From 83f44878eaacce5ee2bab0aa7f03a36743fea044 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Fri, 27 Sep 2013 21:29:18 -0700 Subject: Fixed a typo in the license header of most files Conflicts: paramiko/proxy.py --- test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test.py') diff --git a/test.py b/test.py index f3dd4d24..6702e53a 100755 --- a/test.py +++ b/test.py @@ -9,7 +9,7 @@ # Software Foundation; either version 2.1 of the License, or (at your option) # any later version. # -# Paramiko is distrubuted in the hope that it will be useful, but WITHOUT ANY +# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR # A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more # details. -- cgit v1.2.3 From 66cfa97cce92b1d60383d178887b18dddb999fc1 Mon Sep 17 00:00:00 2001 From: Scott Maxwell Date: Wed, 30 Oct 2013 16:19:30 -0700 Subject: Fix imports --- demos/demo.py | 5 ++++- paramiko/__init__.py | 48 ++++++++++++++++++++++----------------------- paramiko/_winapi.py | 6 +++++- paramiko/agent.py | 2 +- paramiko/ber.py | 3 ++- paramiko/file.py | 2 +- paramiko/hostkeys.py | 34 +++++++++++++++++++++++++++++--- paramiko/message.py | 2 +- paramiko/pipe.py | 1 + paramiko/primes.py | 1 + paramiko/proxy.py | 1 + paramiko/transport.py | 2 +- test.py | 26 ++++++++++++------------ tests/loop.py | 1 + tests/stub_sftp.py | 2 ++ tests/test_auth.py | 3 ++- tests/test_buffered_pipe.py | 2 +- tests/test_client.py | 3 ++- tests/test_kex.py | 1 + tests/test_message.py | 1 + tests/test_packetizer.py | 3 ++- tests/test_pkey.py | 3 +-- tests/test_sftp.py | 7 ++++--- tests/test_sftp_big.py | 7 ++++--- tests/test_transport.py | 4 ++-- tests/test_util.py | 4 ++-- tests/util.py | 1 + 27 files changed, 112 insertions(+), 63 deletions(-) (limited to 'test.py') diff --git a/demos/demo.py b/demos/demo.py index cbd7730e..3890eda7 100755 --- a/demos/demo.py +++ b/demos/demo.py @@ -30,7 +30,10 @@ import time import traceback import paramiko -import interactive +try: + import interactive +except ImportError: + from . import interactive def agent_auth(transport, username): diff --git a/paramiko/__init__.py b/paramiko/__init__.py index 32ccfcdb..a12ee04c 100644 --- a/paramiko/__init__.py +++ b/paramiko/__init__.py @@ -62,32 +62,32 @@ __version_info__ = tuple([ int(d) for d in __version__.split(".") ]) __license__ = "GNU Lesser General Public License (LGPL)" -from transport import SecurityOptions, Transport -from client import SSHClient, MissingHostKeyPolicy, AutoAddPolicy, RejectPolicy, WarningPolicy -from auth_handler import AuthHandler -from channel import Channel, ChannelFile -from ssh_exception import SSHException, PasswordRequiredException, \ +from paramiko.transport import SecurityOptions, Transport +from paramiko.client import SSHClient, MissingHostKeyPolicy, AutoAddPolicy, RejectPolicy, WarningPolicy +from paramiko.auth_handler import AuthHandler +from paramiko.channel import Channel, ChannelFile +from paramiko.ssh_exception import SSHException, PasswordRequiredException, \ BadAuthenticationType, ChannelException, BadHostKeyException, \ AuthenticationException, ProxyCommandFailure -from server import ServerInterface, SubsystemHandler, InteractiveQuery -from rsakey import RSAKey -from dsskey import DSSKey -from ecdsakey import ECDSAKey -from sftp import SFTPError, BaseSFTP -from sftp_client import SFTP, SFTPClient -from sftp_server import SFTPServer -from sftp_attr import SFTPAttributes -from sftp_handle import SFTPHandle -from sftp_si import SFTPServerInterface -from sftp_file import SFTPFile -from message import Message -from packet import Packetizer -from file import BufferedFile -from agent import Agent, AgentKey -from pkey import PKey -from hostkeys import HostKeys -from config import SSHConfig -from proxy import ProxyCommand +from paramiko.server import ServerInterface, SubsystemHandler, InteractiveQuery +from paramiko.rsakey import RSAKey +from paramiko.dsskey import DSSKey +from paramiko.ecdsakey import ECDSAKey +from paramiko.sftp import SFTPError, BaseSFTP +from paramiko.sftp_client import SFTP, SFTPClient +from paramiko.sftp_server import SFTPServer +from paramiko.sftp_attr import SFTPAttributes +from paramiko.sftp_handle import SFTPHandle +from paramiko.sftp_si import SFTPServerInterface +from paramiko.sftp_file import SFTPFile +from paramiko.message import Message +from paramiko.packet import Packetizer +from paramiko.file import BufferedFile +from paramiko.agent import Agent, AgentKey +from paramiko.pkey import PKey +from paramiko.hostkeys import HostKeys +from paramiko.config import SSHConfig +from paramiko.proxy import ProxyCommand # fix module names for epydoc for c in locals().values(): diff --git a/paramiko/_winapi.py b/paramiko/_winapi.py index f141b005..43d97511 100644 --- a/paramiko/_winapi.py +++ b/paramiko/_winapi.py @@ -8,7 +8,11 @@ in jaraco.windows and asking the author to port the fixes back here. import ctypes import ctypes.wintypes -import __builtin__ +from paramiko.py3compat import u +try: + import builtins +except ImportError: + import __builtin__ as builtins ###################### # jaraco.windows.error diff --git a/paramiko/agent.py b/paramiko/agent.py index 23a5a2e4..67bb0671 100644 --- a/paramiko/agent.py +++ b/paramiko/agent.py @@ -34,7 +34,7 @@ from paramiko.ssh_exception import SSHException from paramiko.message import Message from paramiko.pkey import PKey from paramiko.channel import Channel -from paramiko.common import io_sleep +from paramiko.common import * from paramiko.util import retry_on_signal SSH2_AGENTC_REQUEST_IDENTITIES, SSH2_AGENT_IDENTITIES_ANSWER, \ diff --git a/paramiko/ber.py b/paramiko/ber.py index 3941581c..f3b4b37e 100644 --- a/paramiko/ber.py +++ b/paramiko/ber.py @@ -17,7 +17,8 @@ # 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. -import util +import paramiko.util as util +from paramiko.common import * class BERException (Exception): diff --git a/paramiko/file.py b/paramiko/file.py index 5fd81cfe..d1779130 100644 --- a/paramiko/file.py +++ b/paramiko/file.py @@ -20,7 +20,7 @@ BufferedFile. """ -from cStringIO import StringIO +from paramiko.common import * class BufferedFile (object): diff --git a/paramiko/hostkeys.py b/paramiko/hostkeys.py index 9bcf0d55..c0e58b0e 100644 --- a/paramiko/hostkeys.py +++ b/paramiko/hostkeys.py @@ -23,7 +23,10 @@ L{HostKeys} import base64 import binascii from Crypto.Hash import