Commit 011268f7 authored by Michal Horejsek's avatar Michal Horejsek

Merge branch 'sshpass-path' into 'master'

Dynamic search of sshpass path

Closes #7

See merge request !9
parents caff5009 66742b81
"""
Implementation of SSH proxy using Twisted.
"""
# try:
# from shutil import which
# except ImportError:
# from shutilwhich import which
import fcntl
import json
......@@ -19,7 +23,7 @@ from twisted.python import components, log
from twisted.python.compat import networkString
from haas_proxy.balancer import Balancer
from haas_proxy.utils import force_text
from haas_proxy.utils import force_text, which
class ProxyService(service.Service):
......@@ -44,6 +48,7 @@ class SSHConnection(SSHConnectionTwisted):
"""
Overridden SSHConnection for disabling logs a traceback about a failed direct-tcpip connections
"""
# pylint: disable=invalid-name,inconsistent-return-statements
def ssh_CHANNEL_OPEN(self, packet):
# pylint: disable=unbalanced-tuple-unpacking
......@@ -169,7 +174,7 @@ class ProxySSHSession(SSHSessionForUnixConchUser):
# pylint: disable=no-member
self.pty = reactor.spawnProcess(
proto,
executable='/usr/bin/sshpass',
executable=which('sshpass'),
args=self.honeypot_ssh_arguments,
env=self.environ,
path='/',
......@@ -191,7 +196,7 @@ class ProxySSHSession(SSHSessionForUnixConchUser):
# pylint: disable=no-member
self.pty = reactor.spawnProcess(
proto,
executable='/usr/bin/sshpass',
executable=which('sshpass'),
args=self.honeypot_ssh_arguments + [cmd],
env=self.environ,
path='/',
......
......@@ -2,6 +2,10 @@
Useful functions used by HaaS proxy.
"""
import os
import sys
def force_text(value):
"""
Helper to deal with bytes and str in Python 2 vs. Python 3. Needed to have
......@@ -12,3 +16,71 @@ def force_text(value):
if isinstance(value, bytes):
return str(value, 'utf-8')
return str(value)
# This function is copy-pasted from shutils. It using for compatibility with python 2.7 and 3.6 because shutils
# hasn't which() function in python 2.7. It will be removed when support python 2.7 ends.
# pylint:disable=invalid-name,too-many-branches
def which(cmd, mode=os.F_OK | os.X_OK, path=None):
"""Given a command, mode, and a PATH string, return the path which
conforms to the given mode on the PATH, or None if there is no such
file.
`mode` defaults to os.F_OK | os.X_OK. `path` defaults to the result
of os.environ.get("PATH"), or can be overridden with a custom search
path.
"""
# Check that a given file can be accessed with the correct mode.
# Additionally check that `file` is not a directory, as on Windows
# directories pass the os.access check.
def _access_check(fn, mode):
return (os.path.exists(fn) and os.access(fn, mode)
and not os.path.isdir(fn))
# If we're given a path with a directory part, look it up directly rather
# than referring to PATH directories. This includes checking relative to the
# current directory, e.g. ./script
if os.path.dirname(cmd):
if _access_check(cmd, mode):
return cmd
return None
if path is None:
path = os.environ.get("PATH", os.defpath)
if not path:
return None
path = path.split(os.pathsep)
if sys.platform == "win32":
# The current directory takes precedence on Windows.
if not os.curdir in path:
path.insert(0, os.curdir)
# PATHEXT is necessary to check on Windows.
pathext = os.environ.get("PATHEXT", "").split(os.pathsep)
# See if the given file matches any of the expected path extensions.
# This will allow us to short circuit when given "python.exe".
# If it does match, only test that one, otherwise we have to try
# others.
if any(cmd.lower().endswith(ext.lower()) for ext in pathext):
files = [cmd]
else:
files = [cmd + ext for ext in pathext]
else:
# On other platforms you don't have things like PATHEXT to tell you
# what file suffixes are executable, so just pass on cmd as-is.
files = [cmd]
seen = set()
# pylint:disable=redefined-builtin
for dir in path:
normdir = os.path.normcase(dir)
if not normdir in seen:
seen.add(normdir)
for thefile in files:
name = os.path.join(dir, thefile)
if _access_check(name, mode):
return name
return None
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment