mirror of
https://github.com/thegeeklab/ansible-later.git
synced 2024-11-14 17:20:39 +00:00
731 lines
30 KiB
Python
731 lines
30 KiB
Python
|
# Copyright (C) 2003-2007 Robey Pointer <robeypointer@gmail.com>
|
||
|
#
|
||
|
# This file is part of paramiko.
|
||
|
#
|
||
|
# Paramiko is free software; you can redistribute it and/or modify it under the
|
||
|
# terms of the GNU Lesser General Public License as published by the Free
|
||
|
# Software Foundation; either version 2.1 of the License, or (at your option)
|
||
|
# any later version.
|
||
|
#
|
||
|
# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY
|
||
|
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
|
||
|
# A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
|
||
|
# details.
|
||
|
#
|
||
|
# You should have received a copy of the GNU Lesser General Public License
|
||
|
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
|
||
|
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
|
||
|
|
||
|
"""
|
||
|
`.ServerInterface` is an interface to override for server support.
|
||
|
"""
|
||
|
|
||
|
import threading
|
||
|
from paramiko import util
|
||
|
from paramiko.common import (
|
||
|
DEBUG,
|
||
|
ERROR,
|
||
|
OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED,
|
||
|
AUTH_FAILED,
|
||
|
AUTH_SUCCESSFUL,
|
||
|
)
|
||
|
from paramiko.py3compat import string_types
|
||
|
|
||
|
|
||
|
class ServerInterface(object):
|
||
|
"""
|
||
|
This class defines an interface for controlling the behavior of Paramiko
|
||
|
in server mode.
|
||
|
|
||
|
Methods on this class are called from Paramiko's primary thread, so you
|
||
|
shouldn't do too much work in them. (Certainly nothing that blocks or
|
||
|
sleeps.)
|
||
|
"""
|
||
|
|
||
|
def check_channel_request(self, kind, chanid):
|
||
|
"""
|
||
|
Determine if a channel request of a given type will be granted, and
|
||
|
return ``OPEN_SUCCEEDED`` or an error code. This method is
|
||
|
called in server mode when the client requests a channel, after
|
||
|
authentication is complete.
|
||
|
|
||
|
If you allow channel requests (and an ssh server that didn't would be
|
||
|
useless), you should also override some of the channel request methods
|
||
|
below, which are used to determine which services will be allowed on
|
||
|
a given channel:
|
||
|
|
||
|
- `check_channel_pty_request`
|
||
|
- `check_channel_shell_request`
|
||
|
- `check_channel_subsystem_request`
|
||
|
- `check_channel_window_change_request`
|
||
|
- `check_channel_x11_request`
|
||
|
- `check_channel_forward_agent_request`
|
||
|
|
||
|
The ``chanid`` parameter is a small number that uniquely identifies the
|
||
|
channel within a `.Transport`. A `.Channel` object is not created
|
||
|
unless this method returns ``OPEN_SUCCEEDED`` -- once a
|
||
|
`.Channel` object is created, you can call `.Channel.get_id` to
|
||
|
retrieve the channel ID.
|
||
|
|
||
|
The return value should either be ``OPEN_SUCCEEDED`` (or
|
||
|
``0``) to allow the channel request, or one of the following error
|
||
|
codes to reject it:
|
||
|
|
||
|
- ``OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED``
|
||
|
- ``OPEN_FAILED_CONNECT_FAILED``
|
||
|
- ``OPEN_FAILED_UNKNOWN_CHANNEL_TYPE``
|
||
|
- ``OPEN_FAILED_RESOURCE_SHORTAGE``
|
||
|
|
||
|
The default implementation always returns
|
||
|
``OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED``.
|
||
|
|
||
|
:param str kind:
|
||
|
the kind of channel the client would like to open (usually
|
||
|
``"session"``).
|
||
|
:param int chanid: ID of the channel
|
||
|
:return: an `int` success or failure code (listed above)
|
||
|
"""
|
||
|
return OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED
|
||
|
|
||
|
def get_allowed_auths(self, username):
|
||
|
"""
|
||
|
Return a list of authentication methods supported by the server.
|
||
|
This list is sent to clients attempting to authenticate, to inform them
|
||
|
of authentication methods that might be successful.
|
||
|
|
||
|
The "list" is actually a string of comma-separated names of types of
|
||
|
authentication. Possible values are ``"password"``, ``"publickey"``,
|
||
|
and ``"none"``.
|
||
|
|
||
|
The default implementation always returns ``"password"``.
|
||
|
|
||
|
:param str username: the username requesting authentication.
|
||
|
:return: a comma-separated `str` of authentication types
|
||
|
"""
|
||
|
return "password"
|
||
|
|
||
|
def check_auth_none(self, username):
|
||
|
"""
|
||
|
Determine if a client may open channels with no (further)
|
||
|
authentication.
|
||
|
|
||
|
Return ``AUTH_FAILED`` if the client must authenticate, or
|
||
|
``AUTH_SUCCESSFUL`` if it's okay for the client to not
|
||
|
authenticate.
|
||
|
|
||
|
The default implementation always returns ``AUTH_FAILED``.
|
||
|
|
||
|
:param str username: the username of the client.
|
||
|
:return:
|
||
|
``AUTH_FAILED`` if the authentication fails; ``AUTH_SUCCESSFUL`` if
|
||
|
it succeeds.
|
||
|
:rtype: int
|
||
|
"""
|
||
|
return AUTH_FAILED
|
||
|
|
||
|
def check_auth_password(self, username, password):
|
||
|
"""
|
||
|
Determine if a given username and password supplied by the client is
|
||
|
acceptable for use in authentication.
|
||
|
|
||
|
Return ``AUTH_FAILED`` if the password is not accepted,
|
||
|
``AUTH_SUCCESSFUL`` if the password is accepted and completes
|
||
|
the authentication, or ``AUTH_PARTIALLY_SUCCESSFUL`` if your
|
||
|
authentication is stateful, and this key is accepted for
|
||
|
authentication, but more authentication is required. (In this latter
|
||
|
case, `get_allowed_auths` will be called to report to the client what
|
||
|
options it has for continuing the authentication.)
|
||
|
|
||
|
The default implementation always returns ``AUTH_FAILED``.
|
||
|
|
||
|
:param str username: the username of the authenticating client.
|
||
|
:param str password: the password given by the client.
|
||
|
:return:
|
||
|
``AUTH_FAILED`` if the authentication fails; ``AUTH_SUCCESSFUL`` if
|
||
|
it succeeds; ``AUTH_PARTIALLY_SUCCESSFUL`` if the password auth is
|
||
|
successful, but authentication must continue.
|
||
|
:rtype: int
|
||
|
"""
|
||
|
return AUTH_FAILED
|
||
|
|
||
|
def check_auth_publickey(self, username, key):
|
||
|
"""
|
||
|
Determine if a given key supplied by the client is acceptable for use
|
||
|
in authentication. You should override this method in server mode to
|
||
|
check the username and key and decide if you would accept a signature
|
||
|
made using this key.
|
||
|
|
||
|
Return ``AUTH_FAILED`` if the key is not accepted,
|
||
|
``AUTH_SUCCESSFUL`` if the key is accepted and completes the
|
||
|
authentication, or ``AUTH_PARTIALLY_SUCCESSFUL`` if your
|
||
|
authentication is stateful, and this password is accepted for
|
||
|
authentication, but more authentication is required. (In this latter
|
||
|
case, `get_allowed_auths` will be called to report to the client what
|
||
|
options it has for continuing the authentication.)
|
||
|
|
||
|
Note that you don't have to actually verify any key signtature here.
|
||
|
If you're willing to accept the key, Paramiko will do the work of
|
||
|
verifying the client's signature.
|
||
|
|
||
|
The default implementation always returns ``AUTH_FAILED``.
|
||
|
|
||
|
:param str username: the username of the authenticating client
|
||
|
:param .PKey key: the key object provided by the client
|
||
|
:return:
|
||
|
``AUTH_FAILED`` if the client can't authenticate with this key;
|
||
|
``AUTH_SUCCESSFUL`` if it can; ``AUTH_PARTIALLY_SUCCESSFUL`` if it
|
||
|
can authenticate with this key but must continue with
|
||
|
authentication
|
||
|
:rtype: int
|
||
|
"""
|
||
|
return AUTH_FAILED
|
||
|
|
||
|
def check_auth_interactive(self, username, submethods):
|
||
|
"""
|
||
|
Begin an interactive authentication challenge, if supported. You
|
||
|
should override this method in server mode if you want to support the
|
||
|
``"keyboard-interactive"`` auth type, which requires you to send a
|
||
|
series of questions for the client to answer.
|
||
|
|
||
|
Return ``AUTH_FAILED`` if this auth method isn't supported. Otherwise,
|
||
|
you should return an `.InteractiveQuery` object containing the prompts
|
||
|
and instructions for the user. The response will be sent via a call
|
||
|
to `check_auth_interactive_response`.
|
||
|
|
||
|
The default implementation always returns ``AUTH_FAILED``.
|
||
|
|
||
|
:param str username: the username of the authenticating client
|
||
|
:param str submethods:
|
||
|
a comma-separated list of methods preferred by the client (usually
|
||
|
empty)
|
||
|
:return:
|
||
|
``AUTH_FAILED`` if this auth method isn't supported; otherwise an
|
||
|
object containing queries for the user
|
||
|
:rtype: int or `.InteractiveQuery`
|
||
|
"""
|
||
|
return AUTH_FAILED
|
||
|
|
||
|
def check_auth_interactive_response(self, responses):
|
||
|
"""
|
||
|
Continue or finish an interactive authentication challenge, if
|
||
|
supported. You should override this method in server mode if you want
|
||
|
to support the ``"keyboard-interactive"`` auth type.
|
||
|
|
||
|
Return ``AUTH_FAILED`` if the responses are not accepted,
|
||
|
``AUTH_SUCCESSFUL`` if the responses are accepted and complete
|
||
|
the authentication, or ``AUTH_PARTIALLY_SUCCESSFUL`` if your
|
||
|
authentication is stateful, and this set of responses is accepted for
|
||
|
authentication, but more authentication is required. (In this latter
|
||
|
case, `get_allowed_auths` will be called to report to the client what
|
||
|
options it has for continuing the authentication.)
|
||
|
|
||
|
If you wish to continue interactive authentication with more questions,
|
||
|
you may return an `.InteractiveQuery` object, which should cause the
|
||
|
client to respond with more answers, calling this method again. This
|
||
|
cycle can continue indefinitely.
|
||
|
|
||
|
The default implementation always returns ``AUTH_FAILED``.
|
||
|
|
||
|
:param responses: list of `str` responses from the client
|
||
|
:return:
|
||
|
``AUTH_FAILED`` if the authentication fails; ``AUTH_SUCCESSFUL`` if
|
||
|
it succeeds; ``AUTH_PARTIALLY_SUCCESSFUL`` if the interactive auth
|
||
|
is successful, but authentication must continue; otherwise an
|
||
|
object containing queries for the user
|
||
|
:rtype: int or `.InteractiveQuery`
|
||
|
"""
|
||
|
return AUTH_FAILED
|
||
|
|
||
|
def check_auth_gssapi_with_mic(
|
||
|
self, username, gss_authenticated=AUTH_FAILED, cc_file=None
|
||
|
):
|
||
|
"""
|
||
|
Authenticate the given user to the server if he is a valid krb5
|
||
|
principal.
|
||
|
|
||
|
:param str username: The username of the authenticating client
|
||
|
:param int gss_authenticated: The result of the krb5 authentication
|
||
|
:param str cc_filename: The krb5 client credentials cache filename
|
||
|
:return: ``AUTH_FAILED`` if the user is not authenticated otherwise
|
||
|
``AUTH_SUCCESSFUL``
|
||
|
:rtype: int
|
||
|
:note: Kerberos credential delegation is not supported.
|
||
|
:see: `.ssh_gss`
|
||
|
:note: : We are just checking in L{AuthHandler} that the given user is
|
||
|
a valid krb5 principal!
|
||
|
We don't check if the krb5 principal is allowed to log in on
|
||
|
the server, because there is no way to do that in python. So
|
||
|
if you develop your own SSH server with paramiko for a cetain
|
||
|
plattform like Linux, you should call C{krb5_kuserok()} in
|
||
|
your local kerberos library to make sure that the
|
||
|
krb5_principal has an account on the server and is allowed to
|
||
|
log in as a user.
