%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python3/dist-packages/twisted/conch/test/__pycache__/
Upload File :
Create Path :
Current File : //lib/python3/dist-packages/twisted/conch/test/__pycache__/test_checkers.cpython-312.pyc

�

Ϫ�fy��X�UdZddlZddlmZddlmZddlmZddlm	Z	e	e
ed<	ddlZdZ
dd	lmZdd
lmZddlmZmZmZmZddlmZmZdd
lmZddlmZddlm Z m!Z!ddl"m#Z#ddl$m%Z%ddl&m'Z'ddl(m)Z)e%d�rdZ*ddl+m,Z,ddl-m.Z.m/Z/ddl0m1Z1ddl2m3Z3ndZ*e4edd��dZ5ndZ5Gd�de)�Z6Gd�de)�Z7Gd �d!e)�Z8Gd"�d#e)�Z9Gd$�d%e)�Z:Gd&�d'e)�Z;Gd(�d)e)�Z<ed*d+g�Z=Gd,�d-e>�Z?Gd.�d/e)�Z@y#e$rdZ
Y��wxYw)0z&
Tests for L{twisted.conch.checkers}.
�N)�encodebytes)�
namedtuple)�BytesIO)�Optional�	cryptSkipzcannot run without crypt module)�verifyObject)�'InMemoryUsernamePasswordDatabaseDontUse)�ISSHPrivateKey�IUsernamePassword�
SSHPrivateKey�UsernamePassword)�UnauthorizedLogin�UnhandledCredentials)�Deferred)�util)�ShadowDatabase�UserDatabase)�FilePath)�
requireModule)�MockOS)�TestCase�cryptography)�checkers)�NotEnoughAuthentication�ValidPublicKey)�keys)�keydatazcan't run without cryptography�geteuidz0Cannot run without effective UIDs (questionable)c�L�eZdZdZexseZd�Zd�Zd�Z	d�Z
d�Zd�Zd�Z
d	�Zy
)�HelperTestszl
    Tests for helper functions L{verifyCryptedPassword}, L{_pwdGetByName} and
    L{_shadowGetByName}.
    c�"�t�|_y�N)r�mockos��selfs �B/usr/lib/python3/dist-packages/twisted/conch/test/test_checkers.py�setUpzHelperTests.setUp@s���h���c��d}d}tj||�}|jtj||�dj	||��y)z�
        L{verifyCryptedPassword} returns C{True} if the plaintext password
        passed to it matches the encrypted password passed to it.
        �
secret string�saltyz5{!r} supposed to be valid encrypted password for {!r}N��crypt�
assertTruer�verifyCryptedPassword�format�r%�password�salt�crypteds    r&�test_verifyCryptedPasswordz&HelperTests.test_verifyCryptedPasswordCsM��
#�����+�+�h��-������*�*�7�H�=�C�J�J���
�	
r(c��d}d}tj||�}|jtj||�dj	||��y)z�
        L{verifyCryptedPassword} returns True if the provided cleartext password
        matches the provided MD5 password hash.
        r2z$1$saltz3{!r} supposed to be valid encrypted password for {}Nr,r1s    r&�test_verifyCryptedPasswordMD5z)HelperTests.test_verifyCryptedPasswordMD5RsM��
�����+�+�h��-������*�*�7�H�=�A�H�H���
�	
r(c��d}d}tj||�}|jtj||�dj	||��y)z�
        L{verifyCryptedPassword} returns C{False} if the plaintext password
        passed to it does not match the encrypted password passed to it.
        z
string secretr*z7{!r} not supposed to be valid encrypted password for {}N)r-�assertFalserr/r0)r%r2�wrongr4s    r&�test_refuteCryptedPasswordz&HelperTests.test_refuteCryptedPasswordasO��
#�����+�+�h��1������*�*�7�E�:�E�L�L���
�	
r(c	���t�}|jddddddd�|jtd|�|j	tj
d�|j
d��y	)
z�
        L{_pwdGetByName} returns a tuple of items from the UNIX /etc/passwd
        database if the L{pwd} module is present.
        �alice�secrit���
first last�/foo�/bin/sh�pwdN)r�addUser�patchr�assertEqual�
_pwdGetByName�getpwnam�r%�userdbs  r&�test_pwdGetByNamezHelperTests.test_pwdGetByNamepsW��
������w��!�Q��f�i�P��
�
�8�U�F�+�����/�/��8�&�/�/�'�:R�Sr(c�z�|jtdd�|jtjd��y)zW
        If the C{pwd} module isn't present, L{_pwdGetByName} returns L{None}.
        rDNr=)rFr�assertIsNonerHr$s r&�test_pwdGetByNameWithoutPwdz'HelperTests.test_pwdGetByNameWithoutPwdzs-��	
�
�
�8�U�D�)����(�0�0��9�:r(c��t�}|jddddddddd	�	|jtd
|�d|j_d|j_|jtd
|j�|jtjd�|jd��|j|jjddg�|j|jjddg�y)z�
        L{_shadowGetByName} returns a tuple of items from the UNIX /etc/shadow
        database if the L{spwd} is present.
        �bob�
passphraser?r@������spwd�)	���osrN)
rrErFrr#�euid�egidrrG�_shadowGetByName�getspnam�seteuidCalls�setegidCallsrJs  r&�test_shadowGetByNamez HelperTests.test_shadowGetByName�s���
 �!�����u�l�A�q�!�Q��1�a�@��
�
�8�V�V�,������������
�
�4��t�{�{�+�����2�2�5�9�6�?�?�5�;Q�R�������1�1�A�t�9�=�������1�1�A�t�9�=r(c��|jtdd�|jtjd��|j	|j
jg�|j	|j
jg�y)zP
        L{_shadowGetByName} returns L{None} if C{spwd} is not present.
        rXNrQ)rFrrNr^rGr#r`rar$s r&�test_shadowGetByNameWithoutSpwdz+HelperTests.test_shadowGetByNameWithoutSpwd�sa��	
�
�
�8�V�T�*����(�3�3�E�:�;�������1�1�2�6�������1�1�2�6r(N)�__name__�
__module__�__qualname__�__doc__r�dependencySkip�skipr'r5r7r;rLrOrbrd�r(r&r r 8s<���
�&��D��

�

�

�T�;�>�"7r(r c�`�eZdZdZexseZdd�Zd�Zd�Z	d�Z
d�Zd�Zd	�Z
d
�Zd�Zd�Zd
�Zy)�SSHPublicKeyDatabaseTestsz,
    Tests for L{SSHPublicKeyDatabase}.
    Nc	��tj�|_td�|_td�|_d|jzdz|j
zdz|_t�|_|jtd|j�t|j��|_
t|jjt�sJ�|jj!d�|_|j"j%�t'�}|j)dd	d
dd|jjd
�||j_y)N�foobar�eggspamst1 s foo
t2 s egg
r[�.ssh�userr2r?r@rA�
/bin/shell)r�SSHPublicKeyDatabase�checkerr�key1�key2�contentrr#rFrr�mktemp�path�
isinstance�str�child�sshDir�makedirsrrE�_userdbrJs  r&r'zSSHPublicKeyDatabaseTests.setUp�s����4�4�6����	�*��	��
�+��	���	�	�)�L�8�4�9�9�D�y�P����h����
�
�4��t�{�{�+��T�[�[�]�+��	��$�)�)�.�.�#�.�.�.��i�i�o�o�f�-�����������������
�
���I�I�N�N��	
� &����r(c���|j|jg��}|j|ddt�|j|ddd�|jt	|�d�y)zJ
        L{SSHPublicKeyDatabase} is deprecated as of version 15.0
        )�offendingFunctionsr�category�messagez�twisted.conch.checkers.SSHPublicKeyDatabase was deprecated in Twisted 15.0.0: Please use twisted.conch.checkers.SSHPublicKeyChecker, initialized with an instance of twisted.conch.checkers.UNIXAuthorizedKeysFiles instead.r?N)�
flushWarningsr'rG�DeprecationWarning�len)r%�
warningsShowns  r&�test_deprecatedz)SSHPublicKeyDatabaseTests.test_deprecated�sp���*�*�t�z�z�l�*�K�
�����q�)�*�5�7I�J�����!��Y�'�
F�	
�	
����]�+�Q�/r(c��|jj|�j|j�t	dd�}d|_|j
|jj|��d|_|j
|jj|��d|_|j|jj|��y)N�user�passwordrorps
notallowed)
r~r}�
setContentrxr
�blobr.ru�checkKeyr9)r%�filenamerrs   r&�
_testCheckKeyz'SSHPublicKeyDatabaseTests._testCheckKey�s��������(�#�.�.�t�|�|�<����5����	�������-�-�d�3�4���	�������-�-�d�3�4�!��	�������.�.�t�4�5r(c��|jd�|j|jjg�|j|jjg�y)z�
        L{SSHPublicKeyDatabase.checkKey} should retrieve the content of the
        authorized_keys file and check the keys against that file.
        �authorized_keysN�r�rGr#r`rar$s r&�
test_checkKeyz'SSHPublicKeyDatabaseTests.test_checkKey�sG��
	
���,�-�������1�1�2�6�������1�1�2�6r(c��|jd�|j|jjg�|j|jjg�y)z�
        L{SSHPublicKeyDatabase.checkKey} should retrieve the content of the
        authorized_keys2 file and check the keys against that file.
        �authorized_keys2Nr�r$s r&�test_checkKey2z(SSHPublicKeyDatabaseTests.test_checkKey2�sG��
	
