def _match_key(self, key_obj, base64_key):
key = key_obj.name + ' ' + base64_key
# XXX: static or class method would make this instantiation not necessary.
# Too bad the syntax sucks.
from coro.ssh.keys.openssh_key_storage import OpenSSH_Key_Storage
x = OpenSSH_Key_Storage()
parsed_key = x.parse_public_key(key)
if parsed_key.public_key == key_obj.public_key:
return 1
else:
return 0
def _match_key(self, key_obj, base64_key):
key = key_obj.name + ' ' + base64_key
# XXX: static or class method would make this instantiation not necessary.
# Too bad the syntax sucks.
from coro.ssh.keys.openssh_key_storage import OpenSSH_Key_Storage
x = OpenSSH_Key_Storage()
parsed_key = x.parse_public_key(key)
if parsed_key.public_key == key_obj.public_key:
return 1
else:
return 0
def runTest(self):
# Build a sample known_hosts test file.
tmp_filename = os.tempnam()
f = open(tmp_filename, 'w')
f.write("""# Example known hosts file.
10.1.1.108 ssh-dss AAAAB3NzaC1kc3MAAACBAOdTJwlIDyxIKAaCoGr/XsySV8AzJDU2fAePcO7CBURUYyUHS9uKsgsjZw7qBkdnkWT/Yx2Z8k9j+HuJ2L3mI6y9+cknen9ycze6g/UwmYa2+forEz7NXiEWi3lTHXnAXjEpmCWZAB6++HPM9rq+wQluOcN8cks57sttzxzqQG6RAAAAFQCgQ/edsYFn4jEBiJhoj97GElWM0QAAAIAz5hffnGq9zK5rtrNpKVdz6KIEyeXlGd16f6NwotVwpNd2zEXBC3+z13TyMiX35H9m7fWYQen7O7RNekJl5Gz7V6UA7lipNFrhmg/eO6rnXetrrgjdiHF5mSx3O8uBQOU5tK+IyAINtBhDqM6GNEqEkFa9yT6POYjGA8ihSaUUOQAAAIEAvvDYfg+KrBZUlJGMK/g1muBbBu5o+UbppgRTOsEfAMKRovV0vsZc4AIaeh/uGVKS+zXqQHh7btHgTMQ47hxF3tPVFWIgO6vDtsQX90e9xaCfmKQY2EV0Wrq1XUKxOycTNRZ5kCxYkq4qRhs5QnqB/Ov71g7HHxsJ8pnjSDusiNo=
172.16.1.11 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvUNY7kd1sDujt9HhdT6VWtf8yVRAw2Ib+M6ptWTuWWnPGR6TP/ZwumSs/rAguyxWrNRbw7Eainr/BTEFATpJRYKUDPZKGHLT3ixtOy7scUVRyaJD7F3L7BujkhHLWOyFJGtoZmJEdQmddGDwq+16gLD06GA8/N8kkQFRR6vwlRs=
64.70.20.70,64.70.44.3 1024 35 162807158017859311401243513535320968370503503816817576276599779420791975206320054411137858395244854129122865069311130487158120563446636918588974972115213166463069362091898230386572857193095086738994217228848073927343769936543295334648942676920084374567042307974866766193585693129128286570059425685457486987781
lists.ironport.com,10.1.1.109 ssh-dss AAAAB3NzaC1kc3MAAACBAOfO0s6KFDk8lU7hJyLWevjEIi9drfn8wJYFvYAc+apN4+Qlq4DtFXMDH8U5pQWpZsj705ywi5cex8aEaeepfeQBe6NQCmJci47cTTnaiy/IR7d2hZkB0LmJJX6JxYWWtk2kFyL4xbPEfXbBpNprTfNzgi32YeeIKak3T3amYo8dAAAAFQDInSP36WJZ7WnH13qBXZM+5USftwAAAIAQ7CHz/hwxpmYNind6Zm7vmFC8JkRdkTjNIfyuHszfgHI3+imhSJJxjaSwdvLNi+2P2cdoTrL45ITPFT0+YSq1VIXclqa0k0kjETFbayGbq9DE3w7S6WBiiewTcllu7NzO9EvaNt3XJUQ7SpvNBoLhv+XAHkdhX0ouwwtyeElT6gAAAIAEcOOSQClq9CIcYEjwtfDBANaJ7o2WfYJMqto+ibjnl+1YFtGw9ofD5gi5gtEIGtSb6mO88ooX9sfmkaAY+1L/gTdb3Fxc3zuL2PymBt1ruNTgVzEjV35h94lgC3+F4mPz0jQpnpsbxhm/uDn/i1BeRBlzMhyWOAHfLknna9WCmg==
!outlaw.qa,*.qa,172.17.0.201 ssh-dss AAAAB3NzaC1kc3MAAACBAPaQAeia7kiuORu9425IyZRKlRPkom9mjEVERjN3Lw5R93rBZSwbl8wiT1PEeBN2047SZD7ucHaAUqAU39l//JVA0Q/RHXczad1niqC7Y7YKSpu3XfI7vpgMd91XIlxNhnhvNLtWfmwuWuX1FFiByKUY7fsHVeKTYwnvRPiv89IBAAAAFQCryy7v2z5Olv1Z0bSoQLDemiSzywAAAIEA3pmx1n0YRuw3hY4RfXbQCUxtu19bldG4XlNnmeIE8cb4tdGHBgLnLrMpSLsA4aMOWAzzDvB/Gk9AlgyNuYp2NaCFStE5yYiK9c+wTNpChCsDx/BqWMtPYTKQDZmhmSp94noIQd429OIJhQt1qL/7vHD1Tac/2V33TsADYW4aS+4AAACBANC4tVdIkB5vyLm2BrjK+P7uS8SaUSfKaAd83XahVz2q8cIeiFHrXvfLRFeks99vgxSPq6mqxC5zpcDGFWBm1UJY4PxyG+t6AhgYEPefD+ofXAvTHLPIRJbNv2BDP6vHOKRfAYtWGbQf6sXw4VwS9mAR6JHlGoHMLnRewMcq49jE
