Merge branch 'release-1.6.x'

AUTHORS

@@ -85,6 +85,7 @@ Contributors:
 	* Jacob Farkas
 	* James Farwell
 	* Jamie Scheinblum
+	* Jason Veatch
 	* Jeeva Suresh
 	* Jeff Lamb
 	* Jeroen Janssen

reviewboard/admin/forms.py

@@ -44,7 +44,7 @@
                                      get_can_use_amazon_s3, \
                                      get_can_use_couchdb
 from reviewboard.admin.siteconfig import load_site_config
-from reviewboard.scmtools import sshutils
+from reviewboard.ssh.client import SSHClient
 
 
 class GeneralSettingsForm(SiteSettingsForm):
@@ -536,7 +536,7 @@ class SSHSettingsForm(forms.Form):
     def create(self, files):
         if self.cleaned_data['generate_key']:
             try:
-                sshutils.generate_user_key()
+                SSHClient().generate_user_key()
             except IOError, e:
                 self.errors['generate_key'] = forms.util.ErrorList([
                     _('Unable to write SSH key file: %s') % e
@@ -549,7 +549,7 @@ def create(self, files):
                 raise
         elif self.cleaned_data['keyfile']:
             try:
-                sshutils.import_user_key(files['keyfile'])
+                SSHClient().import_user_key(files['keyfile'])
             except IOError, e:
                 self.errors['keyfile'] = forms.util.ErrorList([
                     _('Unable to write SSH key file: %s') % e

reviewboard/admin/views.py

@@ -17,7 +17,8 @@
 from reviewboard.admin.widgets import dynamic_activity_data, \
                                       primary_widgets, \
                                       secondary_widgets
-from reviewboard.scmtools import sshutils
+from reviewboard.ssh.client import SSHClient
+from reviewboard.ssh.utils import humanize_key
 
 
 @staff_member_required
@@ -60,7 +61,8 @@ def site_settings(request, form_class,
 
 @staff_member_required
 def ssh_settings(request, template_name='admin/ssh_settings.html'):
-    key = sshutils.get_user_key()
+    client = SSHClient()
+    key = client.get_user_key()
 
     if request.method == 'POST':
         form = SSHSettingsForm(request.POST, request.FILES)
@@ -76,15 +78,15 @@ def ssh_settings(request, template_name='admin/ssh_settings.html'):
         form = SSHSettingsForm()
 
     if key:
-        fingerprint = sshutils.humanize_key(key)
+        fingerprint = humanize_key(key)
     else:
         fingerprint = None
 
     return render_to_response(template_name, RequestContext(request, {
         'title': _('SSH Settings'),
         'key': key,
         'fingerprint': fingerprint,
-        'public_key': sshutils.get_public_key(key),
+        'public_key': client.get_public_key(key),
         'form': form,
     }))
 

reviewboard/cmdline/rbssh.py

@@ -39,8 +39,8 @@
 import paramiko
 
 from reviewboard import get_version_string
-from reviewboard.scmtools import sshutils
 from reviewboard.scmtools.core import SCMTool
+from reviewboard.ssh.client import SSHClient
 
 
 DEBUG = os.getenv('DEBUG_RBSSH')
@@ -277,13 +277,13 @@ def main():
 
     logging.debug('!!! %s, %s, %s' % (hostname, username, command))
 
-    client = sshutils.get_ssh_client(options.local_site_name)
+    client = SSHClient(namespace=options.local_site_name)
     client.set_missing_host_key_policy(paramiko.WarningPolicy())
 
     attempts = 0
     password = None
 
-    key = sshutils.get_user_key(options.local_site_name)
+    key = client.get_user_key()
 
     while True:
         try:

reviewboard/reviews/forms.py

@@ -15,6 +15,7 @@
                                         ChangeSetError
 from reviewboard.scmtools.models import Repository
 from reviewboard.site.validation import validate_review_groups, validate_users
+from reviewboard.ssh.errors import SSHError
 
