[Defect / Enhancement / New Feature] CS-15281 : Removal of third party dependencies in Citrix code base
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/32fef61a Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/32fef61a Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/32fef61a Branch: refs/heads/vpc Commit: 32fef61ac2bf9b3e8e4342cda9f1383b4fbda77b Parents: 54203f0 Author: Pradeep Soundararajan <[email protected]> Authored: Fri Jul 6 17:28:29 2012 -0400 Committer: David Nalley <[email protected]> Committed: Fri Jul 6 17:28:29 2012 -0400 ---------------------------------------------------------------------- tools/migration/paramiko/__init__.py | 138 -- tools/migration/paramiko/agent.py | 148 -- tools/migration/paramiko/auth_handler.py | 423 ----- tools/migration/paramiko/ber.py | 126 -- tools/migration/paramiko/buffered_pipe.py | 197 --- tools/migration/paramiko/channel.py | 1231 -------------- tools/migration/paramiko/client.py | 483 ------ tools/migration/paramiko/common.py | 122 -- tools/migration/paramiko/compress.py | 36 - tools/migration/paramiko/config.py | 107 -- tools/migration/paramiko/dsskey.py | 194 --- tools/migration/paramiko/file.py | 453 ----- tools/migration/paramiko/hostkeys.py | 313 ---- tools/migration/paramiko/kex_gex.py | 241 --- tools/migration/paramiko/kex_group1.py | 133 -- tools/migration/paramiko/logging22.py | 63 - tools/migration/paramiko/message.py | 298 ---- tools/migration/paramiko/packet.py | 485 ------ tools/migration/paramiko/pipe.py | 144 -- tools/migration/paramiko/pkey.py | 377 ----- tools/migration/paramiko/primes.py | 148 -- tools/migration/paramiko/resource.py | 69 - tools/migration/paramiko/rng.py | 105 -- tools/migration/paramiko/rng_posix.py | 93 -- tools/migration/paramiko/rng_win32.py | 117 -- tools/migration/paramiko/rsakey.py | 183 -- tools/migration/paramiko/server.py | 629 ------- tools/migration/paramiko/sftp.py | 185 --- tools/migration/paramiko/sftp_attr.py | 220 --- tools/migration/paramiko/sftp_client.py | 723 -------- tools/migration/paramiko/sftp_file.py | 473 ------ tools/migration/paramiko/sftp_handle.py | 199 --- tools/migration/paramiko/sftp_server.py | 441 ----- tools/migration/paramiko/sftp_si.py | 307 ---- tools/migration/paramiko/ssh_exception.py | 112 -- tools/migration/paramiko/transport.py | 2096 ------------------------ tools/migration/paramiko/util.py | 299 ---- tools/migration/paramiko/win_pageant.py | 143 -- 38 files changed, 0 insertions(+), 12254 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/32fef61a/tools/migration/paramiko/__init__.py ---------------------------------------------------------------------- diff --git a/tools/migration/paramiko/__init__.py b/tools/migration/paramiko/__init__.py deleted file mode 100644 index f560cc3..0000000 --- a/tools/migration/paramiko/__init__.py +++ /dev/null @@ -1,138 +0,0 @@ -# Copyright (C) 2003-2009 Robey Pointer <[email protected]> -# Copyright 2012 Citrix Systems, Inc. Licensed under the -# Apache License, Version 2.0 (the "License"); you may not use this -# file except in compliance with the License. Citrix Systems, Inc. -# reserves all rights not expressly granted by the License. -# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Automatically generated by addcopyright.py at 04/03/2012 -# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - -""" -I{Paramiko} (a combination of the esperanto words for "paranoid" and "friend") -is a module for python 2.3 or greater that implements the SSH2 protocol for -secure (encrypted and authenticated) connections to remote machines. Unlike -SSL (aka TLS), the SSH2 protocol does not require heirarchical certificates -signed by a powerful central authority. You may know SSH2 as the protocol that -replaced C{telnet} and C{rsh} for secure access to remote shells, but the -protocol also includes the ability to open arbitrary channels to remote -services across an encrypted tunnel. (This is how C{sftp} works, for example.) - -The high-level client API starts with creation of an L{SSHClient} object. -For more direct control, pass a socket (or socket-like object) to a -L{Transport}, and use L{start_server <Transport.start_server>} or -L{start_client <Transport.start_client>} to negoatite -with the remote host as either a server or client. As a client, you are -responsible for authenticating using a password or private key, and checking -the server's host key. I{(Key signature and verification is done by paramiko, -but you will need to provide private keys and check that the content of a -public key matches what you expected to see.)