*.com,test04.god ssh-dss AAAAB3NzaC1kc3MAAACBAK3p8k1i9I/m0no3LAS4etFGsommDJcBQfsuP/nn42O0VyDXltcfjLvWxABZow6iKJHiHZ8FN/FxOX+jZUlIplrs6oRYbKeWegq3NcvelEderWhIyOKrDZHgO9HprwamSMWFxDG5kUSJ/em/G5N+rGv8K7dJfCus42ynh0+a/Q1dAAAAFQD1/X/izKQrZs//Q5HgVVOfEqK6+wAAAIBQw1TWAHQHiihsCbbMbGuzm/7Rq9YTvGNyzmBgAP/fbmv/Vi3lZwmTilKSkebEFvrWeAT1hI9KufzjeRhkUCZGzCmCt7A614/brJRIznOAvWaTRsy/wzw7kdARljdQRTcnSXnpc81jEzMyt2SzcifZOvyNfIhAtFXX6yXeFg1dpgAAAIBoJZa1MTGEWJ43BcFftRGbnf/EK5+SDlYgrSiJZeGAUURvrdJPPtCSRtQU7ldiGfKiPcD/6U0XcC9o09/sDSfFOEtTFnawe74pqcQVT3x2hQ5Zs1W82M2arNXaoYBo21RAE4oy1u010a4hjxPoSrAVyQXVwL2Sv8B5vDu99sIu1w==
""")
f.close()
# Make a subclass so we can control which file it loads.
class custom_known_hosts(OpenSSH_Known_Hosts):
def __init__(self, tmp_filename):
self.tmp_filename = tmp_filename
def get_known_hosts_filenames(self, username):
return [self.tmp_filename]
try:
from coro.ssh.keys.openssh_key_storage import OpenSSH_Key_Storage
keystore = OpenSSH_Key_Storage()
x = custom_known_hosts(tmp_filename)
# Make some keys to test against.
# 10.1.1.108
k1 = keystore.parse_public_key('ssh-dss AAAAB3NzaC1kc3MAAACBAOdTJwlIDyxIKAaCoGr/XsySV8AzJDU2fAePcO7CBURUYyUHS9uKsgsjZw7qBkdnkWT/Yx2Z8k9j+HuJ2L3mI6y9+cknen9ycze6g/UwmYa2+forEz7NXiEWi3lTHXnAXjEpmCWZAB6++HPM9rq+wQluOcN8cks57sttzxzqQG6RAAAAFQCgQ/edsYFn4jEBiJhoj97GElWM0QAAAIAz5hffnGq9zK5rtrNpKVdz6KIEyeXlGd16f6NwotVwpNd2zEXBC3+z13TyMiX35H9m7fWYQen7O7RNekJl5Gz7V6UA7lipNFrhmg/eO6rnXetrrgjdiHF5mSx3O8uBQOU5tK+IyAINtBhDqM6GNEqEkFa9yT6POYjGA8ihSaUUOQAAAIEAvvDYfg+KrBZUlJGMK/g1muBbBu5o+UbppgRTOsEfAMKRovV0vsZc4AIaeh/uGVKS+zXqQHh7btHgTMQ47hxF3tPVFWIgO6vDtsQX90e9xaCfmKQY2EV0Wrq1XUKxOycTNRZ5kCxYkq4qRhs5QnqB/Ov71g7HHxsJ8pnjSDusiNo=')
# lists.ironport.com
k2 = keystore.parse_public_key('ssh-dss AAAAB3NzaC1kc3MAAACBAOfO0s6KFDk8lU7hJyLWevjEIi9drfn8wJYFvYAc+apN4+Qlq4DtFXMDH8U5pQWpZsj705ywi5cex8aEaeepfeQBe6NQCmJci47cTTnaiy/IR7d2hZkB0LmJJX6JxYWWtk2kFyL4xbPEfXbBpNprTfNzgi32YeeIKak3T3amYo8dAAAAFQDInSP36WJZ7WnH13qBXZM+5USftwAAAIAQ7CHz/hwxpmYNind6Zm7vmFC8JkRdkTjNIfyuHszfgHI3+imhSJJxjaSwdvLNi+2P2cdoTrL45ITPFT0+YSq1VIXclqa0k0kjETFbayGbq9DE3w7S6WBiiewTcllu7NzO9EvaNt3XJUQ7SpvNBoLhv+XAHkdhX0ouwwtyeElT6gAAAIAEcOOSQClq9CIcYEjwtfDBANaJ7o2WfYJMqto+ibjnl+1YFtGw9ofD5gi5gtEIGtSb6mO88ooX9sfmkaAY+1L/gTdb3Fxc3zuL2PymBt1ruNTgVzEjV35h94lgC3+F4mPz0jQpnpsbxhm/uDn/i1BeRBlzMhyWOAHfLknna9WCmg==')
# 172.17.0.201
k3 = keystore.parse_public_key('ssh-dss AAAAB3NzaC1kc3MAAACBAPaQAeia7kiuORu9425IyZRKlRPkom9mjEVERjN3Lw5R93rBZSwbl8wiT1PEeBN2047SZD7ucHaAUqAU39l//JVA0Q/RHXczad1niqC7Y7YKSpu3XfI7vpgMd91XIlxNhnhvNLtWfmwuWuX1FFiByKUY7fsHVeKTYwnvRPiv89IBAAAAFQCryy7v2z5Olv1Z0bSoQLDemiSzywAAAIEA3pmx1n0YRuw3hY4RfXbQCUxtu19bldG4XlNnmeIE8cb4tdGHBgLnLrMpSLsA4aMOWAzzDvB/Gk9AlgyNuYp2NaCFStE5yYiK9c+wTNpChCsDx/BqWMtPYTKQDZmhmSp94noIQd429OIJhQt1qL/7vHD1Tac/2V33TsADYW4aS+4AAACBANC4tVdIkB5vyLm2BrjK+P7uS8SaUSfKaAd83XahVz2q8cIeiFHrXvfLRFeks99vgxSPq6mqxC5zpcDGFWBm1UJY4PxyG+t6AhgYEPefD+ofXAvTHLPIRJbNv2BDP6vHOKRfAYtWGbQf6sXw4VwS9mAR6JHlGoHMLnRewMcq49jE')
# test04.god
k4 = keystore.parse_public_key('ssh-dss AAAAB3NzaC1kc3MAAACBAK3p8k1i9I/m0no3LAS4etFGsommDJcBQfsuP/nn42O0VyDXltcfjLvWxABZow6iKJHiHZ8FN/FxOX+jZUlIplrs6oRYbKeWegq3NcvelEderWhIyOKrDZHgO9HprwamSMWFxDG5kUSJ/em/G5N+rGv8K7dJfCus42ynh0+a/Q1dAAAAFQD1/X/izKQrZs//Q5HgVVOfEqK6+wAAAIBQw1TWAHQHiihsCbbMbGuzm/7Rq9YTvGNyzmBgAP/fbmv/Vi3lZwmTilKSkebEFvrWeAT1hI9KufzjeRhkUCZGzCmCt7A614/brJRIznOAvWaTRsy/wzw7kdARljdQRTcnSXnpc81jEzMyt2SzcifZOvyNfIhAtFXX6yXeFg1dpgAAAIBoJZa1MTGEWJ43BcFftRGbnf/EK5+SDlYgrSiJZeGAUURvrdJPPtCSRtQU7ldiGfKiPcD/6U0XcC9o09/sDSfFOEtTFnawe74pqcQVT3x2hQ5Zs1W82M2arNXaoYBo21RAE4oy1u010a4hjxPoSrAVyQXVwL2Sv8B5vDu99sIu1w==')
# Make a key that doesn't exist in the known hosts file.
unknown_key = keystore.parse_public_key('ssh-dss AAAAB3NzaC1kc3MAAACBAJSc17NO4rxvhUfwjMzJMG9On9umzzlbwlN0wBv5riYetE1flTyySOUPa8YvpNYmMs5GSz0CzO/FI/EM/rgYvpvA+KKpV/9oL+XoT/O36t6Q8MZIGXwj75lxP8X9NSZxO0b5E7CRDyW5rsl6xfa3YaQrWqZRKhOeGASWRYtUZcpVAAAAFQCazkzFpIwqEpAbn0jZlkUHKbpwuQAAAIA4AGcL/OMIDtxC7T1smSPVk0VEr5i+IfL4xPLRSQCw6/Jr4OLzBH/TiTAjyp7NZszIu586J85t1nO3kOx/fKI8Ik2jDvJOmdUtDvMZnbZK1rvFiw3dCxEERGVW1LjyAnxtebl/pOJ6CpO4Pfh87mx+iH9m90oZSCDz602DXUz50wAAAIA0mmctzgavC8ApEsbKI69MhaYhkyxvEaucTarkGPAPvXPurfVJ8ZwtK3dYckLgn3a5WPHWqIZVfmtSbnkwld+t3BIl8IX6bKa2WaffUeU6k50ssUV6IvW+IHd0JJ/mwE6f9caNS7x0pC0+DQujp553IP5cr9NskQTK4j/Iwwlkrw==')
# 172.16.1.11
k5 = keystore.parse_public_key('ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvUNY7kd1sDujt9HhdT6VWtf8yVRAw2Ib+M6ptWTuWWnPGR6TP/ZwumSs/rAguyxWrNRbw7Eainr/BTEFATpJRYKUDPZKGHLT3ixtOy7scUVRyaJD7F3L7BujkhHLWOyFJGtoZmJEdQmddGDwq+16gLD06GA8/N8kkQFRR6vwlRs=')
# Do the tests.
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('10.1.1.108',''), k1), 1)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('1.2.3.4',''), k1), 0)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','lists.ironport.com'), k2), 1)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('lists.ironport.com', '10.1.1.109'), k2), 1)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('10.1.1.109',''), k2), 1)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','outlaw.qa'), k3), 0)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','foo.qa'), k3), 1)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('172.17.0.201',''), k3), 1)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','foo.com'), k4), 1)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','test04.god'), k4), 1)
self.assertRaises(Host_Key_Changed_Error, x.check_for_host, IPv4_Remote_Host_ID('10.1.1.108',''), k2)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('lists.ironport.com', '10.1.1.108'), k1), 1)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','unknown.dom'), k1), 0)
self.assertRaises(Host_Key_Changed_Error, x.check_for_host, IPv4_Remote_Host_ID('10.1.1.108',''), unknown_key)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('172.16.1.11',''), unknown_key), 0)
self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('172.16.1.11',''), k5), 1)
finally:
os.unlink(tmp_filename)
def __init__(self,
client_transport=None,
server_transport=None,
debug=None):
self.tmc = Thread_Message_Callbacks()
self.send_mutex = coro.mutex()
# This is the registry of modules that want to receive certain messages.
# The key is the module name, the value is a dictionary of message number
# to callback function. The function takes 1 parameter (the packet).
self.message_callback_registry = {}
# This is a mapping of SSH message numbers to the function to call when
# that message is received. It is an optimized version computed from
# message_callback_registry.
self.message_callbacks = {}
if debug is None:
self.debug = ssh_debug.Debug()
else:
self.debug = debug
if client_transport is None:
self.c2s = One_Way_SSH_Transport(self)
else:
self.c2s = client_transport
if server_transport is None:
self.s2c = One_Way_SSH_Transport(self)
else:
self.s2c = server_transport
self.supported_key_storages = [OpenSSH_Key_Storage()]
# XXX who/what sets self.is_server? can we use self.is_server
# to decide which callbacks to register? Or should that be done
# by the subclass?
self.register_callbacks(
'__base__',
{
SSH_MSG_IGNORE: self.msg_ignore,
SSH_MSG_DEBUG: self.msg_debug,
SSH_MSG_DISCONNECT: self.msg_disconnect,
SSH_MSG_UNIMPLEMENTED: self.msg_unimplemented,
# SSH_MSG_KEXINIT:self.msg_kexinit,
SSH_MSG_NEWKEYS: self.msg_newkeys,
})
server_key_pri = """-----BEGIN DSA PRIVATE KEY-----
MIIBuwIBAAKBgQDTfwvvQo0WnUmZpnUFmqF/TXSXFaJ1NKbBLQXPh8dhHgTN1uFO
ZibFXMKpDHLCGCdGRm5eHansB9hu2+nNoaFf3oLDHc8ctuE7xRHT8x174D2AxcnX
r0Fw3BnZHj58lLlhayDJ4S6W77yefGEOuo/wKUEPjAUBCrvxKq3bKAeVUQIVAPpR
bJO1QQZPlj4w+MXmRTgW7wGfAoGAVUkBIX+RLrh9guyiAadi9xGk8S7n5w2PbcsP
KTG8x/ttCDEuaBp6El6qt86cA+M2GPvXjuMGR5BQT8IOaWS7Aw2+J1IamLCsrPfq
oiQvz3cqxOAutuIuorzbIAgVo0hiAyovZE4u2zzKeci7OtfD8pRThSby4Dgbkeix
FQFhW08CgYBSxcduHDSqJTCjFK4hwTlNck4h2hC1E4xuMfxYsUZkLrBAsD3nzU2W
jNoZppTz3W8XC7YnTxonncXNWxCWsDWpvs0b2zGj7uUvGRtlyxtQpybyN3LZ0flo
DssTygy7t0KlS7T2a1IhqiVDbrSUoGXz+Wp/z66lCpSLTlPsGpLeLwIVAMQldwwH
OekNfzzIBr6QkMvmIOuL
-----END DSA PRIVATE KEY-----
"""
ks = OpenSSH_Key_Storage()
server_key_ob = ks.parse_private_key (server_key_pri)
# will authentication user 'foo' with password 'bar' for the 'ssh-connection' service [the only service currently supported]
pwd_auth = coro.ssh.auth.userauth.Password_Authenticator ({'foo' : { 'ssh-connection' : 'bar' } })
# how to add public-key authentication:
#
# user_key_pub = """ssh-dss AAAAB...Stc= [email protected]\n"""
# user_key_ob = ks.parse_public_key (user_key_pub)
# pubkey_auth = coro.ssh.auth.userauth.Public_Key_Authenticator ({'luser': { 'ssh-connection' : [user_key_ob]}})
#
# add/replace <pubkey_auth> to the list "[pwd_auth]" below...
def usage():
print 'backdoor.py [-p port]'
MIIBuwIBAAKBgQDTfwvvQo0WnUmZpnUFmqF/TXSXFaJ1NKbBLQXPh8dhHgTN1uFO ZibFXMKpDHLCGCdGRm5eHansB9hu2+nNoaFf3oLDHc8ctuE7xRHT8x174D2AxcnX r0Fw3BnZHj58lLlhayDJ4S6W77yefGEOuo/wKUEPjAUBCrvxKq3bKAeVUQIVAPpR bJO1QQZPlj4w+MXmRTgW7wGfAoGAVUkBIX+RLrh9guyiAadi9xGk8S7n5w2PbcsP KTG8x/ttCDEuaBp6El6qt86cA+M2GPvXjuMGR5BQT8IOaWS7Aw2+J1IamLCsrPfq oiQvz3cqxOAutuIuorzbIAgVo0hiAyovZE4u2zzKeci7OtfD8pRThSby4Dgbkeix FQFhW08CgYBSxcduHDSqJTCjFK4hwTlNck4h2hC1E4xuMfxYsUZkLrBAsD3nzU2W jNoZppTz3W8XC7YnTxonncXNWxCWsDWpvs0b2zGj7uUvGRtlyxtQpybyN3LZ0flo DssTygy7t0KlS7T2a1IhqiVDbrSUoGXz+Wp/z66lCpSLTlPsGpLeLwIVAMQldwwH OekNfzzIBr6QkMvmIOuL -----END DSA PRIVATE KEY----- """ user_key_pub = """ssh-dss AAAAB3NzaC1kc3MAAACBAPawYoOY758V46mBep5i3pRQSuXnmYLiwBWH06NMXfMKkncZE4eWIVVoDqZmeMfCSHP8uY2gS+QDfdMCGtqu9sX8noPx5SG6gzUnadhFKU2+o7tbJ9WkQX7TPHB2GLBk5SNn6MFfLlLwlLv+OFnO0jcBD81fkCZp19BoZt1CCMGLAAAAFQCCSKBZHEoXw7Y1jiT0GFuqGgPMaQAAAIB2EjHBcrMa6jvmNI1DLYEHrYlQ30cDvnYYIyunMsp6SybE1sLN2W3UqGLjqB2i3FgWh7o1yUVWdImBvFz4kdYVhlEcYUeTgu8IWH2YNFcr7/Q4IpF9h20pu/ASuR9aK/D8sA4s7JqVfkS/mIaOZ8W2aZiOSaqvJXQPee9tiKgLDAAAAIEA6jTTFwh0wBlLdzALSaxf+A4IPGwE3mlmVmzt+A+a+EqL2ZRmAZ2puQH3NKckqrAlHDY7gGuF5XlHUTiTbVanuv6vCRlPwHWCPNNZhYFqGLpMEqRNPV2cMlU0gaPn69DMZwbDNCJghZI6C2uejoh3agHvHq8jgm9q4e3X3nEjStc= [email protected]\n""" # noqa ks = OpenSSH_Key_Storage() server_key_ob = ks.parse_private_key(server_key_pri) user_key_ob = ks.parse_public_key(user_key_pub) def usage(): print "test_coro_server [-p port]" def serve(port): s = coro.tcp_sock() s.bind(("", port)) s.listen(5) while 1: conn, addr = s.accept() coro.spawn(go, conn, addr)
MIIBuwIBAAKBgQDTfwvvQo0WnUmZpnUFmqF/TXSXFaJ1NKbBLQXPh8dhHgTN1uFO ZibFXMKpDHLCGCdGRm5eHansB9hu2+nNoaFf3oLDHc8ctuE7xRHT8x174D2AxcnX r0Fw3BnZHj58lLlhayDJ4S6W77yefGEOuo/wKUEPjAUBCrvxKq3bKAeVUQIVAPpR bJO1QQZPlj4w+MXmRTgW7wGfAoGAVUkBIX+RLrh9guyiAadi9xGk8S7n5w2PbcsP KTG8x/ttCDEuaBp6El6qt86cA+M2GPvXjuMGR5BQT8IOaWS7Aw2+J1IamLCsrPfq oiQvz3cqxOAutuIuorzbIAgVo0hiAyovZE4u2zzKeci7OtfD8pRThSby4Dgbkeix FQFhW08CgYBSxcduHDSqJTCjFK4hwTlNck4h2hC1E4xuMfxYsUZkLrBAsD3nzU2W jNoZppTz3W8XC7YnTxonncXNWxCWsDWpvs0b2zGj7uUvGRtlyxtQpybyN3LZ0flo DssTygy7t0KlS7T2a1IhqiVDbrSUoGXz+Wp/z66lCpSLTlPsGpLeLwIVAMQldwwH OekNfzzIBr6QkMvmIOuL -----END DSA PRIVATE KEY----- """ user_key_pub = """ssh-dss AAAAB3NzaC1kc3MAAACBAPawYoOY758V46mBep5i3pRQSuXnmYLiwBWH06NMXfMKkncZE4eWIVVoDqZmeMfCSHP8uY2gS+QDfdMCGtqu9sX8noPx5SG6gzUnadhFKU2+o7tbJ9WkQX7TPHB2GLBk5SNn6MFfLlLwlLv+OFnO0jcBD81fkCZp19BoZt1CCMGLAAAAFQCCSKBZHEoXw7Y1jiT0GFuqGgPMaQAAAIB2EjHBcrMa6jvmNI1DLYEHrYlQ30cDvnYYIyunMsp6SybE1sLN2W3UqGLjqB2i3FgWh7o1yUVWdImBvFz4kdYVhlEcYUeTgu8IWH2YNFcr7/Q4IpF9h20pu/ASuR9aK/D8sA4s7JqVfkS/mIaOZ8W2aZiOSaqvJXQPee9tiKgLDAAAAIEA6jTTFwh0wBlLdzALSaxf+A4IPGwE3mlmVmzt+A+a+EqL2ZRmAZ2puQH3NKckqrAlHDY7gGuF5XlHUTiTbVanuv6vCRlPwHWCPNNZhYFqGLpMEqRNPV2cMlU0gaPn69DMZwbDNCJghZI6C2uejoh3agHvHq8jgm9q4e3X3nEjStc= [email protected]\n""" # noqa ks = OpenSSH_Key_Storage() server_key_ob = ks.parse_private_key(server_key_pri) user_key_ob = ks.parse_public_key(user_key_pub) def usage(): print 'test_coro_server [-p port]' def serve(port): s = coro.tcp_sock() s.bind(('', port)) s.listen(5) while 1: conn, addr = s.accept() coro.spawn(go, conn, addr)
def runTest(self):
# Build a sample known_hosts test file.
tmp_filename = os.tempnam()
f = open(tmp_filename, 'w')
f.write("""# Example known hosts file.