SHA, HMAC -import UserDict +try: + from collections import MutableMapping +except ImportError: + from UserDict import DictMixin as MutableMapping from paramiko.common import * from paramiko.dsskey import DSSKey @@ -109,7 +112,7 @@ class HostKeyEntry: return '' % (self.hostnames, self.key) -class HostKeys (UserDict.DictMixin): +class HostKeys (MutableMapping): """ Representation of an openssh-style "known hosts" file. Host keys can be read from one or more files, and then individual hosts can be looked up to @@ -215,12 +218,26 @@ class HostKeys (UserDict.DictMixin): @return: keys associated with this host (or C{None}) @rtype: dict(str, L{PKey}) """ - class SubDict (UserDict.DictMixin): + class SubDict (MutableMapping): def __init__(self, hostname, entries, hostkeys): self._hostname = hostname self._entries = entries self._hostkeys = hostkeys + def __iter__(self): + for k in self.keys(): + yield k + + def __len__(self): + return len(self.keys()) + + def __delitem__(self, key): + for e in list(self._entries): + if e.key.get_name() == key: + self._entries.remove(e) + else: + raise KeyError(key) + def __getitem__(self, key): for e in self._entries: if e.key.get_name() == key: @@ -280,6 +297,17 @@ class HostKeys (UserDict.DictMixin): """ self._entries = [] + def __iter__(self): + for k in self.keys(): + yield k + + def __len__(self): + return len(self.keys()) + + def __delitem__(self, key): + k = self[key] + pass + def __getitem__(self, key): ret = self.lookup(key) if ret is None: diff --git a/paramiko/message.py b/paramiko/message.py index c0e8692b..d579a167 100644 --- a/paramiko/message.py +++ b/paramiko/message.py @@ -21,9 +21,9 @@ Implementation of an SSH2 "message". """ import struct -import cStringIO from paramiko import util +from paramiko.common import * class Message (object): diff --git a/paramiko/pipe.py b/paramiko/pipe.py index db43d549..e64547bd 100644 --- a/paramiko/pipe.py +++ b/paramiko/pipe.py @@ -27,6 +27,7 @@ will trigger as readable in select(). import sys import os import socket +from paramiko.py3compat import b def make_pipe (): diff --git a/paramiko/primes.py b/paramiko/primes.py index 9419cd6b..bf2b810c 100644 --- a/paramiko/primes.py +++ b/paramiko/primes.py @@ -24,6 +24,7 @@ from Crypto.Util import number from paramiko import util from paramiko.ssh_exception import SSHException +from paramiko.common import * def _generate_prime(bits, rng): diff --git a/paramiko/proxy.py b/paramiko/proxy.py index 218b76e2..a10feb01 100644 --- a/paramiko/proxy.py +++ b/paramiko/proxy.py @@ -21,6 +21,7 @@ L{ProxyCommand}. """ import os +import sys from shlex import split as shlsplit import signal from subprocess import Popen, PIPE diff --git a/paramiko/transport.py b/paramiko/transport.py index 3155d3f8..c6ab1272 100644 --- a/paramiko/transport.py +++ b/paramiko/transport.py @@ -79,7 +79,7 @@ class SecurityOptions (object): C{ValueError} will be raised. If you try to assign something besides a tuple to one of the fields, C{TypeError} will be raised. """ - __slots__ = [ 'ciphers', 'digests', 'key_types', 'kex', 'compression', '_transport' ] + #__slots__ = [ 'ciphers', 'digests', 'key_types', 'kex', 'compression', '_transport' ] def __init__(self, transport): self._transport = transport diff --git a/test.py b/test.py index 6702e53a..159794c5 100755 --- a/test.py +++ b/test.py @@ -32,19 +32,19 @@ import threading sys.path.append('tests') -from test_message import MessageTest -from test_file import BufferedFileTest -from test_buffered_pipe import BufferedPipeTest -from test_util import UtilTest -from test_hostkeys import HostKeysTest -from test_pkey import KeyTest -from test_kex import KexTest -from test_packetizer import PacketizerTest -from test_auth import AuthTest -from test_transport import TransportTest -from test_sftp import SFTPTest -from test_sftp_big import BigSFTPTest -from test_client import SSHClientTest +from tests.test_message import MessageTest +from tests.test_file import BufferedFileTest +from tests.test_buffered_pipe import BufferedPipeTest +from tests.test_util import UtilTest +from tests.test_hostkeys import HostKeysTest +from tests.test_pkey import KeyTest +from tests.test_kex import KexTest +from tests.test_packetizer import PacketizerTest +from tests.test_auth import AuthTest +from tests.test_transport import TransportTest +from tests.test_sftp import SFTPTest +from tests.test_sftp_big import BigSFTPTest +from tests.test_client import SSHClientTest default_host = 'localhost' default_user = os.environ.get('USER', 'nobody') diff --git a/tests/loop.py b/tests/loop.py index 91c216d2..2f3f5dfc 100644 --- a/tests/loop.py +++ b/tests/loop.py @@ -21,6 +21,7 @@ """ import threading, socket +from paramiko.py3compat import * class LoopSocket (object): diff --git a/tests/stub_sftp.py b/tests/stub_sftp.py index 3021d816..e5f44543 100644 --- a/tests/stub_sftp.py +++ b/tests/stub_sftp.py @@ -21,8 +21,10 @@ A stub SFTP server for loopback SFTP testing. """ import os +import sys from paramiko import ServerInterface, SFTPServerInterface, SFTPServer, SFTPAttributes, \ SFTPHandle, SFTP_OK, AUTH_SUCCESSFUL, OPEN_SUCCEEDED +from paramiko.common import * class StubServer (ServerInterface): diff --git a/tests/test_auth.py b/tests/test_auth.py index 61fe63f4..1e247d70 100644 --- a/tests/test_auth.py +++ b/tests/test_auth.py @@ -29,7 +29,8 @@ from paramiko import Transport, ServerInterface, RSAKey, DSSKey, \ AuthenticationException from paramiko import AUTH_FAILED, AUTH_PARTIALLY_SUCCESSFUL, AUTH_SUCCESSFUL from paramiko import OPEN_SUCCEEDED, OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED -from loop import LoopSocket +from tests.loop import LoopSocket +from tests.util import test_path class NullServer (ServerInterface): diff --git a/tests/test_buffered_pipe.py b/tests/test_buffered_pipe.py index 47ece936..04d665c4 100644 --- a/tests/test_buffered_pipe.py +++ b/tests/test_buffered_pipe.py @@ -26,7 +26,7 @@ import unittest from paramiko.buffered_pipe import BufferedPipe, PipeTimeout from paramiko import pipe -from util import ParamikoTest +from tests.util import ParamikoTest def delay_thread(pipe): diff --git a/tests/test_client.py b/tests/test_client.py index e5352278..7d1e6729 100644 --- a/tests/test_client.py +++ b/tests/test_client.py @@ -20,13 +20,14 @@ Some unit tests for SSHClient. """ +import os import socket import threading import time import unittest