From 37a5a67391d66743462fc411366bf30e9dbed889 Mon Sep 17 00:00:00 2001 From: Griatch Date: Sat, 27 Jan 2018 21:30:10 +0100 Subject: [PATCH] Clean up SSH key generation and output. --- evennia/server/portal/ssh.py | 48 +++++++++++++++++------------ evennia/server/portal/telnet_ssl.py | 6 ++-- 2 files changed, 32 insertions(+), 22 deletions(-) diff --git a/evennia/server/portal/ssh.py b/evennia/server/portal/ssh.py index 6ac61e7026..9534a67244 100644 --- a/evennia/server/portal/ssh.py +++ b/evennia/server/portal/ssh.py @@ -52,12 +52,25 @@ from evennia.utils.utils import to_str _RE_N = re.compile(r"\|n$") _RE_SCREENREADER_REGEX = re.compile(r"%s" % settings.SCREENREADER_REGEX_STRIP, re.DOTALL + re.MULTILINE) _GAME_DIR = settings.GAME_DIR +_PRIVATE_KEY_FILE = os.path.join(_GAME_DIR, "server", "ssh-private.key") +_PUBLIC_KEY_FILE = os.path.join(_GAME_DIR, "server", "ssh-public.key") +_KEY_LENGTH = 2048 CTRL_C = '\x03' CTRL_D = '\x04' CTRL_BACKSLASH = '\x1c' CTRL_L = '\x0c' +_NO_AUTOGEN = """ +Evennia could not generate SSH private- and public keys ({{err}}) +Using conch default keys instead. + +If this error persists, create the keys manually (using the tools for your OS) +and put them here: + {} + {} +""".format(_PRIVATE_KEY_FILE, _PUBLIC_KEY_FILE) + class SshProtocol(Manhole, session.Session): """ @@ -426,32 +439,32 @@ def getKeyPair(pubkeyfile, privkeyfile): if not (os.path.exists(pubkeyfile) and os.path.exists(privkeyfile)): # No keypair exists. Generate a new RSA keypair - print(" Generating SSH RSA keypair ...", end=' ') from Crypto.PublicKey import RSA - KEY_LENGTH = 1024 - rsaKey = Key(RSA.generate(KEY_LENGTH)) - publicKeyString = rsaKey.public().toString(type="OPENSSH") - privateKeyString = rsaKey.toString(type="OPENSSH") + rsa_key = Key(RSA.generate(_KEY_LENGTH)) + public_key_string = rsa_key.public().toString(type="OPENSSH") + private_key_string = rsa_key.toString(type="OPENSSH") # save keys for the future. - file(pubkeyfile, 'w+b').write(publicKeyString) - file(privkeyfile, 'w+b').write(privateKeyString) - print(" done.") + with open(privkeyfile, 'wt') as pfile: + pfile.write(private_key_string) + print("Created SSH private key in '{}'".format(_PRIVATE_KEY_FILE)) + with open(pubkeyfile, 'wt') as pfile: + pfile.write(public_key_string) + print("Created SSH public key in '{}'".format(_PUBLIC_KEY_FILE)) else: - publicKeyString = file(pubkeyfile).read() - privateKeyString = file(privkeyfile).read() + with open(pubkeyfile) as pfile: + public_key_string = pfile.read() + with open(privkeyfile) as pfile: + private_key_string = pfile.read() - return Key.fromString(publicKeyString), Key.fromString(privateKeyString) + return Key.fromString(public_key_string), Key.fromString(private_key_string) def makeFactory(configdict): """ Creates the ssh server factory. """ - pubkeyfile = os.path.join(_GAME_DIR, "server", "ssh-public.key") - privkeyfile = os.path.join(_GAME_DIR, "server", "ssh-private.key") - def chainProtocolFactory(username=None): return insults.ServerProtocol( configdict['protocolFactory'], @@ -466,14 +479,11 @@ def makeFactory(configdict): try: # create/get RSA keypair - publicKey, privateKey = getKeyPair(pubkeyfile, privkeyfile) + publicKey, privateKey = getKeyPair(_PUBLIC_KEY_FILE, _PRIVATE_KEY_FILE) factory.publicKeys = {'ssh-rsa': publicKey} factory.privateKeys = {'ssh-rsa': privateKey} except Exception as err: - print("getKeyPair error: {err}\n WARNING: Evennia could not " - "auto-generate SSH keypair. Using conch default keys instead.\n" - "If this error persists, create {pub} and " - "{priv} yourself using third-party tools.".format(err=err, pub=pubkeyfile, priv=privkeyfile)) + print(_NO_AUTOGEN.format(err=err)) factory.services = factory.services.copy() factory.services['ssh-userauth'] = ExtraInfoAuthServer diff --git a/evennia/server/portal/telnet_ssl.py b/evennia/server/portal/telnet_ssl.py index b6869400a1..b3d2ae4fa6 100644 --- a/evennia/server/portal/telnet_ssl.py +++ b/evennia/server/portal/telnet_ssl.py @@ -33,7 +33,7 @@ _GAME_DIR = settings.GAME_DIR _PRIVATE_KEY_LENGTH = 2048 _PRIVATE_KEY_FILE = os.path.join(_GAME_DIR, "server", "ssl.key") -_PUBLIC_KEY_FILE = os.path.join(_GAME_DIR, "server", "ssl_public.key") +_PUBLIC_KEY_FILE = os.path.join(_GAME_DIR, "server", "ssl-public.key") _CERTIFICATE_FILE = os.path.join(_GAME_DIR, "server", "ssl.cert") _CERTIFICATE_EXPIRE = 365 * 24 * 60 * 60 * 20 # 20 years _CERTIFICATE_ISSUER = {"C": "EV", "ST": "Evennia", "L": "Evennia", "O": @@ -96,7 +96,7 @@ def verify_or_create_SSL_key_and_cert(keyfile, certfile): with open(_PUBLIC_KEY_FILE, 'wt') as pfile: pfile.write(crypto.dump_publickey(crypto.FILETYPE_PEM, keypair)) - print("Created SSL public key in '{}'.".format(_PRIVATE_KEY_FILE)) + print("Created SSL public key in '{}'.".format(_PUBLIC_KEY_FILE)) except Exception as err: print(NO_AUTOGEN.format(err=err)) @@ -120,7 +120,7 @@ def verify_or_create_SSL_key_and_cert(keyfile, certfile): with open(_CERTIFICATE_FILE, 'wt') as cfile: cfile.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert)) - print("Created SSL certificate in '{}'.".format(_PRIVATE_KEY_FILE)) + print("Created SSL certificate in '{}'.".format(_CERTIFICATE_FILE)) except Exception as err: print(NO_AUTOCERT.format(err=err))