���-�.�������1�1�2�6�������1�1�2�6r(c�����|jjd���j|j��j	d�|j�jd�|jj���fd�}d|j_d|j_	|j|jd|�|jtd|j�td	d
�}d|_
|j|jj!|��|j#|jj$gd��|j#|jj&d
dg�y)z�
        If the key file is readable, L{SSHPublicKeyDatabase.checkKey} should
        switch its uid/gid to the ones of the authenticated user.
        r�r�c�6���jd��|�S)Nr�)�chmod)r\�keyFile�savedSeteuids ��r&�seteuidz>SSHPublicKeyDatabaseTests.test_checkKeyAsRoot.<locals>.seteuid�s����M�M�%� ���%�%r(rYrZr�r[r�r�ro)rr?rrYr@N)r~r}r�rxr��
addCleanupr#r�r\r]rFrr
r�r.rur�rGr`ra)r%r�rrr�r�s   @@r&�test_checkKeyAsRootz-SSHPublicKeyDatabaseTests.test_checkKeyAsRoot�s���
�+�+�#�#�$5�6�����4�<�<�(��
�
�e������
�
�u�-��{�{�*�*��	&� �����������
�
�4�;�;�	�7�3��
�
�4��t�{�{�+����5����	�������-�-�d�3�4�������1�1�?�C�������1�1�A�t�9�=r(c	�T��d�}�j�jd|�tddtjdt
jjtj�jd��}�jj|�}�fd�}|j|�S)z�
        L{SSHPublicKeyDatabase.requestAvatarId} should return the avatar id
        passed in if its C{_checkKey} method returns True.
        c��y�NTrk��ignoreds r&�	_checkKeyzASSHPublicKeyDatabaseTests.test_requestAvatarId.<locals>._checkKey���r(r��test�ssh-rsa�fooc�*���j|d�y�Nr��rG��avatarIdr%s �r&�_verifyz?SSHPublicKeyDatabaseTests.test_requestAvatarId.<locals>._verify�������X�w�/r()rFrurr�publicRSA_opensshr�Key�
fromString�privateRSA_openssh�sign�requestAvatarId�addCallback)r%r��credentials�dr�s`    r&�test_requestAvatarIdz.SSHPublicKeyDatabaseTests.test_requestAvatarIds����	�	
�
�
�4�<�<��Y�7�#����%�%���H�H���� :� :�;�@�@��H�
��
�L�L�(�(��5��	0��}�}�W�%�%r(c���d�}|j|jd|�tddtjdd�}|jj|�}|j
|t�S)a(
        L{SSHPublicKeyDatabase.requestAvatarId} should raise L{ValidPublicKey}
        if the credentials represent a valid key without a signature.  This
        tells the user that the key is valid for login, but does not actually
        allow that user to do so without a signature.
        c��yr�rkr�s r&r�zQSSHPublicKeyDatabaseTests.test_requestAvatarIdWithoutSignature.<locals>._checkKey%r�r(r�r�r�N)rFrurrr�r��
assertFailurer�r%r�r�r�s    r&�$test_requestAvatarIdWithoutSignaturez>SSHPublicKeyDatabaseTests.test_requestAvatarIdWithoutSignaturesa��	�	
�
�
�4�<�<��Y�7�#��Z��!:�!:�D�$�
��
�L�L�(�(��5���!�!�!�^�4�4r(c��d�}|j|jd|�|jjd�}|j|t�S)z�
        If L{SSHPublicKeyDatabase.checkKey} returns False,
        C{_cbRequestAvatarId} should raise L{UnauthorizedLogin}.
        c��y�NFrkr�s r&r�zKSSHPublicKeyDatabaseTests.test_requestAvatarIdInvalidKey.<locals>._checkKey5���r(r�N)rFrur�r�r)r%r�r�s   r&�test_requestAvatarIdInvalidKeyz8SSHPublicKeyDatabaseTests.test_requestAvatarIdInvalidKey/sE��	�	
�
�
�4�<�<��Y�7��L�L�(�(��.���!�!�!�%6�7�7r(c	�R�d�}|j|jd|�tddtjdt
jjtj�jd��}|jj|�}|j|t�S)z�
        Valid keys with invalid signatures should cause
        L{SSHPublicKeyDatabase.requestAvatarId} to return a {UnauthorizedLogin}
        failure
        c��yr�rkr�s r&r�zQSSHPublicKeyDatabaseTests.test_requestAvatarIdInvalidSignature.<locals>._checkKeyCr�r(r�r�r�r�)
rFrurrr�rr�r��privateDSA_opensshr�r�r�rr�s    r&�$test_requestAvatarIdInvalidSignaturez>SSHPublicKeyDatabaseTests.test_requestAvatarIdInvalidSignature<s���	�	
�
�
�4�<�<��Y�7�#����%�%���H�H���� :� :�;�@�@��H�
��
�L�L�(�(��5���!�!�!�%6�7�7r(c����d�}�j�jd|�tddddd�}�jj|�}�fd�}|j	|��j|t�S)	z~
        Exceptions raised while verifying the key should be normalized into an
        C{UnauthorizedLogin} failure.
        c��yr�rkr�s r&r�zSSSHPublicKeyDatabaseTests.test_requestAvatarIdNormalizeException.<locals>._checkKeyWr�r(r�r�NsblobssigDatassigc�|���jtj�}�jt	|�d�|S)Nr?)�flushLoggedErrorsr�BadKeyErrorrGr�)�failure�errorsr%s  �r&�_verifyLoggedExceptionz`SSHPublicKeyDatabaseTests.test_requestAvatarIdNormalizeException.<locals>._verifyLoggedException^s2����+�+�D�,<�,<�=�F����S��[�!�,��Nr()rFrurr��
addErrbackr�r)r%r�r�r�r�s`    r&�&test_requestAvatarIdNormalizeExceptionz@SSHPublicKeyDatabaseTests.test_requestAvatarIdNormalizeExceptionQsl���	�	
�
�
�4�<�<��Y�7�#�G�T�7�J��O���L�L�(�(��5��	�
	
