summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorJeff Forcier <jeff@bitprophet.org>2014-09-08 11:26:59 -0700
committerJeff Forcier <jeff@bitprophet.org>2014-09-08 11:26:59 -0700
commit7ab97439c5a90f9ab55f489719229a6cdcf85310 (patch)
treef556256a346670431ab87e357ba8ed22ebe17b66
parent49ae00822c910f62462fd881b1161bb8178b637d (diff)
parenta0f854d17fc59f0279d4d2b07d3fd810dfb1894e (diff)
Merge branch 'master' into 373-int
Conflicts: paramiko/channel.py
-rw-r--r--.travis.yml7
-rw-r--r--dev-requirements.txt5
-rw-r--r--paramiko/__init__.py3
-rw-r--r--paramiko/_version.py2
-rw-r--r--paramiko/channel.py64
-rw-r--r--paramiko/client.py15
-rw-r--r--paramiko/config.py102
-rw-r--r--paramiko/ecdsakey.py13
-rw-r--r--paramiko/hostkeys.py4
-rw-r--r--paramiko/py3compat.py4
-rw-r--r--paramiko/sftp_client.py79
-rw-r--r--paramiko/transport.py9
-rw-r--r--setup.py12
-rw-r--r--sites/shared_conf.py2
-rw-r--r--sites/www/changelog.rst58
-rw-r--r--sites/www/conf.py3
-rw-r--r--sites/www/installing.rst4
-rw-r--r--tasks.py4
-rwxr-xr-xtest.py5
-rw-r--r--tests/test_buffered_pipe.py9
-rw-r--r--tests/test_client.py137
-rwxr-xr-xtests/test_file.py10
-rwxr-xr-xtests/test_sftp.py24
-rw-r--r--tests/test_transport.py107
-rw-r--r--tests/test_util.py118
-rw-r--r--tests/util.py10
-rw-r--r--tox.ini2
27 files changed, 580 insertions, 232 deletions
diff --git a/.travis.yml b/.travis.yml
index 7042570f..3f6f7331 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -4,6 +4,7 @@ python:
- "2.7"
- "3.2"
- "3.3"
+ - "3.4"
install:
# Self-install for setup.py-driven deps
- pip install -e .
@@ -17,8 +18,9 @@ script:
# Run 'docs' first since its objects.inv is referred to by 'www'.
# Also force warnings to be errors since most of them tend to be actual
# problems.
- - invoke docs -o -W
- - invoke www -o -W
+ # Finally, skip them under Python 3.2 due to sphinx shenanigans
+ - "[[ $TRAVIS_PYTHON_VERSION != 3.2 ]] && invoke docs -o -W || true"
+ - "[[ $TRAVIS_PYTHON_VERSION != 3.2 ]] && invoke www -o -W || true"
notifications:
irc:
channels: "irc.freenode.org#paramiko"
@@ -26,7 +28,6 @@ notifications:
- "%{repository}@%{branch}: %{message} (%{build_url})"
on_success: change
on_failure: change
- use_notice: true
email: false
after_success:
- coveralls
diff --git a/dev-requirements.txt b/dev-requirements.txt
index e9052898..7a0ccbc5 100644
--- a/dev-requirements.txt
+++ b/dev-requirements.txt
@@ -1,10 +1,9 @@
# Older junk
tox>=1.4,<1.5
# For newer tasks like building Sphinx docs.
-# NOTE: Requires Python >=2.6
-invoke>=0.7.0
+invoke>=0.7.0,<0.8
invocations>=0.5.0
sphinx>=1.1.3
-alabaster>=0.6.0
+alabaster>=0.6.1
releases>=0.5.2
wheel==0.23.0
diff --git a/paramiko/__init__.py b/paramiko/__init__.py
index 4c62ad4a..65f6f8a2 100644
--- a/paramiko/__init__.py
+++ b/paramiko/__init__.py
@@ -17,14 +17,13 @@
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
import sys
+from paramiko._version import __version__, __version_info__
if sys.version_info < (2, 6):
raise RuntimeError('You need Python 2.6+ for this module.')
__author__ = "Jeff Forcier <jeff@bitprophet.org>"
-__version__ = "1.14.0"
-__version_info__ = tuple([ int(d) for d in __version__.split(".") ])
__license__ = "GNU Lesser General Public License (LGPL)"
diff --git a/paramiko/_version.py b/paramiko/_version.py
new file mode 100644
index 00000000..a7857b09
--- /dev/null
+++ b/paramiko/_version.py
@@ -0,0 +1,2 @@
+__version_info__ = (1, 15, 0)
+__version__ = '.'.join(map(str, __version_info__))
diff --git a/paramiko/channel.py b/paramiko/channel.py
index 4b83f81e..27202a7e 100644
--- a/paramiko/channel.py
+++ b/paramiko/channel.py
@@ -25,6 +25,7 @@ import os
import socket
import time
import threading
+from functools import wraps
from paramiko import util
from paramiko.common import cMSG_CHANNEL_REQUEST, cMSG_CHANNEL_WINDOW_ADJUST, \
@@ -43,6 +44,26 @@ from paramiko import pipe
MIN_PACKET_SIZE = 1024
+def open_only(func):
+ """
+ Decorator for `.Channel` methods which performs an openness check.
+
+ :raises SSHException:
+ If the wrapped method is called on an unopened `.Channel`.
+ """
+ @wraps(func)
+ def _check(self, *args, **kwds):
+ if (
+ self.closed
+ or self.eof_received
+ or self.eof_sent
+ or not self.active
+ ):
+ raise SSHException('Channel is not open')
+ return func(self, *args, **kwds)
+ return _check
+
+
class Channel (object):
"""
A secure tunnel across an SSH `.Transport`. A Channel is meant to behave
@@ -122,6 +143,7 @@ class Channel (object):
out += '>'
return out
+ @open_only
def get_pty(self, term='vt100', width=80, height=24, width_pixels=0,
height_pixels=0):
"""
@@ -140,8 +162,6 @@ class Channel (object):
:raises SSHException:
if the request was rejected or the channel was closed
"""
- if self.closed or self.eof_received or self.eof_sent or not self.active:
- raise SSHException('Channel is not open')
m = Message()
m.add_byte(cMSG_CHANNEL_REQUEST)
m.add_int(self.remote_chanid)
@@ -157,6 +177,7 @@ class Channel (object):
self.transport._send_user_message(m)
self._wait_for_event()
+ @open_only
def invoke_shell(self):
"""
Request an interactive shell session on this channel. If the server
@@ -173,8 +194,6 @@ class Channel (object):
:raises SSHException: if the request was rejected or the channel was
closed
"""
- if self.closed or self.eof_received or self.eof_sent or not self.active:
- raise SSHException('Channel is not open')
m = Message()
m.add_byte(cMSG_CHANNEL_REQUEST)
m.add_int(self.remote_chanid)
@@ -184,6 +203,7 @@ class Channel (object):
self.transport._send_user_message(m)
self._wait_for_event()
+ @open_only
def exec_command(self, command):
"""
Execute a command on the server. If the server allows it, the channel
@@ -199,8 +219,6 @@ class Channel (object):
:raises SSHException: if the request was rejected or the channel was
closed
"""
- if self.closed or self.eof_received or self.eof_sent or not self.active:
- raise SSHException('Channel is not open')
m = Message()
m.add_byte(cMSG_CHANNEL_REQUEST)
m.add_int(self.remote_chanid)
@@ -211,6 +229,7 @@ class Channel (object):
self.transport._send_user_message(m)
self._wait_for_event()
+ @open_only
def invoke_subsystem(self, subsystem):
"""
Request a subsystem on the server (for example, ``sftp``). If the
@@ -225,8 +244,6 @@ class Channel (object):
:raises SSHException:
if the request was rejected or the channel was closed
"""
- if self.closed or self.eof_received or self.eof_sent or not self.active:
- raise SSHException('Channel is not open')
m = Message()
m.add_byte(cMSG_CHANNEL_REQUEST)
m.add_int(self.remote_chanid)
@@ -237,6 +254,7 @@ class Channel (object):
self.transport._send_user_message(m)
self._wait_for_event()
+ @open_only
def resize_pty(self, width=80, height=24, width_pixels=0, height_pixels=0):
"""
Resize the pseudo-terminal. This can be used to change the width and
@@ -250,8 +268,6 @@ class Channel (object):
:raises SSHException:
if the request was rejected or the channel was closed
"""
- if self.closed or self.eof_received or self.eof_sent or not self.active:
- raise SSHException('Channel is not open')
m = Message()
m.add_byte(cMSG_CHANNEL_REQUEST)
m.add_int(self.remote_chanid)
@@ -280,7 +296,7 @@ class Channel (object):
def recv_exit_status(self):
"""
Return the exit status from the process on the server. This is
- mostly useful for retrieving the reults of an `exec_command`.
+ mostly useful for retrieving the results of an `exec_command`.
If the command hasn't finished yet, this method will wait until
it does, or until the channel is closed. If no exit status is
provided by the server, -1 is returned.
