%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python3/dist-packages/paramiko/__pycache__/
Upload File :
Create Path :
Current File : //lib/python3/dist-packages/paramiko/__pycache__/kex_gss.cpython-312.pyc

�

�ec	`���dZddlZddlmZddlmZmZmZddlm	Z	ddl
mZddlm
Z
mZmZddlmZed	d
�\ZZZZZedd�\ZZed	d
�D�cgc]
}e
|���c}\ZZZZZedd�D�cgc]
}e
|���c}\ZZ Gd
�de!�Z"Gd�de"�Z#Gd�de!�Z$Gd�de!�Z%ycc}wcc}w)a�
This module provides GSS-API / SSPI Key Exchange as defined in :rfc:`4462`.

.. note:: Credential delegation is not supported in server mode.

.. note::
    `RFC 4462 Section 2.2
    <https://tools.ietf.org/html/rfc4462.html#section-2.2>`_ says we are not
    required to implement GSS-API error messages. Thus, in many methods within
    this module, if an error occurs an exception will be thrown and the
    connection will be terminated.

.. seealso:: :doc:`/api/ssh_gss`

.. versionadded:: 1.15
�N)�sha1)�DEBUG�max_byte�	zero_byte)�util)�Message)�byte_chr�	byte_mask�byte_ord)�SSHException��#�(�*c�x�eZdZdZdZdZed�edzzZe	dzZ
dZd�Zd	�Z
d
�Zd�Zd�Zd
�Zd�Zd�Zd�Zy)�KexGSSGroup1z�
    GSS-API / SSPI Authenticated Diffie-Hellman Key Exchange as defined in `RFC
    4462 Section 2 <https://tools.ietf.org/html/rfc4462.html#section-2>`_
    lE����8�{3If?�E y�Z�3�V�58n�oP�e�?a-�
�tBL�
�y3W[�<�p�6m5��P��&a�F!�33*�w& �AR�M;L}.�c|&A�@�h\�&&#-D�v�d��������z(gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==c��||_|jj|_d|_d|_d|_d|_y)Nr)�	transport�kexgss_ctxt�kexgss�gss_host�x�e�f��selfrs  �2/usr/lib/python3/dist-packages/paramiko/kex_gss.py�__init__zKexGSSGroup1.__init__Ss6��"����n�n�0�0�����
����������c��|j�|jjrPt|j|j
|j�|_|jjt�yt|j|j
|j�|_
|jj|_t�}|jt�|j|j j#|j���|j%|j�|jj'|�|jjt(t*t,t.�y)zU
        Start the GSS-API / SSPI Authenticated Diffie-Hellman Key Exchange.
        N��target)�_generate_xr�server_mode�pow�Gr�Pr�_expect_packet�MSG_KEXGSS_INITrrr�add_byte�c_MSG_KEXGSS_INIT�
add_stringr�ssh_init_sec_context�	add_mpint�
_send_message�MSG_KEXGSS_HOSTKEY�MSG_KEXGSS_CONTINUE�MSG_KEXGSS_COMPLETE�MSG_KEXGSS_ERROR�r �ms  r!�	start_kexzKexGSSGroup1.start_kex[s���	
�����>�>�%�%�����������0�D�F��N�N�)�)�/�:���T�V�V�T�V�V�T�V�V�,������/�/��
��I��	�
�
�$�%�	���T�[�[�5�5�T�]�]�5�K�L�	���D�F�F�����$�$�Q�'����%�%�����		
r#c���|jjr|tk(r|j|�S|jjs|tk(r|j|�S|jjr|tk(r|j|�S|jjs|tk(r|j|�S|tk(r|j|�Sd}t|j|���)��
        Parse the next packet.

        :param ptype: The (string) type of the incoming packet
        :param `.Message` m: The paket content
        z.GSS KexGroup1 asked to handle packet type {:d})rr(r-�_parse_kexgss_initr4�_parse_kexgss_hostkeyr5�_parse_kexgss_continuer6�_parse_kexgss_completer7�_parse_kexgss_errorr�format�r �ptyper9�msgs    r!�
parse_nextzKexGSSGroup1.parse_nextus����>�>�%�%�5�O�+C��*�*�1�-�-����+�+��:L�1L��-�-�a�0�0�
�^�^�
'�
'�U�6I�-I��.�.�q�1�1����+�+��:M�1M��.�.�q�1�1�
�&�
&��+�+�A�.�.�>���3�:�:�e�,�-�-r#c���	tjd�}t|dd�|ddz}|dd}||j|jfvrn�Ktj|�|_y)ap
        generate an "x" (1 < x < q), where q is (p-1)/2.
        p is a 128-byte (1024-bit) number, where the first 64 bits are 1.
        therefore q can be approximated as a 2^1023.  we drop the subset of
        potential x where the first 63 bits are 1, because some of those will
        be larger than q (but this is a tiny tiny subset of potential x).
        ��rrNr)�os�urandomr
�b7fffffffffffffff�b0000000000000000r�inflate_longr)r �x_bytes�firsts   r!r'zKexGSSGroup1._generate_x�so����j�j��o�G����
�D�1�G�A�B�K�?�G��B�Q�K�E��T�3�3�T�5K�5K�L�L����"�"�7�+��r#c���|j�}||j_|j�}|jj||�|jj	t
t�y)z�
        Parse the SSH2_MSG_KEXGSS_HOSTKEY message (client mode).

        :param `.Message` m: The content of the SSH2_MSG_KEXGSS_HOSTKEY message
        N��
get_stringr�host_key�_verify_keyr,r5r6�r r9rT�sigs    r!r>z"KexGSSGroup1._parse_kexgss_hostkey��P���<�<�>��"*������l�l�n�����"�"�8�S�1����%�%�&9�;N�Or#c��|jjs�|j�}t�}|j	t
�|j
|jj|j|���|jj|�|jjttt�yy)z�
        Parse the SSH2_MSG_KEXGSS_CONTINUE message.

        :param `.Message` m: The content of the SSH2_MSG_KEXGSS_CONTINUE
            message
        �r&�
recv_tokenN�rr(rSrr.�c_MSG_KEXGSS_CONTINUEr0rr1r�send_messager,r5r6r7�r r9�	srv_tokens   r!r?z#KexGSSGroup1._parse_kexgss_continue�s����~�~�)�)�����I��	�A�
�J�J�,�-�
�L�L����0�0��=�=�Y�1��
�

�N�N�'�'��*��N�N�)�)�#�%8�:J�
�
r#c��|jj�t�|j_|j�|_|jdks|j|j
dz
kDrt
d��|j�}|j�}d}|r|j�}t|j|j|j
�}t�}|j|jj|jj|jj|jj �|j#|jjj%��|j'|j(�|j'|j�|j'|�t+t-|��j/�}|jj1||�|�D|j2j5|j6|��|j2j9||�n|j2j9||�d|j_|jj=�y)z�
        Parse the SSH2_MSG_KEXGSS_COMPLETE message (client mode).

        :param `.Message` m: The content of the
            SSH2_MSG_KEXGSS_COMPLETE message
        NrH�Server kex "f" is out of rangerZT)rrT�NullHostKey�	get_mpintrr+rrS�get_booleanr)rr�add�
local_version�remote_version�local_kex_init�remote_kex_initr0�__str__r2rr�str�digest�_set_K_Hrr1r�
ssh_check_mic�gss_kex_used�_activate_outbound�r r9�	mic_token�boolr`�K�hm�Hs        r!r@z#KexGSSGroup1._parse_kexgss_complete�s����>�>�"�"�*�&1�m�D�N�N�#��������F�F�Q�J�D�F�F�T�V�V�a�Z�/��?�@�@��L�L�N�	��}�}����	������I�����������'���Y��
����N�N�(�(��N�N�)�)��N�N�)�)��N�N�*�*�		
�	�
�
�d�n�n�-�-�5�5�7�8�
���T�V�V��
���T�V�V��
���Q����R��M� � �"��������1�%�� ��K�K�,�,��}�}��
-�
�
�K�K�%�%�i��3��K�K�%�%�i��3�&*����#����)�)�+r#c���|j�}|j�|_|jdks|j|jdz
kDrt	d��t|j|j|j�}t�|j_	|jjj�}t�}|j|jj|jj|jj|jj �|j#|�|j%|j�|j%|j&�|j%|�t)|j+��j-�}|jj/||�|j0j3|j4|�}t�}|j0j6r�|j0j9|jj:d��}|j=t>�|j%|j&�|j#|�|�#|jAd�|j#|�n|jAd�|jjC|�d|j_"|jjG�y|j=tH�|j#|�|jjC|�|jjKtLtNtP�y)z�
        Parse the SSH2_MSG_KEXGSS_INIT message (server mode).

