.passive = Oxidized.config.input.ftp.passive - @ftp.login @node.auth[:username], @node.auth[:password] + @ftp.login @node.auth[:username], @node.auth[:password] connected? end @@ -47,10 +47,9 @@ module Oxidized def disconnect @ftp.close - #rescue Errno::ECONNRESET, IOError + # rescue Errno::ECONNRESET, IOError ensure @log.close if Oxidized.config.input.debug? end - end end diff --git a/lib/oxidized/input/ssh.rb b/lib/oxidized/input/ssh.rb index 27e81e0..780bdf2 100644 --- a/lib/oxidized/input/ssh.rb +++ b/lib/oxidized/input/ssh.rb @@ -24,20 +24,24 @@ module Oxidized secure = Oxidized.config.input.ssh.secure @log = File.open(Oxidized::Config::Log + "/#{@node.ip}-ssh", 'w') if Oxidized.config.input.debug? port = vars(:ssh_port) || 22 - + ssh_opts = { - :port => port.to_i, - :password => @node.auth[:password], :timeout => Oxidized.config.timeout, - :paranoid => secure, - :auth_methods => %w(none publickey password keyboard-interactive), - :number_of_password_prompts => 0, - } + port: port.to_i, + paranoid: secure, + keepalive: true, + password: @node.auth[:password], :timeout => Oxidized.config.timeout, + number_of_password_prompts: 0, + } + + auth_methods = vars(:auth_methods) || %w(none publickey password) + ssh_opts[:auth_methods] = auth_methods + Oxidized.logger.debug "AUTH METHODS::#{auth_methods}" if proxy_host = vars(:ssh_proxy) proxy_command = "ssh " proxy_command += "-o StrictHostKeyChecking=no " unless secure proxy_command += "#{proxy_host} -W %h:%p" - proxy = Net::SSH::Proxy::Command.new(proxy_command) + proxy = Net::SSH::Proxy::Command.new(proxy_command) ssh_opts[:proxy] = proxy end @@ -52,7 +56,7 @@ module Oxidized begin login rescue Timeout::Error - raise PromptUndetect, [ @output, 'not matching configured prompt', @node.prompt ].join(' ') + raise PromptUndetect, [@output, 'not matching configured prompt', @node.prompt].join(' ') end end connected? @@ -62,7 +66,7 @@ module Oxidized @ssh and not @ssh.closed? end - def cmd cmd, expect=node.prompt + def cmd cmd, expect = node.prompt Oxidized.logger.debug "lib/oxidized/input/ssh.rb #{cmd} @ #{node.name} with expect: #{expect.inspect}" if @exec @ssh.exec! cmd @@ -100,7 +104,7 @@ module Oxidized ch.on_data do |_ch, data| if Oxidized.config.input.debug? @log.print data - @log.fsync + @log.flush end @output << data @output = @node.model.expects @output @@ -117,19 +121,18 @@ module Oxidized # some models have SSH auth or terminal auth based on version of code # if SSH is configured for terminal auth, we'll still try to detect prompt def login - if @username - match = expect username, @node.prompt - if match == username - cmd @node.auth[:username], password - cmd @node.auth[:password] - end - else - expect @node.prompt + match_re = [@node.prompt] + match_re << @username if @username + match_re << @password if @password + until (match = expect(match_re)) == @node.prompt + cmd(@node.auth[:username], nil) if match == @username + cmd(@node.auth[:password], nil) if match == @password + match_re.delete match end end - def exec state=nil - state == nil ? @exec : (@exec=state) unless vars :ssh_no_exec + def exec state = nil + state == nil ? @exec : (@exec = state) unless vars :ssh_no_exec end def cmd_shell(cmd, expect_re) @@ -152,6 +155,5 @@ module Oxidized end end end - end end diff --git a/lib/oxidized/input/telnet.rb b/lib/oxidized/input/telnet.rb index a5561b9..4b9a656 100644 --- a/lib/oxidized/input/telnet.rb +++ b/lib/oxidized/input/telnet.rb @@ -10,15 +10,16 @@ module Oxidized @node = node @timeout = Oxidized.config.timeout @node.model.cfg['telnet'].each { |cb| instance_exec(&cb) } + @log = File.open(Oxidized::Config::Log + "/#{@node.ip}-telnet", 'w') if Oxidized.config.input.debug? port = vars(:telnet_port) || 23 - opt = { 'Host' => @node.ip, - 