|
||
|
:see: http://www.unix.com/man-page/all/3/krb5_kuserok/
|
||
|
"""
|
||
|
if gss_authenticated == AUTH_SUCCESSFUL:
|
||
|
return AUTH_SUCCESSFUL
|
||
|
return AUTH_FAILED
|
||
|
|
||
|
def check_auth_gssapi_keyex(
|
||
|
self, username, gss_authenticated=AUTH_FAILED, cc_file=None
|
||
|
):
|
||
|
"""
|
||
|
Authenticate the given user to the server if he is a valid krb5
|
||
|
principal and GSS-API Key Exchange was performed.
|
||
|
If GSS-API Key Exchange was not performed, this authentication method
|
||
|
won't be available.
|
||
|
|
||
|
:param str username: The username of the authenticating client
|
||
|
:param int gss_authenticated: The result of the krb5 authentication
|
||
|
:param str cc_filename: The krb5 client credentials cache filename
|
||
|
:return: ``AUTH_FAILED`` if the user is not authenticated otherwise
|
||
|
``AUTH_SUCCESSFUL``
|
||
|
:rtype: int
|
||
|
:note: Kerberos credential delegation is not supported.
|
||
|
:see: `.ssh_gss` `.kex_gss`
|
||
|
:note: : We are just checking in L{AuthHandler} that the given user is
|
||
|
a valid krb5 principal!
|
||
|
We don't check if the krb5 principal is allowed to log in on
|
||
|
the server, because there is no way to do that in python. So
|
||
|
if you develop your own SSH server with paramiko for a cetain
|
||
|
plattform like Linux, you should call C{krb5_kuserok()} in
|
||
|
your local kerberos library to make sure that the
|
||
|
krb5_principal has an account on the server and is allowed
|
||
|
to log in as a user.
|
||
|
:see: http://www.unix.com/man-page/all/3/krb5_kuserok/
|
||
|
"""
|
||
|
if gss_authenticated == AUTH_SUCCESSFUL:
|
||
|
return AUTH_SUCCESSFUL
|
||
|
return AUTH_FAILED
|
||
|
|
||
|
def enable_auth_gssapi(self):
|
||
|
"""
|
||
|
Overwrite this function in your SSH server to enable GSSAPI
|
||
|
authentication.
|
||
|
The default implementation always returns false.
|
||
|
|
||
|
:returns bool: Whether GSSAPI authentication is enabled.
|
||
|
:see: `.ssh_gss`
|
||
|
"""
|
||
|
UseGSSAPI = False
|
||
|
return UseGSSAPI
|
||
|
|
||
|
def check_port_forward_request(self, address, port):
|
||
|
"""
|
||
|
Handle a request for port forwarding. The client is asking that
|
||
|
connections to the given address and port be forwarded back across
|
||
|
this ssh connection. An address of ``"0.0.0.0"`` indicates a global
|
||
|
address (any address associated with this server) and a port of ``0``
|
||
|
indicates that no specific port is requested (usually the OS will pick
|
||
|
a port).
|
||
|
|
||
|
The default implementation always returns ``False``, rejecting the
|
||
|
port forwarding request. If the request is accepted, you should return
|
||
|
the port opened for listening.
|
||
|
|
||
|
:param str address: the requested address
|
||
|
:param int port: the requested port
|
||
|
:return:
|
||
|
the port number (`int`) that was opened for listening, or ``False``
|
||
|
to reject
|
||
|
"""
|
||
|
return False
|
||
|
|
||
|
def cancel_port_forward_request(self, address, port):
|
||
|
"""
|
||
|
The client would like to cancel a previous port-forwarding request.
|
||
|
If the given address and port is being forwarded across this ssh
|
||
|
connection, the port should be closed.
|
||
|
|
||
|
:param str address: the forwarded address
|
||
|
:param int port: the forwarded port
|
||
|
"""
|
||
|
pass
|
||
|
|
||
|
def check_global_request(self, kind, msg):
|
||
|
"""
|
||
|
Handle a global request of the given ``kind``. This method is called
|
||
|
in server mode and client mode, whenever the remote host makes a global
|
||
|
request. If there are any arguments to the request, they will be in
|
||
|
``msg``.
