%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python3/dist-packages/twisted/conch/test/__pycache__/
Upload File :
Create Path :
Current File : //lib/python3/dist-packages/twisted/conch/test/__pycache__/test_userauth.cpython-312.pyc

�

Ϫ�f���,�UdZddlmZddlmZddlmZddlmZm	Z	ddl
mZddlm
Z
mZmZddlmZdd	lmZmZdd
lmZmZddlmZddlmZdd
lmZdZeeed<ed�rddl m!Z!ddl"mZm#Z#m$Z$ddl%m&Z&ddl'm(Z(nGd�d�Z#Gd�d�Z$Gd�de$jR�Z*Gd�de$jR�Z+Gd�de$jR�Z,Gd�d e#jZ�Z.ee�Gd!�d"��Z/ee�Gd#�d$��Z0ee�Gd%�d&��Z1ee�Gd'�d(��Z2Gd)�d*ejf�Z4Gd+�d,ejf�Z5Gd-�d.ejf�Z6Gd/�d0ejf�Z7y)1zT
Tests for the implementation of the ssh-userauth service.

Maintainer: Paul Swartz
�)�
ModuleType)�Optional)�implementer)�
ConchError�ValidPublicKey)�ICredentialsChecker)�
IAnonymous�ISSHPrivateKey�IUsernamePassword)�UnauthorizedLogin)�IRealm�Portal)�defer�task)�loopback)�
requireModule)�unittestN�keys�cryptography)�SSHProtocolChecker)r�	transport�userauth)�NS)�keydatac� �eZdZGd�d�Zy)rc��eZdZdZy)�transport.SSHTransportBase�Q
            A stub class so that later class definitions won't die.
            N��__name__�
__module__�__qualname__�__doc__���B/usr/lib/python3/dist-packages/twisted/conch/test/test_userauth.py�SSHTransportBaser"���
r%r'N)r r!r"r'r$r%r&rr!���	�	r%rc� �eZdZGd�d�Zy)rc��eZdZdZy)�userauth.SSHUserAuthClientrNrr$r%r&�SSHUserAuthClientr,(r(r%r-N)r r!r"r-r$r%r&rr'r)r%rc�*�eZdZdZd�Zd�Zdd�Zd�Zy)�ClientUserAuthz"
    A mock user auth client.
    c���|jr-tjjtj
�St
jtjjtj��S)z�
        If this is the first time we've been called, return a blob for
        the DSA key.  Otherwise, return a blob
        for the RSA key.
        )	�
lastPublicKeyr�Key�
fromStringr�publicRSA_opensshr�succeed�publicDSA_openssh��selfs r&�getPublicKeyzClientUserAuth.getPublicKey3sL������8�8�&�&�w�'@�'@�A�A��=�=����!4�!4�W�5N�5N�!O�P�Pr%c��tjtjj	t
j��S)z@
        Return the private key object for the RSA key.
        )rr5rr2r3r�privateRSA_opensshr7s r&�
getPrivateKeyzClientUserAuth.getPrivateKey>s(���}�}�T�X�X�0�0��1K�1K�L�M�Mr%Nc�,�tjd�S)z/
        Return 'foo' as the password.
        �foo�rr5)r8�prompts  r&�getPasswordzClientUserAuth.getPasswordDs���}�}�V�$�$r%c�,�tjd�S)z>
        Return 'foo' as the answer to two questions.
        )�foorCr?)r8�name�information�answerss    r&�getGenericAnswersz ClientUserAuth.getGenericAnswersJs���}�}�^�,�,r%�N)r r!r"r#r9r<rArGr$r%r&r/r/.s���	Q�N�%�-r%r/c��eZdZdZd�Zd�Zy)�
OldClientAuthz~
    The old SSHUserAuthClient returned a cryptography key object from
    getPrivateKey() and a string from getPublicKey
    c��tjtjj	t
j�j�SrH)rr5rr2r3rr;�	keyObjectr7s r&r<zOldClientAuth.getPrivateKeyWs,���}�}�T�X�X�0�0��1K�1K�L�V�V�W�Wr%c�x�tjjtj�j�SrH)rr2r3rr4�blobr7s r&r9zOldClientAuth.getPublicKeyZs&���x�x�"�"�7�#<�#<�=�B�B�D�Dr%N�r r!r"r#r<r9r$r%r&rJrJQs���
X�Er%rJc��eZdZdZd�Zd�Zy)�ClientAuthWithoutPrivateKeyzP
    This client doesn't have a private key, but it does have a public key.
    c��yrHr$r7s r&r<z)ClientAuthWithoutPrivateKey.getPrivateKeycs��r%c�\�tjjtj�SrH)rr2r3rr4r7s r&r9z(ClientAuthWithoutPrivateKey.getPublicKeyfs���x�x�"�"�7�#<�#<�=�=r%NrOr$r%r&rQrQ^s����>r%rQc�P�eZdZdZGd�d�ZGd�d�Zd�Zd�Zd�Zd	�Z	y
)�
FakeTransporta_
    L{userauth.SSHUserAuthServer} expects an SSH transport which has a factory
    attribute which has a portal attribute. Because the portal is important for
    testing authentication, we need to be able to provide an interesting portal
    object to the L{SSHUserAuthServer}.