@@ -314,6 +330,7 @@ class Channel (object):
m.add_int(status)
self.transport._send_user_message(m)
+ @open_only
def request_x11(self, screen_number=0, auth_protocol=None, auth_cookie=None,
single_connection=False, handler=None):
"""
@@ -330,16 +347,15 @@ class Channel (object):
If you omit the auth_cookie, a new secure random 128-bit value will be
generated, used, and returned. You will need to use this value to
verify incoming x11 requests and replace them with the actual local
- x11 cookie (which requires some knoweldge of the x11 protocol).
-
+ x11 cookie (which requires some knowledge of the x11 protocol).
+
If a handler is passed in, the handler is called from another thread
whenever a new x11 connection arrives. The default handler queues up
incoming x11 connections, which may be retrieved using
`.Transport.accept`. The handler's calling signature is::
handler(channel: Channel, (address: str, port: int))
-
- :param int screen_number: the x11 screen number (0, 10, etc)
+ :param int screen_number: the x11 screen number (0, 10, etc.)
:param str auth_protocol:
the name of the X11 authentication method used; if none is given,
``"MIT-MAGIC-COOKIE-1"`` is used
@@ -354,8 +370,6 @@ class Channel (object):
an optional handler to use for incoming X11 connections
:return: the auth_cookie used
"""
- if self.closed or self.eof_received or self.eof_sent or not self.active:
- raise SSHException('Channel is not open')
if auth_protocol is None:
auth_protocol = 'MIT-MAGIC-COOKIE-1'
if auth_cookie is None:
@@ -376,6 +390,7 @@ class Channel (object):
self.transport._set_x11_handler(handler)
return auth_cookie
+ @open_only
def request_forward_agent(self, handler):
"""
Request for a forward SSH Agent on this channel.
@@ -388,9 +403,6 @@ class Channel (object):
:raises: SSHException in case of channel problem.
"""
- if self.closed or self.eof_received or self.eof_sent or not self.active:
- raise SSHException('Channel is not open')
-
m = Message()
m.add_byte(cMSG_CHANNEL_REQUEST)
m.add_int(self.remote_chanid)
@@ -721,10 +733,10 @@ class Channel (object):
:raises socket.timeout:
if sending stalled for longer than the timeout set by `settimeout`.
:raises socket.error:
- if an error occured before the entire string was sent.
-
+ if an error occurred before the entire string was sent.
+
.. note::
- If the channel is closed while only part of the data hase been
+ If the channel is closed while only part of the data has been
sent, there is no way to determine how much data (if any) was sent.
This is irritating, but identically follows Python's API.
"""
@@ -745,8 +757,8 @@ class Channel (object):
:raises socket.timeout:
if sending stalled for longer than the timeout set by `settimeout`.
:raises socket.error:
- if an error occured before the entire string was sent.
-
+ if an error occurred before the entire string was sent.
+
.. versionadded:: 1.1
"""
while s:
@@ -784,7 +796,7 @@ class Channel (object):
def fileno(self):
"""
Returns an OS-level file descriptor which can be used for polling, but
- but not for reading or writing. This is primaily to allow Python's
+ but not for reading or writing. This is primarily to allow Python's
``select`` module to work.
The first time ``fileno`` is called on a channel, a pipe is created to
diff --git a/paramiko/client.py b/paramiko/client.py
index c1bf4735..4326abbd 100644
--- a/paramiko/client.py
+++ b/paramiko/client.py
@@ -30,6 +30,7 @@ from paramiko.agent import Agent
from paramiko.common import DEBUG
from paramiko.config import SSH_PORT
from paramiko.dsskey import DSSKey
+from paramiko.ecdsakey import ECDSAKey
from paramiko.hostkeys import HostKeys
from paramiko.py3compat import string_types
from paramiko.resource import ResourceManager
@@ -184,7 +185,8 @@ class SSHClient (object):
- The ``pkey`` or ``key_filename`` passed in (if any)
- Any key we can find through an SSH agent
- - Any "id_rsa" or "id_dsa" key discoverable in ``~/.ssh/``
+ - Any "id_rsa", "id_dsa" or "id_ecdsa" key discoverable in
+ ``~/.ssh/``
- Plain username/password auth, if a password was given
If a private key requires a password to unlock it, and a password is
@@ -360,7 +362,8 @@ class SSHClient (object):
- The key passed in, if one was passed in.
- Any key we can find through an SSH agent (if allowed).
- - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (if allowed).
+ - Any "id_rsa", "id_dsa" or "id_ecdsa" key discoverable in ~/.ssh/
+ (if allowed).
- Plain username/password auth, if a password was given.
(The password might be needed to unlock a private key, or for
@@ -382,7 +385,7 @@ class SSHClient (object):
if not two_factor:
for key_filename in key_filenames:
- for pkey_class in (RSAKey, DSSKey):
+ for pkey_class in (RSAKey, DSSKey, ECDSAKey):
try:
key = pkey_class.from_private_key_file(key_filename, password)
self._log(DEBUG, 'Trying key %s from %s' % (hexlify(key.get_fingerprint()), key_filename))
@@ -414,17 +417,23 @@ class SSHClient (object):
keyfiles = []
rsa_key = os.path.expanduser('~/.ssh/id_rsa')
dsa_key = os.path.expanduser('~/.ssh/id_dsa')
+ ecdsa_key = os.path.expanduser('~/.ssh/id_ecdsa')
if os.path.isfile(rsa_key):
keyfiles.append((RSAKey, rsa_key))
if os.path.isfile(dsa_key):
keyfiles.append((DSSKey, dsa_key))
+ if os.path.isfile(ecdsa_key):
+ keyfiles.append((ECDSAKey, ecdsa_key))
# look in ~/ssh/ for windows users:
rsa_key = os.path.expanduser('~/ssh/id_rsa')
dsa_key = os.path.expanduser('~/ssh/id_dsa')
+ ecdsa_key = os.path.expanduser('~/ssh/id_ecdsa')
if os.path.isfile(rsa_key):
keyfiles.append((RSAKey, rsa_key))
if os.path.isfile(dsa_key):
keyfiles.append((DSSKey, dsa_key))
+ if os.path.isfile(ecdsa_key):
+ keyfiles.append((ECDSAKey, ecdsa_key))
if not look_for_keys:
keyfiles = []
diff --git a/paramiko/config.py b/paramiko/config.py
index 77fa13d7..20ca4aa7 100644
--- a/paramiko/config.py
+++ b/paramiko/config.py
@@ -27,7 +27,6 @@ import re
import socket
SSH_PORT = 22
-proxy_re = re.compile(r"^(proxycommand)\s*=*\s*(.*)", re.I)
class SSHConfig (object):
@@ -41,6 +40,8 @@ class SSHConfig (object):
.. versionadded:: 1.6
"""
+ SETTINGS_REGEX = re.compile(r'(\w+)(?:\s*=\s*|\s+)(.+)')
+
def __init__(self):
"""
Create a new OpenSSH config object.
@@ -53,44 +54,39 @@ class SSHConfig (object):
:param file file_obj: a file-like object to read the config file from
"""
+
host = {"host": ['*'], "config": {}}
for line in file_obj:
- line = line.rstrip('\n').lstrip()
- if (line == '') or (line[0] == '#'):
+ line = line.rstrip('\r\n').lstrip()
+ if not line or line.startswith('#'):
continue
- if '=' in line:
- # Ensure ProxyCommand gets properly split
- if line.lower().strip().startswith('proxycommand'):
- match = proxy_re.match(line)
- key, value = match.group(1).lower(), match.group(2)
- else:
- key, value = line.split('=', 1)
- key = key.strip().lower()
- else:
- # find first whitespace, and split there
- i = 0
- while (i < len(line)) and not line[i].isspace():
- i += 1
- if i == len(line):
- raise Exception('Unparsable line: %r' % line)
- key = line[:i].lower()
- value = line[i:].lstrip()
+ match = re.match(self.SETTINGS_REGEX, line)
+ if not match:
+ raise Exception("Unparsable line %s" % line)
+ key = match.group(1).lower()
+ value = match.group(2)
+
if key == 'host':
self._config.append(host)
- value = value.split()
- host = {key: value, 'config': {}}
- #identityfile, localforward, remoteforward keys are special cases, since they are allowed to be
- # specified multiple times and they should be tried in order
- # of specification.
-
- elif key in ['identityfile', 'localforward', 'remoteforward']:
- if key in host['config']:
- host['config'][key].append(value)
- else:
- host['config'][key] = [value]
- elif key not in host['config']:
- host['config'].update({key: value})
+ host = {
+ 'host': self._get_hosts(value),
+ 'config': {}
+ }
+ else:
+ if value.startswith('"') and value.endswith('"'):
+ value = value[1:-1]
+
+ #identityfile, localforward, remoteforward keys are special cases, since they are allowed to be
+ # specified multiple times and they should be tried in order
+ # of specification.