|
||
|
|
||
|
There aren't any useful global requests defined, aside from port
|
||
|
forwarding, so usually this type of request is an extension to the
|
||
|
protocol.
|
||
|
|
||
|
If the request was successful and you would like to return contextual
|
||
|
data to the remote host, return a tuple. Items in the tuple will be
|
||
|
sent back with the successful result. (Note that the items in the
|
||
|
tuple can only be strings, ints, longs, or bools.)
|
||
|
|
||
|
The default implementation always returns ``False``, indicating that it
|
||
|
does not support any global requests.
|
||
|
|
||
|
.. note:: Port forwarding requests are handled separately, in
|
||
|
`check_port_forward_request`.
|
||
|
|
||
|
:param str kind: the kind of global request being made.
|
||
|
:param .Message msg: any extra arguments to the request.
|
||
|
:return:
|
||
|
``True`` or a `tuple` of data if the request was granted; ``False``
|
||
|
otherwise.
|
||
|
"""
|
||
|
return False
|
||
|
|
||
|
# ...Channel requests...
|
||
|
|
||
|
def check_channel_pty_request(
|
||
|
self, channel, term, width, height, pixelwidth, pixelheight, modes
|
||
|
):
|
||
|
"""
|
||
|
Determine if a pseudo-terminal of the given dimensions (usually
|
||
|
requested for shell access) can be provided on the given channel.
|
||
|
|
||
|
The default implementation always returns ``False``.
|
||
|
|
||
|
:param .Channel channel: the `.Channel` the pty request arrived on.
|
||
|
:param str term: type of terminal requested (for example, ``"vt100"``).
|
||
|
:param int width: width of screen in characters.
|
||
|
:param int height: height of screen in characters.
|
||
|
:param int pixelwidth:
|
||
|
width of screen in pixels, if known (may be ``0`` if unknown).
|
||
|
:param int pixelheight:
|
||
|
height of screen in pixels, if known (may be ``0`` if unknown).
|
||
|
:return:
|
||
|
``True`` if the pseudo-terminal has been allocated; ``False``
|
||
|
otherwise.
|
||
|
"""
|
||
|
return False
|
||
|
|
||
|
def check_channel_shell_request(self, channel):
|
||
|
"""
|
||
|
Determine if a shell will be provided to the client on the given
|
||
|
channel. If this method returns ``True``, the channel should be
|
||
|
connected to the stdin/stdout of a shell (or something that acts like
|
||
|
a shell).
|
||
|
|
||
|
The default implementation always returns ``False``.
|
||
|
|
||
|
:param .Channel channel: the `.Channel` the request arrived on.
|
||
|
:return:
|
||
|
``True`` if this channel is now hooked up to a shell; ``False`` if
|
||
|
a shell can't or won't be provided.
|
||
|
"""
|
||
|
return False
|
||
|
|
||
|
def check_channel_exec_request(self, channel, command):
|
||
|
"""
|
||
|
Determine if a shell command will be executed for the client. If this
|
||
|
method returns ``True``, the channel should be connected to the stdin,
|
||
|
stdout, and stderr of the shell command.
|
||
|
|
||
|
The default implementation always returns ``False``.
|
||
|
|
||
|
:param .Channel channel: the `.Channel` the request arrived on.
|
||
|
:param str command: the command to execute.
|
||
|
:return:
|
||
|
``True`` if this channel is now hooked up to the stdin, stdout, and
|
||
|
stderr of the executing command; ``False`` if the command will not
|
||
|
be executed.
|
||
|
|
||
|
.. versionadded:: 1.1
|
||
|
"""
|
||
|
return False
|
||
|
|
||
|
def check_channel_subsystem_request(self, channel, name):
|
||
|
"""
|
||
|
Determine if a requested subsystem will be provided to the client on
|
||
|
the given channel. If this method returns ``True``, all future I/O
|
||
|
through this channel will be assumed to be connected to the requested
|
||
|
subsystem. An example of a subsystem is ``sftp``.
|
||
|
|
||
|
The default implementation checks for a subsystem handler assigned via
|
||
|
`.Transport.set_subsystem_handler`.
|
||
|
If one has been set, the handler is invoked and this method returns
|
||
|
``True``. Otherwise it returns ``False``.
