net-ssh5_fix

diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb
index 12cd7c6655ff9f157b5de17676bcbcf655f05cc3..7a54362cdbd682a2f19a18ebb5c98510737b0671 100644 (file)
--- a/spec/spec_helper_acceptance.rb
+++ b/spec/spec_helper_acceptance.rb
@@ -26,7 +26,29 @@ else
     options[:port] = node_config.dig('ssh', 'port') unless node_config.dig('ssh', 'port').nil?
     options[:keys] = node_config.dig('ssh', 'private-key') unless node_config.dig('ssh', 'private-key').nil?
     options[:password] = node_config.dig('ssh', 'password') unless node_config.dig('ssh', 'password').nil?
-    options[:verify_host_key] = Net::SSH::Verifiers::Null.new unless node_config.dig('ssh', 'host-key-check').nil?
+
+    options[:verify_host_key] = if node_config.dig('ssh', 'host-key-check').nil?
+      # Fall back to SSH behavior. This variable will only be set in net-ssh 5.3+.
+      if @strict_host_key_checking.nil? || @strict_host_key_checking
+        Net::SSH::Verifiers::Always.new
+      else
+        # SSH's behavior with StrictHostKeyChecking=no: adds new keys to known_hosts.
+        # If known_hosts points to /dev/null, then equivalent to :never where it
+        # accepts any key beacuse they're all new.
+        Net::SSH::Verifiers::AcceptNewOrLocalTunnel.new
+      end
+    elsif node_config.dig('ssh', 'host-key-check')
+      if defined?(Net::SSH::Verifiers::Always)
+        Net::SSH::Verifiers::Always.new
+      else
+        Net::SSH::Verifiers::Secure.new
+      end
+    elsif defined?(Net::SSH::Verifiers::Never)
+      Net::SSH::Verifiers::Never.new
+    else
+      Net::SSH::Verifiers::Null.new
+    end
+
     host = if ENV['TARGET_HOST'].include?(':')
              ENV['TARGET_HOST'].split(':').first
            else