+ if key in ['identityfile', 'localforward', 'remoteforward']:
+ if key in host['config']:
+ host['config'][key].append(value)
+ else:
+ host['config'][key] = [value]
+ elif key not in host['config']:
+ host['config'][key] = value
self._config.append(host)
def lookup(self, hostname):
@@ -111,8 +107,10 @@ class SSHConfig (object):
:param str hostname: the hostname to lookup
"""
- matches = [config for config in self._config if
- self._allowed(hostname, config['host'])]
+ matches = [
+ config for config in self._config
+ if self._allowed(config['host'], hostname)
+ ]
ret = {}
for match in matches:
@@ -128,7 +126,7 @@ class SSHConfig (object):
ret = self._expand_variables(ret, hostname)
return ret
- def _allowed(self, hostname, hosts):
+ def _allowed(self, hosts, hostname):
match = False
for host in hosts:
if host.startswith('!') and fnmatch.fnmatch(hostname, host[1:]):
@@ -200,12 +198,38 @@ class SSHConfig (object):
for find, replace in replacements[k]:
if isinstance(config[k], list):
for item in range(len(config[k])):
- config[k][item] = config[k][item].\
- replace(find, str(replace))
+ if find in config[k][item]:
+ config[k][item] = config[k][item].\
+ replace(find, str(replace))
else:
- config[k] = config[k].replace(find, str(replace))
+ if find in config[k]:
+ config[k] = config[k].replace(find, str(replace))
return config
+ def _get_hosts(self, host):
+ """
+ Return a list of host_names from host value.
+ """
+ i, length = 0, len(host)
+ hosts = []
+ while i < length:
+ if host[i] == '"':
+ end = host.find('"', i + 1)
+ if end < 0:
+ raise Exception("Unparsable host %s" % host)
+ hosts.append(host[i + 1:end])
+ i = end + 1
+ elif not host[i].isspace():
+ end = i + 1
+ while end < length and not host[end].isspace() and host[end] != '"':
+ end += 1
+ hosts.append(host[i:end])
+ i = end
+ else:
+ i += 1
+
+ return hosts
+
class LazyFqdn(object):
"""
diff --git a/paramiko/ecdsakey.py b/paramiko/ecdsakey.py
index 6736315f..e869ee61 100644
--- a/paramiko/ecdsakey.py
+++ b/paramiko/ecdsakey.py
@@ -24,7 +24,6 @@ import binascii
from hashlib import sha256
from ecdsa import SigningKey, VerifyingKey, der, curves
-from ecdsa.test_pyecdsa import ECDSA
from paramiko.common import four_byte, one_byte
from paramiko.message import Message
@@ -39,7 +38,8 @@ class ECDSAKey (PKey):
data.
"""
- def __init__(self, msg=None, data=None, filename=None, password=None, vals=None, file_obj=None):
+ def __init__(self, msg=None, data=None, filename=None, password=None,
+ vals=None, file_obj=None, validate_point=True):
self.verifying_key = None
self.signing_key = None
if file_obj is not None:
@@ -51,7 +51,7 @@ class ECDSAKey (PKey):
if (msg is None) and (data is not None):
msg = Message(data)
if vals is not None:
- self.verifying_key, self.signing_key = vals
+ self.signing_key, self.verifying_key = vals
else:
if msg is None:
raise SSHException('Key object may not be empty')
@@ -66,7 +66,8 @@ class ECDSAKey (PKey):
raise SSHException('Point compression is being used: %s' %
binascii.hexlify(pointinfo))
self.verifying_key = VerifyingKey.from_string(pointinfo[1:],
- curve=curves.NIST256p)
+ curve=curves.NIST256p,
+ validate_point=validate_point)
self.size = 256
def asbytes(self):
@@ -125,7 +126,7 @@ class ECDSAKey (PKey):
key = self.signing_key or self.verifying_key
self._write_private_key('EC', file_obj, key.to_der(), password)
- def generate(bits, progress_func=None):
+ def generate(curve=curves.NIST256p, progress_func=None):
"""
Generate a new private RSA key. This factory function can be used to
generate a new host key or authentication key.
@@ -138,7 +139,7 @@ class ECDSAKey (PKey):
@return: new private key
@rtype: L{RSAKey}
"""
- signing_key = ECDSA.generate()
+ signing_key = SigningKey.generate(curve)
key = ECDSAKey(vals=(signing_key, signing_key.get_verifying_key()))
return key
generate = staticmethod(generate)
diff --git a/paramiko/hostkeys.py b/paramiko/hostkeys.py
index c0caeda9..b94ff0db 100644
--- a/paramiko/hostkeys.py
+++ b/paramiko/hostkeys.py
@@ -179,7 +179,7 @@ class HostKeys (MutableMapping):
entries = []
for e in self._entries:
for h in e.hostnames:
- if h.startswith('|1|') and constant_time_bytes_eq(self.hash_host(hostname, h), h) or h == hostname:
+ if h.startswith('|1|') and not hostname.startswith('|1|') and constant_time_bytes_eq(self.hash_host(hostname, h), h) or h == hostname:
entries.append(e)
if len(entries) == 0:
return None
@@ -327,7 +327,7 @@ class HostKeyEntry:
elif keytype == 'ssh-dss':
key = DSSKey(data=decodebytes(key))
elif keytype == 'ecdsa-sha2-nistp256':
- key = ECDSAKey(data=decodebytes(key))
+ key = ECDSAKey(data=decodebytes(key), validate_point=False)
else:
log.info("Unable to handle key of type %s" % (keytype,))
return None
diff --git a/paramiko/py3compat.py b/paramiko/py3compat.py
index 8842b988..57c096b2 100644
--- a/paramiko/py3compat.py
+++ b/paramiko/py3compat.py
@@ -39,6 +39,8 @@ if PY2:
return s
elif isinstance(s, unicode):
return s.encode(encoding)
+ elif isinstance(s, buffer):
+ return s
else:
raise TypeError("Expected unicode or bytes, got %r" % s)
@@ -49,6 +51,8 @@ if PY2:
return s.decode(encoding)
elif isinstance(s, unicode):
return s
+ elif isinstance(s, buffer):
+ return s.decode(encoding)
else:
raise TypeError("Expected unicode or bytes, got %r" % s)
diff --git a/paramiko/sftp_client.py b/paramiko/sftp_client.py
index 1caaf165..3e85a8c9 100644
--- a/paramiko/sftp_client.py
+++ b/paramiko/sftp_client.py
@@ -196,6 +196,71 @@ class SFTPClient(BaseSFTP):
self._request(CMD_CLOSE, handle)
return filelist
+ def listdir_iter(self, path='.', read_aheads=50):
+ """
+ Generator version of `.listdir_attr`.
+
+ See the API docs for `.listdir_attr` for overall details.
+
+ This function adds one more kwarg on top of `.listdir_attr`:
+ ``read_aheads``, an integer controlling how many
+ ``SSH_FXP_READDIR`` requests are made to the server. The default of 50
+ should suffice for most file listings as each request/response cycle
+ may contain multiple files (dependant on server implementation.)
+
+ .. versionadded:: 1.15
+ """
+ path = self._adjust_cwd(path)
+ self._log(DEBUG, 'listdir(%r)' % path)
+ t, msg = self._request(CMD_OPENDIR, path)
+
+ if t != CMD_HANDLE:
+ raise SFTPError('Expected handle')
+
+ handle = msg.get_string()
+
+ nums = list()
+ while True:
+ try:
+ # Send out a bunch of readdir requests so that we can read the
+ # responses later on Section 6.7 of the SSH file transfer RFC
+ # explains this
+ # http://filezilla-project.org/specs/draft-ietf-secsh-filexfer-02.txt
+ for i in range(read_aheads):
+ num = self._async_request(type(None), CMD_READDIR, handle)
+ nums.append(num)
+
+
+ # For each of our sent requests
+ # Read and parse the corresponding packets
+ # If we're at the end of our queued requests, then fire off
+ # some more requests
+ # Exit the loop when we've reached the end of the directory
+ # handle
+ for num in nums:
+ t, pkt_data = self._read_packet()
+ msg = Message(pkt_data)
+ new_num = msg.get_int()
+ if num == new_num:
+ if t == CMD_STATUS:
+ self._convert_status(msg)
+ count = msg.get_int()
+ for i in range(count):
+ filename = msg.get_text()
+ longname = msg.get_text()
+ attr = SFTPAttributes._from_msg(
+ msg, filename, longname)
+ if (filename != '.') and (filename != '..'):
+ yield attr
+
+ # If we've hit the end of our queued requests, reset nums.
+ nums = list()
+
+ except EOFError:
+ self._request(CMD_CLOSE, handle)
+ return
+
+
def open(self, filename, mode='r', bufsize=-1):
"""
Open a file on the remote server. The arguments are the same as for
@@ -534,9 +599,7 @@ class SFTPClient(BaseSFTP):
an `.SFTPAttributes` object containing attributes about the given
file.
- .. versionadded:: 1.4
- .. versionchanged:: 1.7.4
- Began returning rich attribute objects.
