Source Code for Module paramiko.agent

  1  # Copyright (C) 2003-2007  John Rochester <john@jrochester.org> 
  2  # 
  3  # This file is part of paramiko. 
  4  # 
  5  # Paramiko is free software; you can redistribute it and/or modify it under the 
  6  # terms of the GNU Lesser General Public License as published by the Free 
  7  # Software Foundation; either version 2.1 of the License, or (at your option) 
  8  # any later version. 
  9  # 
 10  # Paramiko is distrubuted in the hope that it will be useful, but WITHOUT ANY 
 11  # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR 
 12  # A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more 
 13  # details. 
 14  # 
 15  # You should have received a copy of the GNU Lesser General Public License 
 16  # along with Paramiko; if not, write to the Free Software Foundation, Inc., 
 17  # 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA. 
 18   
 19  """ 
 20  SSH Agent interface for Unix clients. 
 21  """ 
 22   
 23  import os 
 24  import socket 
 25  import struct 
 26  import sys 
 27   
 28  from paramiko.ssh_exception import SSHException 
 29  from paramiko.message import Message 
 30  from paramiko.pkey import PKey 
 31   
 32   
 33  SSH2_AGENTC_REQUEST_IDENTITIES, SSH2_AGENT_IDENTITIES_ANSWER, \ 
 34      SSH2_AGENTC_SIGN_REQUEST, SSH2_AGENT_SIGN_RESPONSE = range(11, 15) 
 35   
 36   
 37 -class Agent: 
 38      """ 
 39      Client interface for using private keys from an SSH agent running on the 
 40      local machine.  If an SSH agent is running, this class can be used to 
 41      connect to it and retreive L{PKey} objects which can be used when 
 42      attempting to authenticate to remote SSH servers. 
 43       
 44      Because the SSH agent protocol uses environment variables and unix-domain 
 45      sockets, this probably doesn't work on Windows.  It does work on most 
 46      posix platforms though (Linux and MacOS X, for example). 
 47      """ 
 48       
 49 -    def __init__(self): 
 50          """ 
 51          Open a session with the local machine's SSH agent, if one is running. 
 52          If no agent is running, initialization will succeed, but L{get_keys} 
 53          will return an empty tuple. 
 54           
 55          @raise SSHException: if an SSH agent is found, but speaks an 
 56              incompatible protocol 
 57          """ 
 58          self.keys = () 
 59          if ('SSH_AUTH_SOCK' in os.environ) and (sys.platform != 'win32'): 
 60              conn = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) 
 61              try: 
 62                  conn.connect(os.environ['SSH_AUTH_SOCK']) 
 63              except: 
 64                  # probably a dangling env var: the ssh agent is gone 
 65                  return 
 66              self.conn = conn 
 67          elif sys.platform == 'win32': 
 68              import win_pageant 
 69              if win_pageant.can_talk_to_agent(): 
 70                  self.conn = win_pageant.PageantConnection() 
 71              else: 
 72                  return 
 73          else: 
 74              # no agent support 
 75              return 
 76               
 77          ptype, result = self._send_message(chr(SSH2_AGENTC_REQUEST_IDENTITIES)) 
 78          if ptype != SSH2_AGENT_IDENTITIES_ANSWER: 
 79              raise SSHException('could not get keys from ssh-agent') 
 80          keys = [] 
 81          for i in range(result.get_int()): 
 82              keys.append(AgentKey(self, result.get_string())) 
 83              result.get_string() 
 84          self.keys = tuple(keys) 
 85   
 86 -    def close(self): 
 87          """ 
 88          Close the SSH agent connection. 
 89          """ 
 90          self.conn.close() 
 91          self.conn = None 
 92          self.keys = () 
 93   
 94 -    def get_keys(self): 
 95          """ 
 96          Return the list of keys available through the SSH agent, if any.  If 
 97          no SSH agent was running (or it couldn't be contacted), an empty list 
 98          will be returned. 
 99           
100          @return: a list of keys available on the SSH agent 
101          @rtype: tuple of L{AgentKey} 
102          """ 
103          return self.keys 
104   
105 -    def _send_message(self, msg): 
106          msg = str(msg) 
107          self.conn.send(struct.pack('>I', len(msg)) + msg) 
108          l = self._read_all(4) 
109          msg = Message(self._read_all(struct.unpack('>I', l)[0])) 
110          return ord(msg.get_byte()), msg 
111   
112 -    def _read_all(self, wanted): 
113          result = self.conn.recv(wanted) 
114          while len(result) < wanted: 
115              if len(result) == 0: 
116                  raise SSHException('lost ssh-agent') 
117              extra = self.conn.recv(wanted - len(result)) 
118              if len(extra) == 0: 
119                  raise SSHException('lost ssh-agent') 
120              result += extra 
121          return result 
122   
123   
124 -class AgentKey(PKey): 
125      """ 
126      Private key held in a local SSH agent.  This type of key can be used for 
127      authenticating to a remote server (signing).  Most other key operations 
128      work as expected. 
129      """ 
130       
131 -    def __init__(self, agent, blob): 
132          self.agent = agent 
133          self.blob = blob 
134          self.name = Message(blob).get_string() 
135   
136 -    def __str__(self): 
137          return self.blob 
138   
139 -    def get_name(self): 
140          return self.name 
141   
142 -    def sign_ssh_data(self, randpool, data): 
143          msg = Message() 
144          msg.add_byte(chr(SSH2_AGENTC_SIGN_REQUEST)) 
145          msg.add_string(self.blob) 
146          msg.add_string(data) 
147          msg.add_int(0) 
148          ptype, result = self.agent._send_message(msg) 
149          if ptype != SSH2_AGENT_SIGN_RESPONSE: 
150              raise SSHException('key cannot be used for signing') 
151          return result.get_string() 
152