10.1.1.108 ssh-dss AAAAB3NzaC1kc3MAAACBAOdTJwlIDyxIKAaCoGr/XsySV8AzJDU2fAePcO7CBURUYyUHS9uKsgsjZw7qBkdnkWT/Yx2Z8k9j+HuJ2L3mI6y9+cknen9ycze6g/UwmYa2+forEz7NXiEWi3lTHXnAXjEpmCWZAB6++HPM9rq+wQluOcN8cks57sttzxzqQG6RAAAAFQCgQ/edsYFn4jEBiJhoj97GElWM0QAAAIAz5hffnGq9zK5rtrNpKVdz6KIEyeXlGd16f6NwotVwpNd2zEXBC3+z13TyMiX35H9m7fWYQen7O7RNekJl5Gz7V6UA7lipNFrhmg/eO6rnXetrrgjdiHF5mSx3O8uBQOU5tK+IyAINtBhDqM6GNEqEkFa9yT6POYjGA8ihSaUUOQAAAIEAvvDYfg+KrBZUlJGMK/g1muBbBu5o+UbppgRTOsEfAMKRovV0vsZc4AIaeh/uGVKS+zXqQHh7btHgTMQ47hxF3tPVFWIgO6vDtsQX90e9xaCfmKQY2EV0Wrq1XUKxOycTNRZ5kCxYkq4qRhs5QnqB/Ov71g7HHxsJ8pnjSDusiNo=
172.16.1.11 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvUNY7kd1sDujt9HhdT6VWtf8yVRAw2Ib+M6ptWTuWWnPGR6TP/ZwumSs/rAguyxWrNRbw7Eainr/BTEFATpJRYKUDPZKGHLT3ixtOy7scUVRyaJD7F3L7BujkhHLWOyFJGtoZmJEdQmddGDwq+16gLD06GA8/N8kkQFRR6vwlRs=
64.70.20.70,64.70.44.3 1024 35 162807158017859311401243513535320968370503503816817576276599779420791975206320054411137858395244854129122865069311130487158120563446636918588974972115213166463069362091898230386572857193095086738994217228848073927343769936543295334648942676920084374567042307974866766193585693129128286570059425685457486987781
lists.ironport.com,10.1.1.109 ssh-dss AAAAB3NzaC1kc3MAAACBAOfO0s6KFDk8lU7hJyLWevjEIi9drfn8wJYFvYAc+apN4+Qlq4DtFXMDH8U5pQWpZsj705ywi5cex8aEaeepfeQBe6NQCmJci47cTTnaiy/IR7d2hZkB0LmJJX6JxYWWtk2kFyL4xbPEfXbBpNprTfNzgi32YeeIKak3T3amYo8dAAAAFQDInSP36WJZ7WnH13qBXZM+5USftwAAAIAQ7CHz/hwxpmYNind6Zm7vmFC8JkRdkTjNIfyuHszfgHI3+imhSJJxjaSwdvLNi+2P2cdoTrL45ITPFT0+YSq1VIXclqa0k0kjETFbayGbq9DE3w7S6WBiiewTcllu7NzO9EvaNt3XJUQ7SpvNBoLhv+XAHkdhX0ouwwtyeElT6gAAAIAEcOOSQClq9CIcYEjwtfDBANaJ7o2WfYJMqto+ibjnl+1YFtGw9ofD5gi5gtEIGtSb6mO88ooX9sfmkaAY+1L/gTdb3Fxc3zuL2PymBt1ruNTgVzEjV35h94lgC3+F4mPz0jQpnpsbxhm/uDn/i1BeRBlzMhyWOAHfLknna9WCmg==
!outlaw.qa,*.qa,172.17.0.201 ssh-dss AAAAB3NzaC1kc3MAAACBAPaQAeia7kiuORu9425IyZRKlRPkom9mjEVERjN3Lw5R93rBZSwbl8wiT1PEeBN2047SZD7ucHaAUqAU39l//JVA0Q/RHXczad1niqC7Y7YKSpu3XfI7vpgMd91XIlxNhnhvNLtWfmwuWuX1FFiByKUY7fsHVeKTYwnvRPiv89IBAAAAFQCryy7v2z5Olv1Z0bSoQLDemiSzywAAAIEA3pmx1n0YRuw3hY4RfXbQCUxtu19bldG4XlNnmeIE8cb4tdGHBgLnLrMpSLsA4aMOWAzzDvB/Gk9AlgyNuYp2NaCFStE5yYiK9c+wTNpChCsDx/BqWMtPYTKQDZmhmSp94noIQd429OIJhQt1qL/7vHD1Tac/2V33TsADYW4aS+4AAACBANC4tVdIkB5vyLm2BrjK+P7uS8SaUSfKaAd83XahVz2q8cIeiFHrXvfLRFeks99vgxSPq6mqxC5zpcDGFWBm1UJY4PxyG+t6AhgYEPefD+ofXAvTHLPIRJbNv2BDP6vHOKRfAYtWGbQf6sXw4VwS9mAR6JHlGoHMLnRewMcq49jE
*.com,test04.god ssh-dss AAAAB3NzaC1kc3MAAACBAK3p8k1i9I/m0no3LAS4etFGsommDJcBQfsuP/nn42O0VyDXltcfjLvWxABZow6iKJHiHZ8FN/FxOX+jZUlIplrs6oRYbKeWegq3NcvelEderWhIyOKrDZHgO9HprwamSMWFxDG5kUSJ/em/G5N+rGv8K7dJfCus42ynh0+a/Q1dAAAAFQD1/X/izKQrZs//Q5HgVVOfEqK6+wAAAIBQw1TWAHQHiihsCbbMbGuzm/7Rq9YTvGNyzmBgAP/fbmv/Vi3lZwmTilKSkebEFvrWeAT1hI9KufzjeRhkUCZGzCmCt7A614/brJRIznOAvWaTRsy/wzw7kdARljdQRTcnSXnpc81jEzMyt2SzcifZOvyNfIhAtFXX6yXeFg1dpgAAAIBoJZa1MTGEWJ43BcFftRGbnf/EK5+SDlYgrSiJZeGAUURvrdJPPtCSRtQU7ldiGfKiPcD/6U0XcC9o09/sDSfFOEtTFnawe74pqcQVT3x2hQ5Zs1W82M2arNXaoYBo21RAE4oy1u010a4hjxPoSrAVyQXVwL2Sv8B5vDu99sIu1w==
""") # noqa
f.close()