���+�,��!�!�!�%6�7�7r(��returnN)rerfrgrh�euidSkiprirjr'r�r�r�r�r�r�r�r�r�r�rkr(r&rmrm�sJ����%�~�D�&�40� 6�7�7�>�6&�05�$8�8�*8r(rmc�8�eZdZdZeZd�Zd�Zd�Zd�Z	d�Z
d�Zy)	�SSHProtocolCheckerTestsz*
    Tests for L{SSHProtocolChecker}.
    c�N�tj�}|j|jg�|j	tj
��|j|jtg�|j|jttj
�y)z�
        L{SSHProcotolChecker.registerChecker} should add the given checker to
        the list of registered checkers.
        N)r�SSHProtocolCheckerrG�credentialInterfaces�registerCheckerrtr
�assertIsInstance�r%rus  r&�test_registerCheckerz,SSHProtocolCheckerTests.test_registerCheckerns���
�-�-�/������5�5�r�:�����)�)�+�	
�	
����5�5��7G�H�������^�,�h�.K�.K�	
r(c�X�tj�}|j|jg�|j	tj
�t�|j|jtg�|j|jttj
�y)z�
        If a specific interface is passed into
        L{SSHProtocolChecker.registerChecker}, that interface should be
        registered instead of what the checker specifies in
        credentialIntefaces.
        N)rr�rGr�r�rtrr�r�s  r&�!test_registerCheckerWithInterfacez9SSHProtocolCheckerTests.test_registerCheckerWithInterface}s����-�-�/������5�5�r�:����� =� =� ?�AR�S�����5�5�8I�7J�K�������.�/��1N�1N�	
r(c����tj�}t�}|jdd�|j	|�|jt
dd��}�fd�}|j|�S)z�
        L{SSHProtocolChecker.requestAvatarId} should defer to one if its
        registered checkers to authenticate a user.
        r�c�*���j|d�yr�r�r�s �r&�	_callbackz?SSHProtocolCheckerTests.test_requestAvatarId.<locals>._callback�r�r()rr�r	rEr�r�r
r�)r%ru�passwordDatabaser�r�s`    r&r�z,SSHProtocolCheckerTests.test_requestAvatarId�si���
�-�-�/��B�D��� � ��'�2���� 0�1��#�#�$4�W�g�$F�G��	0��}�}�Y�'�'r(c��tj�}d�}|j|d|�t�}|j	dd�|j|�|j
tdd��}|j|t�S)z�
        If the client indicates that it is never satisfied, by always returning
        False from _areDone, then L{SSHProtocolChecker} should raise
        L{NotEnoughAuthentication}.
        c��yr�rk)r�s r&�_areDonezYSSHProtocolCheckerTests.test_requestAvatarIdWithNotEnoughAuthentication.<locals>._areDone�r�r(�areDoner�)
rr�rFr	rEr�r�r
r�r)r%rur�r�r�s     r&�/test_requestAvatarIdWithNotEnoughAuthenticationzGSSHProtocolCheckerTests.test_requestAvatarIdWithNotEnoughAuthentication�s}���-�-�/��	�	
�
�
�7�I�x�0�B�D��� � ��'�2���� 0�1��#�#�$4�W�g�$F�G���!�!�!�%<�=�=r(c��tj�}|jtdd��}|j	|t
�S)z�
        If the passed credentials aren't handled by any registered checker,
        L{SSHProtocolChecker} should raise L{UnhandledCredentials}.
        r�)rr�r�r
r�r)r%rur�s   r&�%test_requestAvatarIdInvalidCredentialz=SSHProtocolCheckerTests.test_requestAvatarIdInvalidCredential�s>��
�-�-�/���#�#�$4�W�g�$F�G���!�!�!�%9�:�:r(c�h�|jtj�jd��y)zV
        The default L{SSHProcotolChecker.areDone} should simply return True.
        N)r.rr�r�r$s r&�test_areDonez$SSHProtocolCheckerTests.test_areDone�s$��	
����3�3�5�=�=�d�C�Dr(N)rerfrgrhrirjr�r�r�r�r�r�rkr(r&r�r�gs-����D�

�

�(� >�&;�Er(r�c�f�eZdZdZexseZdeededdfd�Z	d�Z
d�Zd	�Zd
�Z
d�Zd�Zd
�Zd�Zy)�UNIXPasswordDatabaseTestsz,
    Tests for L{UNIXPasswordDatabase}.
    r��usernamer�Nc�F�|j|j|�|�y)z�
        Assert that the L{Deferred} passed in is called back with the value
        'username'.  This represents a valid login for this TestCase.

        @param d: a L{Deferred} from an L{IChecker.requestAvatarId} method.
        N)rG�successResultOf)r%r�r�s   r&�assertLoggedInz(UNIXPasswordDatabaseTests.assertLoggedIn�s��	
����-�-�a�0�(�;r(c��tj�}d�}t�}|jd|dd�ddddd�|jd	d
ddddd�t	�}|jdd
ddddddd�	|jd	|d	d�ddddddd�	|jtd|�|jtd|�t
�}|jtd|�d|_d|_	tdd �}|j|j|�d�|j|jg�|j|jg�d!|_|j|j|�d!�|j|jd"dg�|j|jd"dg�y#)$z�
        L{UNIXPasswordDatabase} with no arguments has checks the C{pwd} database
        and then the C{spwd} database.
        c�d�tj||�}tj|d|z�}|S)Nz$1$)r-)r�r2r3r4s    r&r4z?UNIXPasswordDatabaseTests.test_defaultCheckers.<locals>.crypted�s+���;�;�x��2�D��k�k�(�E�D�L�9�G��Nr(r=r2r?r@�foorBrCrQ�x�bar�/barr:rSrTrUrVrW��	�
���
�rDrXr[rYrZ�alicer��bobrN)r�UNIXPasswordDatabaserrErrFrrr\r]r
r�r�rGr`rar�)r%rur4rDrXr#�creds       r&�test_defaultCheckersz.UNIXPasswordDatabaseTests.test_defaultCheckers�s���
�/�/�1��	�
�n������W�W�j�1�1�a���	�	
�	���E�3��1�e�V�Y�?�������W�g�q�!�Q��1�a��;����U�G�E�:�6��1�b�"�b�"�b�Q��
�
�8�U�C�(��
�
�8�V�T�*�����
�
�4��v�&���������+�6�����G�3�3�D�9�8�D�����,�,�b�1�����,�,�b�1���
����G�3�3�D�9�6�B�����,�,�q�$�i�8�����,�,�q�$�i�8r(c�D�|j|tj�y)a�
        Asserts that the L{Deferred} passed in is erred back with an
        L{UnauthorizedLogin} L{Failure}.  This reprsents an invalid login for
        this TestCase.