import weakref from binascii import hexlify - +from tests.util import test_path import paramiko diff --git a/tests/test_kex.py b/tests/test_kex.py index 39d2e17e..be8d7f01 100644 --- a/tests/test_kex.py +++ b/tests/test_kex.py @@ -26,6 +26,7 @@ import paramiko.util from paramiko.kex_group1 import KexGroup1 from paramiko.kex_gex import KexGex from paramiko import Message +from paramiko.common import * class FakeRng (object): diff --git a/tests/test_message.py b/tests/test_message.py index ad622a27..d0e604e3 100644 --- a/tests/test_message.py +++ b/tests/test_message.py @@ -22,6 +22,7 @@ Some unit tests for ssh protocol message blocks. import unittest from paramiko.message import Message +from paramiko.common import * class MessageTest (unittest.TestCase): diff --git a/tests/test_packetizer.py b/tests/test_packetizer.py index 1f5bec05..c39fc455 100644 --- a/tests/test_packetizer.py +++ b/tests/test_packetizer.py @@ -21,10 +21,11 @@ Some unit tests for the ssh2 protocol in Transport. """ import unittest -from loop import LoopSocket +from tests.loop import LoopSocket from Crypto.Cipher import AES from Crypto.Hash import SHA, HMAC from paramiko import Message, Packetizer, util +from paramiko.py3compat import byte_chr class PacketizerTest (unittest.TestCase): diff --git a/tests/test_pkey.py b/tests/test_pkey.py index 8e8c4aa7..fe823a77 100644 --- a/tests/test_pkey.py +++ b/tests/test_pkey.py @@ -21,10 +21,9 @@ Some unit tests for public/private key objects. """ from binascii import hexlify, unhexlify -import StringIO import unittest from paramiko import RSAKey, DSSKey, ECDSAKey, Message, util -from paramiko.common import rng +from paramiko.common import rng, StringIO, byte_chr # from openssh's ssh-keygen PUB_RSA = 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA049W6geFpmsljTwfvI1UmKWWJPNFI74+vNKTk4dmzkQY2yAMs6FhlvhlI8ysU4oj71ZsRYMecHbBbxdN79+JRFVYTKaLqjwGENeTd+yv4q+V2PvZv3fLnzApI3l7EJCqhWwJUHJ1jAkZzqDx0tyOL4uoZpww3nmE0kb3y21tH4c=' diff --git a/tests/test_sftp.py b/tests/test_sftp.py index cc512c18..3c1fcd52 100755 --- a/tests/test_sftp.py +++ b/tests/test_sftp.py @@ -31,11 +31,12 @@ import warnings import sys import threading import unittest -import StringIO import paramiko -from stub_sftp import StubServer, StubSFTPServer -from loop import LoopSocket +from paramiko.common import * +from tests.stub_sftp import StubServer, StubSFTPServer +from tests.loop import LoopSocket +from tests.util import test_path from paramiko.sftp_attr import SFTPAttributes ARTICLE = ''' diff --git a/tests/test_sftp_big.py b/tests/test_sftp_big.py index 04b15b0d..9a4ea311 100644 --- a/tests/test_sftp_big.py +++ b/tests/test_sftp_big.py @@ -33,9 +33,10 @@ import time import unittest import paramiko -from stub_sftp import StubServer, StubSFTPServer -from loop import LoopSocket -from test_sftp import get_sftp +from paramiko.common import * +from tests.stub_sftp import StubServer, StubSFTPServer +from tests.loop import LoopSocket +from tests.test_sftp import get_sftp FOLDER = os.environ.get('TEST_FOLDER', 'temp-testing000') diff --git a/tests/test_transport.py b/tests/test_transport.py index e8f7f366..ed8ebb42 100644 --- a/tests/test_transport.py +++ b/tests/test_transport.py @@ -35,8 +35,8 @@ from paramiko import AUTH_FAILED, AUTH_PARTIALLY_SUCCESSFUL, AUTH_SUCCESSFUL from paramiko import OPEN_SUCCEEDED, OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED from paramiko.common import MSG_KEXINIT, MSG_CHANNEL_WINDOW_ADJUST from paramiko.message import Message -from loop import LoopSocket -from util import ParamikoTest +from tests.loop import LoopSocket +from tests.util import ParamikoTest, test_path LONG_BANNER = """\ diff --git a/tests/test_util.py b/tests/test_util.py index 12677a9b..12575f84 100644 --- a/tests/test_util.py +++ b/tests/test_util.py @@ -21,15 +21,15 @@ Some unit tests for utility functions. """ from binascii import hexlify -import cStringIO import errno import os import unittest from Crypto.Hash import SHA import paramiko.util from paramiko.util import lookup_ssh_host_config as host_config +from paramiko.py3compat import StringIO, byte_ord -from util import ParamikoTest +from tests.util import ParamikoTest test_config_file = """\ Host * diff --git a/tests/util.py b/tests/util.py index 2e0be087..1b380b75 100644 --- a/tests/util.py +++ b/tests/util.py @@ -1,3 +1,4 @@ +import os import unittest -- cgit v1.2.3 From 06b866cf406c035ecaffd7a8abd31d6e07b8811a Mon Sep 17 00:00:00 2001 From: Scott Maxwell Date: Fri, 1 Nov 2013 01:06:17 -0700 Subject: Don't import test_sftp or test_sftp_big unless we are going to do the tests --- test.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'test.py') diff --git a/test.py b/test.py index 159794c5..1162da07 100755 --- a/test.py +++ b/test.py @@ -42,8 +42,6 @@ from tests.test_kex import KexTest from tests.test_packetizer import PacketizerTest from tests.test_auth import AuthTest from tests.test_transport import TransportTest -from tests.test_sftp import SFTPTest -from tests.test_sftp_big import BigSFTPTest from tests.test_client import SSHClientTest default_host = 'localhost' @@ -109,13 +107,16 @@ def main(): paramiko.util.log_to_file('test.log') if options.use_sftp: + from tests.test_sftp import SFTPTest if options.use_loopback_sftp: SFTPTest.init_loopback() else: SFTPTest.init(options.hostname, options.username, options.keyfile, options.password) if not options.use_big_file: SFTPTest.set_big_file_test(False) - + if options.use_big_file: + from tests.test_sftp_big import BigSFTPTest + suite = unittest.TestSuite() suite.addTest(unittest.makeSuite(MessageTest)) suite.addTest(unittest.makeSuite(BufferedFileTest)) -- cgit v1.2.3 From 7decda3297089b2b2e73bb9cd7e577f9b2cb2789 Mon Sep 17 00:00:00 2001 From: Scott Maxwell Date: Fri, 1 Nov 2013 12:32:57 -0700 Subject: Fix thread stop for Py3 --- test.