|
||
|
|
||
|
.. note:: Because the default implementation uses the `.Transport` to
|
||
|
identify valid subsystems, you probably won't need to override this
|
||
|
method.
|
||
|
|
||
|
:param .Channel channel: the `.Channel` the pty request arrived on.
|
||
|
:param str name: name of the requested subsystem.
|
||
|
:return:
|
||
|
``True`` if this channel is now hooked up to the requested
|
||
|
subsystem; ``False`` if that subsystem can't or won't be provided.
|
||
|
"""
|
||
|
transport = channel.get_transport()
|
||
|
handler_class, larg, kwarg = transport._get_subsystem_handler(name)
|
||
|
if handler_class is None:
|
||
|
return False
|
||
|
handler = handler_class(channel, name, self, *larg, **kwarg)
|
||
|
handler.start()
|
||
|
return True
|
||
|
|
||
|
def check_channel_window_change_request(
|
||
|
self, channel, width, height, pixelwidth, pixelheight
|
||
|
):
|
||
|
"""
|
||
|
Determine if the pseudo-terminal on the given channel can be resized.
|
||
|
This only makes sense if a pty was previously allocated on it.
|
||
|
|
||
|
The default implementation always returns ``False``.
|
||
|
|
||
|
:param .Channel channel: the `.Channel` the pty request arrived on.
|
||
|
:param int width: width of screen in characters.
|
||
|
:param int height: height of screen in characters.
|
||
|
:param int pixelwidth:
|
||
|
width of screen in pixels, if known (may be ``0`` if unknown).
|
||
|
:param int pixelheight:
|
||
|
height of screen in pixels, if known (may be ``0`` if unknown).
|
||
|
:return: ``True`` if the terminal was resized; ``False`` if not.
|
||
|
"""
|
||
|
return False
|
||
|
|
||
|
def check_channel_x11_request(
|
||
|
self,
|
||
|
channel,
|
||
|
single_connection,
|
||
|
auth_protocol,
|
||
|
auth_cookie,
|
||
|
screen_number,
|
||
|
):
|
||
|
"""
|
||
|
Determine if the client will be provided with an X11 session. If this
|
||
|
method returns ``True``, X11 applications should be routed through new
|
||
|
SSH channels, using `.Transport.open_x11_channel`.
|
||
|
|
||
|
The default implementation always returns ``False``.
|
||
|
|
||
|
:param .Channel channel: the `.Channel` the X11 request arrived on
|
||
|
:param bool single_connection:
|
||
|
``True`` if only a single X11 channel should be opened, else
|
||
|
``False``.
|
||
|
:param str auth_protocol: the protocol used for X11 authentication
|
||
|
:param str auth_cookie: the cookie used to authenticate to X11
|
||
|
:param int screen_number: the number of the X11 screen to connect to
|
||
|
:return: ``True`` if the X11 session was opened; ``False`` if not
|
||
|
"""
|
||
|
return False
|
||
|
|
||
|
def check_channel_forward_agent_request(self, channel):
|
||
|
"""
|
||
|
Determine if the client will be provided with an forward agent session.
|
||
|
If this method returns ``True``, the server will allow SSH Agent
|
||
|
forwarding.
|
||
|
|
||
|
The default implementation always returns ``False``.
|
||
|
|
||
|
:param .Channel channel: the `.Channel` the request arrived on
|
||
|
:return: ``True`` if the AgentForward was loaded; ``False`` if not
|
||
|
"""
|
||
|
return False
|
||
|
|
||
|
def check_channel_direct_tcpip_request(self, chanid, origin, destination):
|
||
|
"""
|
||
|
Determine if a local port forwarding channel will be granted, and
|
||
|
return ``OPEN_SUCCEEDED`` or an error code. This method is
|
||
|
called in server mode when the client requests a channel, after
|
||
|
authentication is complete.
|
||
|
|
||
|
The ``chanid`` parameter is a small number that uniquely identifies the
|
||
|
channel within a `.Transport`. A `.Channel` object is not created
|
||
|
unless this method returns ``OPEN_SUCCEEDED`` -- once a
|
||
|
`.Channel` object is created, you can call `.Channel.get_id` to
|
||
|
retrieve the channel ID.
