Skip to content

Commit

Permalink
OscHTTPSignatureAuthHandler: try to guess ssh key from the keys added…
Browse files Browse the repository at this point in the history 
… to ssh-agent

Based on a patch by Daniel Mach
  • Loading branch information
@mlschroe
mlschroe committed May 23, 2022
1 parent 0b82661 commit b8f76f7
Showing 1 changed file with 42 additions and 0 deletions.
42 changes: 42 additions & 0 deletions osc/conf.py
View file
Expand Up @@ -560,7 +560,49 @@ def __init__(self, user, sshkey):
self.user = user
self.sshkey = sshkey

def list_ssh_agent_keys(self):
cmd = ['ssh-add', '-l']
proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, _ = proc.communicate()
if proc.returncode == 0 and stdout.strip():
return stdout.splitlines()
else:
return []

def is_ssh_private_keyfile(self, keyfile_path):
if not os.path.isfile(keyfile_path):
return False
with open(keyfile_path, "r") as f:
line = f.readline(100).strip()
if line == "-----BEGIN OPENSSH PRIVATE KEY-----":
return True
return False

def list_ssh_dir_keys(self):
sshdir = os.path.expanduser('~/.ssh')
keys_in_home_ssh = {}
for keyfile in os.listdir(sshdir):
if keyfile.endswith(".pub"):
continue
keyfile_path = os.path.join(sshdir, keyfile)
if not self.is_ssh_private_keyfile(keyfile_path):
continue
cmd = ["ssh-keygen", "-lf", keyfile_path]
proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, _ = proc.communicate()
if proc.returncode == 0:
fingerprint = stdout.strip()
if fingerprint:
keys_in_home_ssh[fingerprint] = keyfile_path
return keys_in_home_ssh

def guess_keyfile(self):
keys_in_agent = self.list_ssh_agent_keys()
if keys_in_agent:
keys_in_home_ssh = self.list_ssh_dir_keys()
for fingerprint in keys_in_agent:
if fingerprint in keys_in_home_ssh:
return keys_in_home_ssh[fingerprint]
sshdir = os.path.expanduser('~/.ssh')
keyfiles = ('id_ed25519', 'id_rsa')
for keyfile in keyfiles:
Expand Down

0 comments on commit b8f76f7

Please sign in to comment.