The branch, x2go has been updated via 578f2988212d939a43e2f434892e4c9d44b1ad40 (commit) from bc71e90bcb8cd8d270e43bb108f67c7cef485328 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 578f2988212d939a43e2f434892e4c9d44b1ad40 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Sep 27 23:47:21 2013 +0200 clean-up last commit ----------------------------------------------------------------------- Summary of changes: Makefile | 15 ------ debian/patches/007_reintroduce-version-info.patch | 10 +--- paramiko/__init__.py | 2 + paramiko/client.py | 56 +++++++++++++-------- paramiko/hostkeys.py | 7 ++- 5 files changed, 42 insertions(+), 48 deletions(-) delete mode 100644 Makefile The diff of changes is: diff --git a/Makefile b/Makefile deleted file mode 100644 index 572f867..0000000 --- a/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -release: docs - python setup.py sdist register upload - -docs: paramiko/* - epydoc --no-private -o docs/ paramiko - -clean: - rm -rf build dist docs - rm -f MANIFEST *.log demos/*.log - rm -f paramiko/*.pyc - rm -f test.log - rm -rf paramiko.egg-info - -test: - python ./test.py diff --git a/debian/patches/007_reintroduce-version-info.patch b/debian/patches/007_reintroduce-version-info.patch index 9b9fedc..b0b36a6 100644 --- a/debian/patches/007_reintroduce-version-info.patch +++ b/debian/patches/007_reintroduce-version-info.patch @@ -2,15 +2,7 @@ Description: Reintroduce __version_info__ as it breaks mysql-workbench Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> --- a/paramiko/__init__.py +++ b/paramiko/__init__.py -@@ -60,7 +60,6 @@ - __version__ = "1.11.0" - __license__ = "GNU Lesser General Public License (LGPL)" - -- - from transport import SecurityOptions, Transport - from client import SSHClient, MissingHostKeyPolicy, AutoAddPolicy, RejectPolicy, WarningPolicy - from auth_handler import AuthHandler -@@ -87,6 +86,8 @@ +@@ -87,6 +87,8 @@ from config import SSHConfig from proxy import ProxyCommand diff --git a/paramiko/__init__.py b/paramiko/__init__.py index 62cd51c..7f9aa31 100644 --- a/paramiko/__init__.py +++ b/paramiko/__init__.py @@ -87,6 +87,8 @@ from hostkeys import HostKeys from config import SSHConfig from proxy import ProxyCommand +__version_info__ = tuple([ int(d) for d in __version__.split(".") ]) + # fix module names for epydoc for c in locals().values(): if issubclass(type(c), type) or type(c).__name__ == 'classobj': diff --git a/paramiko/client.py b/paramiko/client.py index 493d548..ee26278 100644 --- a/paramiko/client.py +++ b/paramiko/client.py @@ -33,7 +33,7 @@ from paramiko.dsskey import DSSKey from paramiko.hostkeys import HostKeys from paramiko.resource import ResourceManager from paramiko.rsakey import RSAKey -from paramiko.ssh_exception import SSHException, BadHostKeyException +from paramiko.ssh_exception import PasswordRequiredException, SSHException, BadHostKeyException from paramiko.transport import Transport from paramiko.util import retry_on_signal @@ -231,8 +231,8 @@ class SSHClient (object): """ self._policy = policy - def connect(self, hostname, port=SSH_PORT, username=None, password=None, pkey=None, - key_filename=None, timeout=None, allow_agent=True, look_for_keys=True, + def connect(self, hostname, port=SSH_PORT, username=None, password=None, passphrase=None, + pkey=None, key_filename=None, timeout=None, allow_agent=True, look_for_keys=True, compress=False, sock=None): """ Connect to an SSH server and authenticate to it. The server's host key @@ -262,6 +262,10 @@ class SSHClient (object): @param password: a password to use for authentication or for unlocking a private key @type password: str + @param passphrase: a passphrase to use for unlocking + a private key in case the password is already needed for two-factor + authentication + @type passphrase: str @param pkey: an optional private key to use for authentication @type pkey: L{PKey} @param key_filename: the filename, or list of filenames, of optional @@ -339,7 +343,7 @@ class SSHClient (object): key_filenames = [ key_filename ] else: key_filenames = key_filename - self._auth(username, password, pkey, key_filenames, allow_agent, look_for_keys) + self._auth(username, password, passphrase, pkey, key_filenames, allow_agent, look_for_keys) def close(self): """ @@ -429,7 +433,7 @@ class SSHClient (object): """ return self._transport - def _auth(self, username, password, pkey, key_filenames, allow_agent, look_for_keys): + def _auth(self, username, password, passphrase, pkey, key_filenames, allow_agent, look_for_keys): """ Try, in order: @@ -438,12 +442,17 @@ class SSHClient (object): - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (if allowed). - Plain username/password auth, if a password was given. - (The password might be needed to unlock a private key, or for - two-factor authentication [for which it is required].) + The password might be needed to unlock a private key, or for + two-factor authentication [for which it is required]. + + If the SSH key needs unlocking via passphrase and two-factor + auth requires a password, the passphrase is unused for unlocking + the key whereas the password is used for server authentication. """ saved_exception = None two_factor = False allowed_types = [] + if passphrase is None: passphrase = password if pkey is not None: try: @@ -455,20 +464,6 @@ class SSHClient (object): except SSHException, e: saved_exception = e - if not two_factor: - for key_filename in key_filenames: - for pkey_class in (RSAKey, DSSKey): - try: - key = pkey_class.from_private_key_file(key_filename, password) - self._log(DEBUG, 'Trying key %s from %s' % (hexlify(key.get_fingerprint()), key_filename)) - self._transport.auth_publickey(username, key) - two_factor = (allowed_types == ['password']) - if not two_factor: - return - break - except SSHException, e: - saved_exception = e - if not two_factor and allow_agent: if self._agent == None: self._agent = Agent() @@ -486,6 +481,23 @@ class SSHClient (object): saved_exception = e if not two_factor: + for key_filename in key_filenames: + for pkey_class in (RSAKey, DSSKey): + try: + key = pkey_class.from_private_key_file(key_filename, passphrase) + self._log(DEBUG, 'Trying key %s from %s' % (hexlify(key.get_fingerprint()), key_filename)) + allowed_types = self._transport.auth_publickey(username, key) + two_factor = (allowed_types == ['password']) + if not two_factor: + return + break + except PasswordRequiredException, e: + saved_exception = e + break + except SSHException, e: + saved_exception = e + + if not two_factor: keyfiles = [] rsa_key = os.path.expanduser('~/.ssh/id_rsa') dsa_key = os.path.expanduser('~/.ssh/id_dsa') @@ -506,7 +518,7 @@ class SSHClient (object): for pkey_class, filename in keyfiles: try: - key = pkey_class.from_private_key_file(filename, password) + key = pkey_class.from_private_key_file(filename, passphrase) self._log(DEBUG, 'Trying discovered key %s in %s' % (hexlify(key.get_fingerprint()), filename)) # for 2-factor auth a successfully auth'd key will result in ['password'] allowed_types = self._transport.auth_publickey(username, key) diff --git a/paramiko/hostkeys.py b/paramiko/hostkeys.py index f64e6e6..0f29f2b 100644 --- a/paramiko/hostkeys.py +++ b/paramiko/hostkeys.py @@ -130,9 +130,9 @@ class HostKeys (UserDict.DictMixin): if filename is not None: self.load(filename) - def add(self, hostname, keytype, key): + def add(self, hostname, keytype, key, hash_hostname=True): """ - Add a host key entry to the table. Any existing entry for a + Add a host key entry to the table. Any existing entry for a C{(hostname, keytype)} pair will be replaced. @param hostname: the hostname (or IP) to add @@ -141,11 +141,14 @@ class HostKeys (UserDict.DictMixin): @type keytype: str @param key: the key to add @type key: L{PKey} + """ for e in self._entries: if (hostname in e.hostnames) and (e.key.get_name() == keytype): e.key = key return + if not hostname.startswith('|1|') and hash_hostname: + hostname = self.hash_host(hostname) self._entries.append(HostKeyEntry([hostname], key)) def load(self, filename): hooks/post-receive -- python-paramiko.git (Debian package python-paramiko) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "python-paramiko.git" (Debian package python-paramiko).