        NOTE: To work, this method's return value must be returned from the
        test method, or otherwise hooked up to the test machinery.

        @param d: a L{Deferred} from an L{IChecker.requestAvatarId} method.
        @type d: L{Deferred}
        @rtype: L{None}
        N)�failureResultOfrr�r%r�s  r&�assertUnauthorizedLoginz1UNIXPasswordDatabaseTests.assertUnauthorizedLogin�s��	
���Q�� :� :�;r(c	��tjdd�}t�}|jd|ddddd�tj|j
g�}|j
|jtdd	��d�y
)zo
        L{UNIXPasswordDatabase} takes a list of functions to check for UNIX
        user information.
        �secret�anybodyr?r@r�r�rCsanybodyssecretN)	r-rrErrrIr�r�r
)r%r2rKrus    r&�test_passInCheckersz-UNIXPasswordDatabaseTests.test_passInCheckerssp��
�;�;�x��2��������y�(�A�q�%���K��/�/����0A�B������#�#�$4�Z��$K�L�j�	
r(c���d�}d�}|jtd|�tj|g�}tdd�}|j	|j|�d�y)z�
        If the encrypted password provided by the getpwnam function is valid
        (verified by the L{verifyCryptedPassword} function), we callback the
        C{requestAvatarId} L{Deferred} with the username.
        c��||k(Sr"rk�r4�pws  r&r/zLUNIXPasswordDatabaseTests.test_verifyPassword.<locals>.verifyCryptedPassword����b�=� r(c�
�||gSr"rk�r�s r&rIz?UNIXPasswordDatabaseTests.test_verifyPassword.<locals>.getpwnams
���h�'�'r(r/�usernameN�rFrrr
r�r��r%r/rIru�
credentials     r&�test_verifyPasswordz-UNIXPasswordDatabaseTests.test_verifyPasswordsY��	!�	(�	
�
�
�8�4�6K�L��/�/��
�;��%�k�;�?�
����G�3�3�J�?��Mr(c��d�}tj|g�}tdd�}|j|j	|��y)z}
        If the getpwnam function raises a KeyError, the login fails with an
        L{UnauthorizedLogin} exception.
        c��t|��r")�KeyErrorrs r&rIz?UNIXPasswordDatabaseTests.test_failOnKeyError.<locals>.getpwnam+s
���8�$�$r(rr�N)rrr
rr�)r%rIrurs    r&�test_failOnKeyErrorz-UNIXPasswordDatabaseTests.test_failOnKeyError%s@��	%��/�/��
�;��%�k�;�?�
��$�$�W�%<�%<�Z�%H�Ir(c���d�}d�}|jtd|�tj|g�}tdd�}|j	|j|��y)z�
        If the verifyCryptedPassword function doesn't verify the password, the
        login fails with an L{UnauthorizedLogin} exception.
        c��yr�rkrs  r&r/zOUNIXPasswordDatabaseTests.test_failOnBadPassword.<locals>.verifyCryptedPassword8r�r(c�
�|dgS)Nr�rkrs r&rIzBUNIXPasswordDatabaseTests.test_failOnBadPassword.<locals>.getpwnam;s
���k�*�*r(r/rr�N)rFrrr
rr�rs     r&�test_failOnBadPasswordz0UNIXPasswordDatabaseTests.test_failOnBadPassword2sW��	�	+�	
�
�
�8�4�6K�L��/�/��
�;��%�k�;�?�
��$�$�W�%<�%<�Z�%H�Ir(c���d�}d�}d�}|jtd|�tj||g�}tdd�}|j	|j|�d�y)a
        UNIXPasswordDatabase.requestAvatarId loops through each getpwnam
        function associated with it and returns a L{Deferred} which fires with
        the result of the first one which returns a value other than None.
        ones do not verify the password.
        c��||k(Sr"rkrs  r&r/zRUNIXPasswordDatabaseTests.test_loopThroughFunctions.<locals>.verifyCryptedPasswordKrr(c�
�|dgS)Nznot the passwordrkrs r&�	getpwnam1zFUNIXPasswordDatabaseTests.test_loopThroughFunctions.<locals>.getpwnam1Ns���0�1�1r(c�
�|dgS)Nr2rkrs r&�	getpwnam2zFUNIXPasswordDatabaseTests.test_loopThroughFunctions.<locals>.getpwnam2Qs
���j�)�)r(r/rr�Nr)r%r/r'r)rurs      r&�test_loopThroughFunctionsz3UNIXPasswordDatabaseTests.test_loopThroughFunctionsCsa��	!�	2�	*�	
�
�
�8�4�6K�L��/�/��I�0F�G��%�k�;�?�
����G�3�3�J�?��Mr(c	� �t�}|jddddddd�|jddddddd�|jd	d
ddddd�|jtd|�tjtj
g�}t
dd
�}|j|j|��t
dd�}|j|j|��t
dd�}|j|j|��y)z�
        If the password returned by any function is C{""}, C{"x"}, or C{"*"} it
        is not compared against the supplied password.  Instead it is skipped.
        r=�r?r@r�r�rQr��carol�*rDrr(r�xscarol�*N)	rrErFrrrHr
rr�)r%rDrurs    r&�test_failOnSpecialz,UNIXPasswordDatabaseTests.test_failOnSpecialYs���
�n�����G�R��A�r�5�%�8����E�3��1�b�%��7����G�S�!�Q��E�5�9��
�
�8�U�C�(��/�/��1G�1G�0H�I����#�.���$�$�W�%<�%<�T�%B�C����-���$�$�W�%<�%<�T�%B�C���$�/���$�$�W�%<�%<�T�%B�Cr()rerfrgrhrrirjr�bytesr�rrrrrr#r*r1rkr(r&r�r��s_����&��D�<����<�5�<�T�<�&9�P
<�
�N�$J�J�"N�,Dr(r�c�&�eZdZdZeZd�Zd�Zd�Zy)�AuthorizedKeyFileReaderTestsz5
    Tests for L{checkers.readAuthorizedKeyFile}
    c��td�}tj|d��}|jddgt	|��y)zg
        L{checkers.readAuthorizedKeyFile} does not attempt to turn comments
        into keys
        sE# this comment is ignored