# Make a subclass so we can control which file it loads.
class custom_known_hosts(OpenSSH_Known_Hosts):
def __init__(self, tmp_filename):
self.tmp_filename = tmp_filename
def get_known_hosts_filenames(self, username):
return [self.tmp_filename]
try:
from coro.ssh.keys.openssh_key_storage import OpenSSH_Key_Storage
keystore = OpenSSH_Key_Storage()
x = custom_known_hosts(tmp_filename)
# Make some keys to test against.
# 10.1.1.108
k1 = keystore.parse_public_key(
'ssh-dss AAAAB3NzaC1kc3MAAACBAOdTJwlIDyxIKAaCoGr/XsySV8AzJDU2fAePcO7CBURUYyUHS9uKsgsjZw7qBkdnkWT/Yx2Z8k9j+HuJ2L3mI6y9+cknen9ycze6g/UwmYa2+forEz7NXiEWi3lTHXnAXjEpmCWZAB6++HPM9rq+wQluOcN8cks57sttzxzqQG6RAAAAFQCgQ/edsYFn4jEBiJhoj97GElWM0QAAAIAz5hffnGq9zK5rtrNpKVdz6KIEyeXlGd16f6NwotVwpNd2zEXBC3+z13TyMiX35H9m7fWYQen7O7RNekJl5Gz7V6UA7lipNFrhmg/eO6rnXetrrgjdiHF5mSx3O8uBQOU5tK+IyAINtBhDqM6GNEqEkFa9yT6POYjGA8ihSaUUOQAAAIEAvvDYfg+KrBZUlJGMK/g1muBbBu5o+UbppgRTOsEfAMKRovV0vsZc4AIaeh/uGVKS+zXqQHh7btHgTMQ47hxF3tPVFWIgO6vDtsQX90e9xaCfmKQY2EV0Wrq1XUKxOycTNRZ5kCxYkq4qRhs5QnqB/Ov71g7HHxsJ8pnjSDusiNo='
) # noqa
# lists.ironport.com
k2 = keystore.parse_public_key(
'ssh-dss AAAAB3NzaC1kc3MAAACBAOfO0s6KFDk8lU7hJyLWevjEIi9drfn8wJYFvYAc+apN4+Qlq4DtFXMDH8U5pQWpZsj705ywi5cex8aEaeepfeQBe6NQCmJci47cTTnaiy/IR7d2hZkB0LmJJX6JxYWWtk2kFyL4xbPEfXbBpNprTfNzgi32YeeIKak3T3amYo8dAAAAFQDInSP36WJZ7WnH13qBXZM+5USftwAAAIAQ7CHz/hwxpmYNind6Zm7vmFC8JkRdkTjNIfyuHszfgHI3+imhSJJxjaSwdvLNi+2P2cdoTrL45ITPFT0+YSq1VIXclqa0k0kjETFbayGbq9DE3w7S6WBiiewTcllu7NzO9EvaNt3XJUQ7SpvNBoLhv+XAHkdhX0ouwwtyeElT6gAAAIAEcOOSQClq9CIcYEjwtfDBANaJ7o2WfYJMqto+ibjnl+1YFtGw9ofD5gi5gtEIGtSb6mO88ooX9sfmkaAY+1L/gTdb3Fxc3zuL2PymBt1ruNTgVzEjV35h94lgC3+F4mPz0jQpnpsbxhm/uDn/i1BeRBlzMhyWOAHfLknna9WCmg=='
) # noqa
# 172.17.0.201
k3 = keystore.parse_public_key(
'ssh-dss AAAAB3NzaC1kc3MAAACBAPaQAeia7kiuORu9425IyZRKlRPkom9mjEVERjN3Lw5R93rBZSwbl8wiT1PEeBN2047SZD7ucHaAUqAU39l//JVA0Q/RHXczad1niqC7Y7YKSpu3XfI7vpgMd91XIlxNhnhvNLtWfmwuWuX1FFiByKUY7fsHVeKTYwnvRPiv89IBAAAAFQCryy7v2z5Olv1Z0bSoQLDemiSzywAAAIEA3pmx1n0YRuw3hY4RfXbQCUxtu19bldG4XlNnmeIE8cb4tdGHBgLnLrMpSLsA4aMOWAzzDvB/Gk9AlgyNuYp2NaCFStE5yYiK9c+wTNpChCsDx/BqWMtPYTKQDZmhmSp94noIQd429OIJhQt1qL/7vHD1Tac/2V33TsADYW4aS+4AAACBANC4tVdIkB5vyLm2BrjK+P7uS8SaUSfKaAd83XahVz2q8cIeiFHrXvfLRFeks99vgxSPq6mqxC5zpcDGFWBm1UJY4PxyG+t6AhgYEPefD+ofXAvTHLPIRJbNv2BDP6vHOKRfAYtWGbQf6sXw4VwS9mAR6JHlGoHMLnRewMcq49jE'
) # noqa
# test04.god
k4 = keystore.parse_public_key(
'ssh-dss AAAAB3NzaC1kc3MAAACBAK3p8k1i9I/m0no3LAS4etFGsommDJcBQfsuP/nn42O0VyDXltcfjLvWxABZow6iKJHiHZ8FN/FxOX+jZUlIplrs6oRYbKeWegq3NcvelEderWhIyOKrDZHgO9HprwamSMWFxDG5kUSJ/em/G5N+rGv8K7dJfCus42ynh0+a/Q1dAAAAFQD1/X/izKQrZs//Q5HgVVOfEqK6+wAAAIBQw1TWAHQHiihsCbbMbGuzm/7Rq9YTvGNyzmBgAP/fbmv/Vi3lZwmTilKSkebEFvrWeAT1hI9KufzjeRhkUCZGzCmCt7A614/brJRIznOAvWaTRsy/wzw7kdARljdQRTcnSXnpc81jEzMyt2SzcifZOvyNfIhAtFXX6yXeFg1dpgAAAIBoJZa1MTGEWJ43BcFftRGbnf/EK5+SDlYgrSiJZeGAUURvrdJPPtCSRtQU7ldiGfKiPcD/6U0XcC9o09/sDSfFOEtTFnawe74pqcQVT3x2hQ5Zs1W82M2arNXaoYBo21RAE4oy1u010a4hjxPoSrAVyQXVwL2Sv8B5vDu99sIu1w=='