    In addition, we want to be able to capture any packets sent over the
    transport.

    @ivar packets: a list of 2-tuples: (messageType, data).  Each 2-tuple is
        a sent packet.
    @type packets: C{list}
    @param lostConnecion: True if loseConnection has been called on us.
    @type lostConnection: L{bool}
    c��eZdZdZdZd�Zy)�FakeTransport.ServicezW
        A mock service, representing the other service offered by the server.
        �nancyc��yrHr$r7s r&�serviceStartedz$FakeTransport.Service.serviceStarted�s��r%N)r r!r"r#rDrZr$r%r&�ServicerW{s��	���	r%r[c��eZdZdZd�Zy)�FakeTransport.Factoryzg
        A mock factory, representing the factory that spawned this user auth
        service.
        c�.�|dk(rtjSy)z2
            Return our fake service.
            �noneN)rUr[)r8r�services   r&�
getServicez FakeTransport.Factory.getService�s���'�!�$�,�,�,�"r%N)r r!r"r#rar$r%r&�Factoryr]�s��	�
	-r%rbc�z�|j�|_||j_d|_||_g|_y�NF)rb�factory�portal�lostConnectionr�packets)r8rfs  r&�__init__zFakeTransport.__init__�s1���|�|�~���$�����#��������r%c�>�|jj||f�y)z8
        Record the packet sent by the service.
        N)rh�append)r8�messageType�messages   r&�
sendPacketzFakeTransport.sendPacket�s��	
�����[�'�2�3r%c��y)z�
        Pretend that this transport encrypts traffic in both directions. The
        SSHUserAuthServer disables password authentication if the transport
        isn't encrypted.
        Tr$)r8�	directions  r&�isEncryptedzFakeTransport.isEncrypted�s��r%c��d|_y�NT)rgr7s r&�loseConnectionzFakeTransport.loseConnection�s
��"��r%N)
r r!r"r#r[rbrirnrqrtr$r%r&rUrUjs/��� ��-�-��4��#r%rUc��eZdZdZd�Zy)�Realmz�
    A mock realm for testing L{userauth.SSHUserAuthServer}.