this is not
# this is again
and this is notc��|Sr"rk�r�s r&�<lambda>zCAuthorizedKeyFileReaderTests.test_ignoresComments.<locals>.<lambda>�s��1�r(sthis is notsand this is notN�rr�readAuthorizedKeyFilerG�list�r%�fileobj�results   r&�test_ignoresCommentsz1AuthorizedKeyFileReaderTests.test_ignoresCommentsvsA��
�
�
���/�/���E�����.�*<�=�t�F�|�Lr(c��td�}tj|d���}|jdgt	|��y)zw
        L{checkers.readAuthorizedKeyFile} ignores leading whitespace in
        lines, as well as empty lines
        sg
                           # ignore
                           not ignored
                           c��|Sr"rkr7s r&r8zYAuthorizedKeyFileReaderTests.test_ignoresLeadingWhitespaceAndEmptyLines.<locals>.<lambda>�s��A�r(��parseKeysnot ignoredNr9r<s   r&�*test_ignoresLeadingWhitespaceAndEmptyLineszGAuthorizedKeyFileReaderTests.test_ignoresLeadingWhitespaceAndEmptyLines�s>��
�
�
���/�/��+�N�����.�)�4��<�8r(c��d�}td�}tj||��}|jdgt	|��y)z�
        L{checkers.readAuthorizedKeyFile} does not raise an exception
        when a key fails to parse (raises a
        L{twisted.conch.ssh.keys.BadKeyError}), but rather just keeps going
        c�R�|jd�rtjd��|S)N�fzfailed to parse)�
startswithrr�)�lines r&�
failOnSomezKAuthorizedKeyFileReaderTests.test_ignoresUnparsableKeys.<locals>.failOnSome�s%�����t�$��&�&�'8�9�9��Kr(sfailed key
good keyrBsgood keyNr9)r%rJr=r>s    r&�test_ignoresUnparsableKeysz7AuthorizedKeyFileReaderTests.test_ignoresUnparsableKeys�s<��	�
�1�2���/�/��*�M�����+���V��5r(N)	rerfrgrhrirjr?rDrKrkr(r&r4r4os����D�M�9�6r(r4c�&�eZdZdZeZd�Zd�Zd�Zy)�InMemorySSHKeyDBTestsz0
    Tests for L{checkers.InMemorySSHKeyDB}
    c�h�tjddgi�}ttj|�y)z_
        L{checkers.InMemorySSHKeyDB} implements
        L{checkers.IAuthorizedKeysDB}
        rskeyN)r�InMemorySSHKeyDBr�IAuthorizedKeysDB�r%�keydbs  r&�test_implementsInterfacez.InMemorySSHKeyDBTests.test_implementsInterface�s+��
�)�)�8�f�X�*>�?���X�/�/��7r(c��tjddgi�}|jgt|j	d���y)z�
        If the user is not in the mapping provided to
        L{checkers.InMemorySSHKeyDB}, an empty iterator is returned
        by L{checkers.InMemorySSHKeyDB.getAuthorizedKeys}
        rskeysrN�rrOrGr;�getAuthorizedKeysrQs  r&�test_noKeysForUnauthorizedUserz4InMemorySSHKeyDBTests.test_noKeysForUnauthorizedUser�s;���)�)�8�g�Y�*?�@������T�%�"9�"9�&�"A�B�Cr(c��tjdddgi�}|jddgt|j	d���y)z�
        If the user is in the mapping provided to
        L{checkers.InMemorySSHKeyDB}, an iterator with all the keys
        is returned by L{checkers.InMemorySSHKeyDB.getAuthorizedKeys}
        r�a�bNrUrQs  r&�test_allKeysForAuthorizedUserz3InMemorySSHKeyDBTests.test_allKeysForAuthorizedUser�sA���)�)�8�d�D�\�*B�C�����$���t�E�,C�,C�H�,M�'N�Or(N)	rerfrgrhrirjrSrWr[rkr(r&rMrM�s����D�8�D�Pr(rMc�:�eZdZdZeZd	d�Zd�Zd�Zd�Z	d�Z
d�Zy)
�UNIXAuthorizedKeysFilesTestsz8
    Tests for L{checkers.UNIXAuthorizedKeysFiles}.
    Nc	�&�t|j��|_t|jjt�sJ�|jj�t
�|_|jjddddd|jjd�|jjd�|_
|jj�|jjd�}|jd	�d
dg|_y)Nr=r2r?r@zalice lastnamersrqr�skey 1
key 2skey 1skey 2)
rryrzr{r|rrrKrEr}r~r��expectedKeys)r%�authorizedKeyss  r&r'z"UNIXAuthorizedKeysFilesTests.setUp�s����T�[�[�]�+��	��$�)�)�.�.�#�.�.�.��	�	����"�n����������
�
���I�I�N�N��	
��i�i�o�o�f�-������������*�*�+<�=���!�!�/�2�%�x�0��r(c�v�tj|j�}ttj|�y)zg
        L{checkers.UNIXAuthorizedKeysFiles} implements
        L{checkers.IAuthorizedKeysDB}.
        N)r�UNIXAuthorizedKeysFilesrKrrPrQs  r&rSz5UNIXAuthorizedKeysFilesTests.test_implementsInterface�s(��
�0�0����=���X�/�/��7r(c��tj|jd���}|jgt	|jd���y)z�
        If the user is not in the user database provided to
        L{checkers.UNIXAuthorizedKeysFiles}, an empty iterator is returned
        by L{checkers.UNIXAuthorizedKeysFiles.getAuthorizedKeys}.
        c��|Sr"rkr7s r&r8zMUNIXAuthorizedKeysFilesTests.test_noKeysForUnauthorizedUser.<locals>.<lambda>����QR�r(rBrN)rrbrKrGr;rVrQs  r&rWz;UNIXAuthorizedKeysFilesTests.test_noKeysForUnauthorizedUser�s:���0�0����{�S������T�%�"9�"9�&�"A�B�Cr(c��|jjd�jd�tj|j
d���}|j
|jdgzt|jd���y)a
        If the user is in the user database provided to
        L{checkers.UNIXAuthorizedKeysFiles}, an iterator with all the keys in
        C{~/.ssh/authorized_keys} and C{~/.ssh/authorized_keys2} is returned