+ .. versionadded:: 1.10
"""
with self.file(remotepath, 'wb') as fr:
fr.set_pipelined(True)
@@ -566,7 +629,9 @@ class SFTPClient(BaseSFTP):
The SFTP operations use pipelining for speed.
:param str localpath: the local file to copy
- :param str remotepath: the destination path on the SFTP server
+ :param str remotepath: the destination path on the SFTP server. Note
+ that the filename should be included. Only specifying a directory
+ may result in an error.
:param callable callback:
optional callback function (form: ``func(int, int)``) that accepts
the bytes transferred so far and the total bytes to be transferred
@@ -584,7 +649,7 @@ class SFTPClient(BaseSFTP):
"""
file_size = os.stat(localpath).st_size
with open(localpath, 'rb') as fl:
- return self.putfo(fl, remotepath, os.stat(localpath).st_size, callback, confirm)
+ return self.putfo(fl, remotepath, file_size, callback, confirm)
def getfo(self, remotepath, fl, callback=None):
"""
@@ -601,9 +666,7 @@ class SFTPClient(BaseSFTP):
the bytes transferred so far and the total bytes to be transferred
:return: the `number <int>` of bytes written to the opened file object
- .. versionadded:: 1.4
- .. versionchanged:: 1.7.4
- Added the ``callable`` param.
+ .. versionadded:: 1.10
"""
with self.open(remotepath, 'rb') as fr:
file_size = self.stat(remotepath).st_size
diff --git a/paramiko/transport.py b/paramiko/transport.py
index 3463cfcf..fff11a1d 100644
--- a/paramiko/transport.py
+++ b/paramiko/transport.py
@@ -164,6 +164,8 @@ class Transport (threading.Thread):
:param socket sock:
a socket or socket-like object to create the session over.
"""
+ self.active = False
+
if isinstance(sock, string_types):
# convert "host:port" into (host, port)
hl = sock.split(':', 1)
@@ -219,7 +221,6 @@ class Transport (threading.Thread):
self.H = None
self.K = None
- self.active = False
self.initial_kex_done = False
self.in_kex = False
self.authenticated = False
@@ -1854,7 +1855,7 @@ class Transport (threading.Thread):
self.lock.acquire()
try:
chan._set_remote_channel(server_chanid, server_window_size, server_max_packet_size)
- self._log(INFO, 'Secsh channel %d opened.' % chanid)
+ self._log(DEBUG, 'Secsh channel %d opened.' % chanid)
if chanid in self.channel_events:
self.channel_events[chanid].set()
del self.channel_events[chanid]
@@ -1868,7 +1869,7 @@ class Transport (threading.Thread):
reason_str = m.get_text()
lang = m.get_text()
reason_text = CONNECTION_FAILED_CODE.get(reason, '(unknown code)')
- self._log(INFO, 'Secsh channel %d open FAILED: %s: %s' % (chanid, reason_str, reason_text))
+ self._log(ERROR, 'Secsh channel %d open FAILED: %s: %s' % (chanid, reason_str, reason_text))
self.lock.acquire()
try:
self.saved_exception = ChannelException(reason, reason_text)
@@ -1964,7 +1965,7 @@ class Transport (threading.Thread):
m.add_int(self.window_size)
m.add_int(self.max_packet_size)
self._send_message(m)
- self._log(INFO, 'Secsh channel %d (%s) opened.', my_chanid, kind)
+ self._log(DEBUG, 'Secsh channel %d (%s) opened.', my_chanid, kind)
if kind == 'auth-agent@openssh.com':
self._forward_agent_handler(chan)
elif kind == 'x11':
diff --git a/setup.py b/setup.py
index c0f1e579..003a0617 100644
--- a/setup.py
+++ b/setup.py
@@ -42,7 +42,7 @@ try:
kw = {
'install_requires': [
'pycrypto >= 2.1, != 2.4',
- 'ecdsa',
+ 'ecdsa >= 0.11',
],
}
except ImportError:
@@ -54,9 +54,16 @@ if sys.platform == 'darwin':
setup_helper.install_custom_make_tarball()
+# Version info -- read without importing
+_locals = {}
+with open('paramiko/_version.py') as fp:
+ exec(fp.read(), None, _locals)
+version = _locals['__version__']
+
+
setup(
name = "paramiko",
- version = "1.14.0",
+ version = version,
description = "SSH2 protocol library",
long_description = longdesc,
author = "Jeff Forcier",
@@ -79,6 +86,7 @@ setup(
'Programming Language :: Python :: 3',
'Programming Language :: Python :: 3.2',
'Programming Language :: Python :: 3.3',
+ 'Programming Language :: Python :: 3.4',
],
**kw
)
diff --git a/sites/shared_conf.py b/sites/shared_conf.py
index 69908388..4a6a5c4e 100644
--- a/sites/shared_conf.py
+++ b/sites/shared_conf.py
@@ -12,7 +12,7 @@ html_theme_options = {
'description': "A Python implementation of SSHv2.",
'github_user': 'paramiko',
'github_repo': 'paramiko',
- 'gittip_user': 'bitprophet',
+ 'gratipay_user': 'bitprophet',
'analytics_id': 'UA-18486793-2',
'travis_button': True,
}
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst
index f8a4d2c1..41e8310d 100644
--- a/sites/www/changelog.rst
+++ b/sites/www/changelog.rst
@@ -2,6 +2,64 @@
Changelog
=========
+* :support:`374` (also :issue:`375`) Old code cleanup courtesy of Olle
+ Lundberg.
+* :support:`377` Factor `~paramiko.channel.Channel` openness sanity check into
+ a decorator. Thanks to Olle Lundberg for original patch.
+* :bug:`298 major` Don't perform point validation on ECDSA keys in
+ ``known_hosts`` files, since a) this can cause significant slowdown when such
+ keys exist, and b) ``known_hosts`` files are implicitly trustworthy. Thanks
+ to Kieran Spear for catch & patch.
+
+ .. note::
+ This change bumps up the version requirement for the ``ecdsa`` library to
+ ``0.11``.
+
+* :bug:`234 major` Lower logging levels for a few overly-noisy log messages
+ about secure channels. Thanks to David Pursehouse for noticing & contributing
+ the fix.
+* :feature:`218` Add support for ECDSA private keys on the client side. Thanks
+ to ``@aszlig`` for the patch.
+* :bug:`335 major` Fix ECDSA key generation (generation of brand new ECDSA keys
+ was broken previously). Thanks to ``@solarw`` for catch & patch.
+* :feature:`184` Support quoted values in SSH config file parsing. Credit to
+ Yan Kalchevskiy.
+* :feature:`131` Add a `~paramiko.sftp_client.SFTPClient.listdir_iter` method
+ to `~paramiko.sftp_client.SFTPClient` allowing for more efficient,
+ async/generator based file listings. Thanks to John Begeman.
+* :support:`378 backported` Minor code cleanup in the SSH config module
+ courtesy of Olle Lundberg.
+* :support:`249` Consolidate version information into one spot. Thanks to Gabi
+ Davar for the reminder.
+* :release:`1.14.1 <2014-08-25>`
+* :release:`1.13.2 <2014-08-25>`
+* :bug:`376` Be less aggressive about expanding variables in ``ssh_config``
+ files, which results in a speedup of SSH config parsing. Credit to Olle
+ Lundberg.
+* :support:`324 backported` A bevvy of documentation typo fixes, courtesy of Roy
+ Wellington.
+* :bug:`312` `paramiko.transport.Transport` had a bug in its ``__repr__`` which
+ surfaces during errors encountered within its ``__init__``, causing
+ problematic tracebacks in such situations. Thanks to Simon Percivall for
+ catch & patch.
+* :bug:`272` Fix a bug where ``known_hosts`` parsing hashed the input hostname
+ as well as the hostnames from the ``known_hosts`` file, on every comparison.
+ Thanks to ``@sigmunau`` for final patch and ``@ostacey`` for the original
+ report.
+* :bug:`239` Add Windows-style CRLF support to SSH config file parsing. Props
+ to Christopher Swenson.
+* :support:`229 backported` Fix a couple of incorrectly-copied docstrings' ``..
+ versionadded::`` RST directives. Thanks to Aarni Koskela for the catch.
+* :support:`169 backported` Minor refactor of
+ `paramiko.sftp_client.SFTPClient.put` thanks to Abhinav Upadhyay.
+* :bug:`285` (also :issue:`352`) Update our Python 3 ``b()`` compatibility shim
+ to handle ``buffer`` objects correctly; this fixes a frequently reported
+ issue affecting many users, including users of the ``bzr`` software suite.
+ Thanks to ``@basictheprogram`` for the initial report, Jelmer Vernooij for
+ the fix and Andrew Starr-Bochicchio & Jeremy T. Bouse (among others) for
+ discussion & feedback.
+* :support:`371` Add Travis support & docs update for Python 3.4. Thanks to
+ Olle Lundberg.