    This realm is not actually used in the course of testing, so it returns the
    simplest thing that could possibly work.
    c�:�tj|ddd�f�S)Nrc��yrHr$r$r%r&�<lambda>z%Realm.requestAvatar.<locals>.<lambda>���r%r?)r8�avatarId�mind�
interfacess    r&�
requestAvatarzRealm.requestAvatar�s���}�}�j��m�T�<�@�A�Ar%N)r r!r"r#r~r$r%r&rvrv�s
���Br%rvc��eZdZdZefZd�Zy)�PasswordCheckerz�
    A very simple username/password checker which authenticates anyone whose
    password matches their username and rejects all others.
    c��|j|jk(rtj|j�Stjtd��S)NzInvalid username/password pair)�username�passwordrr5�failr)r8�credss  r&�requestAvatarIdzPasswordChecker.requestAvatarId�s;���>�>�U�^�^�+��=�=����0�0��z�z�+�,L�M�N�Nr%N)r r!r"r#r�credentialInterfacesr�r$r%r&r�r��s���
.�/��Or%r�c��eZdZdZefZd�Zy)�PrivateKeyCheckerz�
    A very simple public key checker which authenticates anyone whose
    public/private keypair is the same keydata.public/privateRSA_openssh.
    c��|jtjjtj
�j�k(r{|j�etjj|j�}|j|j|j�r|jSt��t��t��rH)rNrr2r3rr4�	signature�verify�sigDatar�rr)r8r��objs   r&r�z!PrivateKeyChecker.requestAvatarId�s����:�:����,�,�W�-F�-F�G�L�L�N�N����*��h�h�)�)�%�*�*�5���:�:�e�o�o�u�}�}�=� �>�>�)� �!�!�%�&�&��!�!r%N)r r!r"r#r
r�r�r$r%r&r�r��s���
+�,��"r%r�c��eZdZdZefZd�Zy)�AnonymousCheckerzI
    A simple checker which isn't supported by L{SSHUserAuthServer}.
    c��yrHr$)r8�credentialss  r&r�z AnonymousChecker.requestAvatarId�s��r%N)r r!r"r#r	r�r�r$r%r&r�r��s���'�=��
r%r�c��eZdZdZe�dZd�Zd�Zd�Zd�Z	d�Z
d	�Zd
�Zd�Z
d�Zd
�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zy)�SSHUserAuthServerTestsz&
    Tests for SSHUserAuthServer.
    N�cannot run without cryptographyc���t�|_t|j�|_|jj	t��|jj	t
��tj�|_	t|j�|j_|jj�|jjj�yrH)rv�realmrrf�registerCheckerr�r�r�SSHUserAuthServer�
authServerrUrrZ�supportedAuthentications�sortr7s r&�setUpzSSHUserAuthServerTests.setUp�s����W��
��T�Z�Z�(������#�#�O�$5�6����#�#�$5�$7�8�"�4�4�6���$1�$�+�+�$>����!����&�&�(����0�0�5�5�7r%c�F�|jj�d|_yrH)r��serviceStoppedr7s r&�tearDownzSSHUserAuthServerTests.tearDown�������&�&�(���r%c��|j|jjjdtj
t
d�dzf�y)z;
        Check that the authentication has failed.
        ���spassword,publickey�N)�assertEqualr�rrhr�MSG_USERAUTH_FAILUREr�r8�ignoreds  r&�_checkFailedz#SSHUserAuthServerTests._checkFailed�sC��	
����O�O�%�%�-�-�b�1�
�
*�
*�B�/D�,E��,O�P�	
r%c��|jjtd�td�ztd�z�}|j|j�S)z�
        A client may request a list of authentication 'method name' values
        that may continue by using the "none" authentication 'method name'.

        See RFC 4252 Section 5.2.
        r>sservicer_)r��ssh_USERAUTH_REQUESTr�addCallbackr�)r8�ds  r&�test_noneAuthenticationz.SSHUserAuthServerTests.test_noneAuthenticationsH��
�O�O�0�0��v�J��J��'�"�W�+�5�
���}�}�T�.�.�/�/r%c	����djtd�td�td�dtd�g�}�jj|�}�fd�}|j	|�S)z�
        When provided with correct password authentication information, the
        server should respond by sending a MSG_USERAUTH_SUCCESS message with
        no other data.