} As a server, you are -responsible for deciding which users, passwords, and keys to allow, and what -kind of channels to allow. - -Once you have finished, either side may request flow-controlled L{Channel}s to -the other side, which are python objects that act like sockets, but send and -receive data over the encrypted session. - -Paramiko is written entirely in python (no C or platform-dependent code) and is -released under the GNU Lesser General Public License (LGPL). - -Website: U{http://www.lag.net/paramiko/} - -@version: 1.7.6 (Fanny) -@author: Robey Pointer -@contact: [email protected] -@license: GNU Lesser General Public License (LGPL) -""" - -import sys - -if sys.version_info < (2, 2): - raise RuntimeError('You need python 2.2 for this module.') - - -__author__ = "Robey Pointer <[email protected]>" -__date__ = "1 Nov 2009" -__version__ = "1.7.6 (Fanny)" -__version_info__ = (1, 7, 6) -__license__ = "GNU Lesser General Public License (LGPL)" - - -from transport import randpool, SecurityOptions, Transport -from client import SSHClient, MissingHostKeyPolicy, AutoAddPolicy, RejectPolicy, WarningPolicy -from auth_handler import AuthHandler -from channel import Channel, ChannelFile -from ssh_exception import SSHException, PasswordRequiredException, \ - BadAuthenticationType, ChannelException, BadHostKeyException, \ - AuthenticationException -from server import ServerInterface, SubsystemHandler, InteractiveQuery -from rsakey import RSAKey -from dsskey import DSSKey -from sftp import SFTPError, BaseSFTP -from sftp_client import SFTP, SFTPClient -from sftp_server import SFTPServer -from sftp_attr import SFTPAttributes -from sftp_handle import SFTPHandle -from sftp_si import SFTPServerInterface -from sftp_file import SFTPFile -from message import Message -from packet import Packetizer -from file import BufferedFile -from agent import Agent, AgentKey -from pkey import PKey -from hostkeys import HostKeys -from config import SSHConfig - -# fix module names for epydoc -for c in locals().values(): - if issubclass(type(c), type) or type(c).__name__ == 'classobj': - # classobj for exceptions :/ - c.__module__ = __name__ -del c - -from common import AUTH_SUCCESSFUL, AUTH_PARTIALLY_SUCCESSFUL, AUTH_FAILED, \ - OPEN_SUCCEEDED, OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED, OPEN_FAILED_CONNECT_FAILED, \ - OPEN_FAILED_UNKNOWN_CHANNEL_TYPE, OPEN_FAILED_RESOURCE_SHORTAGE - -from sftp import SFTP_OK, SFTP_EOF, SFTP_NO_SUCH_FILE, SFTP_PERMISSION_DENIED, SFTP_FAILURE, \ - SFTP_BAD_MESSAGE, SFTP_NO_CONNECTION, SFTP_CONNECTION_LOST, SFTP_OP_UNSUPPORTED - -__all__ = [ 'Transport', - 'SSHClient', - 'MissingHostKeyPolicy', - 'AutoAddPolicy', - 'RejectPolicy', - 'WarningPolicy', - 'SecurityOptions', - 'SubsystemHandler', - 'Channel', - 'PKey', - 'RSAKey', - 'DSSKey', - 'Message', - 'SSHException', - 'AuthenticationException', - 'PasswordRequiredException', - 'BadAuthenticationType', - 'ChannelException', - 'BadHostKeyException', - 'SFTP', - 'SFTPFile', - 'SFTPHandle', - 'SFTPClient', - 'SFTPServer', - 'SFTPError', - 'SFTPAttributes', - 'SFTPServerInterface', - 'ServerInterface', - 'BufferedFile', - 'Agent', - 'AgentKey', - 'HostKeys', - 'SSHConfig', - 'util' ] http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/32fef61a/tools/migration/paramiko/agent.py ---------------------------------------------------------------------- diff --git a/tools/migration/paramiko/agent.py b/tools/migration/paramiko/agent.py deleted file mode 100644 index d953d39..0000000 --- a/tools/migration/paramiko/agent.py +++ /dev/null @@ -1,148 +0,0 @@ -# Copyright (C) 2003-2007 John Rochester <[email protected]> -# Copyright 2012 Citrix Systems, Inc. Licensed under the -# Apache License, Version 2.0 (the "License"); you may not use this -# file except in compliance with the License. Citrix Systems, Inc. -# reserves all rights not expressly granted by the License. -# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Automatically generated by addcopyright.py at 04/03/2012 -# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - -""" -SSH Agent