 
 class DefaultReviewerForm(forms.ModelForm):
@@ -187,7 +188,7 @@ def create(self, user, diff_file, parent_diff_file, local_site=None):
                 # This scmtool doesn't have changesets
                 self.errors['changenum'] = forms.util.ErrorList(['Changesets are not supported.'])
                 raise ChangeSetError(None)
-            except SCMError, e:
+            except (SCMError, SSHError), e:
                 self.errors['changenum'] = forms.util.ErrorList([str(e)])
                 raise ChangeSetError(None)
 

reviewboard/reviews/views.py

@@ -57,6 +57,7 @@
 from reviewboard.scmtools.core import PRE_CREATION
 from reviewboard.scmtools.errors import SCMError
 from reviewboard.site.models import LocalSite
+from reviewboard.ssh.errors import SSHError
 from reviewboard.webapi.encoder import status_to_string
 
 
@@ -273,7 +274,7 @@ def new_review_request(request,
                     parent_diff_file=request.FILES.get('parent_diff_path'),
                     local_site=local_site)
                 return HttpResponseRedirect(review_request.get_absolute_url())
-            except (OwnershipError, SCMError, ValueError):
+            except (OwnershipError, SCMError, SSHError, ValueError):
                 pass
     else:
         form = NewReviewRequestForm(request.user, local_site)

reviewboard/scmtools/bzr.py

@@ -15,9 +15,9 @@
 except ImportError:
     has_bzrlib = False
 
-from reviewboard.scmtools import sshutils
 from reviewboard.scmtools.core import SCMTool, HEAD, PRE_CREATION
 from reviewboard.scmtools.errors import RepositoryNotFoundError, SCMError
+from reviewboard.ssh import utils as sshutils
 
 
 # Register these URI schemes so we can handle them properly.

reviewboard/scmtools/core.py

@@ -6,8 +6,11 @@
 import urlparse
 
 import reviewboard.diffviewer.parser as diffparser
-from reviewboard.scmtools import sshutils
-from reviewboard.scmtools.errors import FileNotFoundError, SCMError
+from reviewboard.scmtools.errors import AuthenticationError, \
+                                        FileNotFoundError, \
+                                        SCMError
+from reviewboard.ssh import utils as sshutils
+from reviewboard.ssh.errors import SSHAuthenticationError
 
 
 class ChangeSet:
@@ -149,7 +152,18 @@ def check_repository(cls, path, username=None, password=None,
             logging.debug(
                 "%s: Attempting ssh connection with host: %s, username: %s" % \
                 (cls.__name__, hostname, username))
-            sshutils.check_host(hostname, username, password, local_site_name)
+
+            try:
+                sshutils.check_host(hostname, username, password,
+                                    local_site_name)
+            except SSHAuthenticationError, e:
+                # Represent an SSHAuthenticationError as a standard
+                # AuthenticationError.
+                raise AuthenticationError(e.allowed_types, unicode(e),
+                                          e.user_key)
+            except:
+                # Re-raise anything else
+                raise
 
     @classmethod
     def get_auth_from_uri(cls, path, username):

reviewboard/scmtools/cvs.py

@@ -5,11 +5,14 @@
 
 from djblets.util.filesystem import is_exe_in_path
 
-from reviewboard.scmtools import sshutils
 from reviewboard.scmtools.core import SCMTool, HEAD, PRE_CREATION
-from reviewboard.scmtools.errors import SCMError, FileNotFoundError, \
+from reviewboard.scmtools.errors import AuthenticationError, \
+                                        SCMError, \
+                                        FileNotFoundError, \
                                         RepositoryNotFoundError
 from reviewboard.diffviewer.parser import DiffParser, DiffParserError
+from reviewboard.ssh import utils as sshutils
+from reviewboard.ssh.errors import SSHAuthenticationError, SSHError
 
 
 sshutils.register_rbssh('CVS_RSH')
@@ -128,15 +131,24 @@ def check_repository(cls, path, username=None, password=None,
         m = cls.ext_cvsroot_re.match(path)
 