        See RFC 4252, Section 5.1.
        r%r>r_�passwordr�c����j�jjjtj
dfg�y�Nr%�r�r�rrhr�MSG_USERAUTH_SUCCESS�r�r8s �r&�checkzKSSHUserAuthServerTests.test_successfulPasswordAuthentication.<locals>.check�5���������)�)�1�1��/�/��5�6�
r%)�joinrr�r�r�)r8�packetr�r�s`   r&�%test_successfulPasswordAuthenticationz<SSHUserAuthServerTests.test_successfulPasswordAuthenticationsX������2�f�:�r�'�{�B�{�O�U�B�v�J�W�X���O�O�0�0��8��	��}�}�U�#�#r%c	���djtd�td�td�dtd�g�}tj�|j_|jj
|�}|j|jjjg�|jj
jd�|j|j�S)a;
        When provided with invalid authentication details, the server should
        respond by sending a MSG_USERAUTH_FAILURE message which states whether
        the authentication was partially successful, and provides other, open
        options for authentication.

        See RFC 4252, Section 5.1.
        r%r>r_r�r��bar�)
r�rr�Clockr��clockr�r�rrh�advancer�r��r8r�r�s   r&�!test_failedPasswordAuthenticationz8SSHUserAuthServerTests.test_failedPasswordAuthentication's������2�f�:�r�'�{�B�{�O�U�B�v�J�W�X�� $�
�
�������O�O�0�0��8��������2�2�:�:�B�?������%�%�a�(��}�}�T�.�.�/�/r%c���tjjtj�j�}tjjtj�}td�td�ztd�zdzt|j��zt|�z}d�jj_|jtd�ttjf�z|z�}|t|�z
}�jj!|�}�fd�}|j#|�S)zN
        Test that private key authentication completes successfully,
        r>r_�	publickey���testc����j�jjjtj
dfg�yr�r�r�s �r&r�zMSSHUserAuthServerTests.test_successfulPrivateKeyAuthentication.<locals>.checkMr�r%)rr2r3rr4rNr;r�sshTyper�r�	sessionID�sign�bytesr�MSG_USERAUTH_REQUESTr�r�)r8rNr�r�r�r�r�s`      r&�'test_successfulPrivateKeyAuthenticationz>SSHUserAuthServerTests.test_successfulPrivateKeyAuthentication8s����x�x�"�"�7�#<�#<�=�B�B�D���h�h�!�!�'�"<�"<�=���v�J���k�
����
��
�������	
 �
��h�
�	�/6����!�!�+��H�H��w�K�%��!>�!>� @�A�A�F�J�
�	�	�"�Y�-����O�O�0�0��8��	��}�}�U�#�#r%c���tj��d�}d�}�fd�}|j|jd|�|j|jd|�|j|jd|�t	d�t	d�zt	d	�zt	d
�z}|jj|�|j
�t�S)z�
        ssh_USERAUTH_REQUEST should raise a ConchError if tryAuth returns
        None. Added to catch a bug noticed by pyflakes.
        c�&�|jd�y)Nz&request should have raised ConochError)r�r�s  r&�mockCbFinishedAuthzOSSHUserAuthServerTests.test_requestRaisesConchError.<locals>.mockCbFinishedAuth\s���I�I�>�?r%c��yrHr$)�kind�user�datas   r&�mockTryAuthzHSSHUserAuthServerTests.test_requestRaisesConchError.<locals>.mockTryAuth_���r%c�<���j|j�yrH)�errback�value)�reasonr�s �r&�
mockEbBadAuthzJSSHUserAuthServerTests.test_requestRaisesConchError.<locals>.mockEbBadAuthbs���
�I�I�f�l�l�#r%�tryAuth�_cbFinishedAuth�
_ebBadAuthsuserr_s
public-keysdata)r�Deferred�patchr�rr��
assertFailurer)r8r�r�r�r�r�s     @r&�test_requestRaisesConchErrorz3SSHUserAuthServerTests.test_requestRaisesConchErrorUs����

�N�N���	@�	�	$�	
�
�
�4�?�?�I�{�;��
�
�4�?�?�$5�7I�J��
�
�4�?�?�L�-�@��G��r�'�{�*�R�
�->�>��G��L��	
���,�,�V�4��!�!�!�Z�0�0r%c�\���tjjtj�j��t
d�t
d�zt
d�zdzt
d�zt
��z}�jj|�}��fd�}|j|�S)z@
        Test that verifying a valid private key works.
        r>r_r�r��ssh-rsac����j�jjjtj
t
d�t
��zfg�y)Nr�)r�r�rrhr�MSG_USERAUTH_PK_OKr)r�rNr8s ��r&r�z@SSHUserAuthServerTests.test_verifyValidPrivateKey.<locals>.check~sB���������)�)�1�1��-�-�r�*�~��4��/H�I�J�
r%)
rr2r3rr4rNrr�r�r�)r8r�r�r�rNs`   @r&�test_verifyValidPrivateKeyz1SSHUserAuthServerTests.test_verifyValidPrivateKeyos�����x�x�"�"�7�#<�#<�=�B�B�D���v�J���k�
����
��
���n�	
�
��h�
�	�
�O�O�0�0��8��	��}�}�U�#�#r%c�`�tjjtj�j�}t
d�t
d�zt
d�zdzt
d�zt
|�z}|jj|�}|j|j�S)�d
        Test that private key authentication fails when the public key
        is invalid.
        r>r_r�r�sssh-dsa�rr2r3rr6rNrr�r�r�r��r8rNr�r�s    r&�3test_failedPrivateKeyAuthenticationWithoutSignaturezJSSHUserAuthServerTests.test_failedPrivateKeyAuthenticationWithoutSignature�s���
�x�x�"�"�7�#<�#<�=�B�B�D���v�J���k�
����
��
���n�	
�
��h�
�	�
�O�O�0�0��8���}�}�T�.�.�/�/r%c�&�tjjtj�j�}tjjtj�}td�td�ztd�zdztd�zt|�zt|j|��z}d|jj_|jj|�}|j|j�S)r�r>r_r�r�r�r�)rr2r3rr4rNr;rr�r�rr�r�r�r�)r8rNr�r�r�s     r&�0test_failedPrivateKeyAuthenticationWithSignaturezGSSHUserAuthServerTests.test_failedPrivateKeyAuthenticationWithSignature�s���
�x�x�"�"�7�#<�#<�=�B�B�D���h�h�!�!�'�"<�"<�=���v�J���k�
����
��
���n�	
�
��h�
�����$�� �

!�	�/6����!�!�+��O�O�0�0��8���}�}�T�.�.�/�/r%c��tjjtj�j�}t
d�|ddz}t
d�t
d�zt
d�zdzt
d�zt
|�z}|jj|�}|j|j�S)	z�
        Private key authentication fails when the public key type is
        unsupported or the public key is corrupt.
        sssh-bad-type�Nr>r_r�r�r�r�r�s    r&�test_unsupported_publickeyz1SSHUserAuthServerTests.test_unsupported_publickey�s���
�x�x�"�"�7�#<�#<�=�B�B�D���/�"�T�"�#�Y�.��
�v�J���k�
����
��
���n�	
�
��h�
�	�
�O�O�0�0��8���}�}�T�.�.�/�/r%c�V�tj�}t|j�|_|jjt
��|j�|j�|jj�|j|jddg�y)ah
        L{SSHUserAuthServer} sets up
        C{SSHUserAuthServer.supportedAuthentications} by checking the portal's
        credentials interfaces and mapping them to SSH authentication method
        strings.  If the Portal advertises an interface that
        L{SSHUserAuthServer} can't map, it should be ignored.  This is a white
        box test.
        r�r�N)rr�rUrfrr�r�rZr�r�r�r�)r8�servers  r&� test_ignoreUnknownCredInterfacesz7SSHUserAuthServerTests.test_ignoreUnknownCredInterfaces�s~���+�+�-��(����5������#�#�$4�$6�7����������'�'�,�,�.�����8�8�;��:U�Vr%c�@�|jd|jj�tj�}t|j�|_d�|j_|j�|j�|jd|j�tj�}t|j�|_d�|j_|j�|j�|jd|j�y)z�
        Test that the userauth service does not advertise password
        authentication if the password would be send in cleartext.
        r�c��yrdr$��xs r&ryzISSHUserAuthServerTests.test_removePasswordIfUnencrypted.<locals>.<lambda>�rzr%c��|dk(S�N�inr$r�s r&ryzISSHUserAuthServerTests.test_removePasswordIfUnencrypted.<locals>.<lambda>��
���d��r%N)�assertInr�r�rr�rUrfrrqrZr��assertNotIn)r8�clearAuthServer�halfAuthServers   r&� test_removePasswordIfUnencryptedz7SSHUserAuthServerTests.test_removePasswordIfUnencrypted�s���
	
