diff options
| author | Jeff Forcier <jeff@bitprophet.org> | 2021-12-08 21:20:04 -0500 |
|---|---|---|
| committer | Jeff Forcier <jeff@bitprophet.org> | 2021-12-23 00:26:44 -0500 |
| commit | dfffaeaa0170c784307d1c89dad60528a59b6ff2 (patch) | |
| tree | 404eb64e462b56d617681146acdb00b6dc050efc | |
| parent | 5bf2d8ae5de981883dcce49f2275d03f5a7decd6 (diff) | |
Enhance kex DEBUG logging to be more readable
The one-liner from 2005 is not cutting it, sorry
| -rw-r--r-- | paramiko/transport.py | 51 |
1 files changed, 24 insertions, 27 deletions
diff --git a/paramiko/transport.py b/paramiko/transport.py index a09ed101..d4f0b149 100644 --- a/paramiko/transport.py +++ b/paramiko/transport.py @@ -2176,7 +2176,7 @@ class Transport(threading.Thread, ClosingContextManager): # Log useful, non-duplicative line re: an agreed-upon algorithm. # Old code implied algorithms could be asymmetrical (different for # inbound vs outbound) so we preserve that possibility. - msg = "{} agreed: ".format(which) + msg = "{}: ".format(which) if local == remote: msg += local else: @@ -2323,31 +2323,27 @@ class Transport(threading.Thread, ClosingContextManager): kex_follows = m.get_boolean() m.get_int() # unused - self._log( - DEBUG, - "kex algos:" - + str(kex_algo_list) - + " server key:" - + str(server_key_algo_list) - + " client encrypt:" - + str(client_encrypt_algo_list) - + " server encrypt:" - + str(server_encrypt_algo_list) - + " client mac:" - + str(client_mac_algo_list) - + " server mac:" - + str(server_mac_algo_list) - + " client compress:" - + str(client_compress_algo_list) - + " server compress:" - + str(server_compress_algo_list) - + " client lang:" - + str(client_lang_list) - + " server lang:" - + str(server_lang_list) - + " kex follows?" - + str(kex_follows), - ) + self._log(DEBUG, "=== Key exchange possibilities ===") + for prefix, value in ( + ("kex algos", kex_algo_list), + ("server key", server_key_algo_list), + # TODO: shouldn't these two lines say "cipher" to match usual + # terminology (including elsewhere in paramiko!)? + ("client encrypt", client_encrypt_algo_list), + ("server encrypt", server_encrypt_algo_list), + ("client mac", client_mac_algo_list), + ("server mac", server_mac_algo_list), + ("client compress", client_compress_algo_list), + ("server compress", server_compress_algo_list), + ("client lang", client_lang_list), + ("server lang", server_lang_list), + ): + if value == [""]: + value = ["<none>"] + value = ", ".join(value) + self._log(DEBUG, "{}: {}".format(prefix, value)) + self._log(DEBUG, "kex follows: {}".format(kex_follows)) + self._log(DEBUG, "=== Key exchange agreements ===") # as a server, we pick the first item in the client's list that we # support. @@ -2369,7 +2365,7 @@ class Transport(threading.Thread, ClosingContextManager): "Incompatible ssh peer (no acceptable kex algorithm)" ) # noqa self.kex_engine = self._kex_info[agreed_kex[0]](self) - self._log(DEBUG, "Kex agreed: {}".format(agreed_kex[0])) + self._log(DEBUG, "Kex: {}".format(agreed_kex[0])) if self.server_mode: available_server_keys = list( @@ -2502,6 +2498,7 @@ class Transport(threading.Thread, ClosingContextManager): local=self.local_compression, remote=self.remote_compression, ) + self._log(DEBUG, "=== End of kex handshake ===") # save for computing hash later... # now wait! openssh has a bug (and others might too) where there are |