         if m:
-            sshutils.check_host(m.group('hostname'), username, password,
-                                local_site_name)
+            try:
+                sshutils.check_host(m.group('hostname'), username, password,
+                                    local_site_name)
+            except SSHAuthenticationError, e:
+                # Represent an SSHAuthenticationError as a standard
+                # AuthenticationError.
+                raise AuthenticationError(e.allowed_types, unicode(e),
+                                          e.user_key)
+            except:
+                # Re-raise anything else
+                raise
 
         cvsroot, repopath = cls.build_cvsroot(path, username, password)
         client = CVSClient(cvsroot, repopath, local_site_name)
 
         try:
             client.cat_file('CVSROOT/modules', HEAD)
-        except (SCMError, FileNotFoundError):
+        except (SCMError, SSHError, FileNotFoundError):
             raise RepositoryNotFoundError()
 
     @classmethod

reviewboard/scmtools/errors.py

@@ -1,7 +1,6 @@
-import socket
-
 from django.utils.translation import ugettext as _
-from djblets.util.humanize import humanize_list
+
+from reviewboard.ssh.errors import SSHAuthenticationError
 
 
 class SCMError(Exception):
@@ -70,7 +69,7 @@ def __init__(self):
                                   'specified path.'))
 
 
-class AuthenticationError(SCMError):
+class AuthenticationError(SSHAuthenticationError, SCMError):
     """An error representing a failed authentication for a repository.
 
     This takes a list of authentication types that are allowed. These
@@ -79,20 +78,7 @@ class AuthenticationError(SCMError):
 
     This may also take the user's SSH key that was tried, if any.
     """
-    def __init__(self, allowed_types=[], msg=None, user_key=None):
-        if allowed_types:
-            msg = _('Unable to authenticate against this repository using one '
-                    'of the supported authentication types '
-                    '(%(allowed_types)s).') % {
-                'allowed_types': humanize_list(allowed_types),
-            }
-        elif not msg:
-            msg = _('Unable to authenticate against this repository using one '
-                    'of the supported authentication types.')
-
-        SCMError.__init__(self, msg)
-        self.allowed_types = allowed_types
-        self.user_key = user_key
+    pass
 
 
 class UnverifiedCertificateError(SCMError):
@@ -103,54 +89,3 @@ def __init__(self, certificate):
         self.certificate = certificate
 
 
-class UnsupportedSSHKeyError(SCMError):
-    """An error representing an unsupported type of SSH key."""
-    def __init__(self):
-        SCMError.__init__(self,
-                          _('This SSH key is not a valid RSA or DSS key.'))
-
-
-class SSHKeyError(SCMError):
-    """An error involving a host key on an SSH connection."""
-    def __init__(self, hostname, key, message):
-        from reviewboard.scmtools.sshutils import humanize_key
-
-        SCMError.__init__(self, message)
-        self.hostname = hostname
-        self.key = humanize_key(key)
-        self.raw_key = key
-
-
-class BadHostKeyError(SSHKeyError):
-    """An error representing a bad or malicious key for an SSH connection."""
-    def __init__(self, hostname, key, expected_key):
-        from reviewboard.scmtools.sshutils import humanize_key
-
-        SSHKeyError.__init__(
-            self, hostname, key,
-            _("Warning! The host key for server %(hostname)s does not match "
-              "the expected key.\n"
-              "It's possible that someone is performing a man-in-the-middle "
-              "attack. It's also possible that the RSA host key has just "
-              "been changed. Please contact your system administrator if "
-              "you're not sure. Do not accept this host key unless you're "
-              "certain it's safe!")
-            % {
-                'hostname': hostname,
-                'ip_address': socket.gethostbyname(hostname),
-            })
-        self.expected_key = humanize_key(expected_key)
-        self.raw_expected_key = expected_key
-
-
-class UnknownHostKeyError(SSHKeyError):
-    """An error representing an unknown host key for an SSH connection."""
-    def __init__(self, hostname, key):
-        SSHKeyError.__init__(
-            self, hostname, key,
-            _("The authenticity of the host '%(hostname)s (%(ip)s)' "
-              "couldn't be determined.") % {
-                'hostname': hostname,
-                'ip': socket.gethostbyname(hostname),
-            }
-        )