interface for Unix clients. -""" - -import os -import socket -import struct -import sys - -from paramiko.ssh_exception import SSHException -from paramiko.message import Message -from paramiko.pkey import PKey - - -SSH2_AGENTC_REQUEST_IDENTITIES, SSH2_AGENT_IDENTITIES_ANSWER, \ - SSH2_AGENTC_SIGN_REQUEST, SSH2_AGENT_SIGN_RESPONSE = range(11, 15) - - -class Agent: - """ - Client interface for using private keys from an SSH agent running on the - local machine. If an SSH agent is running, this class can be used to - connect to it and retreive L{PKey} objects which can be used when - attempting to authenticate to remote SSH servers. - - Because the SSH agent protocol uses environment variables and unix-domain - sockets, this probably doesn't work on Windows. It does work on most - posix platforms though (Linux and MacOS X, for example). - """ - - def __init__(self): - """ - Open a session with the local machine's SSH agent, if one is running. - If no agent is running, initialization will succeed, but L{get_keys} - will return an empty tuple. - - @raise SSHException: if an SSH agent is found, but speaks an - incompatible protocol - """ - self.keys = () - if ('SSH_AUTH_SOCK' in os.environ) and (sys.platform != 'win32'): - conn = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) - try: - conn.connect(os.environ['SSH_AUTH_SOCK']) - except: - # probably a dangling env var: the ssh agent is gone - return - self.conn = conn - elif sys.platform == 'win32': - import win_pageant - if win_pageant.can_talk_to_agent(): - self.conn = win_pageant.PageantConnection() - else: - return - else: - # no agent support - return - - ptype, result = self._send_message(chr(SSH2_AGENTC_REQUEST_IDENTITIES)) - if ptype != SSH2_AGENT_IDENTITIES_ANSWER: - raise SSHException('could not get keys from ssh-agent') - keys = [] - for i in range(result.get_int()): - keys.append(AgentKey(self, result.get_string())) - result.get_string() - self.keys = tuple(keys) - - def close(self): - """ - Close the SSH agent connection. - """ - self.conn.close() - self.conn = None - self.keys = () - - def get_keys(self): - """ - Return the list of keys available through the SSH agent, if any. If - no SSH agent was running (or it couldn't be contacted), an empty list - will be returned. - - @return: a list of keys available on the SSH agent - @rtype: tuple of L{AgentKey} - """ - return self.keys - - def _send_message(self, msg): - msg = str(msg) - self.conn.send(struct.pack('>I', len(msg)) + msg) - l = self._read_all(4) - msg = Message(self._read_all(struct.unpack('>I', l)[0])) - return ord(msg.get_byte()), msg - - def _read_all(self, wanted): - result = self.conn.recv(wanted) - while len(result) < wanted: - if len(result) == 0: - raise SSHException('lost ssh-agent') - extra = self.conn.recv(wanted - len(result)) - if len(extra) == 0: - raise SSHException('lost ssh-agent') - result += extra - return result - - -class AgentKey(PKey): - """ - Private key held in a local SSH agent. This type of key can be used for - authenticating to a remote server (signing). Most other key operations - work as expected. - """ - - def __init__(self, agent, blob): - self.agent = agent - self.blob = blob - self.name = Message(blob).get_string() - - def __str__(self): - return self.blob - - def get_name(self): - return self.name - - def sign_ssh_data(self, randpool, data): - msg = Message() - msg.add_byte(chr(SSH2_AGENTC_SIGN_REQUEST)) - msg.add_string(self.blob) - msg.add_string(data) - msg.add_int(0) - ptype, result = self.agent._send_message(msg) - if ptype != SSH2_AGENT_SIGN_RESPONSE: - raise SSHException('key cannot be used for signing') - return result.get_string() http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/32fef61a/tools/migration/paramiko/auth_handler.py ---------------------------------------------------------------------- diff --git a/tools/migration/paramiko/auth_handler.py b/tools/migration/paramiko/auth_handler.py deleted file mode 100644 index 41cb1f8..0000000 --- a/tools/migration/paramiko/auth_handler.py +++ /dev/null @@ -1,423 +0,0 @@ -# Copyright (C) 2003-2007 Robey Pointer <[email protected]> -# Copyright 2012 Citrix Systems, Inc. Licensed under the -# Apache License, Version 2.0 (the "License"); you may not use this -# file except in compliance with the License. Citrix Systems, Inc. -# reserves