        by L{checkers.UNIXAuthorizedKeysFiles.getAuthorizedKeys}.
        r�skey 3c��|Sr"rkr7s r&r8z`UNIXAuthorizedKeysFilesTests.test_allKeysInAllAuthorizedFilesForAuthorizedUser.<locals>.<lambda>�rer(rBrN)
r~r}r�rrbrKrGr_r;rVrQs  r&�1test_allKeysInAllAuthorizedFilesForAuthorizedUserzNUNIXAuthorizedKeysFilesTests.test_allKeysInAllAuthorizedFilesForAuthorizedUser�sh��	
�����,�-�8�8��B��0�0����{�S���������
�*�D��1H�1H��1R�,S�	
r(c��tj|jd���}|j|jt|j
d���y)z�
        L{checkers.UNIXAuthorizedKeysFiles.getAuthorizedKeys} returns only
        the keys in C{~/.ssh/authorized_keys} and C{~/.ssh/authorized_keys2}
        if they exist.
        c��|Sr"rkr7s r&r8zJUNIXAuthorizedKeysFilesTests.test_ignoresNonexistantFile.<locals>.<lambda>rer(rBrN)rrbrKrGr_r;rVrQs  r&�test_ignoresNonexistantFilez8UNIXAuthorizedKeysFilesTests.test_ignoresNonexistantFiles@���0�0����{�S������*�*�D��1H�1H��1R�,S�Tr(c��|jjd�j�tj|j
d���}|j
|jt|jd���y)z�
        L{checkers.UNIXAuthorizedKeysFiles.getAuthorizedKeys} returns only
        the keys in C{~/.ssh/authorized_keys} and C{~/.ssh/authorized_keys2}
        if they are readable.
        r�c��|Sr"rkr7s r&r8zIUNIXAuthorizedKeysFilesTests.test_ignoresUnreadableFile.<locals>.<lambda>rer(rBrN)
r~r}rrrbrKrGr_r;rVrQs  r&�test_ignoresUnreadableFilez7UNIXAuthorizedKeysFilesTests.test_ignoresUnreadableFile
s\��	
�����,�-�6�6�8��0�0����{�S������*�*�D��1H�1H��1R�,S�Tr(r�)rerfrgrhrirjr'rSrWrhrkrnrkr(r&r]r]�s/����D�1�.8�D�
�U�Ur(r]�_KeyDBrVc��eZdZdZy)�_DummyExceptionz0
    Fake exception to be used for testing.
    N)rerfrgrhrkr(r&rqrqs���	r(rqc�>�eZdZdZeZd�Zd�Zd�Zd�Z	d�Z
d�Zd�Zy	)
�SSHPublicKeyCheckerTestsz4
    Tests for L{checkers.SSHPublicKeyChecker}.
    c	�&�tddtjdtjjtj�jd��|_td��|_
tj|j�|_
y)Nrr�r�c�^�tjjtj�gSr")rr�r�rr�)�_s r&r8z0SSHPublicKeyCheckerTests.setUp.<locals>.<lambda>/s��t�x�x�':�':�7�;T�;T�'U�&V�r()rrr�rr�r�r�r�r�rorRr�SSHPublicKeyCheckerrur$s r&r'zSSHPublicKeyCheckerTests.setUp'si��(����%�%���H�H���� :� :�;�@�@��H�
����V�W��
��3�3�D�J�J�?��r(c��d|j_|j|jj	|j�t
�y)z�
        Calling L{checkers.SSHPublicKeyChecker.requestAvatarId} with
        credentials that do not have a signature fails with L{ValidPublicKey}.
        N)r��	signaturer	rur�rr$s r&� test_credentialsWithoutSignaturez9SSHPublicKeyCheckerTests.test_credentialsWithoutSignature2s:��
&*����"�����L�L�(�(��)9�)9�:�N�	
r(c��d|j_|j|jj	|j�t
j�y)z�
        Calling L{checkers.SSHPublicKeyChecker.requestAvatarId} with
        credentials that have a bad key fails with L{keys.BadKeyError}.
        r(N)r�r�r	rur�rr�r$s r&�test_credentialsWithBadKeyz3SSHPublicKeyCheckerTests.test_credentialsWithBadKey<s@��
!$���������L�L�(�(��)9�)9�:�D�<L�<L�	
r(c��tj|j_|j	|j
j
|j�t�y)z�
        If L{checkers.IAuthorizedKeysDB.getAuthorizedKeys} returns no keys
        that match the credentials,
        L{checkers.SSHPublicKeyChecker.requestAvatarId} fails with
        L{UnauthorizedLogin}.
        N)r�publicDSA_opensshr�r�r	rur�rr$s r&�test_credentialsNoMatchingKeyz6SSHPublicKeyCheckerTests.test_credentialsNoMatchingKeyFsA��!(� 9� 9���������L�L�(�(��)9�)9�:�<M�	
r(c��tjjtj�jd�|j_|j|jj|j�t�y)z�
        Calling L{checkers.SSHPublicKeyChecker.requestAvatarId} with
        credentials that are incorrectly signed fails with
        L{UnauthorizedLogin}.
        r�N)rr�r�rr�r�r�ryr	rur�rr$s r&� test_credentialsInvalidSignaturez9SSHPublicKeyCheckerTests.test_credentialsInvalidSignatureRsa��&*�X�X�%8�%8��&�&�&
�
�$�v�,�	
���"�	
����L�L�(�(��)9�)9�:�<M�	
r(c���d�}|jtjd|�|j|jj|j�t�|jt�y)z�
        If L{keys.Key.verify} raises an exception,
        L{checkers.SSHPublicKeyChecker.requestAvatarId} fails with
        L{UnauthorizedLogin}.
        c��t��r")rq)�args�kwargss  r&�failz?SSHPublicKeyCheckerTests.test_failureVerifyingKey.<locals>.failfs��!�#�#r(�verifyN)
rFrr�r	rur�r�rr�rq)r%r�s  r&�test_failureVerifyingKeyz1SSHPublicKeyCheckerTests.test_failureVerifyingKey_sV��	$�	
�
�
�4�8�8�X�t�,�����L�L�(�(��)9�)9�:�<M�	
�	
����/r(c��|jj|j�}|jd|j	|��y)zu
        L{checker.SSHPublicKeyChecker.requestAvatarId}, if successful,
        callbacks with the username.
        rN)rur�r�rGr�r
s  r&�test_usernameReturnedOnSuccessz7SSHPublicKeyCheckerTests.test_usernameReturnedOnSuccessps9��

�L�L�(�(��)9�)9�:������4�#7�#7��#:�;r(N)
rerfrgrhrirjr'rzr|rr�r�r�rkr(r&rsrs s2����D�	@�
�
�

�
�0�"<r(rs)Arhr[�base64r�collectionsr�ior�typingrr|�__annotations__r-r�ImportError�zope.interface.verifyr�twisted.cred.checkersr	�twisted.cred.credentialsr
rrr
�twisted.cred.errorrr�twisted.internet.deferr�twisted.pythonr�twisted.python.fakepwdrr�twisted.python.filepathr�twisted.python.reflectr�twisted.test.test_processr�twisted.trial.unittestrri�
twisted.conchr�twisted.conch.errorrr�twisted.conch.sshr�twisted.conch.testr�getattrr�r rmr�r�r4rMr]ro�	Exceptionrqrsrkr(r&�<module>r�sF���

��"����C�=�����I�.�I���G�+��?�,�0�,�+��� ��N�&�K�&�*�5�N�
�2�y�$��+��H�A�H�b7�(�b7�JG8��G8�TUE�h�UE�pmD��mD�`16�8�16�hP�H�P�DMU�8�MU�`
�H�2�3�	4��	�i�	�V<�x�V<��]�2�1�I�2�s�D�D)�(D)

Zerion Mini Shell 1.0