Adds a communicator which does not provide communication to the
guest machine. All methods for the communicator are simply stubbed
with a successful result. This allows a guest to be configured
with the `:none` communicator and Vagrant to properly `up` it.
This currently lacks any user notification or guards within
configuration to verify guest configuration does not rely on
the communicator. It is wrapped as experimental to allow early
access to the basic functionality without making it generally
available.
Remove customized require behaviors and modify the bin executable
to check for missing tools that Vagrant expects to exist when
running outside of an installer.
Adds two new options to the SSH connect configuration: `connect_retries`
and `connect_retry_delay`. Provides user configurable values used when
establishing the SSH connection. Previous behavior would retry generally
by the default value without a pause between attempts. Updated behavior
will retry the number of times set within the config (unless value is
provided directly to connect call) and each retry will pause based on
the delay value set in the config (unless value is provided directly
to the connect call).
Ruby 3.2 introduced a new error, `IO:TimeoutError`, for blocking
operations. Formerly, this case would return `Errno::ETIMEDOUT`. Catch
the new error while waiting for the communicator so that the retries can
be correctly attempted.
https://bugs.ruby-lang.org/issues/18630
Updates the SSH communicator to inspect the guest sshd configuration for
supported key types when creating a new key to replace the default
insecure public key. If the guest cannot be inspected, the connection
will be inspected. If the connection cannot be inspected, it will simply
fall back to the original behavior of using an rsa type key.
If key type is defined as :auto, detect best key type to use. If no
acceptable key type is detected as supported by the server, raise an
error. If unable to determine supported key types from the server,
fallback to original behavior of rsa type key.
If key type is defined as custom value, use that type if the server
supports it, or if the supported types cannot be read. Otherwise, raise
an error informing the user that the key type is not supported.
Check the key types supported by the server. If the data is not
available, default to the previous behavior which is using the rsa key
type.
Update insecure key check to match against any key files located within
the keys directory. For now, this effectively allows matching either rsa
or ed25519 insecure private keys.
The keyboard-interactive authentication method was added due to a
mis-reading of a reported issue where the box was not properly
configured for Vagrant. This removes the keyboard-interactive
authentication method which resolves a password prompting issue caused
by its addition.
When connecting over ssh using net-ssh use the non_interactive
argument must be set when authenticating with a password.
Add the keyboard-interactive default auth method
ref: 8a176a6ea0/lib/net/ssh/config.rb (L52)
This includes updates for resolving all warnings provided by Ruby
for deprecations and/or removed methods. It also enables support
for Ruby 2.7 in the specification constraint as all 2.7 related
warnings are resolved with this changeset.
This commit changes the SSH communicator to raise an error if Vagrant
doesn't receive an exit status from an SSH command, for example if the
command is terminated by the OOM-killer.
Retains the original default value of 15 seconds for SSH connect
timeout. Allows users to modify this timeout via SSH communicator
option. Enforces integer values for timeout and validates custom
values are greater than 0.
This patches the connection instances generated for the winssh
communicator so when a command is executed it is always run
with powershell. This prevents inconsistencies with argument
handling based on what the default shell is set to on the remote
side.
Since powershell is the default, environment variable template
only needs to be set for powershell style. If the shell setting
is updated to `cmd`, the command will be properly prefixed.
Default shell has been updated to powershell, to prevent extraneous
wrapping where it's not required. The `#ready?` check has also been
updated to use a constant value, which is overridden within winssh
as a blank command is invalid.
SFTP is more reliable than SCP when dealing with unknown sshd
configurations on the server side. It also provides a convenient
facility for creating remote directories, so we can remove the
Windows-specific `#create_remote_directory` method.
This commit normalizes our Windows paths to use `/` instead of `\`.
These paths are compatible with both cmd and PowerShell, and are
required if the server-side shell is set to Bash.
The OpenSSH server executes all commands inside a default login shell
which cannot be controlled by the Vagrant configuration. So what ends up
getting executed on the server side looks something like this:
"c:\\program files\\git\\bin\\bash.exe" -c "C:\\Windows\\Temp\\vagrant-ssh20200130-41670-1w5nsjy.bat"
By flipping the direction of the directory slashes, we end up with:
"c:\\program files\\git\\bin\\bash.exe" -c "C:/Windows/Temp/vagrant-ssh20200130-43415-f1d5n2.bat"
This works whether the server-side shell is set to cmd, powershell, or
bash.
Windows commands that run over SSH are wrapped in a script that writes a
special marker to the two output streams (stdout and stderr). This
allows Vagrant to consume the output streams.
Unfortunately, this leads to a sort of chicken-and-egg problem where no
commands can be run before a wrapper script exists. For example, you
can't make a destination directory to upload the wrapper script without
first creating a wrapper script to make the directory. :)
This commit changes the behavior of the WinSSH communicator to assume
that the destination directory already exists for provisioning scripts.
It also moves the default `upload_path` from the shell provisioner
config so we can have OS-specific defaults.
Finally, it introduces a Windows-specific #upload method which will
properly use a Windows path separator on a non-Windows host.
This update was prompted by updates in openssh to the scp behavior
making source directory paths suffixed with `.` no longer valid
resulting in errors on upload. The upload implementation within
the ssh communicator has been updated to retain the existing
behavior.
Included in this update is modifications to the winrm communicator
so the upload functionality matches that of the ssh communicator
respecting the trailing `.` behavior on source paths. With the
communicators updated to properly handle the paths, the file
provisioner was also updated to simply apply previously defined
path update rules only.
Fixes#10675
Also noticed whilst testing that if the `ProxyCommand` uses `%r`, then
it fails with `unable to find remote user`, so added support for
`config.ssh.remote_user` aswell
Elevated commands can fail via winrm under certain conditions like
the machine name being changed. Detect this by checking for a known
exit code combined with known output included within stderr. If found,
attempt to re-execute the command using a machine prefixed username
if possible.
When running a shell provisioner elevated with winrm a scheduled
task is created to bypass permissions issues. If the name of the
computer has changed this may no longer work. To prevent errors
this PR updates the implementation to fetch the computer name
and prepends it to the username before creating the task.
Prior to this commit, if Windows was slow to reboot, Vagrant would fail
to find the right IP address to upload the wait_for_reboot script to.
This commit fixes this race condition by adding a timeout to ensure that
Vagrant can retry. It also properly catches an exception in the winrm
ready? method for checking if a guest is properly ready for
communications.
If the type of error changes on retry the messages will effectively
spam the user display with alternating messages. Log each message
sent and only re-display each message once within 10 seconds.