all rights not expressly granted by the License. -# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Automatically generated by addcopyright.py at 04/03/2012 -# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - -""" -L{AuthHandler} -""" - -import threading -import weakref - -# this helps freezing utils -import encodings.utf_8 - -from paramiko.common import * -from paramiko import util -from paramiko.message import Message -from paramiko.ssh_exception import SSHException, AuthenticationException, \ - BadAuthenticationType, PartialAuthentication -from paramiko.server import InteractiveQuery - - -class AuthHandler (object): - """ - Internal class to handle the mechanics of authentication. - """ - - def __init__(self, transport): - self.transport = weakref.proxy(transport) - self.username = None - self.authenticated = False - self.auth_event = None - self.auth_method = '' - self.password = None - self.private_key = None - self.interactive_handler = None - self.submethods = None - # for server mode: - self.auth_username = None - self.auth_fail_count = 0 - - def is_authenticated(self): - return self.authenticated - - def get_username(self): - if self.transport.server_mode: - return self.auth_username - else: - return self.username - - def auth_none(self, username, event): - self.transport.lock.acquire() - try: - self.auth_event = event - self.auth_method = 'none' - self.username = username - self._request_auth() - finally: - self.transport.lock.release() - - def auth_publickey(self, username, key, event): - self.transport.lock.acquire() - try: - self.auth_event = event - self.auth_method = 'publickey' - self.username = username - self.private_key = key - self._request_auth() - finally: - self.transport.lock.release() - - def auth_password(self, username, password, event): - self.transport.lock.acquire() - try: - self.auth_event = event - self.auth_method = 'password' - self.username = username - self.password = password - self._request_auth() - finally: - self.transport.lock.release() - - def auth_interactive(self, username, handler, event, submethods=''): - """ - response_list = handler(title, instructions, prompt_list) - """ - self.transport.lock.acquire() - try: - self.auth_event = event - self.auth_method = 'keyboard-interactive' - self.username = username - self.interactive_handler = handler - self.submethods = submethods - self._request_auth() - finally: - self.transport.lock.release() - - def abort(self): - if self.auth_event is not None: - self.auth_event.set() - - - ### internals... - - - def _request_auth(self): - m = Message() - m.add_byte(chr(MSG_SERVICE_REQUEST)) - m.add_string('ssh-userauth') - self.transport._send_message(m) - - def _disconnect_service_not_available(self): - m = Message() - m.add_byte(chr(MSG_DISCONNECT)) - m.add_int(DISCONNECT_SERVICE_NOT_AVAILABLE) - m.add_string('Service not available') - m.add_string('en') - self.transport._send_message(m) - self.transport.close() - - def _disconnect_no_more_auth(self): - m = Message() - m.add_byte(chr(MSG_DISCONNECT)) - m.add_int(DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE) - m.add_string('No more auth methods available') - m.add_string('en') - self.transport._send_message(m) - self.transport.close() - - def _get_session_blob(self, key, service, username): - m = Message() - m.add_string(self.transport.session_id) - m.add_byte(chr(MSG_USERAUTH_REQUEST)) - m.add_string(username) - m.add_string(service) - m.add_string('publickey') - m.add_boolean(1) - m.add_string(key.get_name()) - m.add_string(str(key)) - return str(m) - - def wait_for_response(self, event): - while True: - event.wait(0.1) - if not self.transport.is_active(): - e = self.transport.get_exception() - if (e is None) or issubclass(e.__class__, EOFError): - e = AuthenticationException('Authentication failed.') - raise e - if event.isSet(): - break - if not self.is_authenticated(): - e = self.transport.get_exception() - if e is None: - e = AuthenticationException('Authentication failed.') - # this is horrible. python Exception isn't yet descended from - # object, so type(e) won't work. :( - if issubclass(e.