| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 |
- # -*- test-case-name: twisted.conch.test.test_openssh_compat -*-
- # Copyright (c) Twisted Matrix Laboratories.
- # See LICENSE for details.
- """
- Factory for reading openssh configuration files: public keys, private keys, and
- moduli file.
- """
- import os, errno
- from twisted.python import log
- from twisted.python.util import runAsEffectiveUser
- from twisted.conch.ssh import keys, factory, common
- from twisted.conch.openssh_compat import primes
- class OpenSSHFactory(factory.SSHFactory):
- dataRoot = '/usr/local/etc'
- # For openbsd which puts moduli in a different directory from keys.
- moduliRoot = '/usr/local/etc'
- def getPublicKeys(self):
- """
- Return the server public keys.
- """
- ks = {}
- for filename in os.listdir(self.dataRoot):
- if filename[:9] == 'ssh_host_' and filename[-8:]=='_key.pub':
- try:
- k = keys.Key.fromFile(
- os.path.join(self.dataRoot, filename))
- t = common.getNS(k.blob())[0]
- ks[t] = k
- except Exception as e:
- log.msg('bad public key file %s: %s' % (filename, e))
- return ks
- def getPrivateKeys(self):
- """
- Return the server private keys.
- """
- privateKeys = {}
- for filename in os.listdir(self.dataRoot):
- if filename[:9] == 'ssh_host_' and filename[-4:]=='_key':
- fullPath = os.path.join(self.dataRoot, filename)
- try:
- key = keys.Key.fromFile(fullPath)
- except IOError as e:
- if e.errno == errno.EACCES:
- # Not allowed, let's switch to root
- key = runAsEffectiveUser(
- 0, 0, keys.Key.fromFile, fullPath)
- privateKeys[key.sshType()] = key
- else:
- raise
- except Exception as e:
- log.msg('bad private key file %s: %s' % (filename, e))
- else:
- privateKeys[key.sshType()] = key
- return privateKeys
- def getPrimes(self):
- try:
- return primes.parseModuliFile(self.moduliRoot+'/moduli')
- except IOError:
- return None
|
