Source Code for Module paramiko.agent

  1  # Copyright (C) 2003-2007  John Rochester <john@jrochester.org> 
  2  # 
  3  # This file is part of paramiko. 
  4  # 
  5  # Paramiko is free software; you can redistribute it and/or modify it under the 
  6  # terms of the GNU Lesser General Public License as published by the Free 
  7  # Software Foundation; either version 2.1 of the License, or (at your option) 
  8  # any later version. 
  9  # 
 10  # Paramiko is distrubuted in the hope that it will be useful, but WITHOUT ANY 
 11  # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR 
 12  # A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more 
 13  # details. 
 14  # 
 15  # You should have received a copy of the GNU Lesser General Public License 
 16  # along with Paramiko; if not, write to the Free Software Foundation, Inc., 
 17  # 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA. 
 18   
 19  """ 
 20  SSH Agent interface for Unix clients. 
 21  """ 
 22   
 23  import os 
 24  import socket 
 25  import struct 
 26  import sys 
 27   
 28  from paramiko.ssh_exception import SSHException 
 29  from paramiko.message import Message 
 30  from paramiko.pkey import PKey 
 31   
 32   
 33  SSH2_AGENTC_REQUEST_IDENTITIES, SSH2_AGENT_IDENTITIES_ANSWER, \ 
 34      SSH2_AGENTC_SIGN_REQUEST, SSH2_AGENT_SIGN_RESPONSE = range(11, 15) 
 35   
 36   
 37 -class Agent: 
 38      """ 
 39      Client interface for using private keys from an SSH agent running on the 
 40      local machine.  If an SSH agent is running, this class can be used to 
 41      connect to it and retreive L{PKey} objects which can be used when 
 42      attempting to authenticate to remote SSH servers. 
 43       
 44      Because the SSH agent protocol uses environment variables and unix-domain 
 45      sockets, this probably doesn't work on Windows.  It does work on most 
 46      posix platforms though (Linux and MacOS X, for example). 
 47      """ 
 48       
 49 -    def __init__(self): 
 50          """ 
 51          Open a session with the local machine's SSH agent, if one is running. 
 52          If no agent is running, initialization will succeed, but L{get_keys} 
 53          will return an empty tuple. 
 54           
 55          @raise SSHException: if an SSH agent is found, but speaks an 
 56              incompatible protocol 
 57          """ 
 58          self.conn = None 
 59          self.keys = () 
 60          if ('SSH_AUTH_SOCK' in os.environ) and (sys.platform != 'win32'): 
 61              conn = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) 
 62              try: 
 63                  conn.connect(os.environ['SSH_AUTH_SOCK']) 
 64              except: 
 65                  # probably a dangling env var: the ssh agent is gone 
 66                  return 
 67              self.conn = conn 
 68          elif sys.platform == 'win32': 
 69              import win_pageant 
 70              if win_pageant.can_talk_to_agent(): 
 71                  self.conn = win_pageant.PageantConnection() 
 72              else: 
 73                  return 
 74          else: 
 75              # no agent support 
 76              return 
 77               
 78          ptype, result = self._send_message(chr(SSH2_AGENTC_REQUEST_IDENTITIES)) 
 79          if ptype != SSH2_AGENT_IDENTITIES_ANSWER: 
 80              raise SSHException('could not get keys from ssh-agent') 
 81          keys = [] 
 82          for i in range(result.get_int()): 
 83              keys.append(AgentKey(self, result.get_string())) 
 84              result.get_string() 
 85          self.keys = tuple(keys) 
 86   
 87 -    def close(self): 
 88          """ 
 89          Close the SSH agent connection. 
 90          """ 
 91          if self.conn is not None: 
 92              self.conn.close() 
 93          self.conn = None 
 94          self.keys = () 
 95   
 96 -    def get_keys(self): 
 97          """ 
 98          Return the list of keys available through the SSH agent, if any.  If 
 99          no SSH agent was running (or it couldn't be contacted), an empty list 
100          will be returned. 
101           
102          @return: a list of keys available on the SSH agent 
103          @rtype: tuple of L{AgentKey} 
104          """ 
105          return self.keys 
106   
107 -    def _send_message(self, msg): 
108          msg = str(msg) 
109          self.conn.send(struct.pack('>I', len(msg)) + msg) 
110          l = self._read_all(4) 
111          msg = Message(self._read_all(struct.unpack('>I', l)[0])) 
112          return ord(msg.get_byte()), msg 
113   
114 -    def _read_all(self, wanted): 
115          result = self.conn.recv(wanted) 
116          while len(result) < wanted: 
117              if len(result) == 0: 
118                  raise SSHException('lost ssh-agent') 
119              extra = self.conn.recv(wanted - len(result)) 
120              if len(extra) == 0: 
121                  raise SSHException('lost ssh-agent') 
122              result += extra 
123          return result 
124   
125   
126 -class AgentKey(PKey): 
127      """ 
128      Private key held in a local SSH agent.  This type of key can be used for 
129      authenticating to a remote server (signing).  Most other key operations 
130      work as expected. 
131      """ 
132       
133 -    def __init__(self, agent, blob): 
134          self.agent = agent 
135          self.blob = blob 
136          self.name = Message(blob).get_string() 
137   
138 -    def __str__(self): 
139          return self.blob 
140   
141 -    def get_name(self): 
142          return self.name 
143   
144 -    def sign_ssh_data(self, rng, data): 
145          msg = Message() 
146          msg.add_byte(chr(SSH2_AGENTC_SIGN_REQUEST)) 
147          msg.add_string(self.blob) 
148          msg.add_string(data) 
149          msg.add_int(0) 
150          ptype, result = self.agent._send_message(msg) 
151          if ptype != SSH2_AGENT_SIGN_RESPONSE: 
152              raise SSHException('key cannot be used for signing') 
153          return result.get_string() 
154