) # noqa
# Make a key that doesn't exist in the known hosts file.
unknown_key = keystore.parse_public_key(
'ssh-dss AAAAB3NzaC1kc3MAAACBAJSc17NO4rxvhUfwjMzJMG9On9umzzlbwlN0wBv5riYetE1flTyySOUPa8YvpNYmMs5GSz0CzO/FI/EM/rgYvpvA+KKpV/9oL+XoT/O36t6Q8MZIGXwj75lxP8X9NSZxO0b5E7CRDyW5rsl6xfa3YaQrWqZRKhOeGASWRYtUZcpVAAAAFQCazkzFpIwqEpAbn0jZlkUHKbpwuQAAAIA4AGcL/OMIDtxC7T1smSPVk0VEr5i+IfL4xPLRSQCw6/Jr4OLzBH/TiTAjyp7NZszIu586J85t1nO3kOx/fKI8Ik2jDvJOmdUtDvMZnbZK1rvFiw3dCxEERGVW1LjyAnxtebl/pOJ6CpO4Pfh87mx+iH9m90oZSCDz602DXUz50wAAAIA0mmctzgavC8ApEsbKI69MhaYhkyxvEaucTarkGPAPvXPurfVJ8ZwtK3dYckLgn3a5WPHWqIZVfmtSbnkwld+t3BIl8IX6bKa2WaffUeU6k50ssUV6IvW+IHd0JJ/mwE6f9caNS7x0pC0+DQujp553IP5cr9NskQTK4j/Iwwlkrw=='
) # noqa
# 172.16.1.11
k5 = keystore.parse_public_key(
'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvUNY7kd1sDujt9HhdT6VWtf8yVRAw2Ib+M6ptWTuWWnPGR6TP/ZwumSs/rAguyxWrNRbw7Eainr/BTEFATpJRYKUDPZKGHLT3ixtOy7scUVRyaJD7F3L7BujkhHLWOyFJGtoZmJEdQmddGDwq+16gLD06GA8/N8kkQFRR6vwlRs='
) # noqa
# Do the tests.
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('10.1.1.108', ''), k1), 1)
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('1.2.3.4', ''), k1), 0)
self.assertEqual(
x.check_for_host(
IPv4_Remote_Host_ID('0.0.0.0', 'lists.ironport.com'), k2),
1)
self.assertEqual(
x.check_for_host(
IPv4_Remote_Host_ID('lists.ironport.com', '10.1.1.109'),
k2), 1)
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('10.1.1.109', ''), k2), 1)
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0', 'outlaw.qa'),
k3), 0)
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0', 'foo.qa'), k3),
1)
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('172.17.0.201', ''), k3),
1)
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0', 'foo.com'),
k4), 1)
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0', 'test04.god'),
k4), 1)
self.assertRaises(Host_Key_Changed_Error, x.check_for_host,
IPv4_Remote_Host_ID('10.1.1.108', ''), k2)
self.assertEqual(
x.check_for_host(
IPv4_Remote_Host_ID('lists.ironport.com', '10.1.1.108'),
k1), 1)
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0', 'unknown.dom'),
k1), 0)
self.assertRaises(Host_Key_Changed_Error, x.check_for_host,
IPv4_Remote_Host_ID('10.1.1.108', ''),
unknown_key)
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('172.16.1.11', ''),
unknown_key), 0)
self.assertEqual(
x.check_for_host(IPv4_Remote_Host_ID('172.16.1.11', ''), k5),
1)
finally:
os.unlink(tmp_filename)
