sshuttle/ssh.py

import os, re, subprocess

def connect(rhost, subcmd):
    assert(not re.search(r'[^\w-]', subcmd))
    main_exe = sys.argv[0]
    nicedir = os.path.split(os.path.abspath(main_exe))[0]
    nicedir = re.sub(r':', "_", nicedir)
    if rhost == '-':
        rhost = None
    if not rhost:
        argv = ['sshuttle', subcmd]
    else:
        # WARNING: shell quoting security holes are possible here, so we
        # have to be super careful.  We have to use 'sh -c' because
        # csh-derived shells can't handle PATH= notation.  We can't
        # set PATH in advance, because ssh probably replaces it.  We
        # can't exec *safely* using argv, because *both* ssh and 'sh -c'
        # allow shellquoting.  So we end up having to double-shellquote
        # stuff here.
        escapedir = re.sub(r'([^\w/])', r'\\\\\\\1', nicedir)
        cmd = r"""
                   sh -c PATH=%s:'$PATH sshuttle %s'
               """ % (escapedir, subcmd)
        argv = ['ssh', rhost, '--', cmd.strip()]
    def setup():
        # runs in the child process
        if not rhost:
            os.environ['PATH'] = ':'.join([nicedir,
                                           os.environ.get('PATH', '')])
        os.setsid()
    return subprocess.Popen(argv, stdin=subprocess.PIPE, stdout=subprocess.PIPE,
                            preexec_fn=setup)
Initial commit. Importing options.py, ssh.py, and LICENSE from the bup project. 2010-05-01 22:15:37 +02:00			`import os, re, subprocess`

			`def connect(rhost, subcmd):`
			`assert(not re.search(r'[^\w-]', subcmd))`
			`main_exe = sys.argv[0]`
			`nicedir = os.path.split(os.path.abspath(main_exe))[0]`
			`nicedir = re.sub(r':', "_", nicedir)`
			`if rhost == '-':`
			`rhost = None`
			`if not rhost:`
			`argv = ['sshuttle', subcmd]`
			`else:`
			`# WARNING: shell quoting security holes are possible here, so we`
			`# have to be super careful. We have to use 'sh -c' because`
			`# csh-derived shells can't handle PATH= notation. We can't`
			`# set PATH in advance, because ssh probably replaces it. We`
			`# can't exec safely using argv, because both ssh and 'sh -c'`
			`# allow shellquoting. So we end up having to double-shellquote`
			`# stuff here.`
			`escapedir = re.sub(r'([^\w/])', r'\\\\\\\1', nicedir)`
			`cmd = r"""`
			`sh -c PATH=%s:'$PATH sshuttle %s'`
			`""" % (escapedir, subcmd)`
			`argv = ['ssh', rhost, '--', cmd.strip()]`
			`def setup():`
			`# runs in the child process`
			`if not rhost:`
			`os.environ['PATH'] = ':'.join([nicedir,`
			`os.environ.get('PATH', '')])`
			`os.setsid()`
			`return subprocess.Popen(argv, stdin=subprocess.PIPE, stdout=subprocess.PIPE,`
			`preexec_fn=setup)`