�
�
�k�4�?�?�#K�#K�L�"�4�4�6��$1�$�+�+�$>��!�0?��!�!�-��&�&�(��&�&�(�����o�&N�&N�O�!�3�3�5��#0����#=�� �/B�� � �,��%�%�'��%�%�'��
�
�k�>�#J�#J�Kr%c�,�t|j�}|jt��t	j
�}t
|�|_d�|j_|j�|j�|j|jdg�t	j
�}t
|�|_d�|j_|j�|j�|j|jdg�y)z�
        If the L{SSHUserAuthServer} is not advertising passwords, then an
        unencrypted connection should not cause any warnings or exceptions.
        This is a white box test.
        c��yrdr$r�s r&ryzSSSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswords.<locals>.<lambda>�rzr%r�c��|dk(Sr�r$r�s r&ryzSSSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswords.<locals>.<lambda>�r�r%N)
rr�r�r�rr�rUrrqrZr�r�r�)r8rfr�rs    r&�*test_unencryptedConnectionWithoutPasswordszASSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswords�s�����
�
�#�����0�2�3�#�4�4�6��$1�&�$9��!�0?��!�!�-��&�&�(��&�&�(�����A�A�L�>�R�"�3�3�5��#0��#8�� �/B�� � �,��%�%�'��%�%�'�����A�A�L�>�Rr%c�&�tj�}tj�|_t|j�|_|j�|jjd�|j�|j|jjtjdttjf�zt!d�zt!d�zfg�|j#|jj$�y)z0
        Test that the login times out.
        鰚�syou took too longr%N)rr�rr�r�rUrfrrZr�r�r�rh�MSG_DISCONNECTr��)DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLEr�
assertTruerg�r8�timeoutAuthServers  r&�test_loginTimeoutz(SSHUserAuthServerTests.test_loginTimeouts���%�6�6�8��"&�*�*�,���&3�D�K�K�&@��#��(�(�*����'�'��5��(�(�*�����'�'�/�/��,�,���Y�P�P�R�S�T��-�.�/���g���
�	
�	
���)�3�3�B�B�Cr%c��tj�}tj�|_t|j�|_|j�|j�|jjd�|j|jjg�|j|jj�y)zN
        Test that stopping the service also stops the login timeout.
        rN)rr�rr�r�rUrfrrZr�r�r�rh�assertFalsergrs  r&�test_cancelLoginTimeoutz.SSHUserAuthServerTests.test_cancelLoginTimeouts���%�6�6�8��"&�*�*�,���&3�D�K�K�&@��#��(�(�*��(�(�*����'�'��5����*�4�4�<�<�b�A����*�4�4�C�C�Dr%c	���djtd�td�td�dtd�g�}tj��j_t
d�D]B}�jj|�}�jj
jd��D�fd	�}j|�S)
zm
        Test that the server disconnects if the client fails authentication
        too many times.
        r%r>r_r�r�r��r�c�����j�jjjdtjdttjf�ztd�ztd�zf�y)Nr�rstoo many bad authsr%)r�r�rrhr	r�r
rr�s �r&r�z:SSHUserAuthServerTests.test_tooManyAttempts.<locals>.check1sm���������)�)�1�1�"�5��,�,���Y�P�P�R�S�T��.�/�0���g���	
r%)
r�rrr�r�r��ranger�r�r�)r8r��ir�r�s`    r&�test_tooManyAttemptsz+SSHUserAuthServerTests.test_tooManyAttempts&s����
���2�f�:�r�'�{�B�{�O�U�B�v�J�W�X�� $�
�
�������r��	-�A����4�4�V�<�A��O�O�!�!�)�)�!�,�	-�
	��}�}�U�#�#r%c��td�td�ztd�zdztd�z}tj�|j_|jj|�}|j
|j�S)zo
        If the user requests a service that we don't support, the
        authentication should fail.
        r>r%r�r�)rrr�r�r�r�r�r�r�s   r&�test_failIfUnknownServicez0SSHUserAuthServerTests.test_failIfUnknownService?sh��
�F��b��g�%��;��7�%�?�"�V�*�L�� $�
�
�������O�O�0�0��8���}�}�T�.�.�/�/r%c���d�}�j�jd|��j�jdd��fd�}�jjddd�}�j|t�j|�S)aZ
        tryAuth() has two edge cases that are difficult to reach.