        :param `.Message` m: The content of the SSH2_MSG_KEXGSS_INIT message
        rH�Client kex "e" is out of rangeT��gss_kexNF))rSrdrr+rr)rrcrrTrkrrfrhrgrjrir0r2rr�asbytesrmrnr�ssh_accept_sec_contextr�_gss_srv_ctxt_status�ssh_get_mic�
session_idr.�c_MSG_KEXGSS_COMPLETE�add_booleanr3rprqr]r,r5r6r7�	r r9�client_tokenru�keyrvrwr`rss	         r!r=zKexGSSGroup1._parse_kexgss_init�sY���|�|�~���������F�F�Q�J�D�F�F�T�V�V�a�Z�/��?�@�@�����������'��"-�-������n�n�%�%�-�-�/���Y��
����N�N�)�)��N�N�(�(��N�N�*�*��N�N�)�)�		
�	�
�
�c��
���T�V�V��
���T�V�V��
���Q��������%�%�'��������1�%��K�K�6�6��M�M�<�
�	�
�I���;�;�+�+����/�/����)�)�4�0��I�
�J�J�,�-�
�K�K�����
�L�L��#��$��
�
�d�#����Y�'��
�
�e�$��N�N�(�(��+�*.�D�N�N�'��N�N�-�-�/�
�J�J�,�-�
�L�L��#��N�N�(�(��+��N�N�)�)�#�%8�:J�
r#c��|j�}|j�}|j�}|j�tdj|||���)a�
        Parse the SSH2_MSG_KEXGSS_ERROR message (client mode).
        The server may send a GSS-API error message. if it does, we display
        the error by throwing an exception (client mode).

        :param `.Message` m: The content of the SSH2_MSG_KEXGSS_ERROR message
        :raise SSHException: Contains GSS-API major and minor status as well as
                             the error message and the language tag of the
                             message
        �CGSS-API Error:
Major Status: {}
Minor Status: {}
Error Message: {}
��get_intrSrrB�r r9�
maj_status�
min_status�err_msgs     r!rAz KexGSSGroup1._parse_kexgss_error$�S���Y�Y�[�
��Y�Y�[�
��,�,�.��	�����
��F��J���
�	
r#N)�__name__�
__module__�__qualname__�__doc__r+r*r	rrLrrM�NAMEr"r:rFr'r>r?r@r=rA�r#r!rrFsf���	K�A�	�A� ����A��5��!�A�
��5�D��
�4.�,,� P��.+,�Z6�p
r#rc��eZdZdZdZdZdZy)�
KexGSSGroup14z�
    GSS-API / SSPI Authenticated Diffie-Hellman Group14 Key Exchange as defined
    in `RFC 4462 Section 2
    <https://tools.ietf.org/html/rfc4462.html#section-2>`_
    l������&�U�G9
tcb0]Q\-�:�$�90.`U�_�b;YS7x]Ek�`:xds�!,w<G�8�qbdR_��h��d�d��Y6K�pRT{�U�j�K�#�Gt|�L���4�S�8� �FYpw,(.>�=�H�G2C�d�c_�.K?&j�_�c�}�z[\V�_1M.D�^�/1v5I	�j�V&|�
�/�mV�lR�<6#�{n4�(EY91�T�:�g8	H	�Ap�cb4B�B�j~H�����rz)gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==N)r�r�r�r�r+r*r�r�r#r!r�r�>s���	K�A�	�A�6�Dr#r�c�b�eZdZdZdZdZdZdZd�Zd�Z	d�Z
d	�Zd
�Zd�Z
d�Zd
�Zd�Zd�Zd�Zy)�	KexGSSGexz�
    GSS-API / SSPI Authenticated Diffie-Hellman Group Exchange as defined in
    `RFC 4462 Section 2 <https://tools.ietf.org/html/rfc4462.html#section-2>`_
    z%gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==�� ic��||_|jj|_d|_d|_d|_d|_d|_d|_d|_	d|_
y)NF)rrrr�p�q�grrr�	old_stylers  r!r"zKexGSSGex.__init__UsR��"����n�n�0�0�����
���������������������r#c��|jjr |jjt�y|jj|_t�}|j
t�|j|j�|j|j�|j|j�|jj|�|jjt�y)zV
        Start the GSS-API / SSPI Authenticated Diffie-Hellman Group Exchange
        N)rr(r,�MSG_KEXGSS_GROUPREQrrr.�c_MSG_KEXGSS_GROUPREQ�add_int�min_bits�preferred_bits�max_bitsr3�MSG_KEXGSS_GROUPr8s  r!r:zKexGSSGex.start_kexas����>�>�%�%��N�N�)�)�*=�>�����/�/��
��I��	�
�
�(�)�	�	�	�$�-�-� �	�	�	�$�%�%�&�	�	�	�$�-�-� ����$�$�Q�'����%�%�&6�7r#c��|tk(r|j|�S|tk(r|j|�S|tk(r|j|�S|tk(r|j|�S|tk(r|j|�S|tk(r|j|�S|tk(r|j|�Sd}t|j|���)r<z'KexGex asked to handle packet type {:d})r��_parse_kexgss_groupreqr��_parse_kexgss_groupr-�_parse_kexgss_gex_initr4r>r5r?r6r@r7rArrBrCs    r!rFzKexGSSGex.parse_nextts����'�'��.�.�q�1�1�
�&�
&��+�+�A�.�.�
�o�
%��.�.�q�1�1�
�(�
(��-�-�a�0�0�
�)�
)��.�.�q�1�1�
�)�
)��.�.�q�1�1�
�&�
&��+�+�A�.�.�7���3�:�:�e�,�-�-r#c�\�|jdz
dz}tj|d�}t|d�}t	|�}d}|dzs|dz}|dz}|dzs�	tj|�}t|d|�|ddz}tj|d�}|dkDr||kr		||_	y�T)NrHrr�rI)
r�r�deflate_longr�lenrJrKr
rNr)r r��qnorm�qhbyte�
byte_count�qmaskrOrs        r!r'zKexGSSGex._generate_x�s���
�V�V�a�Z�A����!�!�!�Q�'���%��(�#����Z�
����D�=��q�L�F��a�K�E��D�=���j�j��,�G����
�E�2�W�Q�R�[�@�G��!�!�'�1�-�A��A��A��E�����
r#c�$�|j�}|j�}|j�}||jkDr|j}||jkr|j}||kDr|}||kr|}||_||_||_|jj�}|�t
d��|jjtdj|||��|j|||�\|_|_t�}|jt�|j!|j�|j!|j�|jj#|�|jj%t&�y)z�
        Parse the SSH2_MSG_KEXGSS_GROUPREQ message (server mode).

        :param `.Message` m: The content of the
            SSH2_MSG_KEXGSS_GROUPREQ message
        Nz-Can't do server-side gex with no modulus packzPicking p ({} <= {} <= {} bits))r�r�r�r�r�_get_modulus_packr�_logrrB�get_modulusr�r�rr.�c_MSG_KEXGSS_GROUPr2r3r,r-)r r9�minbits�
preferredbits�maxbits�packs      r!r�z KexGSSGex._parse_kexgss_groupreq�sD���)�)�+���	�	��
��)�)�+���4�=�=�(� �M�M�M��4�=�=�(� �M�M�M��]�"�#�G��]�"�#�G���
�+�����
��~�~�/�/�1���<��N�O�O�������-�4�4����
�	
��)�)�'�=�'�J�������I��	�
�
�%�&�	���D�F�F��	���D�F�F�����$�$�Q�'����%�%�o�6r#c�,�|j�|_|j�|_tj|j�}|dks|dkDrtdj
|���|jjtdj
|��|j�t|j|j|j�|_
t�}|jt �|j#|j$j'|j(���|j+|j�|jj-|�|jj/t0t2t4t6�y)z�
        Parse the SSH2_MSG_KEXGSS_GROUP message (client mode).

