%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python3/dist-packages/sos/cleaner/mappings/__pycache__/
Upload File :
Create Path :
Current File : //lib/python3/dist-packages/sos/cleaner/mappings/__pycache__/ipv6_map.cpython-312.pyc

�

i��dk-��Z�ddlZddlmZddlmZd�Zd�ZGd�de�ZGd�d	�Zy)
�N��getrandbits)�SoSMapc�F�|D�cgc]}|rtd�nd��c}Scc}w)a�Generate a random set of hextets, based on the length of the source
    hextet. If any hextets are compressed, keep that compression.

    E.G. '::1234:bcd' will generate a leading empty '' hextet, followed by two
    4-character hextets.

    :param hextets:     The extracted hextets from a source address
    :type hextets:      ``list``

    :returns:           A set of randomized hextets for use in an obfuscated
                        address
    :rtype:             ``list``
    ��)�
random_hex)�hextets�hs  �?/usr/lib/python3/dist-packages/sos/cleaner/mappings/ipv6_map.py�generate_hextetsr
s#��18�8�1�Q�J�q�M�B�&�8�8��8s�c�*�td|z�d|�d��S)z�Generate a string of size length of random hex characters.

    :param length:  The number of characters to generate
    :type length:   ``int``

    :returns:       A string of ``length`` hex characters
    :rtype:         ``str``
    r�0�xr)�lengths rr	r	"s ���!�F�(�#�A�f�X�Q�;�
/�0�c�>�eZdZdZiZgd�ZdgZdZdZd�Z	d�Z
d
d�Zy	)�
SoSIPv6MapatMapping for IPv6 addresses and networks.

    Much like the IP map handles IPv4 addresses, this map is designed to take
    IPv6 strings and obfuscate them consistently to maintain network topology.
    To do this, addresses will be manipulated by the ipaddress library.

    If an IPv6 address is encountered without a netmask, it is assumed to be a
    /64 address.
    )z^::1/.*z::/0zfd53:.*z^53..:�534fF�c�J�d|vry|dD]�}tj|�}|d|d}|j||�}|j|j|j
<|d|dD]1}|d|d|}|j
||�||j|<�3��y)z�Override the base conf_update() so that we can load the existing
        networks into ObfuscatedIPv6Network() objects for the current run.
        �networksN�
obfuscated�hosts)�	ipaddress�
ip_network�_get_network�obfuscated_address�dataset�original_address�add_obfuscated_host_address)�self�config�network�_orig�_obfuscated�_net�host�_ob_hosts        r�conf_updatezSoSIPv6Map.conf_updateGs����V�#���j�)�	.�G��(�(��1�E� ��,�W�5�l�C�K��$�$�U�K�8�D�26�2I�2I�D�L�L��.�.�/��z�*�7�3�G�<�
.��!�*�-�g�6�w�?��E���0�0��x�@�%-����T�"�
.�	.rc� �d|vr|jd�dnd}|}|s|dz
}	tj|�}|j|�}|j}|rd|vr|�d|��S|S#t
$r�tj|d��}|j|�}|j|jvr#|j|j|j<tj|jd�d�}|j|�}Y��wxYw)N�/���rz/64F)�strictr)�splitrrrr�
ValueError�network_addrrr �
ip_address�obfuscate_host_address)r"�ipaddr�_prefix�_ipaddr�_addrr'�	_hostaddrs       r�
sanitize_itemzSoSIPv6Map.sanitize_itemWs��+.�&�=�&�,�,�s�#�B�'�b������u��G�	=��(�(��1�E��$�$�U�+�D��-�-�G��s�'�)��Y�a��y�)�)����!�	=��(�(���?�E��$�$�U�+�D�� � ����4�6:�6M�6M����T�2�2�3�!�,�,�W�]�]�3�-?��-B�C�I��1�1�)�<�G�	=�s�2A&�&B$D
�D
c��|j}||jvr$t|||j�|j|<|j|S)z�Attempt to find an existing ObfuscatedIPv6Network object from which
        to either find an existing obfuscated match, or create a new one. If
        no such object already exists, create it.
        )�
compressedr�ObfuscatedIPv6Network�first_hexes)r"�addressrr7s    rrzSoSIPv6Map._get_networktsK��
�"�"����
�
�%�#8��*�9=�9I�9I�$K�D�M�M�%� ��}�}�U�#�#rN)r)�__name__�
__module__�__qualname__�__doc__r�ignore_matchesr=�compile_regexes�versionr*r9r�rrrr.s7����H��N��(�K��O��G�.� �:	$rrc�V�eZdZdZdd�Zed��Zed��Zd�Zd�Z	d�Z
d	�Zd
�Zy)r<a�An abstraction class that represents a network that is (to be) handled
    by sos.

    Each distinct IPv6 network that we encounter will have a representative
    instance of this class, from which new obfuscated subnets and host
    addresses will be generated.

    This class should be built from an ``ipaddress.IPv6Network`` object. If
    an obfuscation string is not passed, one will be created during init.
    Nc��t|tj�std��||_|j
|_|jj|_	i|_
|�	dg|_n||_|s|j�|_
yt|t�stdt!|�����|j#d�d|_
y)a�Basic setup for the obfuscated network. Minor validation on the addr
        used to create the instance, as well as on an optional ``obfuscation``
        which if set, will serve as the obfuscated_network address.