* :release:`1.14.0 <2014-05-07>`
* :release:`1.13.1 <2014-05-07>`
* :release:`1.12.4 <2014-05-07>`
diff --git a/sites/www/conf.py b/sites/www/conf.py
index bdb5929a..0b0fb85c 100644
--- a/sites/www/conf.py
+++ b/sites/www/conf.py
@@ -12,13 +12,10 @@ extensions.append('releases')
releases_release_uri = "https://github.com/paramiko/paramiko/tree/v%s"
releases_issue_uri = "https://github.com/paramiko/paramiko/issues/%s"
-# Intersphinx for referencing API/usage docs
-extensions.append('sphinx.ext.intersphinx')
# Default is 'local' building, but reference the public docs site when building
# under RTD.
target = join(dirname(__file__), '..', 'docs', '_build')
if os.environ.get('READTHEDOCS') == 'True':
- # TODO: switch to docs.paramiko.org post go-live of sphinx API docs
target = 'http://docs.paramiko.org/en/latest/'
intersphinx_mapping['docs'] = (target, None)
diff --git a/sites/www/installing.rst b/sites/www/installing.rst
index a28ce6cd..052825c4 100644
--- a/sites/www/installing.rst
+++ b/sites/www/installing.rst
@@ -16,7 +16,7 @@ via `pip <http://pip-installer.org>`_::
Users who want the bleeding edge can install the development version via
``pip install paramiko==dev``.
-We currently support **Python 2.6, 2.7 and 3.3** (Python **3.2** should also
+We currently support **Python 2.6, 2.7 and 3.3+** (Python **3.2** should also
work but has a less-strong compatibility guarantee from us.) Users on Python
2.5 or older are urged to upgrade.
@@ -32,7 +32,7 @@ Release lines
Users desiring stability may wish to pin themselves to a specific release line
once they first start using Paramiko; to assist in this, we guarantee bugfixes
-for at least the last 2-3 releases including the latest stable one. This currently means Paramiko **1.11** through **1.13**.
+for the last 2-3 releases including the latest stable one.
If you're unsure which version to install, we have suggestions:
diff --git a/tasks.py b/tasks.py
index 38282b8e..94bf0aa2 100644
--- a/tasks.py
+++ b/tasks.py
@@ -36,8 +36,10 @@ def coverage(ctx):
# Until we stop bundling docs w/ releases. Need to discover use cases first.
-@task('docs') # Will invoke the API doc site build
+@task
def release(ctx):
+ # Build docs first. Use terribad workaround pending invoke #146
+ ctx.run("inv docs")
# Move the built docs into where Epydocs used to live
target = 'docs'
rmtree(target, ignore_errors=True)
diff --git a/test.py b/test.py
index 2b3d4ed4..92a3e6d0 100755
--- a/test.py
+++ b/test.py
@@ -149,10 +149,7 @@ def main():
# TODO: make that not a problem, jeez
for thread in threading.enumerate():
if thread is not threading.currentThread():
- if PY2:
- thread._Thread__stop()
- else:
- thread._stop()
+ thread.join(timeout=1)
# Exit correctly
if not result.wasSuccessful():
sys.exit(1)
diff --git a/tests/test_buffered_pipe.py b/tests/test_buffered_pipe.py
index a53081a9..3b8f97ad 100644
--- a/tests/test_buffered_pipe.py
+++ b/tests/test_buffered_pipe.py
@@ -22,11 +22,10 @@ Some unit tests for BufferedPipe.
import threading
import time
+import unittest
from paramiko.buffered_pipe import BufferedPipe, PipeTimeout
from paramiko import pipe
-from tests.util import ParamikoTest
-
def delay_thread(p):
p.feed('a')
@@ -40,7 +39,7 @@ def close_thread(p):
p.close()
-class BufferedPipeTest(ParamikoTest):
+class BufferedPipeTest(unittest.TestCase):
def test_1_buffered_pipe(self):
p = BufferedPipe()
self.assertTrue(not p.read_ready())
@@ -48,12 +47,12 @@ class BufferedPipeTest(ParamikoTest):
self.assertTrue(p.read_ready())
data = p.read(6)
self.assertEqual(b'hello.', data)
-
+
p.feed('plus/minus')
self.assertEqual(b'plu', p.read(3))
self.assertEqual(b's/m', p.read(3))
self.assertEqual(b'inus', p.read(4))
-
+
p.close()
self.assertTrue(not p.read_ready())
self.assertEqual(b'', p.read(1))
diff --git a/tests/test_client.py b/tests/test_client.py
index 93574fc8..33dd9f23 100644
--- a/tests/test_client.py
+++ b/tests/test_client.py
@@ -29,10 +29,22 @@ import warnings
import os
from tests.util import test_path
import paramiko
-from paramiko.common import PY2
+from paramiko.common import PY2, b
+from paramiko.ssh_exception import SSHException
+
+
+FINGERPRINTS = {
+ 'ssh-dss': b'\x44\x78\xf0\xb9\xa2\x3c\xc5\x18\x20\x09\xff\x75\x5b\xc1\xd2\x6c',
+ 'ssh-rsa': b'\x60\x73\x38\x44\xcb\x51\x86\x65\x7f\xde\xda\xa2\x2b\x5a\x57\xd5',
+ 'ecdsa-sha2-nistp256': b'\x25\x19\xeb\x55\xe6\xa1\x47\xff\x4f\x38\xd2\x75\x6f\xa5\xd5\x60',
+}
class NullServer (paramiko.ServerInterface):
+ def __init__(self, *args, **kwargs):
+ # Allow tests to enable/disable specific key types
+ self.__allowed_keys = kwargs.pop('allowed_keys', [])
+ super(NullServer, self).__init__(*args, **kwargs)
def get_allowed_auths(self, username):
if username == 'slowdive':
@@ -45,7 +57,14 @@ class NullServer (paramiko.ServerInterface):
return paramiko.AUTH_FAILED
def check_auth_publickey(self, username, key):
- if (key.get_name() == 'ssh-dss') and key.get_fingerprint() == b'\x44\x78\xf0\xb9\xa2\x3c\xc5\x18\x20\x09\xff\x75\x5b\xc1\xd2\x6c':
+ try:
+ expected = FINGERPRINTS[key.get_name()]
+ except KeyError:
+ return paramiko.AUTH_FAILED
+ if (
+ key.get_name() in self.__allowed_keys and
+ key.get_fingerprint() == expected
+ ):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
@@ -72,32 +91,44 @@ class SSHClientTest (unittest.TestCase):
if hasattr(self, attr):
getattr(self, attr).close()
- def _run(self):
+ def _run(self, allowed_keys=None):
+ if allowed_keys is None:
+ allowed_keys = FINGERPRINTS.keys()
self.socks, addr = self.sockl.accept()
self.ts = paramiko.Transport(self.socks)
host_key = paramiko.RSAKey.from_private_key_file(test_path('test_rsa.key'))
self.ts.add_server_key(host_key)
- server = NullServer()
+ server = NullServer(allowed_keys=allowed_keys)
self.ts.start_server(self.event, server)
- def test_1_client(self):
+ def _test_connection(self, **kwargs):
"""
- verify that the SSHClient stuff works too.
+ (Most) kwargs get passed directly into SSHClient.connect().
+
+ The exception is ``allowed_keys`` which is stripped and handed to the
+ ``NullServer`` used for testing.
"""
- threading.Thread(target=self._run).start()
+ run_kwargs = {'allowed_keys': kwargs.pop('allowed_keys', None)}
+ # Server setup
+ threading.Thread(target=self._run, kwargs=run_kwargs).start()
host_key = paramiko.RSAKey.from_private_key_file(test_path('test_rsa.key'))
public_host_key = paramiko.RSAKey(data=host_key.asbytes())
+ # Client setup
self.tc = paramiko.SSHClient()
self.tc.get_host_keys().add('[%s]:%d' % (self.addr, self.port), 'ssh-rsa', public_host_key)
- self.tc.connect(self.addr, self.port, username='slowdive', password='pygmalion')
+ # Actual connection
+ self.tc.connect(self.addr, self.port, username='slowdive', **kwargs)
+
+ # Authentication successful?
self.event.wait(1.0)
self.assertTrue(self.event.isSet())
self.assertTrue(self.ts.is_active())
self.assertEqual('slowdive', self.ts.get_username())
self.assertEqual(True, self.ts.is_authenticated())
+ # Command execution functions?
stdin, stdout, stderr = self.tc.exec_command('yes')
schan = self.ts.accept(1.0)
@@ -110,61 +141,71 @@ class SSHClientTest (unittest.TestCase):
self.assertEqual('This is on stderr.\n', stderr.readline())
self.assertEqual('', stderr.readline())
+ # Cleanup
stdin.close()
stdout.close()
stderr.close()
+ def test_1_client(self):
+ """
+ verify that the SSHClient stuff works too.
+ """
+ self._test_connection(password='pygmalion')
+
def test_2_client_dsa(self):
"""
verify that SSHClient works with a DSA key.