        :param `Message` m: The content of the SSH2_MSG_KEXGSS_GROUP message
        r�r�z<Server-generated gex p (don't ask) is out of range ({} bits)zGot server p ({} bits)r%N)rdr�r�r�
bit_lengthrrBrr�rr'r)rrrr.r/r0rr1rr2r3r,r4r5r6r7)r r9�bitlens   r!r�zKexGSSGex._parse_kexgss_group�s��������������������(���T�M�v��}���"�F�6�N��
�	
������+�2�2�6�:�	
�	
�����T�V�V�T�V�V�T�V�V�,����I��	�
�
�$�%�	���T�[�[�5�5�T�]�]�5�K�L�	���D�F�F�����$�$�Q�'����%�%�����		
r#c�H�|j�}|j�|_|jdks|j|jdz
kDrt	d��|j�t
|j|j|j�|_	t
|j|j|j�}t�|j_|jjj�}t�}|j|jj |jj"|jj$|jj&|�|j)|j*�|j)|j,�|j)|j.�|j1|j�|j1|j�|j1|j�|j1|j�|j1|�t3|j5��j7�}|jj9||�|j:j=|j>|�}t�}|j:j@r�|j:jC|jjDd��}|jGtH�|j1|j�|jK|�|�#|jMd�|jK|�n|jMd�|jjO|�d|j_(|jjS�y|jGtT�|jK|�|jjO|�|jjWtXtZt\�y)z�
        Parse the SSH2_MSG_KEXGSS_INIT message (server mode).

        :param `Message` m: The content of the SSH2_MSG_KEXGSS_INIT message
        rHryTrzNF)/rSrdrr�rr'r)r�rrrcrrTrkrrfrhrgrjrir�r�r�r�r2rr|rmrnrr}rr~rr�r.r�r0r�r3rprqr]r,r5r6r7r�s	         r!r�z KexGSSGex._parse_kexgss_gex_init�s����|�|�~���������F�F�Q�J�D�F�F�T�V�V�a�Z�/��?�@�@������T�V�V�T�V�V�T�V�V�,�������������'��"-�-������n�n�%�%�-�-�/���Y��
����N�N�)�)��N�N�(�(��N�N�*�*��N�N�)�)��	
�	�
�
�4�=�=�!�
�
�
�4�&�&�'�
�
�
�4�=�=�!�
���T�V�V��
���T�V�V��
���T�V�V��
���T�V�V��
���Q��������%�%�'��������1�%��K�K�6�6��M�M�<�
�	�
�I���;�;�+�+����/�/����)�)�4�0��I�
�J�J�,�-�
�K�K�����
�L�L��#��$��
�
�d�#����Y�'��
�
�e�$��N�N�(�(��+�*.�D�N�N�'��N�N�-�-�/�
�J�J�,�-�
�L�L��#��N�N�(�(��+��N�N�)�)�#�%8�:J�
r#c���|j�}||j_|j�}|jj||�|jj	t
t�y)z�
        Parse the SSH2_MSG_KEXGSS_HOSTKEY message (client mode).

        :param `Message` m: The content of the SSH2_MSG_KEXGSS_HOSTKEY message
        NrRrVs    r!r>zKexGSSGex._parse_kexgss_hostkey+rXr#c��|jjs�|j�}t�}|j	t
�|j
|jj|j|���|jj|�|jjttt�yy)z�
        Parse the SSH2_MSG_KEXGSS_CONTINUE message.