        :param addr:        The *un*obfuscated network to be handled
        :type addr:         ``ipaddress.IPv6Network``

        :param obfuscation: An optional pre-determined string representation of
                            the obfuscated network address
        :type obfuscation:  ``str``

        :param used_hexes:  A list of already used hexes for the first hextet
                            of a potential global address obfuscation
        :type used_hexes:   ``list``
        z*Invalid network: not an IPv6Network objectNrz;Pre-determined obfuscated network address must be str, not r,r)�
isinstancer�IPv6Network�	Exception�addr�	prefixlen�prefix�network_addressr;r1rr=�_obfuscate_network_address�_obfuscated_network�str�	TypeError�typer/)r"rL�obfuscation�
used_hexess    r�__init__zObfuscatedIPv6Network.__init__�s��� �$�	� 5� 5�6��H�I�I���	��n�n��� �0�0�;�;�����
��� &�x�D��)�D���'+�'F�'F�'H�D�$��k�3�/��#4�48��4E�3F�!H�I�I�'2�'8�'8��'=�a�'@�D�$rc�8�|j�d|j��S)Nr,)rQrN�r"s rrz(ObfuscatedIPv6Network.obfuscated_address�s���*�*�+�1�T�[�[�M�:�:rc�.�|jjS�N)rLr;rYs rr z&ObfuscatedIPv6Network.original_address�s���y�y�#�#�#rc��|jjr|j�S|jjr|jS|jj
r|j
�S|jS)z�Generate the obfuscated pair for the network address. This is
        determined based on the netmask of the network this class was built
        on top of.
        )rL�	is_global�_obfuscate_global_address�
is_link_localr1�
is_private�_obfuscate_private_addressrYs rrPz0ObfuscatedIPv6Network._obfuscate_network_address�sc��
�9�9����1�1�3�3�
�Y�Y�
$�
$�
�$�$�$�
�Y�Y�
!�
!��2�2�4�4�� � � rc��|jjd�dd}dg}td�|D��rtdt|j�dzz}|�td���}||jvr|�td���}||jvr�|jj
|�|g}|jt|��dj|�S)	aGlobal unicast addresses have a 48-bit global routing prefix and a
        16-bit subnet. We set the global routing prefix to a static
        sos-specific identifier that could never be seen in the wild,
        '534f:'

        We then randomize the subnet hextet.
        �:rNrc3�"K�|]}|���	y�wr[rF)�.0�cs  r�	<genexpr>zBObfuscatedIPv6Network._obfuscate_global_address.<locals>.<genexpr>�s����'��1�u�'�s�
�5��)
r1r/�all�lenr=r	�append�extendr
�join)r"�_hextets�_ob_hex�_starts    rr^z/ObfuscatedIPv6Network._obfuscate_global_address�s����$�$�*�*�3�/���3���(���'�h�'�'��3�t�/�/�0�C�7�8�F����A���0�G��T�-�-�-�#�H�Z��]�O�4���T�-�-�-�
���#�#�G�,��i�G����'��1�2��x�x�� � rc��|jjd�dd}dg}|jt|��dj	|�S)a
The first 8 bits will always be 'fd', the next 40 bits are meant
        to be a global ID, followed by 16 bits for the subnet. To keep things
        relatively simply we maintain the first hextet as 'fd53', and then
        randomize any remaining hextets
        rcrN�fd53)r1r/rnr
ro)r"rprqs   rraz0ObfuscatedIPv6Network._obfuscate_private_address�sI���$�$�*�*�3�/���3���(�����'��1�2��x�x�� � rc������fd�}|j�jvr��jjd�}|jt	|�djd��|�}|�jj
�vr$|�}|�jj
�vr�$�j|j|��j|jS)a�Given an unobfuscated address, generate an obfuscated match for it,
        and save it to this network for tracking during the execution of clean.

        Note: another way to do this would be to convert the obfuscated network
        to bytes, and add a random amount to that based on the number of
        addresses that the network can support and from that new bytes count
        craft a new IPv6 address. This has the advantage of absolutely
        guaranteeing the new address is within the network space (whereas the
        method employed below could *theoretically* generate an overlapping
        address), but would in turn remove any ability to compress obfuscated
        addresses to match the general format/syntax of the address it is
        replacing. For the moment, it is assumed that being able to maintain a
        quick mental note of "unobfuscated device ff00::1 is obfuscated device
        53ad::a1b2" is more desireable than "ff00::1 is now obfuscated as
        53ad::1234:abcd:9876:a1b2:".

        :param addr:        The unobfuscated IPv6 address
        :type addr:         ``ipaddress.IPv6Address``

        :returns:           An obfuscated address within this network
        :rtype:             ``str``
        c
���dj�jdjt�jd���g�S)Nrrc)rorQr
r/)�_hostr"s��r�_generate_addresszGObfuscatedIPv6Network.obfuscate_host_address.<locals>._generate_addresss=����7�7��(�(����)�%�+�+�c�*:�;�<���
rrcN)r;rr1�rstriprl�lstrip�valuesr!)r"rLrx�_nr)rws`    @rr3z,ObfuscatedIPv6Network.obfuscate_host_address�s����.	��?�?�$�*�*�,��"�"�)�)�#�.�B��O�O�C��G�H�-�4�4�S�9�E�(�*�H��d�j�j�/�/�1�1�,�.���d�j�j�/�/�1�1��,�,�T�_�_�h�G��z�z�$�/�/�*�*rc�"�||j|<y)zjAdds an obfuscated pair to the class for tracking and ongoing
        consistency in obfuscation.
        N)r)r"r(rs   rr!z1ObfuscatedIPv6Network.add_obfuscated_host_addresss��&��
�
�4�r)rN)
r?r@rArBrW�propertyrr rPr^rar3r!rFrrr<r<�sP��	� A�D�;��;��$��$�!�"!�4	!�%+�N&rr<)	r�randomr�sos.cleaner.mappingsrr
r	rr<rFrr�<module>r�s5����'�9�"	1�O$��O$�dW&�W&r

Zerion Mini Shell 1.0