|
||
|
|
||
|
The origin and destination parameters are (ip_address, port) tuples
|
||
|
that correspond to both ends of the TCP connection in the forwarding
|
||
|
tunnel.
|
||
|
|
||
|
The return value should either be ``OPEN_SUCCEEDED`` (or
|
||
|
``0``) to allow the channel request, or one of the following error
|
||
|
codes to reject it:
|
||
|
|
||
|
- ``OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED``
|
||
|
- ``OPEN_FAILED_CONNECT_FAILED``
|
||
|
- ``OPEN_FAILED_UNKNOWN_CHANNEL_TYPE``
|
||
|
- ``OPEN_FAILED_RESOURCE_SHORTAGE``
|
||
|
|
||
|
The default implementation always returns
|
||
|
``OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED``.
|
||
|
|
||
|
:param int chanid: ID of the channel
|
||
|
:param tuple origin:
|
||
|
2-tuple containing the IP address and port of the originator
|
||
|
(client side)
|
||
|
:param tuple destination:
|
||
|
2-tuple containing the IP address and port of the destination
|
||
|
(server side)
|
||
|
:return: an `int` success or failure code (listed above)
|
||
|
"""
|
||
|
return OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED
|
||
|
|
||
|
def check_channel_env_request(self, channel, name, value):
|
||
|
"""
|
||
|
Check whether a given environment variable can be specified for the
|
||
|
given channel. This method should return ``True`` if the server
|
||
|
is willing to set the specified environment variable. Note that
|
||
|
some environment variables (e.g., PATH) can be exceedingly
|
||
|
dangerous, so blindly allowing the client to set the environment
|
||
|
is almost certainly not a good idea.
|
||
|
|
||
|
The default implementation always returns ``False``.
|
||
|
|
||
|
:param channel: the `.Channel` the env request arrived on
|
||
|
:param str name: name
|
||
|
:param str value: Channel value
|
||
|
:returns: A boolean
|
||
|
"""
|
||
|
return False
|
||
|
|
||
|
def get_banner(self):
|
||
|
"""
|
||
|
A pre-login banner to display to the user. The message may span
|
||
|
multiple lines separated by crlf pairs. The language should be in
|
||
|
rfc3066 style, for example: en-US
|
||
|
|
||
|
The default implementation always returns ``(None, None)``.
|
||
|
|
||
|
:returns: A tuple containing the banner and language code.
|
||
|
|
||
|
.. versionadded:: 2.3
|
||
|
"""
|
||
|
return (None, None)
|
||
|
|
||
|
|
||
|
class InteractiveQuery(object):
|
||
|
"""
|
||
|
A query (set of prompts) for a user during interactive authentication.
|
||
|
"""
|
||
|
|
||
|
def __init__(self, name="", instructions="", *prompts):
|
||
|
"""
|
||
|
Create a new interactive query to send to the client. The name and
|
||
|
instructions are optional, but are generally displayed to the end
|
||
|
user. A list of prompts may be included, or they may be added via
|
||
|
the `add_prompt` method.
|
||
|
|
||
|
:param str name: name of this query
|
||
|
:param str instructions:
|
||
|
user instructions (usually short) about this query
|
||
|
:param str prompts: one or more authentication prompts
|
||
|
"""
|
||
|
self.name = name
|
||
|
self.instructions = instructions
|
||
|
self.prompts = []
|
||
|
for x in prompts:
|
||
|
if isinstance(x, string_types):
|
||
|
self.add_prompt(x)
|
||
|
else:
|
||
|
self.add_prompt(x[0], x[1])
|
||
|
|
||
|
def add_prompt(self, prompt, echo=True):
|
||
|
"""
|
||
|
Add a prompt to this query. The prompt should be a (reasonably short)
|
||
|
string. Multiple prompts can be added to the same query.
|
||
|
|
||
|
:param str prompt: the user prompt
|
||
|
:param bool echo:
|
||
|
``True`` (default) if the user's response should be echoed;
|
||
|
``False`` if not (for a password or similar)
|
||
|
"""
|
||
|
self.prompts.append((prompt, echo))
|
||
|
|
||
|
|
||
|
class SubsystemHandler(threading.Thread):
|
||
|
"""
|
||
|
Handler for a subsytem in server mode. If you create a subclass of this
|
||
|
class and pass it to `.Transport.set_subsystem_handler`, an object of this
|
||
|
class will be created for each request for this subsystem. Each new object
|
||
|
will be executed within its own new thread by calling `start_subsystem`.