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'test.py') diff --git a/test.py b/test.py index 1162da07..c8ac6bc3 100755 --- a/test.py +++ b/test.py @@ -29,6 +29,7 @@ import unittest from optparse import OptionParser import paramiko import threading +from paramiko.py3compat import PY3 sys.path.append('tests') @@ -148,7 +149,10 @@ def main(): # TODO: make that not a problem, jeez for thread in threading.enumerate(): if thread is not threading.currentThread(): - thread._Thread__stop() + if PY3: + thread._stop() + else: + thread._Thread__stop() # Exit correctly if not result.wasSuccessful(): sys.exit(1) -- cgit v1.2.3 From 3ce336c88b7bfbfad03fab17bff8cb3c3a77176c Mon Sep 17 00:00:00 2001 From: Scott Maxwell Date: Tue, 19 Nov 2013 07:30:45 -0800 Subject: Change conditional from PY3 to PY2 to be better prepared for a possible Py4. --- paramiko/common.py | 8 +-- paramiko/file.py | 6 +-- paramiko/py3compat.py | 146 +++++++++++++++++++++++++++----------------------- paramiko/util.py | 4 +- test.py | 8 +-- tests/test_pkey.py | 2 +- tests/test_sftp.py | 4 +- 7 files changed, 96 insertions(+), 82 deletions(-) (limited to 'test.py') diff --git a/paramiko/common.py b/paramiko/common.py index 223aac1a..e30df73a 100644 --- a/paramiko/common.py +++ b/paramiko/common.py @@ -131,12 +131,12 @@ cr_byte = byte_chr(13) linefeed_byte = byte_chr(10) crlf = cr_byte + linefeed_byte -if PY3: - cr_byte_value = 13 - linefeed_byte_value = 10 -else: +if PY2: cr_byte_value = cr_byte linefeed_byte_value = linefeed_byte +else: + cr_byte_value = 13 + linefeed_byte_value = 10 def asbytes(s): diff --git a/paramiko/file.py b/paramiko/file.py index a0d94ef2..c9f191a4 100644 --- a/paramiko/file.py +++ b/paramiko/file.py @@ -92,8 +92,8 @@ class BufferedFile (object): self._wbuffer = BytesIO() return - if PY3: - def __next__(self): + if PY2: + def next(self): """ Returns the next line from the input, or raises L{StopIteration} when EOF is hit. Unlike python file objects, it's okay to mix calls to @@ -109,7 +109,7 @@ class BufferedFile (object): raise StopIteration return line else: - def next(self): + def __next__(self): """ Returns the next line from the input, or raises L{StopIteration} when EOF is hit. Unlike python file objects, it's okay to mix calls to diff --git a/paramiko/py3compat.py b/paramiko/py3compat.py index 0aad3618..22285992 100644 --- a/paramiko/py3compat.py +++ b/paramiko/py3compat.py @@ -1,76 +1,13 @@ import sys import base64 -__all__ = ['PY3', 'string_types', 'integer_types', 'text_type', 'bytes_types', 'bytes', 'long', 'input', +__all__ = ['PY2', 'string_types', 'integer_types', 'text_type', 'bytes_types', 'bytes', 'long', 'input', 'decodebytes', 'encodebytes', 'bytestring', 'byte_ord', 'byte_chr', 'byte_mask', 'b', 'u', 'b2s', 'StringIO', 'BytesIO', 'is_callable', 'MAXSIZE', 'next'] -PY3 = sys.version_info[0] >= 3 +PY2 = sys.version_info[0] < 3 -if PY3: - import collections - import struct - string_types = str - text_type = str - bytes = bytes - bytes_types = bytes - integer_types = int - class long(int): - pass - input = input - decodebytes = base64.decodebytes - encodebytes = base64.encodebytes - - def bytestring(s): - return s - - def byte_ord(c): - assert isinstance(c, int) - return c - - def byte_chr(c): - assert isinstance(c, int) - return struct.pack('B', c) - - def byte_mask(c, mask): - assert isinstance(c, int) - return struct.pack('B', c & mask) - - def b(s, encoding='utf8'): - """cast unicode or bytes to bytes""" - if isinstance(s, bytes): - return s - elif isinstance(s, str): - return s.encode(encoding) - else: - raise TypeError("Expected unicode or bytes, got %r" % s) - - def u(s, encoding='utf8'): - """cast bytes or unicode to unicode""" - if isinstance(s, bytes): - return s.decode(encoding) - elif isinstance(s, str): - return s - else: - raise TypeError("Expected unicode or bytes, got %r" % s) - - def b2s(s): - return s.decode() if isinstance(s, bytes) else s - - import io - StringIO = io.StringIO # NOQA - BytesIO = io.BytesIO # NOQA - - def is_callable(c): - return isinstance(c, collections.Callable) - - def get_next(c): - return c.__next__ - - next = next - - MAXSIZE = sys.maxsize # NOQA -else: +if PY2: string_types = basestring text_type = unicode bytes_types = str @@ -81,17 +18,21 @@ else: decodebytes = base64.decodestring encodebytes = base64.encodestring + def bytestring(s): # NOQA if isinstance(s, unicode): return s.encode('utf-8') return s + byte_ord = ord # NOQA byte_chr = chr # NOQA + def byte_mask(c, mask): return chr(ord(c) & mask) + def b(s, encoding='utf8'): # NOQA """cast unicode or bytes to bytes""" if isinstance(s, str): @@ -101,6 +42,7 @@ else: else: raise TypeError("Expected unicode or bytes, got %r" % s) + def u(s, encoding='utf8'): # NOQA """cast bytes or unicode to unicode""" if isinstance(s, str): @@ -110,24 +52,31 @@ else: else: raise TypeError("Expected unicode or bytes, got %r" % s) + def b2s(s): return s + try: import cStringIO + StringIO = cStringIO.StringIO # NOQA except ImportError: import StringIO + StringIO = StringIO.StringIO # NOQA BytesIO = StringIO + def is_callable(c): # NOQA return callable(c) + def get_next(c): # NOQA return c.next + def next(c): return c.next() @@ -135,6 +84,8 @@ else: class X(object): def __len__(self): return 1 << 31 + + try: len(X()) except OverflowError: @@ -144,3 +95,66 @@ else: # 64-bit MAXSIZE = int((1 << 63) - 1) # NOQA del X +else: + import collections + import struct + string_types = str + text_type = str + bytes = bytes + bytes_types = bytes + integer_types = int + class long(int): + pass + input = input + decodebytes = base64.decodebytes + encodebytes = base64.encodebytes + + def bytestring(s): + return s + + def byte_ord(c): + assert isinstance(c, int) + return c + + def byte_chr(c): + assert isinstance(c, int) + return struct.pack('B', c) + + def byte_mask(c, mask): + assert isinstance(c, int) + return struct.pack('B', c & mask) + + def b(s, encoding='utf8'): + """cast unicode or bytes to bytes""" + if isinstance(s, bytes): + return s + elif isinstance(s, str): + return s.encode(encoding) + else: + raise TypeError("Expected unicode or bytes, got %r" % s) + + def u(s, encoding='utf8'): + """cast bytes or unicode to unicode""" + if isinstance(s, bytes): + return s.decode(encoding) + elif isinstance(s, str): + return s + else: + raise TypeError("Expected unicode or bytes, got %r" % s) + + def b2s(s): + return s.decode() if isinstance(s, bytes) else s + + import io + StringIO = io.StringIO # NOQA + BytesIO = io.BytesIO # NOQA + + def is_callable(c): + return isinstance(c, collections.Callable) + + def get_next(c): + return c.__next__ + + next = next + + MAXSIZE = sys.maxsize # NOQA diff --git a/paramiko/util.py b/paramiko/util.py index 51fa6d66..71fc4673 100644 --- a/paramiko/util.py +++ b/paramiko/util.py @@ -63,8 +63,8 @@ def inflate_long(s, always_positive=False): out -= (long(1) << (8 * len(s))) return out -deflate_zero = 0 if PY3 else zero_byte -deflate_ff = 0xff if PY3 else max_byte +deflate_zero = zero_byte if PY2 else 0 +deflate_ff = max_byte if PY2 else 0xff def deflate_long(n, add_sign_padding=True): "turns a long-int into a normalized byte string (adapted from Crypto.Util.number)" diff --git a/test.py b/test.py index c8ac6bc3..bd966d1e 100755 --- a/test.py +++ b/test.py @@ -29,7 +29,7 @@ import unittest from optparse import OptionParser import paramiko import threading -from paramiko.py3compat import PY3 +from paramiko.py3compat import PY2 sys.path.append('tests') @@ -149,10 +149,10 @@ def main(): # TODO: make that not a problem, jeez for thread in threading.enumerate(): if thread is not threading.currentThread(): - if PY3: - thread._stop() - else: + if PY2: thread._Thread__stop() + else: + thread._stop() # Exit correctly if not result.wasSuccessful(): sys.exit(1) diff --git a/tests/test_pkey.py b/tests/test_pkey.py index f8549468..19c5c698 100644 --- a/tests/test_pkey.py +++ b/tests/test_pkey.py @@ -23,7 +23,7 @@ Some unit tests for public/private key objects. from binascii import hexlify, unhexlify import unittest from paramiko import RSAKey, DSSKey, ECDSAKey, Message, util -from paramiko.common import rng, StringIO, byte_chr, b, PY3, bytes +from paramiko.common import rng, StringIO, byte_chr, b, bytes from tests.util import test_path # from openssh's ssh-keygen diff --git a/tests/test_sftp.py b/tests/test_sftp.py index b84b3fd6..4a412582 100755 --- a/tests/test_sftp.py +++ b/tests/test_sftp.py @@ -72,8 +72,8 @@ FOLDER = os.environ.get('TEST_FOLDER', 'temp-testing000') sftp = None tc = None g_big_file_test = True -unicode_folder = eval(compile(r"'\u00fcnic\u00f8de'" if PY3 else r"u'\u00fcnic\u00f8de'", 'test_sftp.py', 'eval')) -utf8_folder = eval(compile(r"b'/\xc3\xbcnic\xc3\xb8\x64\x65'" if PY3 else r"'/\xc3\xbcnic\xc3\xb8\x64\x65'", 'test_sftp.py', 'eval')) +unicode_folder = eval(compile(r"u'\u00fcnic\u00f8de'" if PY2 else r"'\u00fcnic\u00f8de'", 'test_sftp.py', 'eval')) +utf8_folder = eval(compile(r"'/\xc3\xbcnic\xc3\xb8\x64\x65'" if PY2 else r"b'/\xc3\xbcnic\xc3\xb8\x64\x65'", 'test_sftp.py', 'eval')) def get_sftp(): global sftp -- cgit v1.2.3 From 6f211115f49edcea7d23b764d7cf3a84ff12f5f0 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 29 Mar 2014 19:22:36 -0700 Subject: Switch from using PyCrypto's Random to using os.urandom. There's several reasons for this change: 1) It's faster for reads up to 1024 bytes (nearly 10x faster for 16 byte reads) 2) It receives considerably more security review since it's in the kernel. 3) It's yet another step towards running on PyPy. 4) Using userspace CSPRNGs is considered something of an anti-pattern. See: http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/ http://webcache.googleusercontent.com/search?q=cache:2nTvpCgKZXIJ:www.2uo.de/myths-about-urandom/+&cd=3&hl=en&ct=clnk&gl=us --- paramiko/agent.py | 2 +- paramiko/auth_handler.py | 2 +- paramiko/channel.py | 5 +++-- paramiko/common.py | 5 ----- paramiko/dsskey.py | 16 +++++++++------- paramiko/ecdsakey.py | 11 +++++++---- paramiko/hostkeys.py | 6 ++++-- paramiko/kex_gex.py | 8 +++++--- paramiko/kex_group1.py | 6 ++++-- paramiko/packet.py | 5 +++-- paramiko/pkey.py | 9 ++++----- paramiko/primes.py | 15 ++++++++------- paramiko/rsakey.py | 14 ++++++++------ paramiko/transport.py | 18 ++++++------------ test.py | 6 +++--- tests/test_kex.py | 17 +++++++++-------- tests/test_pkey.py | 13 +++++++------ tests/test_util.py | 6 ------ 18 files changed, 82 insertions(+), 82 deletions(-) (limited to 'test.py') diff --git a/paramiko/agent.py b/paramiko/agent.py index 2b11337f..5a08d452 100644 --- a/paramiko/agent.py +++ b/paramiko/agent.py @@ -364,7 +364,7 @@ class AgentKey(PKey): def get_name(self): return self.name - def sign_ssh_data(self, rng, data): + def sign_ssh_data(self, data): msg = Message() msg.add_byte(cSSH2_AGENTC_SIGN_REQUEST) msg.add_string(self.blob) diff --git a/paramiko/auth_handler.py b/paramiko/auth_handler.py index c00ad41c..57babef0 100644 --- a/paramiko/auth_handler.py +++ b/paramiko/auth_handler.py @@ -206,7 +206,7 @@ class AuthHandler (object): m.add_string(self.private_key.get_name()) m.add_string(self.private_key) blob = self._get_session_blob(self.private_key, 'ssh-connection', self.username) - sig = self.private_key.sign_ssh_data(self.transport.rng, blob) + sig = self.private_key.sign_ssh_data(blob) m.add_string(sig) elif self.auth_method == 'keyboard-interactive': m.add_string('') diff --git a/paramiko/channel.py b/paramiko/channel.py index e10ddbac..583809d5 100644 --- a/paramiko/channel.py +++ b/paramiko/channel.py @@ -21,9 +21,10 @@ Abstraction for an SSH2 channel. """ import binascii +import os +import socket import time import threading -import socket from paramiko import util from paramiko.common import cMSG_CHANNEL_REQUEST, cMSG_CHANNEL_WINDOW_ADJUST, \ @@ -358,7 +359,7 @@ class Channel (object): if auth_protocol is None: auth_protocol = 'MIT-MAGIC-COOKIE-1' if auth_cookie is None: - auth_cookie = binascii.hexlify(self.transport.rng.read(16)) + auth_cookie = binascii.hexlify(os.urandom(16)) m = Message() m.add_byte(cMSG_CHANNEL_REQUEST) diff --git a/paramiko/common.py b/paramiko/common.py index 9a5e2ee1..18298922 100644 --- a/paramiko/common.py +++ b/paramiko/common.py @@ -126,11 +126,6 @@ CONNECTION_FAILED_CODE = { DISCONNECT_SERVICE_NOT_AVAILABLE, DISCONNECT_AUTH_CANCELLED_BY_USER, \ DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE = 7, 13, 14 -from Crypto import Random - -# keep a crypto-strong PRNG nearby -rng = Random.new() - zero_byte = byte_chr(0) one_byte = byte_chr(1) four_byte = byte_chr(4) diff --git a/paramiko/dsskey.py b/paramiko/dsskey.py index c26966e8..446353a0 100644 --- a/paramiko/dsskey.py +++ b/paramiko/dsskey.py @@ -20,11 +20,13 @@ DSS keys. """ +import os + from Crypto.PublicKey import DSA from Crypto.Hash import SHA from paramiko import util -from paramiko.common import zero_byte, rng +from paramiko.common import zero_byte from paramiko.py3compat import long from paramiko.ssh_exception import SSHException from paramiko.message import Message @@ -91,17 +93,17 @@ class DSSKey (PKey): def get_bits(self): return self.size - + def can_sign(self): return self.x is not None - def sign_ssh_data(self, rng, data): + def sign_ssh_data(self, data): digest = SHA.new(data).digest() dss = DSA.construct((long(self.y), long(self.g), long(self.p), long(self.q), long(self.x))) # generate a suitable k qsize = len(util.deflate_long(self.q, 0)) while True: - k = util.inflate_long(rng.read(qsize), 1) + k = util.inflate_long(os.urandom(qsize), 1) if (k > 2) and (k < self.q): break r, s = dss.sign(util.inflate_long(digest, 1), k) @@ -163,7 +165,7 @@ class DSSKey (PKey): by ``pyCrypto.PublicKey``). :return: new `.DSSKey` private key """ - dsa = DSA.generate(bits, rng.read, progress_func) + dsa = DSA.generate(bits, os.urandom, progress_func) key = DSSKey(vals=(dsa.p, dsa.q, dsa.g, dsa.y)) key.x = dsa.x return key @@ -174,11 +176,11 @@ class DSSKey (PKey): def _from_private_key_file(self, filename, password): data = self._read_private_key_file('DSA', filename, password) self._decode_key(data) - + def _from_private_key(self, file_obj, password): data = self._read_private_key('DSA', file_obj, password) self._decode_key(data) - + def _decode_key(self, data): # private key file contains: # DSAPrivateKey = { version = 0, p, q, g, y, x } diff --git a/paramiko/ecdsakey.py b/paramiko/ecdsakey.py index 6ae2d277..bb5b780d 100644 --- a/paramiko/ecdsakey.py +++ b/paramiko/ecdsakey.py @@ -21,11 +21,14 @@ L{ECDSAKey} """ import binascii +import os + from ecdsa import SigningKey, VerifyingKey, der, curves -from Crypto.Hash import SHA256 from ecdsa.test_pyecdsa import ECDSA -from paramiko.common import four_byte, one_byte +from Crypto.Hash import SHA256 + +from paramiko.common import four_byte, one_byte from paramiko.message import Message from paramiko.pkey import PKey from paramiko.py3compat import byte_chr, u @@ -97,9 +100,9 @@ class ECDSAKey (PKey): def can_sign(self): return self.signing_key is not None - def sign_ssh_data(self, rpool, data): + def sign_ssh_data(self, data): digest = SHA256.new(data).digest() - sig = self.signing_key.sign_digest(digest, entropy=rpool.read, + sig = self.signing_key.sign_digest(digest, entropy=os.urandom, sigencode=self._sigencode) m = Message() m.add_string('ecdsa-sha2-nistp256') diff --git a/paramiko/hostkeys.py b/paramiko/hostkeys.py index f32fbeb6..743165c7 100644 --- a/paramiko/hostkeys.py +++ b/paramiko/hostkeys.py @@ -18,8 +18,10 @@ import binascii +import os + from Crypto.Hash import SHA, HMAC -from paramiko.common import rng + from paramiko.py3compat import b, u, encodebytes, decodebytes try: @@ -262,7 +264,7 @@ class HostKeys (MutableMapping): :return: the hashed hostname as a `str` """ if salt is None: - salt = rng.read(SHA.digest_size) + salt = os.urandom(SHA.digest_size) else: if salt.startswith('|1|'): salt = salt.split('|')[2] diff --git a/paramiko/kex_gex.py b/paramiko/kex_gex.py index 02e507b7..415f58e3 100644 --- a/paramiko/kex_gex.py +++ b/paramiko/kex_gex.py @@ -22,6 +22,8 @@ generator "g" are provided by the server. A bit more work is required on the client side, and a B{lot} more on the server side. """ +import os + from Crypto.Hash import SHA from paramiko import util @@ -101,7 +103,7 @@ class KexGex (object): qhbyte <<= 1 qmask >>= 1 while True: - x_bytes = self.transport.rng.read(byte_count) + x_bytes = os.urandom(byte_count) x_bytes = byte_mask(x_bytes[0], qmask) + x_bytes[1:] x = util.inflate_long(x_bytes, 1) if (x > 1) and (x < q): @@ -206,7 +208,7 @@ class KexGex (object): H = SHA.new(hm.asbytes()).digest() self.transport._set_K_H(K, H) # sign it - sig = self.transport.get_server_key().sign_ssh_data(self.transport.rng, H) + sig = self.transport.get_server_key().sign_ssh_data(H) # send reply m = Message() m.add_byte(c_MSG_KEXDH_GEX_REPLY) @@ -215,7 +217,7 @@ class KexGex (object): m.add_string(sig) self.transport._send_message(m) self.transport._activate_outbound() - + def _parse_kexdh_gex_reply(self, m): host_key = m.get_string() self.f = m.get_mpint() diff --git a/paramiko/kex_group1.py b/paramiko/kex_group1.py index 3dfb7f18..bc88202c 100644 --- a/paramiko/kex_group1.py +++ b/paramiko/kex_group1.py @@ -21,6 +21,8 @@ Standard SSH key exchange ("kex" if you wanna sound cool). Diffie-Hellman of 1024 bit key halves, using a known "p" prime and "g" generator. """ +import os + from Crypto.Hash import SHA from paramiko import util @@ -82,7 +84,7 @@ class KexGroup1(object): # potential x where the first 63 bits are 1, because some of those will be # larger than q (but this is a tiny tiny subset of potential x). while 1: - x_bytes = self.transport.rng.read(128) + x_bytes = os.urandom(128) x_bytes = byte_mask(x_bytes[0], 0x7f) + x_bytes[1:] if (x_bytes[:8] != b7fffffffffffffff and x_bytes[:8] != b0000000000000000): @@ -127,7 +129,7 @@ class KexGroup1(object): H = SHA.new(hm.asbytes()).digest() self.transport._set_K_H(K, H) # sign it - sig = self.transport.get_server_key().sign_ssh_data(self.transport.rng, H) + sig = self.transport.get_server_key().sign_ssh_data(H) # send reply m = Message() m.add_byte(c_MSG_KEXDH_REPLY) diff --git a/paramiko/packet.py b/paramiko/packet.py index 0f51df5e..0e41b851 100644 --- a/paramiko/packet.py +++ b/paramiko/packet.py @@ -21,6 +21,7 @@ Packet handling """ import errno +import os import socket import struct import threading @@ -28,7 +29,7 @@ import time from paramiko import util from paramiko.common import linefeed_byte, cr_byte_value, asbytes, MSG_NAMES, \ - DEBUG, xffffffff, zero_byte, rng + DEBUG, xffffffff, zero_byte from paramiko.py3compat import u, byte_ord from paramiko.ssh_exception import SSHException, ProxyCommandFailure from paramiko.message import Message @@ -455,7 +456,7 @@ class Packetizer (object): # don't waste random bytes for the padding packet += (zero_byte * padding) else: - packet += rng.read(padding) + packet += os.urandom(padding) return packet def _trigger_rekey(self): diff --git a/paramiko/pkey.py b/paramiko/pkey.py index c8f84e0a..1313bdf3 100644 --- a/paramiko/pkey.py +++ b/paramiko/pkey.py @@ -28,7 +28,7 @@ from Crypto.Hash import MD5 from Crypto.Cipher import DES3, AES from paramiko import util -from paramiko.common import o600, rng, zero_byte +from paramiko.common import o600, zero_byte from paramiko.py3compat import u, encodebytes, decodebytes, b from paramiko.ssh_exception import SSHException, PasswordRequiredException @@ -138,12 +138,11 @@ class PKey (object): """ return u(encodebytes(self.asbytes())).replace('\n', '') - def sign_ssh_data(self, rng, data): + def sign_ssh_data(self, data): """ Sign a blob of data with this private key, and return a `.Message` representing an SSH signature message. - :param .Crypto.Util.rng.RandomPool rng: a secure random number generator. :param str data: the data to sign. :return: an SSH signature `message <.Message>`. """ @@ -331,11 +330,11 @@ class PKey (object): keysize = self._CIPHER_TABLE[cipher_name]['keysize'] blocksize = self._CIPHER_TABLE[cipher_name]['blocksize'] mode = self._CIPHER_TABLE[cipher_name]['mode'] - salt = rng.read(16) + salt = os.urandom(16) key = util.generate_key_bytes(MD5, salt, password, keysize) if len(data) % blocksize != 0: n = blocksize - len(data) % blocksize - #data += rng.read(n) + #data += os.urandom(n) # that would make more sense ^, but it confuses openssh. data += zero_byte * n data = cipher.new(key, mode, salt).encrypt(data) diff --git a/paramiko/primes.py b/paramiko/primes.py index 58d158c8..33cd6510 100644 --- a/paramiko/primes.py +++ b/paramiko/primes.py @@ -20,6 +20,8 @@ Utility functions for dealing with primes. """ +import os + from Crypto.Util import number from paramiko import util @@ -27,12 +29,12 @@ from paramiko.py3compat import byte_mask, long from paramiko.ssh_exception import SSHException -def _generate_prime(bits, rng): +def _generate_prime(bits): """primtive attempt at prime generation""" hbyte_mask = pow(2, bits % 8) - 1 while True: # loop catches the case where we increment n into a higher bit-range - x = rng.read((bits + 7) // 8) + x = os.urandom((bits + 7) // 8) if hbyte_mask > 0: x = byte_mask(x[0], hbyte_mask) + x[1:] n = util.inflate_long(x, 1) @@ -45,7 +47,7 @@ def _generate_prime(bits, rng): return n -def _roll_random(rng, n): +def _roll_random(n): """returns a random # from 0 to N-1""" bits = util.bit_length(n - 1) byte_count = (bits + 7) // 8 @@ -58,7 +60,7 @@ def _roll_random(rng, n): # fits, so i can't guarantee that this loop will ever finish, but the odds # of it looping forever should be infinitesimal. while True: - x = rng.read(byte_count) + x = os.urandom(byte_count) if hbyte_mask > 0: x = byte_mask(x[0], hbyte_mask) + x[1:] num = util.inflate_long(x, 1) @@ -73,11 +75,10 @@ class ModulusPack (object): on systems that have such a file. """ - def __init__(self, rpool): + def __init__(self): # pack is a hash of: bits -> [ (generator, modulus) ... ] self.pack = {} self.discarded = [] - self.rng = rpool def _parse_modulus(self, line): timestamp, mod_type, tests, tries, size, generator, modulus = line.split() @@ -147,5 +148,5 @@ class ModulusPack (object): if min > good: good = bitsizes[-1] # now pick a random modulus of this bitsize - n = _roll_random(self.rng, len(self.pack[good])) + n = _roll_random(len(self.pack[good])) return self.pack[good][n] diff --git a/paramiko/rsakey.py b/paramiko/rsakey.py index c93f3218..a6f97bff 100644 --- a/paramiko/rsakey.py +++ b/paramiko/rsakey.py @@ -20,11 +20,13 @@ RSA keys. """ +import os + from Crypto.PublicKey import RSA from Crypto.Hash import SHA from paramiko import util -from paramiko.common import rng, max_byte, zero_byte, one_byte +from paramiko.common import max_byte, zero_byte, one_byte from paramiko.message import Message from paramiko.ber import BER, BERException from paramiko.pkey import PKey @@ -90,7 +92,7 @@ class RSAKey (PKey): def can_sign(self): return self.d is not None - def sign_ssh_data(self, rpool, data): + def sign_ssh_data(self, data): digest = SHA.new(data).digest() rsa = RSA.construct((long(self.n), long(self.e), long(self.d))) sig = util.deflate_long(rsa.sign(self._pkcs1imify(digest), bytes())[0], 0) @@ -125,7 +127,7 @@ class RSAKey (PKey): def write_private_key_file(self, filename, password=None): self._write_private_key_file('RSA', filename, self._encode_key(), password) - + def write_private_key(self, file_obj, password=None): self._write_private_key('RSA', file_obj, self._encode_key(), password) @@ -140,7 +142,7 @@ class RSAKey (PKey): by ``pyCrypto.PublicKey``). :return: new `.RSAKey` private key """ - rsa = RSA.generate(bits, rng.read, progress_func) + rsa = RSA.generate(bits, os.urandom, progress_func) key = RSAKey(vals=(rsa.e, rsa.n)) key.d = rsa.d key.p = rsa.p @@ -162,11 +164,11 @@ class RSAKey (PKey): def _from_private_key_file(self, filename, password): data = self._read_private_key_file('RSA', filename, password) self._decode_key(data) - + def _from_private_key(self, file_obj, password): data = self._read_private_key('RSA', file_obj, password) self._decode_key(data) - + def _decode_key(self, data): # private key file contains: # RSAPrivateKey = { version = 0, n, e, d, p, q, d mod p-1, d mod q-1, q**-1 mod p } diff --git a/paramiko/transport.py b/paramiko/transport.py index 1471b543..a0a752ef 100644 --- a/paramiko/transport.py +++ b/paramiko/transport.py @@ -20,6 +20,7 @@ Core protocol implementation """ +import os import socket import sys import threading @@ -30,7 +31,7 @@ import paramiko from paramiko import util from paramiko.auth_handler import AuthHandler from paramiko.channel import Channel -from paramiko.common import rng, xffffffff, cMSG_CHANNEL_OPEN, cMSG_IGNORE, \ +from paramiko.common import xffffffff, cMSG_CHANNEL_OPEN, cMSG_IGNORE, \ cMSG_GLOBAL_REQUEST, DEBUG, MSG_KEXINIT, MSG_IGNORE, MSG_DISCONNECT, \ MSG_DEBUG, ERROR, WARNING, cMSG_UNIMPLEMENTED, INFO, cMSG_KEXINIT, \ cMSG_NEWKEYS, MSG_NEWKEYS, cMSG_REQUEST_SUCCESS, cMSG_REQUEST_FAILURE, \ @@ -57,7 +58,6 @@ from paramiko.ssh_exception import (SSHException, BadAuthenticationType, ChannelException, ProxyCommandFailure) from paramiko.util import retry_on_signal -from Crypto import Random from Crypto.Cipher import Blowfish, AES, DES3, ARC4 from Crypto.Hash import SHA, MD5 try: @@ -192,7 +192,6 @@ class Transport (threading.Thread): # okay, normal socket-ish flow here... threading.Thread.