'Port' => port.to_i, - 'Timeout' => @timeout, - 'Model' => @node.model } - opt['Output_log'] = Oxidized::Config::Log + "/#{@node.ip}-telnet" if Oxidized.config.input.debug? + telnet_opts = { 'Host' => @node.ip, + 'Port' => port.to_i, + 'Timeout' => @timeout, + 'Model' => @node.model, + 'Log' => @log } - @telnet = Net::Telnet.new opt + @telnet = Net::Telnet.new telnet_opts if @node.auth[:username] and @node.auth[:username].length > 0 expect username @telnet.puts @node.auth[:username] @@ -28,7 +29,7 @@ module Oxidized begin expect @node.prompt rescue Timeout::Error - raise PromptUndetect, [ 'unable to detect prompt:', @node.prompt ].join(' ') + raise PromptUndetect, ['unable to detect prompt:', @node.prompt].join(' ') end end @@ -36,7 +37,7 @@ module Oxidized @telnet and not @telnet.sock.closed? end - def cmd cmd, expect=@node.prompt + def cmd cmd, expect = @node.prompt Oxidized.logger.debug "Telnet: #{cmd} @#{@node.name}" args = { 'String' => cmd } args.merge!({ 'Match' => expect, 'Timeout' => @timeout }) if expect @@ -62,13 +63,14 @@ module Oxidized disconnect_cli @telnet.close rescue Errno::ECONNRESET + ensure + @log.close if Oxidized.config.input.debug? + (@telnet.close rescue true) unless @telnet.sock.closed? end end - end end - class Net::Telnet ## FIXME: we just need 'line = model.expects line' to handle pager ## how to do this, without redefining the whole damn thing @@ -79,6 +81,7 @@ class Net::Telnet waittime = @options["Waittime"] fail_eof = @options["FailEOF"] model = @options["Model"] + @log = @options["Log"] if options.kind_of?(Hash) prompt = if options.has_key?("Match") @@ -86,7 +89,7 @@ class Net::Telnet elsif options.has_key?("Prompt") options["Prompt"] elsif options.has_key?("String") - Regexp.new( Regexp.quote(options["String"]) ) + Regexp.new(Regexp.quote(options["String"])) end time_out = options["Timeout"] if options.has_key?("Timeout") waittime = options["Waittime"] if options.has_key?("Waittime") @@ -102,9 +105,9 @@ class Net::Telnet line = '' buf = '' rest = '' - until(prompt === line and not IO::select([@sock], nil, nil, waittime)) + until prompt === line and not IO::select([@sock], nil, nil, waittime) unless IO::select([@sock], nil, nil, time_out) - raise TimeoutError, "timed out while waiting for more data" + raise Timeout::Error, "timed out while waiting for more data" end begin c = @sock.readpartial(1024 * 1024) @@ -114,32 +117,35 @@ class Net::Telnet c = rest + c if Integer(c.rindex(/#{IAC}#{SE}/no) || 0) < Integer(c.rindex(/#{IAC}#{SB}/no) || 0) - buf = preprocess(c[0 ... c.rindex(/#{IAC}#{SB}/no)]) - rest = c[c.rindex(/#{IAC}#{SB}/no) .. -1] + buf = preprocess(c[0...c.rindex(/#{IAC}#{SB}/no)]) + rest = c[c.rindex(/#{IAC}#{SB}/no)..-1] elsif pt = c.rindex(/#{IAC}[^#{IAC}#{AO}#{AYT}#{DM}#{IP}#{NOP}]?\z/no) || c.rindex(/\r\z/no) - buf = preprocess(c[0 ... pt]) - rest = c[pt .. -1] + buf = preprocess(c[0...pt]) + rest = c[pt..-1] else buf = preprocess(c) rest = '' end - else - # Not Telnetmode. - # - # We cannot use preprocess() on this data, because that - # method makes some Telnetmode-specific assumptions. - buf = rest + c - rest = '' - unless @options["Binmode"] - if pt = buf.rindex(/\r\z/no) - buf = buf[0 ... pt] - rest = buf[pt .. -1] - end - buf.gsub!(/#{EOL}/no, "\n") - end + else + # Not Telnetmode. + # + # We cannot use preprocess() on this data, because that + # method makes some Telnetmode-specific assumptions. + buf = rest + c + rest = '' + unless @options["Binmode"] + if pt = buf.rindex(/\r\z/no) + buf = buf[0...pt] + rest = buf[pt..-1] + end + buf.gsub!(/#{EOL}/no, "\n") + end + end + if Oxidized.config.input.debug? + @log.print buf + @log.flush end - @log.print(buf) if @options.has_key?("Output_log") line += buf line = model.expects line line = yield line if block_given? |