        :param `Message` m: The content of the SSH2_MSG_KEXGSS_CONTINUE message
        rZNr\r_s   r!r?z KexGSSGex._parse_kexgss_continue8s����~�~�)�)�����I��	�A�
�J�J�,�-�
�L�L����0�0��=�=�Y�1��
�

�N�N�'�'��*��N�N�)�)�#�%8�:J�
�
r#c�D�|jj�t�|j_|j�|_|j�}|j
�}d}|r|j�}|jdks|j|jdz
kDrtd��t|j|j|j�}t�}|j|jj|jj|jj|jj |jjj#��|j$s|j'|j(�|j'|j*�|j$s|j'|j,�|j/|j�|j/|j0�|j/|j2�|j/|j�|j/|�t5|j7��j9�}|jj;||�|�D|j<j?|j@|��|j<jC||�n|j<jC||�d|j_"|jjG�y)z�
        Parse the SSH2_MSG_KEXGSS_COMPLETE message (client mode).

        :param `Message` m: The content of the SSH2_MSG_KEXGSS_COMPLETE message
        NrHrbrZT)$rrTrcrdrrSrer�rr)rrrfrgrhrirjrkr�r�r�r�r�r2r�rrr|rmrnrr1rrorprqrrs        r!r@z KexGSSGex._parse_kexgss_completeNs!���>�>�"�"�*�&1�m�D�N�N�#��������L�L�N�	��}�}����	������I��F�F�Q�J�D�F�F�T�V�V�a�Z�/��?�@�@�����������'���Y��
����N�N�(�(��N�N�)�)��N�N�)�)��N�N�*�*��N�N�#�#�+�+�-�	
��~�~��J�J�t�}�}�%�
�
�
�4�&�&�'��~�~��J�J�t�}�}�%�
���T�V�V��
���T�V�V��
���T�V�V��
���T�V�V��
���Q��������%�%�'��������1�%�� ��K�K�,�,��}�}��
-�
�
�K�K�%�%�i��3��K�K�%�%�i��3�&*����#����)�)�+r#c��|j�}|j�}|j�}|j�tdj|||���)a�
        Parse the SSH2_MSG_KEXGSS_ERROR message (client mode).
        The server may send a GSS-API error message. if it does, we display
        the error by throwing an exception (client mode).

        :param `Message` m:  The content of the SSH2_MSG_KEXGSS_ERROR message
        :raise SSHException: Contains GSS-API major and minor status as well as
                             the error message and the language tag of the
                             message
        r�r�r�s     r!rAzKexGSSGex._parse_kexgss_error�r�r#N)r�r�r�r�r�r�r�r�r"r:rFr'r�r�r�r>r?r@rAr�r#r!r�r�JsY���
3�D��H��H��N�
�8�&.�4�$*7�X
�B<�|P��,0,�d
r#r�c�"�eZdZdZd�Zd�Zd�Zy)rcz�
    This class represents the Null Host Key for GSS-API Key Exchange as defined
    in `RFC 4462 Section 5
    <https://tools.ietf.org/html/rfc4462.html#section-5>`_
    c��d|_y)N��r��r s r!r"zNullHostKey.__init__�s	����r#c��|jS�Nr�r�s r!rkzNullHostKey.__str__�����x�x�r#c��|jSr�r�r�s r!�get_namezNullHostKey.get_name�r�r#N)r�r�r�r�r"rkr�r�r#r!rcrc�s�����r#rc)&r�rJ�hashlibr�paramiko.commonrrr�paramikor�paramiko.messager�paramiko.py3compatr	r
r�paramiko.ssh_exceptionr�ranger-r5r6r4r7r�r�r/r]r��c_MSG_KEXGSS_HOSTKEY�c_MSG_KEXGSS_ERRORr�r��objectrr�r�rc)�cs0r!�<module>r�s���.�"
��6�6��$�<�<�/�
�"�b�M�
������*/��B�-�'��&� ��B�-�(�Q�X�a�[�(�
�������r�2��/��H�Q�K�/�+��*�
u
�6�u
�p	7�L�	7�M
��M
�`
�&���u)��/s�B>�<C

Zerion Mini Shell 1.0