__init__(self) self.setDaemon(True) - self.rng = rng self.sock = sock # Python < 2.3 doesn't have the settimeout method - RogerB try: @@ -339,7 +338,6 @@ class Transport (threading.Thread): # synchronous, wait for a result self.completion_event = event = threading.Event() self.start() - Random.atfork() while True: event.wait(0.1) if not self.active: @@ -475,7 +473,7 @@ class Transport (threading.Thread): .. note:: This has no effect when used in client mode. """ - Transport._modulus_pack = ModulusPack(rng) + Transport._modulus_pack = ModulusPack() # places to look for the openssh "moduli" file file_list = ['/etc/ssh/moduli', '/usr/local/etc/moduli'] if filename is not None: @@ -732,8 +730,8 @@ class Transport (threading.Thread): m = Message() m.add_byte(cMSG_IGNORE) if byte_count is None: - byte_count = (byte_ord(rng.read(1)) % 32) + 10 - m.add_bytes(rng.read(byte_count)) + byte_count = (byte_ord(os.urandom(1)) % 32) + 10 + m.add_bytes(os.urandom(byte_count)) self._send_user_message(m) def renegotiate_keys(self): @@ -1402,10 +1400,6 @@ class Transport (threading.Thread): # interpreter shutdown. self.sys = sys - # Required to prevent RNG errors when running inside many subprocess - # containers. - Random.atfork() - # active=True occurs before the thread is launched, to avoid a race _active_threads.append(self) if self.server_mode: @@ -1590,7 +1584,7 @@ class Transport (threading.Thread): m = Message() m.add_byte(cMSG_KEXINIT) - m.add_bytes(rng.read(16)) + m.add_bytes(os.urandom(16)) m.add_list(self._preferred_kex) m.add_list(available_server_keys) m.add_list(self._preferred_ciphers) diff --git a/test.py b/test.py index bd966d1e..2b3d4ed4 100755 --- a/test.py +++ b/test.py @@ -101,12 +101,12 @@ def main(): parser.add_option('-P', '--sftp-passwd', dest='password', type='string', default=default_passwd, metavar='', help='[with -R] (optional) password to unlock the private key for remote sftp tests') - + options, args = parser.parse_args() - + # setup logging paramiko.util.log_to_file('test.log') - + if options.use_sftp: from tests.test_sftp import SFTPTest if options.use_loopback_sftp: diff --git a/tests/test_kex.py b/tests/test_kex.py index c522be46..56f1b7c7 100644 --- a/tests/test_kex.py +++ b/tests/test_kex.py @@ -21,7 +21,9 @@ Some unit tests for the key exchange protocols. """ from binascii import hexlify +import os import unittest + import paramiko.util from paramiko.kex_group1 import KexGroup1 from paramiko.kex_gex import KexGex @@ -29,9 +31,8 @@ from paramiko import Message from paramiko.common import byte_chr -class FakeRng (object): - def read(self, n): - return byte_chr(0xcc) * n +def dummy_urandom(n): + return byte_chr(0xcc) * n class FakeKey (object): @@ -41,7 +42,7 @@ class FakeKey (object): def asbytes(self): return b'fake-key' - def sign_ssh_data(self, rng, H): + def sign_ssh_data(self, H): return b'fake-sig' @@ -53,8 +54,7 @@ class FakeModulusPack (object): return self.G, self.P -class FakeTransport (object): - rng = FakeRng() +class FakeTransport(object): local_version = 'SSH-2.0-paramiko_1.0' remote_version = 'SSH-2.0-lame' local_kex_init = 'local-kex-init' @@ -91,10 +91,11 @@ class KexTest (unittest.TestCase): K = 14730343317708716439807310032871972459448364195094179797249681733965528989482751523943515690110179031004049109375612685505881911274101441415545039654102474376472240501616988799699744135291070488314748284283496055223852115360852283821334858541043710301057312858051901453919067023103730011648890038847384890504 def setUp(self): - pass + self._original_urandom = os.urandom + os.urandom = dummy_urandom def tearDown(self): - pass + os.urandom = self._original_urandom def test_1_group1_client(self): transport = FakeTransport() diff --git a/tests/test_pkey.py b/tests/test_pkey.py index 6ff68fc2..b0ceefe7 100644 --- a/tests/test_pkey.py +++ b/tests/test_pkey.py @@ -22,9 +22,10 @@ Some unit tests for public/private key objects. from binascii import hexlify import unittest + from paramiko import RSAKey, DSSKey, ECDSAKey, Message, util from paramiko.py3compat import StringIO, byte_chr, b, bytes -from paramiko.common import rng + from tests.util import test_path # from openssh's ssh-keygen @@ -166,7 +167,7 @@ class KeyTest (unittest.TestCase): def test_8_sign_rsa(self): # verify that the rsa private key can sign and verify key = RSAKey.from_private_key_file(test_path('test_rsa.key')) - msg = key.sign_ssh_data(rng, b'ice weasels') + msg = key.sign_ssh_data(b'ice weasels') self.assertTrue(type(msg) is Message) msg.rewind() self.assertEqual('ssh-rsa', msg.get_text()) @@ -179,7 +180,7 @@ class KeyTest (unittest.TestCase): def test_9_sign_dss(self): # verify that the dss private key can sign and verify key = DSSKey.from_private_key_file(test_path('test_dss.key')) - msg = key.sign_ssh_data(rng, b'ice weasels') + msg = key.sign_ssh_data(b'ice weasels') self.assertTrue(type(msg) is Message) msg.rewind() self.assertEqual('ssh-dss', msg.get_text()) @@ -193,13 +194,13 @@ class KeyTest (unittest.TestCase): def test_A_generate_rsa(self): key = RSAKey.generate(1024) - msg = key.sign_ssh_data(rng, b'jerri blank') + msg = key.sign_ssh_data(b'jerri blank') msg.rewind() self.assertTrue(key.verify_ssh_sig(b'jerri blank', msg)) def test_B_generate_dss(self): key = DSSKey.generate(1024) - msg = key.sign_ssh_data(rng, b'jerri blank') + msg = key.sign_ssh_data(b'jerri blank') msg.rewind() self.assertTrue(key.verify_ssh_sig(b'jerri blank', msg)) @@ -240,7 +241,7 @@ class KeyTest (unittest.TestCase): def test_13_sign_ecdsa(self): # verify that the rsa private key can sign and verify key = ECDSAKey.from_private_key_file(test_path('test_ecdsa.key')) - msg = key.sign_ssh_data(rng, b'ice weasels') + msg = key.sign_ssh_data(b'ice weasels') self.assertTrue(type(msg) is Message) msg.rewind() self.assertEqual('ecdsa-sha2-nistp256', msg.get_text()) diff --git a/tests/test_util.py b/tests/test_util.py index 6bde4045..d3911f49 100644 --- a/tests/test_util.py +++ b/tests/test_util.py @@ -153,12 +153,6 @@ class UtilTest(ParamikoTest): finally: os.unlink('hostfile.temp') - def test_6_random(self): - from paramiko.common import rng - # just verify that we can pull out 32 bytes and not get an exception. - x = rng.read(32) - self.assertEqual(len(x), 32) - def test_7_host_config_expose_issue_33(self): test_config_file = """ Host www13.* -- cgit v1.2.3 From a429e17e8e5cc3f5d442d374fb4843badfd4dd48 Mon Sep 17 00:00:00 2001 From: Olle Lundberg Date: Thu, 14 Aug 2014 12:00:46 +0200 Subject: Join the threads with a low timeout. Instead of using private methods on the threading class, let the thread join, but with a low timeout. --- test.py | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'test.py') diff --git a/test.py b/test.py index 2b3d4ed4..92a3e6d0 100755 --- a/test.py +++ b/test.py @@ -149,10 +149,7 @@ def main(): # TODO: make that not a problem, jeez for thread in threading.enumerate(): if thread is not threading.currentThread(): - if PY2: - thread._Thread__stop() - else: - thread._stop() + thread.join(timeout=1) # Exit correctly if not result.wasSuccessful(): sys.exit(1) -- cgit v1.2.3