"""
- threading.Thread(target=self._run).start()
- host_key = paramiko.RSAKey.from_private_key_file(test_path('test_rsa.key'))
- public_host_key = paramiko.RSAKey(data=host_key.asbytes())
-
- self.tc = paramiko.SSHClient()
- self.tc.get_host_keys().add('[%s]:%d' % (self.addr, self.port), 'ssh-rsa', public_host_key)
- self.tc.connect(self.addr, self.port, username='slowdive', key_filename=test_path('test_dss.key'))
-
- self.event.wait(1.0)
- self.assertTrue(self.event.isSet())
- self.assertTrue(self.ts.is_active())
- self.assertEqual('slowdive', self.ts.get_username())
- self.assertEqual(True, self.ts.is_authenticated())
+ self._test_connection(key_filename=test_path('test_dss.key'))
- stdin, stdout, stderr = self.tc.exec_command('yes')
- schan = self.ts.accept(1.0)
-
- schan.send('Hello there.\n')
- schan.send_stderr('This is on stderr.\n')
- schan.close()
-
- self.assertEqual('Hello there.\n', stdout.readline())
- self.assertEqual('', stdout.readline())
- self.assertEqual('This is on stderr.\n', stderr.readline())
- self.assertEqual('', stderr.readline())
+ def test_client_rsa(self):
+ """
+ verify that SSHClient works with an RSA key.
+ """
+ self._test_connection(key_filename=test_path('test_rsa.key'))
- stdin.close()
- stdout.close()
- stderr.close()
+ def test_2_5_client_ecdsa(self):
+ """
+ verify that SSHClient works with an ECDSA key.
+ """
+ self._test_connection(key_filename=test_path('test_ecdsa.key'))
def test_3_multiple_key_files(self):
"""
verify that SSHClient accepts and tries multiple key files.
"""
- threading.Thread(target=self._run).start()
- host_key = paramiko.RSAKey.from_private_key_file(test_path('test_rsa.key'))
- public_host_key = paramiko.RSAKey(data=host_key.asbytes())
-
- self.tc = paramiko.SSHClient()
- self.tc.get_host_keys().add('[%s]:%d' % (self.addr, self.port), 'ssh-rsa', public_host_key)
- self.tc.connect(self.addr, self.port, username='slowdive', key_filename=[test_path('test_rsa.key'), test_path('test_dss.key')])
-
- self.event.wait(1.0)
- self.assertTrue(self.event.isSet())
- self.assertTrue(self.ts.is_active())
- self.assertEqual('slowdive', self.ts.get_username())
- self.assertEqual(True, self.ts.is_authenticated())
+ # This is dumb :(
+ types_ = {
+ 'rsa': 'ssh-rsa',
+ 'dss': 'ssh-dss',
+ 'ecdsa': 'ecdsa-sha2-nistp256',
+ }
+ # Various combos of attempted & valid keys
+ # TODO: try every possible combo using itertools functions
+ for attempt, accept in (
+ (['rsa', 'dss'], ['dss']), # Original test #3
+ (['dss', 'rsa'], ['dss']), # Ordering matters sometimes, sadly
+ (['dss', 'rsa', 'ecdsa'], ['dss']), # Try ECDSA but fail
+ (['rsa', 'ecdsa'], ['ecdsa']), # ECDSA success
+ ):
+ self._test_connection(
+ key_filename=[
+ test_path('test_{0}.key'.format(x)) for x in attempt
+ ],
+ allowed_keys=[types_[x] for x in accept],
+ )
+
+ def test_multiple_key_files_failure(self):
+ """
+ Expect failure when multiple keys in play and none are accepted
+ """
+ # Until #387 is fixed we have to catch a high-up exception since
+ # various platforms trigger different errors here >_<
+ self.assertRaises(SSHException,
+ self._test_connection,
+ key_filename=[test_path('test_rsa.key')],
+ allowed_keys=['ecdsa-sha2-nistp256'],
+ )
def test_4_auto_add_policy(self):
"""
diff --git a/tests/test_file.py b/tests/test_file.py
index c6edd7af..22a34aca 100755
--- a/tests/test_file.py
+++ b/tests/test_file.py
@@ -23,6 +23,7 @@ Some unit tests for the BufferedFile abstraction.
import unittest
from paramiko.file import BufferedFile
from paramiko.common import linefeed_byte, crlf, cr_byte
+import sys
class LoopbackFile (BufferedFile):
@@ -151,6 +152,15 @@ class BufferedFileTest (unittest.TestCase):
b'need to close them again.\n')
f.close()
+ def test_8_buffering(self):
+ """
+ verify that buffered objects can be written
+ """
+ if sys.version_info[0] == 2:
+ f = LoopbackFile('r+', 16)
+ f.write(buffer(b'Too small.'))
+ f.close()
+
if __name__ == '__main__':
from unittest import main
main()
diff --git a/tests/test_sftp.py b/tests/test_sftp.py
index 2b6aa3b6..1ae9781d 100755
--- a/tests/test_sftp.py
+++ b/tests/test_sftp.py
@@ -279,8 +279,8 @@ class SFTPTest (unittest.TestCase):
def test_7_listdir(self):
"""
- verify that a folder can be created, a bunch of files can be placed in it,
- and those files show up in sftp.listdir.
+ verify that a folder can be created, a bunch of files can be placed in
+ it, and those files show up in sftp.listdir.
"""
try:
sftp.open(FOLDER + '/duck.txt', 'w').close()
@@ -298,6 +298,26 @@ class SFTPTest (unittest.TestCase):
sftp.remove(FOLDER + '/fish.txt')
sftp.remove(FOLDER + '/tertiary.py')
+ def test_7_5_listdir_iter(self):
+ """
+ listdir_iter version of above test
+ """
+ try:
+ sftp.open(FOLDER + '/duck.txt', 'w').close()
+ sftp.open(FOLDER + '/fish.txt', 'w').close()
+ sftp.open(FOLDER + '/tertiary.py', 'w').close()
+
+ x = [x.filename for x in sftp.listdir_iter(FOLDER)]
+ self.assertEqual(len(x), 3)
+ self.assertTrue('duck.txt' in x)
+ self.assertTrue('fish.txt' in x)
+ self.assertTrue('tertiary.py' in x)
+ self.assertTrue('random' not in x)
+ finally:
+ sftp.remove(FOLDER + '/duck.txt')
+ sftp.remove(FOLDER + '/fish.txt')
+ sftp.remove(FOLDER + '/tertiary.py')
+
def test_8_setstat(self):
"""
verify that the setstat functions (chown, chmod, utime, truncate) work.
diff --git a/tests/test_transport.py b/tests/test_transport.py
index 485a18e8..5c77a321 100644
--- a/tests/test_transport.py
+++ b/tests/test_transport.py
@@ -26,6 +26,7 @@ import socket
import time
import threading
import random
+import unittest
from paramiko import Transport, SecurityOptions, ServerInterface, RSAKey, DSSKey, \
SSHException, ChannelException
@@ -35,7 +36,7 @@ from paramiko.common import MSG_KEXINIT, cMSG_CHANNEL_WINDOW_ADJUST
from paramiko.py3compat import bytes
from paramiko.message import Message
from tests.loop import LoopSocket
-from tests.util import ParamikoTest, test_path
+from tests.util import test_path
LONG_BANNER = """\
@@ -55,7 +56,7 @@ class NullServer (ServerInterface):
paranoid_did_password = False
paranoid_did_public_key = False
paranoid_key = DSSKey.from_private_key_file(test_path('test_dss.key'))
-
+
def get_allowed_auths(self, username):
if username == 'slowdive':
return 'publickey,password'
@@ -78,24 +79,24 @@ class NullServer (ServerInterface):
def check_channel_shell_request(self, channel):
return True
-
+
def check_global_request(self, kind, msg):
self._global_request = kind
return False
-
+
def check_channel_x11_request(self, channel, single_connection, auth_protocol, auth_cookie, screen_number):
self._x11_single_connection = single_connection
self._x11_auth_protocol = auth_protocol
self._x11_auth_cookie = auth_cookie
self._x11_screen_number = screen_number
return True
-
+
def check_port_forward_request(self, addr, port):
self._listen = socket.socket()
self._listen.bind(('127.0.0.1', 0))
self._listen.listen(1)
return self._listen.getsockname()[1]
-
+
def cancel_port_forward_request(self, addr, port):
self._listen.close()
self._listen = None
@@ -105,7 +106,7 @@ class NullServer (ServerInterface):
return OPEN_SUCCEEDED
-class TransportTest(ParamikoTest):
+class TransportTest(unittest.TestCase):
def setUp(self):
self.socks = LoopSocket()
self.sockc = LoopSocket()
@@ -123,12 +124,12 @@ class TransportTest(ParamikoTest):
host_key = RSAKey.from_private_key_file(test_path('test_rsa.key'))
public_host_key = RSAKey(data=host_key.asbytes())
self.ts.add_server_key(host_key)
-
+
if client_options is not None:
client_options(self.tc.get_security_options())
if server_options is not None:
server_options(self.ts.get_security_options())
-
+
event = threading.Event()
self.server = NullServer()
self.assertTrue(not event.isSet())
@@ -155,7 +156,7 @@ class TransportTest(ParamikoTest):
self.assertTrue(False)
except TypeError:
pass
-
+
def test_2_compute_key(self):
self.tc.K = 123281095979686581523377256114209720774539068973101330872763622971399429481072519713536292772709507296759612401802191955568143056534122385270077606457721553469730659233569339356140085284052436697480759510519672848743794433460113118986816826624865291116513647975790797391795651716378444844877749505443714557929
self.tc.H = b'\x0C\x83\x07\xCD\xE6\x85\x6F\xF3\x0B\xA9\x36\x84\xEB\x0F\x04\xC2\x52\x0E\x9E\xD3'
@@ -208,7 +209,7 @@ class TransportTest(ParamikoTest):
event.wait(1.0)
self.assertTrue(event.isSet())
self.assertTrue(self.ts.is_active())
-
+
def test_4_special(self):
"""
verify that the client can demand odd handshake settings, and can
@@ -222,7 +223,7 @@ class TransportTest(ParamikoTest):
self.assertEqual('aes256-cbc', self.tc.remote_cipher)
self.assertEqual(12, self.tc.packetizer.get_mac_size_out())
self.assertEqual(12, self.tc.packetizer.get_mac_size_in())
-
+
self.tc.send_ignore(1024)
self.tc.renegotiate_keys()
self.ts.send_ignore(1024)
@@ -236,7 +237,7 @@ class TransportTest(ParamikoTest):
self.tc.set_keepalive(1)
time.sleep(2)
self.assertEqual('keepalive@lag.net', self.server._global_request)
-
+
def test_6_exec_command(self):
"""
verify that exec_command() does something reasonable.
