On Tue, Mar 01, 2016 at 01:35:32PM +0100, Jan Tluka wrote:
>+ def handshake(self, sec_params):
>+ ctl_hello = self.recv_msg()
>+ if ctl_hello["type"] != "ctl_hello":
>+ raise SecSocketException("Handshake failed.")
>+
>+ self._ctl_random = ctl_hello["ctl_random"]
>+ self._slave_random = os.urandom(28)
>+
>+ slave_hello = {"type": "slave_hello",
>+ "slave_random": self._slave_random}
>+ self.send_msg(slave_hello)
>+
>+ if sec_params["auth_types"] == "none":
>+ self._dh_handshake()
>+ elif sec_params["auth_types"] == "ssh":
>+ self._ssh_handshake()
>+ elif sec_params["auth_types"] == "pubkey":
>+ srv_key = None
>+ with open(sec_params["privkey"], 'r') as f:
>+ srv_key = load_pem_private_key(f.read(), None, backend)
>+
>+ ctl_pubkeys = {}
>+ for fname in os.listdir(sec_params["ctl_pubkeys"]):
>+ path = os.path.join(sec_params["ctl_pubkeys"], fname)
>+ if not os.path.isfile(path):
>+ continue
>+ with open(path, 'r') as f:
>+ ctl_pubkeys[fname] = load_pem_public_key(f.read(), backend)
try/catch is missing here.
If you end up with a mix of public and private keys in one directory,
loading a private key will crash the slave here.
Traceback (most recent call last):
File "./a.py", line 10, in <module>
print load_pem_public_key(f.read(), backend)
File
"/usr/lib64/python2.7/site-packages/cryptography/hazmat/primitives/serialization.py",
line 24, in load_pem_public_key
return backend.load_pem_public_key(data)
File
"/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/multibackend.py",
line 291, in load_pem_public_key
return b.load_pem_public_key(data)
File
"/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py",
line 1632, in load_pem_public_key
self._handle_key_loading_error()
File
"/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py",
line 1874, in _handle_key_loading_error
raise ValueError("Could not unserialize key data.")
ValueError: Could not unserialize key data.
You shouldn't really have private keys in this directory... It's a
directory solely for Controller public keys, kind of like the
authorized_keys file of SSH...
But I agree, I should add a try/except block here to filter out tracebacks.
> >+
> >+ self._pubkey_handshake(srv_key, ctl_pubkeys)
> >+ elif sec_params["auth_types"] == "password":
> >+ self._passwd_handshake(sec_params["auth_password"])
> >+ else:
> >+ raise SecSocketException("Unknown authentication
method.")
> >+