__class__, PartialAuthentication): - return e.allowed_types - raise e - return [] - - def _parse_service_request(self, m): - service = m.get_string() - if self.transport.server_mode and (service == 'ssh-userauth'): - # accepted - m = Message() - m.add_byte(chr(MSG_SERVICE_ACCEPT)) - m.add_string(service) - self.transport._send_message(m) - return - # dunno this one - self._disconnect_service_not_available() - - def _parse_service_accept(self, m): - service = m.get_string() - if service == 'ssh-userauth': - self.transport._log(DEBUG, 'userauth is OK') - m = Message() - m.add_byte(chr(MSG_USERAUTH_REQUEST)) - m.add_string(self.username) - m.add_string('ssh-connection') - m.add_string(self.auth_method) - if self.auth_method == 'password': - m.add_boolean(False) - password = self.password - if isinstance(password, unicode): - password = password.encode('UTF-8') - m.add_string(password) - elif self.auth_method == 'publickey': - m.add_boolean(True) - m.add_string(self.private_key.get_name()) - m.add_string(str(self.private_key)) - blob = self._get_session_blob(self.private_key, 'ssh-connection', self.username) - sig = self.private_key.sign_ssh_data(self.transport.randpool, blob) - m.add_string(str(sig)) - elif self.auth_method == 'keyboard-interactive': - m.add_string('') - m.add_string(self.submethods) - elif self.auth_method == 'none': - pass - else: - raise SSHException('Unknown auth method "%s"' % self.auth_method) - self.transport._send_message(m) - else: - self.transport._log(DEBUG, 'Service request "%s" accepted (?)' % service) - - def _send_auth_result(self, username, method, result): - # okay, send result - m = Message() - if result == AUTH_SUCCESSFUL: - self.transport._log(INFO, 'Auth granted (%s).' % method) - m.add_byte(chr(MSG_USERAUTH_SUCCESS)) - self.authenticated = True - else: - self.transport._log(INFO, 'Auth rejected (%s).' % method) - m.add_byte(chr(MSG_USERAUTH_FAILURE)) - m.add_string(self.transport.server_object.get_allowed_auths(username)) - if result == AUTH_PARTIALLY_SUCCESSFUL: - m.add_boolean(1) - else: - m.add_boolean(0) - self.auth_fail_count += 1 - self.transport._send_message(m) - if self.auth_fail_count >= 10: - self._disconnect_no_more_auth() - if result == AUTH_SUCCESSFUL: - self.transport._auth_trigger() - - def _interactive_query(self, q): - # make interactive query instead of response - m = Message() - m.add_byte(chr(MSG_USERAUTH_INFO_REQUEST)) - m.add_string(q.name) - m.add_string(q.instructions) - m.add_string('') - m.add_int(len(q.prompts)) - for p in q.prompts: - m.add_string(p[0]) - m.add_boolean(p[1]) - self.transport._send_message(m) - - def _parse_userauth_request(self, m): - if not self.transport.server_mode: - # er, uh... what? - m = Message() - m.add_byte(chr(MSG_USERAUTH_FAILURE)) - m.add_string('none') - m.add_boolean(0) - self.transport._send_message(m) - return - if self.authenticated: - # ignore - return - username = m.get_string() - service = m.get_string() - method = m.get_string() - self.transport._log(DEBUG, 'Auth request (type=%s) service=%s, username=%s' % (method, service, username)) - if service != 'ssh-connection': - self._disconnect_service_not_available() - return - if (self.auth_username is not None) and (self.auth_username != username): - self.transport._log(WARNING, 'Auth rejected because the client attempted to change username in mid-flight') - self._disconnect_no_more_auth() - return - self.auth_username = username - - if method == 'none': - result = self.transport.server_object.check_auth_none(username) - elif method == 'password': - changereq = m.get_boolean() - password = m.get_string() - try: - password = password.decode('UTF-8') - except UnicodeError: - # some clients/servers expect non-utf-8 passwords! - # in this case, just return the raw byte string. - pass - if changereq: - # always treated as failure, since we don't support changing passwords, but collect - # the list of valid auth types from the callback anyway - self.transport._log(DEBUG, 'Auth request to change passwords (rejected)') - newpassword = m.get_string() - try: - newpassword = newpassword.decode('UTF-8', 'replace') - except UnicodeError: - pass - result = AUTH_FAILED - else: - result = self.transport.server_object.check_auth_password(username, password) - elif method == 'publickey': - sig_attached = m.get_boolean() - keytype = m.get_string() - keyblob = m.get_string() - try: - key = self.transport._key_info[keytype](Message(keyblob)) - except SSHException, e: - self.transport._log(INFO, 'Auth rejected: public key: %s' % str(e)) - key = None - except: - self.transport._log(INFO, 'Auth rejected: unsupported or mangled public key') - key = None - if key is None: - self._disconnect_no_more_auth() - return - # first check if this key is okay... if not, we can skip the verify - result = self.transport.server_object.check_auth_publickey(username, key) - if result != AUTH_FAILED: - # key is okay, verify it - if not sig_attached: - # client wants to know if this key is acceptable, before it - # signs anything... send special "ok" message - m = Message() - m.add_byte(chr(MSG_USERAUTH_PK_OK)) - m.add_string(keytype) - m.add_string(keyblob) - self.transport._send_message(m) - return - sig = Message(m.get_string()) - blob = self._get_session_blob(key, service, username) - if not key.verify_ssh_sig(blob, sig): - self.transport._log(INFO, 'Auth rejected: invalid signature') - result = AUTH_FAILED - elif method == 'keyboard-interactive': - lang = m.get_string() - submethods = m.get_string() - result = self.transport.server_object.check_auth_interactive(username, submethods) - if isinstance(result, InteractiveQuery): - # make interactive query instead of response - self._interactive_query(result) - return - else: - result = self.transport.server_object.check_auth_none(username) - # okay, send result - self._send_auth_result(username, method, result) - - def _parse_userauth_success(self, m): - self.transport._log(INFO, 'Authentication (%s) successful!' % self.auth_method) - self.authenticated = True - self.transport._auth_trigger() - if self.auth_event != None: - self.auth_event.set() - - def _parse_userauth_failure(self, m): - authlist = m.get_list() - partial = m.get_boolean() - if partial: - self.transport._log(INFO, 'Authentication continues...') - self.transport._log(DEBUG, 'Methods: ' + str(authlist)) - self.transport.saved_exception = PartialAuthentication(authlist) - elif self.auth_method not in authlist: - self.transport._log(DEBUG, 'Authentication type (%s) not permitted.' % self.auth_method) - self.transport._log(DEBUG, 'Allowed methods: ' + str(authlist)) - self.transport.saved_exception = BadAuthenticationType('Bad authentication type', authlist) - else: - self.transport._log(INFO, 'Authentication (%s) failed.' % self.auth_method) - self.authenticated = False - self.username = None - if self.auth_event != None: - self.auth_event.set() - - def _parse_userauth_banner(self, m): - banner = m.get_string() - lang = m.get_string() - self.transport._log(INFO, 'Auth banner: ' + banner) - # who cares. - - def _parse_userauth_info_request(self, m): - if self.auth_method != 'keyboard-interactive': - raise SSHException('Illegal info request from server') - title = m.get_string() - instructions = m.get_string() - m.get_string() # lang - prompts = m.get_int() - prompt_list = [] - for i in range(prompts): - prompt_list.append((m.get_string(), m.get_boolean())) - response_list = self.interactive_handler(title, instructions, prompt_list) - - m = Message() - m.add_byte(chr(MSG_USERAUTH_INFO_RESPONSE)) - m.add_int(len(response_list)) - for r in response_list: - m.add_string(r) - self.transport._send_message(m) - - def _parse_userauth_info_response(self, m): - if not self.transport.server_mode: - raise SSHException('Illegal info response from server') - n = m.get_int() - responses = [] - for i in range(n): - responses.append(m.get_string()) - result = self.transport.server_object.check_auth_interactive_response(responses) - if isinstance(type(result), InteractiveQuery): - # make interactive query instead of response - self._interactive_query(result) - return - self._send_auth_result(self.auth_username, 'keyboard-interactive', result) - - - _handler_table = { - MSG_SERVICE_REQUEST: _parse_service_request, - MSG_SERVICE_ACCEPT: _parse_service_accept, - MSG_USERAUTH_REQUEST: _parse_userauth_request, - MSG_USERAUTH_SUCCESS: _parse_userauth_success, - MSG_USERAUTH_FAILURE: _parse_userauth_failure, - MSG_USERAUTH_BANNER: _parse_userauth_banner, - MSG_USERAUTH_INFO_REQUEST: _parse_userauth_info_request, - MSG_USERAUTH_INFO_RESPONSE: _parse_userauth_info_response, - } - http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/32fef61a/tools/migration/paramiko/ber.py ---------------------------------------------------------------------- diff --git a/tools/migration/paramiko/ber.py b/tools/migration/paramiko/ber.py