@@ -250,7 +251,7 @@ class TransportTest(ParamikoTest):
self.assertTrue(False)
except SSHException:
pass
-
+
chan = self.tc.open_session()
chan.exec_command('yes')
schan = self.ts.accept(1.0)
@@ -264,7 +265,7 @@ class TransportTest(ParamikoTest):
f = chan.makefile_stderr()
self.assertEqual('This is on stderr.\n', f.readline())
self.assertEqual('', f.readline())
-
+
# now try it with combined stdout/stderr
chan = self.tc.open_session()
chan.exec_command('yes')
@@ -273,7 +274,7 @@ class TransportTest(ParamikoTest):
schan.send_stderr('This is on stderr.\n')
schan.close()
- chan.set_combine_stderr(True)
+ chan.set_combine_stderr(True)
f = chan.makefile()
self.assertEqual('Hello there.\n', f.readline())
self.assertEqual('This is on stderr.\n', f.readline())
@@ -320,7 +321,7 @@ class TransportTest(ParamikoTest):
schan.shutdown_write()
schan.send_exit_status(23)
schan.close()
-
+
f = chan.makefile()
self.assertEqual('Hello there.\n', f.readline())
self.assertEqual('', f.readline())
@@ -342,14 +343,14 @@ class TransportTest(ParamikoTest):
chan.invoke_shell()
schan = self.ts.accept(1.0)
- # nothing should be ready
+ # nothing should be ready
r, w, e = select.select([chan], [], [], 0.1)
self.assertEqual([], r)
self.assertEqual([], w)
self.assertEqual([], e)
-
+
schan.send('hello\n')
-
+
# something should be ready now (give it 1 second to appear)
for i in range(10):
r, w, e = select.select([chan], [], [], 0.1)
@@ -361,7 +362,7 @@ class TransportTest(ParamikoTest):
self.assertEqual([], e)
self.assertEqual(b'hello\n', chan.recv(6))
-
+
# and, should be dead again now
r, w, e = select.select([chan], [], [], 0.1)
self.assertEqual([], r)
@@ -369,7 +370,7 @@ class TransportTest(ParamikoTest):
self.assertEqual([], e)
schan.close()
-
+
# detect eof?
for i in range(10):
r, w, e = select.select([chan], [], [], 0.1)
@@ -380,14 +381,14 @@ class TransportTest(ParamikoTest):
self.assertEqual([], w)
self.assertEqual([], e)
self.assertEqual(bytes(), chan.recv(16))
-
+
# make sure the pipe is still open for now...
p = chan._pipe
self.assertEqual(False, p._closed)
chan.close()
# ...and now is closed.
self.assertEqual(True, p._closed)
-
+
def test_B_renegotiate(self):
"""
verify that a transport can correctly renegotiate mid-stream.
@@ -402,7 +403,7 @@ class TransportTest(ParamikoTest):
for i in range(20):
chan.send('x' * 1024)
chan.close()
-
+
# allow a few seconds for the rekeying to complete
for i in range(50):
if self.tc.H != self.tc.session_id:
@@ -441,28 +442,28 @@ class TransportTest(ParamikoTest):
chan = self.tc.open_session()
chan.exec_command('yes')
schan = self.ts.accept(1.0)
-
+
requested = []
def handler(c, addr_port):
addr, port = addr_port
requested.append((addr, port))
self.tc._queue_incoming_channel(c)
-
+
self.assertEqual(None, getattr(self.server, '_x11_screen_number', None))
cookie = chan.request_x11(0, single_connection=True, handler=handler)
self.assertEqual(0, self.server._x11_screen_number)
self.assertEqual('MIT-MAGIC-COOKIE-1', self.server._x11_auth_protocol)
self.assertEqual(cookie, self.server._x11_auth_cookie)
self.assertEqual(True, self.server._x11_single_connection)
-
+
x11_server = self.ts.open_x11_channel(('localhost', 6093))
x11_client = self.tc.accept()
self.assertEqual('localhost', requested[0][0])
self.assertEqual(6093, requested[0][1])
-
+
x11_server.send('hello')
self.assertEqual(b'hello', x11_client.recv(5))
-
+
x11_server.close()
x11_client.close()
chan.close()
@@ -477,13 +478,13 @@ class TransportTest(ParamikoTest):
chan = self.tc.open_session()
chan.exec_command('yes')
schan = self.ts.accept(1.0)
-
+
requested = []
def handler(c, origin_addr_port, server_addr_port):
requested.append(origin_addr_port)
requested.append(server_addr_port)
self.tc._queue_incoming_channel(c)
-
+
port = self.tc.request_port_forward('127.0.0.1', 0, handler)
self.assertEqual(port, self.server._listen.getsockname()[1])
@@ -492,14 +493,14 @@ class TransportTest(ParamikoTest):
ss, _ = self.server._listen.accept()
sch = self.ts.open_forwarded_tcpip_channel(ss.getsockname(), ss.getpeername())
cch = self.tc.accept()
-
+
sch.send('hello')
self.assertEqual(b'hello', cch.recv(5))
sch.close()
cch.close()
ss.close()
cs.close()
-
+
# now cancel it.
self.tc.cancel_port_forward('127.0.0.1', port)
self.assertTrue(self.server._listen is None)
@@ -513,7 +514,7 @@ class TransportTest(ParamikoTest):
chan = self.tc.open_session()
chan.exec_command('yes')
schan = self.ts.accept(1.0)
-
+
# open a port on the "server" that the client will ask to forward to.
greeting_server = socket.socket()
greeting_server.bind(('127.0.0.1', 0))
@@ -524,13 +525,13 @@ class TransportTest(ParamikoTest):
sch = self.ts.accept(1.0)
cch = socket.socket()
cch.connect(self.server._tcpip_dest)
-
+
ss, _ = greeting_server.accept()
ss.send(b'Hello!\n')
ss.close()
sch.send(cch.recv(8192))
sch.close()
-
+
self.assertEqual(b'Hello!\n', cs.recv(7))
cs.close()
@@ -544,14 +545,14 @@ class TransportTest(ParamikoTest):
chan.invoke_shell()
schan = self.ts.accept(1.0)
- # nothing should be ready
+ # nothing should be ready
r, w, e = select.select([chan], [], [], 0.1)
self.assertEqual([], r)
self.assertEqual([], w)
self.assertEqual([], e)
-
+
schan.send_stderr('hello\n')
-
+
# something should be ready now (give it 1 second to appear)
for i in range(10):
r, w, e = select.select([chan], [], [], 0.1)
@@ -563,7 +564,7 @@ class TransportTest(ParamikoTest):
self.assertEqual([], e)
self.assertEqual(b'hello\n', chan.recv_stderr(6))
-
+
# and, should be dead again now
r, w, e = select.select([chan], [], [], 0.1)
self.assertEqual([], r)
@@ -599,10 +600,10 @@ class TransportTest(ParamikoTest):
def test_I_rekey_deadlock(self):
"""
Regression test for deadlock when in-transit messages are received after MSG_KEXINIT is sent
-
+
Note: When this test fails, it may leak threads.