|
||
|
When that method completes, the channel is closed.
|
||
|
|
||
|
For example, if you made a subclass ``MP3Handler`` and registered it as the
|
||
|
handler for subsystem ``"mp3"``, then whenever a client has successfully
|
||
|
authenticated and requests subsytem ``"mp3"``, an object of class
|
||
|
``MP3Handler`` will be created, and `start_subsystem` will be called on
|
||
|
it from a new thread.
|
||
|
"""
|
||
|
|
||
|
def __init__(self, channel, name, server):
|
||
|
"""
|
||
|
Create a new handler for a channel. This is used by `.ServerInterface`
|
||
|
to start up a new handler when a channel requests this subsystem. You
|
||
|
don't need to override this method, but if you do, be sure to pass the
|
||
|
``channel`` and ``name`` parameters through to the original
|
||
|
``__init__`` method here.
|
||
|
|
||
|
:param .Channel channel: the channel associated with this
|
||
|
subsystem request.
|
||
|
:param str name: name of the requested subsystem.
|
||
|
:param .ServerInterface server:
|
||
|
the server object for the session that started this subsystem
|
||
|
"""
|
||
|
threading.Thread.__init__(self, target=self._run)
|
||
|
self.__channel = channel
|
||
|
self.__transport = channel.get_transport()
|
||
|
self.__name = name
|
||
|
self.__server = server
|
||
|
|
||
|
def get_server(self):
|
||
|
"""
|
||
|
Return the `.ServerInterface` object associated with this channel and
|
||
|
subsystem.
|
||
|
"""
|
||
|
return self.__server
|
||
|
|
||
|
def _run(self):
|
||
|
try:
|
||
|
self.__transport._log(
|
||
|
DEBUG, "Starting handler for subsystem {}".format(self.__name)
|
||
|
)
|
||
|
self.start_subsystem(self.__name, self.__transport, self.__channel)
|
||
|
except Exception as e:
|
||
|
self.__transport._log(
|
||
|
ERROR,
|
||
|
'Exception in subsystem handler for "{}": {}'.format(
|
||
|
self.__name, e
|
||
|
),
|
||
|
)
|
||
|
self.__transport._log(ERROR, util.tb_strings())
|
||
|
try:
|
||
|
self.finish_subsystem()
|
||
|
except:
|
||
|
pass
|
||
|
|
||
|
def start_subsystem(self, name, transport, channel):
|
||
|
"""
|
||
|
Process an ssh subsystem in server mode. This method is called on a
|
||
|
new object (and in a new thread) for each subsystem request. It is
|
||
|
assumed that all subsystem logic will take place here, and when the
|
||
|
subsystem is finished, this method will return. After this method
|
||
|
returns, the channel is closed.
|
||
|
|
||
|
The combination of ``transport`` and ``channel`` are unique; this
|
||
|
handler corresponds to exactly one `.Channel` on one `.Transport`.
|
||
|
|
||
|
.. note::
|
||
|
It is the responsibility of this method to exit if the underlying
|
||
|
`.Transport` is closed. This can be done by checking
|
||
|
`.Transport.is_active` or noticing an EOF on the `.Channel`. If
|
||
|
this method loops forever without checking for this case, your
|
||
|
Python interpreter may refuse to exit because this thread will
|
||
|
still be running.
|
||
|
|
||
|
:param str name: name of the requested subsystem.
|
||
|
:param .Transport transport: the server-mode `.Transport`.
|
||
|
:param .Channel channel: the channel associated with this subsystem
|
||
|
request.
|
||
|
"""
|
||
|
pass
|
||
|
|
||
|
def finish_subsystem(self):
|
||
|
"""
|
||
|
Perform any cleanup at the end of a subsystem. The default
|
||
|
implementation just closes the channel.
|
||
|
|
||
|
.. versionadded:: 1.1
|
||
|
"""
|
||
|
self.__channel.close()
|