deleted file mode 100644 index 3265127..0000000 --- a/tools/migration/paramiko/ber.py +++ /dev/null @@ -1,126 +0,0 @@ -# Copyright (C) 2003-2007 Robey Pointer <[email protected]> -# Copyright 2012 Citrix Systems, Inc. Licensed under the -# Apache License, Version 2.0 (the "License"); you may not use this -# file except in compliance with the License. Citrix Systems, Inc. -# reserves all rights not expressly granted by the License. -# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Automatically generated by addcopyright.py at 04/03/2012 -# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - - -import util - - -class BERException (Exception): - pass - - -class BER(object): - """ - Robey's tiny little attempt at a BER decoder. - """ - - def __init__(self, content=''): - self.content = content - self.idx = 0 - - def __str__(self): - return self.content - - def __repr__(self): - return 'BER(\'' + repr(self.content) + '\')' - - def decode(self): - return self.decode_next() - - def decode_next(self): - if self.idx >= len(self.content): - return None - ident = ord(self.content[self.idx]) - self.idx += 1 - if (ident & 31) == 31: - # identifier > 30 - ident = 0 - while self.idx < len(self.content): - t = ord(self.content[self.idx]) - self.idx += 1 - ident = (ident << 7) | (t & 0x7f) - if not (t & 0x80): - break - if self.idx >= len(self.content): - return None - # now fetch length - size = ord(self.content[self.idx]) - self.idx += 1 - if size & 0x80: - # more complimicated... - # FIXME: theoretically should handle indefinite-length (0x80) - t = size & 0x7f - if self.idx + t > len(self.content): - return None - size = util.inflate_long(self.content[self.idx : self.idx + t], True) - self.idx += t - if self.idx + size > len(self.content): - # can't fit - return None - data = self.content[self.idx : self.idx + size] - self.idx += size - # now switch on id - if ident == 0x30: - # sequence - return self.decode_sequence(data) - elif ident == 2: - # int - return util.inflate_long(data) - else: - # 1: boolean (00 false, otherwise true) - raise BERException('Unknown ber encoding type %d (robey is lazy)' % ident) - - def decode_sequence(data): - out = [] - b = BER(data) - while True: - x = b.decode_next() - if x is None: - break - out.append(x) - return out - decode_sequence = staticmethod(decode_sequence) - - def encode_tlv(self, ident, val): - # no need to support ident > 31 here - self.content += chr(ident) - if len(val) > 0x7f: - lenstr = util.deflate_long(len(val)) - self.content += chr(0x80 + len(lenstr)) + lenstr - else: - self.content += chr(len(val)) - self.content += val - - def encode(self, x): - if type(x) is bool: - if x: - self.encode_tlv(1, '\xff') - else: - self.encode_tlv(1, '\x00') - elif (type(x) is int) or (type(x) is long): - self.encode_tlv(2, util.deflate_long(x)) - elif type(x) is str: - self.encode_tlv(4, x) - elif (type(x) is list) or (type(x) is tuple): - self.encode_tlv(0x30, self.encode_sequence(x)) - else: - raise BERException('Unknown type for encoding: %s' % repr(type(x))) - - def encode_sequence(data): - b = BER() - for item in data: - b.encode(item) - return str(b) - encode_sequence = staticmethod(encode_sequence) http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/32fef61a/tools/migration/paramiko/buffered_pipe.py ---------------------------------------------------------------------- diff --git a/tools/migration/paramiko/buffered_pipe.py b/tools/migration/paramiko/buffered_pipe.py deleted file mode 100644 index 4bd4856..0000000 --- a/tools/migration/paramiko/buffered_pipe.py +++ /dev/null @@ -1,197 +0,0 @@ -# Copyright (C) 2006-2007 Robey Pointer <[email protected]> -# Copyright 2012 Citrix Systems, Inc. Licensed under the -# Apache License, Version 2.0 (the "License"); you may not use this -# file except in compliance with the License. Citrix Systems, Inc. -# reserves all rights not expressly granted by the License. -# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Automatically generated by addcopyright.py at 04/03/2012 -# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - -""" -Attempt to generalize the "feeder" part of a Channel: an object which can be -read from and closed, but is reading from a buffer fed by another thread. The -read operations are blocking and can have a timeout set. -""" - -import