"""
-
+
# Test for an obscure deadlocking bug that can occur if we receive
# certain messages while initiating a key exchange.
#
@@ -619,7 +620,7 @@ class TransportTest(ParamikoTest):
# NeedRekeyException.
# 4. In response to NeedRekeyException, the transport thread sends
# MSG_KEXINIT to the remote host.
- #
+ #
# On the remote host (using any SSH implementation):
# 5. The MSG_CHANNEL_DATA is received, and MSG_CHANNEL_WINDOW_ADJUST is sent.
# 6. The MSG_KEXINIT is received, and a corresponding MSG_KEXINIT is sent.
@@ -654,7 +655,7 @@ class TransportTest(ParamikoTest):
self.done_event = done_event
self.watchdog_event = threading.Event()
self.last = None
-
+
def run(self):
try:
for i in range(1, 1+self.iterations):
@@ -666,7 +667,7 @@ class TransportTest(ParamikoTest):
finally:
self.done_event.set()
self.watchdog_event.set()
-
+
class ReceiveThread(threading.Thread):
def __init__(self, chan, done_event):
threading.Thread.__init__(self, None, None, self.__class__.__name__)
@@ -674,7 +675,7 @@ class TransportTest(ParamikoTest):
self.chan = chan
self.done_event = done_event
self.watchdog_event = threading.Event()
-
+
def run(self):
try:
while not self.done_event.isSet():
@@ -687,10 +688,10 @@ class TransportTest(ParamikoTest):
finally:
self.done_event.set()
self.watchdog_event.set()
-
+
self.setup_test_server()
self.ts.packetizer.REKEY_BYTES = 2048
-
+
chan = self.tc.open_session()
chan.exec_command('yes')
schan = self.ts.accept(1.0)
@@ -712,7 +713,7 @@ class TransportTest(ParamikoTest):
self._send_message(m2)
return _negotiate_keys(self, m)
self.tc._handler_table[MSG_KEXINIT] = _negotiate_keys_wrapper
-
+
# Parameters for the test
iterations = 500 # The deadlock does not happen every time, but it
# should after many iterations.
@@ -724,12 +725,12 @@ class TransportTest(ParamikoTest):
# Start the sending thread
st = SendThread(schan, iterations, done_event)
st.start()
-
+
# Start the receiving thread
rt = ReceiveThread(chan, done_event)
rt.start()
- # Act as a watchdog timer, checking
+ # Act as a watchdog timer, checking
deadlocked = False
while not deadlocked and not done_event.isSet():
for event in (st.watchdog_event, rt.watchdog_event):
@@ -740,7 +741,7 @@ class TransportTest(ParamikoTest):
deadlocked = True
break
event.clear()
-
+
# Tell the threads to stop (if they haven't already stopped). Note
# that if one or more threads are deadlocked, they might hang around
# forever (until the process exits).
diff --git a/tests/test_util.py b/tests/test_util.py
index 69c75518..2827ded6 100644
--- a/tests/test_util.py
+++ b/tests/test_util.py
@@ -24,13 +24,12 @@ from binascii import hexlify
import errno
import os
from hashlib import sha1
+import unittest
import paramiko.util
from paramiko.util import lookup_ssh_host_config as host_config
from paramiko.py3compat import StringIO, byte_ord
-from tests.util import ParamikoTest
-
test_config_file = """\
Host *
User robey
@@ -41,7 +40,12 @@ Host *.example.com
\tUser bjork
Port=3333
Host *
- \t \t Crazy something dumb
+"""
+
+dont_strip_whitespace_please = "\t \t Crazy something dumb "
+
+test_config_file += dont_strip_whitespace_please
+test_config_file += """
Host spoo.example.com
Crazy something else
"""
@@ -60,7 +64,7 @@ BGQ3GQ/Fc7SX6gkpXkwcZryoi4kNFhHu5LvHcZPdxXV1D+uTMfGS1eyd2Yz/DoNWXNAl8TI0cAsW\
from paramiko import *
-class UtilTest(ParamikoTest):
+class UtilTest(unittest.TestCase):
def test_1_import(self):
"""
verify that all the classes can be imported from paramiko.
@@ -333,3 +337,109 @@ IdentityFile something_%l_using_fqdn
"""
config = paramiko.util.parse_ssh_config(StringIO(test_config))
assert config.lookup('meh') # will die during lookup() if bug regresses
+
+ def test_13_config_dos_crlf_succeeds(self):
+ config_file = StringIO("host abcqwerty\r\nHostName 127.0.0.1\r\n")
+ config = paramiko.SSHConfig()
+ config.parse(config_file)
+ self.assertEqual(config.lookup("abcqwerty")["hostname"], "127.0.0.1")
+
+ def test_quoted_host_names(self):
+ test_config_file = """\
+Host "param pam" param "pam"
+ Port 1111
+
+Host "param2"
+ Port 2222
+
+Host param3 parara
+ Port 3333
+
+Host param4 "p a r" "p" "par" para
+ Port 4444
+"""
+ res = {
+ 'param pam': {'hostname': 'param pam', 'port': '1111'},
+ 'param': {'hostname': 'param', 'port': '1111'},
+ 'pam': {'hostname': 'pam', 'port': '1111'},
+
+ 'param2': {'hostname': 'param2', 'port': '2222'},
+
+ 'param3': {'hostname': 'param3', 'port': '3333'},
+ 'parara': {'hostname': 'parara', 'port': '3333'},
+
+ 'param4': {'hostname': 'param4', 'port': '4444'},
+ 'p a r': {'hostname': 'p a r', 'port': '4444'},
+ 'p': {'hostname': 'p', 'port': '4444'},
+ 'par': {'hostname': 'par', 'port': '4444'},
+ 'para': {'hostname': 'para', 'port': '4444'},
+ }
+ f = StringIO(test_config_file)
+ config = paramiko.util.parse_ssh_config(f)
+ for host, values in res.items():
+ self.assertEquals(
+ paramiko.util.lookup_ssh_host_config(host, config),
+ values
+ )
+
+ def test_quoted_params_in_config(self):
+ test_config_file = """\
+Host "param pam" param "pam"
+ IdentityFile id_rsa
+
+Host "param2"
+ IdentityFile "test rsa key"
+
+Host param3 parara
+ IdentityFile id_rsa
+ IdentityFile "test rsa key"
+"""
+ res = {
+ 'param pam': {'hostname': 'param pam', 'identityfile': ['id_rsa']},
+ 'param': {'hostname': 'param', 'identityfile': ['id_rsa']},
+ 'pam': {'hostname': 'pam', 'identityfile': ['id_rsa']},
+
+ 'param2': {'hostname': 'param2', 'identityfile': ['test rsa key']},
+
+ 'param3': {'hostname': 'param3', 'identityfile': ['id_rsa', 'test rsa key']},
+ 'parara': {'hostname': 'parara', 'identityfile': ['id_rsa', 'test rsa key']},
+ }
+ f = StringIO(test_config_file)
+ config = paramiko.util.parse_ssh_config(f)
+ for host, values in res.items():
+ self.assertEquals(
+ paramiko.util.lookup_ssh_host_config(host, config),
+ values
+ )
+
+ def test_quoted_host_in_config(self):
+ conf = SSHConfig()
+ correct_data = {
+ 'param': ['param'],
+ '"param"': ['param'],
+
+ 'param pam': ['param', 'pam'],
+ '"param" "pam"': ['param', 'pam'],
+ '"param" pam': ['param', 'pam'],
+ 'param "pam"': ['param', 'pam'],
+
+ 'param "pam" p': ['param', 'pam', 'p'],
+ '"param" pam "p"': ['param', 'pam', 'p'],
+
+ '"pa ram"': ['pa ram'],
+ '"pa ram" pam': ['pa ram', 'pam'],
+ 'param "p a m"': ['param', 'p a m'],
+ }
+ incorrect_data = [
+ 'param"',
+ '"param',
+ 'param "pam',
+ 'param "pam" "p a',
+ ]
+ for host, values in correct_data.items():
+ self.assertEquals(
+ conf._get_hosts(host),
+ values
+ )
+ for host in incorrect_data:
+ self.assertRaises(Exception, conf._get_hosts, host)
diff --git a/tests/util.py b/tests/util.py
index 66d2696c..b546a7e1 100644
--- a/tests/util.py
+++ b/tests/util.py
@@ -1,17 +1,7 @@
import os
-import unittest
root_path = os.path.dirname(os.path.realpath(__file__))
-
-class ParamikoTest(unittest.TestCase):
- # for Python 2.3 and below
- if not hasattr(unittest.TestCase, 'assertTrue'):
- assertTrue = unittest.TestCase.failUnless
- if not hasattr(unittest.TestCase, 'assertFalse'):
- assertFalse = unittest.TestCase.failIf
-
-
def test_path(filename):
return os.path.join(root_path, filename)
diff --git a/tox.ini b/tox.ini
index 43c391dd..83704dfc 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,5 +1,5 @@
[tox]
-envlist = py26,py27,py32,py33
+envlist = py26,py27,py32,py33,py34
[testenv]
commands = pip install --use-mirrors -q -r tox-requirements.txt