array -import threading -import time - - -class PipeTimeout (IOError): - """ - Indicates that a timeout was reached on a read from a L{BufferedPipe}. - """ - pass - - -class BufferedPipe (object): - """ - A buffer that obeys normal read (with timeout) & close semantics for a - file or socket, but is fed data from another thread. This is used by - L{Channel}. - """ - - def __init__(self): - self._lock = threading.Lock() - self._cv = threading.Condition(self._lock) - self._event = None - self._buffer = array.array('B') - self._closed = False - - def set_event(self, event): - """ - Set an event on this buffer. When data is ready to be read (or the - buffer has been closed), the event will be set. When no data is - ready, the event will be cleared. - - @param event: the event to set/clear - @type event: Event - """ - self._event = event - if len(self._buffer) > 0: - event.set() - else: - event.clear() - - def feed(self, data): - """ - Feed new data into this pipe. This method is assumed to be called - from a separate thread, so synchronization is done. - - @param data: the data to add - @type data: str - """ - self._lock.acquire() - try: - if self._event is not None: - self._event.set() - self._buffer.fromstring(data) - self._cv.notifyAll() - finally: - self._lock.release() - - def read_ready(self): - """ - Returns true if data is buffered and ready to be read from this - feeder. A C{False} result does not mean that the feeder has closed; - it means you may need to wait before more data arrives. - - @return: C{True} if a L{read} call would immediately return at least - one byte; C{False} otherwise. - @rtype: bool - """ - self._lock.acquire() - try: - if len(self._buffer) == 0: - return False - return True - finally: - self._lock.release() - - def read(self, nbytes, timeout=None): - """ - Read data from the pipe. The return value is a string representing - the data received. The maximum amount of data to be received at once - is specified by C{nbytes}. If a string of length zero is returned, - the pipe has been closed. - - The optional C{timeout} argument can be a nonnegative float expressing - seconds, or C{None} for no timeout. If a float is given, a - C{PipeTimeout} will be raised if the timeout period value has - elapsed before any data arrives. - - @param nbytes: maximum number of bytes to read - @type nbytes: int - @param timeout: maximum seconds to wait (or C{None}, the default, to - wait forever) - @type timeout: float - @return: data - @rtype: str - - @raise PipeTimeout: if a timeout was specified and no data was ready - before that timeout - """ - out = '' - self._lock.acquire() - try: - if len(self._buffer) == 0: - if self._closed: - return out - # should we block? - if timeout == 0.0: - raise PipeTimeout() - # loop here in case we get woken up but a different thread has - # grabbed everything in the buffer. - while (len(self._buffer) == 0) and not self._closed: - then = time.time() - self._cv.wait(timeout) - if timeout is not None: - timeout -= time.time() - then - if timeout <= 0.0: - raise PipeTimeout() - - # something's in the buffer and we have the lock! - if len(self._buffer) <= nbytes: - out = self._buffer.tostring() - del self._buffer[:] - if (self._event is not None) and not self._closed: - self._event.clear() - else: - out = self._buffer[:nbytes].tostring() - del self._buffer[:nbytes] - finally: - self._lock.release() - - return out - - def empty(self): - """ - Clear out the buffer and return all data that was in it. - - @return: any data that was in the buffer prior to clearing it out - @rtype: str - """ - self._lock.acquire() - try: - out = self._buffer.tostring() - del self._buffer[:] - if (self._event is not None) and not self._closed: - self._event.clear() - return out - finally: - self._lock.release() - - def close(self): - """ - Close this pipe object. Future calls to L{read} after the buffer - has been emptied will return immediately with an empty string. - """ - self._lock.acquire() - try: - self._closed = True - self._cv.notifyAll() - if self._event is not None: - self._event.set() - finally: - self._lock.release() - - def __len__(self): - """ - Return the number of bytes buffered. - - @return: number of bytes bufferes - @rtype: int - """ - self._lock.acquire() - try: - return len(self._buffer) - finally: - self._lock.release() -