        1) an authentication method auth_* returns None instead of a Deferred.
        2) an authentication type that is defined does not have a matching
           auth_* method.

        Both these cases should return a Deferred which fails with a
        ConchError.
        c��yrHr$)r�s r&�mockAuthz>SSHUserAuthServerTests.test_tryAuthEdgeCases.<locals>.mockAuthUr�r%�auth_publickey�
auth_passwordNc�j���jjddd�}�j|t�S)Nr�)r�r�r�r)r��d2r8s  �r&�
secondTestz@SSHUserAuthServerTests.test_tryAuthEdgeCases.<locals>.secondTest[s.������(�(��d�D�A�B��%�%�b�*�5�5r%r�)r�r�r�r�rr�)r8rr!�d1s`   r&�test_tryAuthEdgeCasesz,SSHUserAuthServerTests.test_tryAuthEdgeCasesIsp���	�	
�
�
�4�?�?�$4�h�?��
�
�4�?�?�O�T�:�	6��_�_�
$�
$�\�4��
>���!�!�"�j�1�=�=�j�I�Ir%)r r!r"r#r�skipr�r�r�r�r�r�r�r�r�r�r�r�r�rrrrrrr#r$r%r&r�r��s}����|�0��8��
�
0�$�&0�"$�:1�4$�.0�"0�(0�,W�"L�*S�4D�0E�$�20�Jr%r�c�r�eZdZdZe�dZd�Zd�Zd�Zd�Z	d�Z
d	�Zd
�Zd�Z
d�Zd
�Zd�Zd�Zd�Zd�Zd�Zy)�SSHUserAuthClientTestsz&
    Tests for SSHUserAuthClient.
    Nr�c���tdtj��|_td�|j_d|jj_|jj
�y)Nr>r�)r/rUr[�
authClientrr�rZr7s r&r�zSSHUserAuthClientTests.setUpksL��(���1F�1F�1H�I���$1�$�$7����!�.5����!�!�+����&�&�(r%c�F�|jj�d|_yrH)r(r�r7s r&r�zSSHUserAuthClientTests.tearDownqr�r%c�t�|j|jjd�|j|jjjd�|j|jj
jtjtd�td�ztd�zfg�y)z;
        Test that client is initialized properly.
        r>rXr_N)
r�r(r��instancerDrrhrr�rr7s r&�	test_initz SSHUserAuthClientTests.test_initus���	
������-�-�v�6�������1�1�6�6��A�����O�O�%�%�-�-��+�+�R��Z�"�X�,�-F��G��-T�
U�V�	
r%c����dg��fd�}||jj_|jjd�|j	�d|jj
�y)z9
        Test that the client succeeds properly.
        Nc���|�d<y)Nrr$)r`r+s �r&�stubSetServicezDSSHUserAuthClientTests.test_USERAUTH_SUCCESS.<locals>.stubSetService�s���!�H�Q�Kr%r%r)r(r�
setService�ssh_USERAUTH_SUCCESSr�r+)r8r/r+s  @r&�test_USERAUTH_SUCCESSz,SSHUserAuthClientTests.test_USERAUTH_SUCCESS�sU����6��	"�0>����!�!�,����,�,�S�1�����!��d�o�o�&>�&>�?r%c
���|jjtd�dz�|j|jjj
dtjtd�td�ztd�zdztd�zttjjtj�j��zf�|jjtd�dz�ttjjtj�j��}|j|jjj
dtjtd�td�ztd�zdztd�z|zf�|jjtd�ttjjtj�j��z�t|jjj �t#tjf�ztd�ztd�ztd�zdztd�z|z}tjjtj$�}|j|jjj
dtjtd�td�ztd�zdztd�z|zt|j'|��zf�y	)
zJ
        Test that the client can authenticate with a public key.
        r�r�r�r>rXsssh-dssr��N)r(�ssh_USERAUTH_FAILURErr�rrhrr�rr2r3rr6rNr4�ssh_USERAUTH_PK_OKr�r�r;r�)r8rNr�r�s    r&�test_publickeyz%SSHUserAuthClientTests.test_publickey�s���	
���,�,�R��-=��-G�H�����O�O�%�%�-�-�b�1��-�-��6�
��X�,���\�"�#����Z�.�	!�
�T�X�X�(�(��)B�)B�C�H�H�J�K�L�
�	
�	
���,�,�R��-=��-G�H��$�(�(�%�%�g�&?�&?�@�E�E�G�H������O�O�%�%�-�-�b�1��-�-��v�J���l�#���&�'�����n�	%�
��

�
	
�	
���*�*��z�N�R���� 3� 3�G�4M�4M� N� S� S� U�V�V�	
�
�t���(�(�2�2�3��X�2�2�4�5�
6���j�
���l�
����	
�
�
���n�

��
�	��h�h�!�!�'�"<�"<�=������O�O�%�%�-�-�b�1��-�-��6�
��X�,���\�"�#����Z�.�	!�
���S�X�X�g�&�'�
(�	
�	
r%c���tdtj��}td�|_d|j_|j�|j
d�g|j_|j|jd��|j|jjtjtd�td�ztd�zfg�y)z�
        If the SSHUserAuthClient doesn't return anything from signData,
        the client should start the authentication over again by requesting
        'none' authentication.
        r>Nr�r�r%rXr_)rQrUr[rr�rZr�rh�assertIsNoner6r�rr�r)r8r(s  r&�!test_publickey_without_privatekeyz8SSHUserAuthClientTests.test_publickey_without_privatekey�s���1���9N�9N�9P�Q�
�,�T�2�
��)0�
���&��!�!�#����<�(�')�
���$����*�7�7��<�=����� � �(�(��+�+�R��Z�"�X�,�-F��G��-T�
U�V�	
r%c���d��j_�jjd�}�fd�}|j|�S)z{
        If there's no public key, auth_publickey should return a Deferred
        called back with a False value.
        c��yrHr$r�s r&ryz:SSHUserAuthClientTests.test_no_publickey.<locals>.<lambda>�rzr%r�c�(���j|�yrH)r)�resultr8s �r&r�z7SSHUserAuthClientTests.test_no_publickey.<locals>.check�s������V�$r%)r(r9r�r�)r8r�r�s`  r&�test_no_publickeyz(SSHUserAuthClientTests.test_no_publickey�s;���
(6����$��O�O�#�#�L�1��	%��}�}�U�#�#r%c��|jjtd�dz�|j|jjj
dtjtd�td�ztd�zdztd�zf�|jjtd�td�z�|j|jjj
dtjtd�td�ztd�zdztd�dzzf�y	)
zx
        Test that the client can authentication with a password.  This
        includes changing the password.
        r�r�r�r>rXr%r�r�N)	r(r5rr�rrhrr�r6r7s r&�
test_passwordz$SSHUserAuthClientTests.test_password�s���
	
���,�,�R��_�w�-F�G�����O�O�%�%�-�-�b�1��-�-��6�
�R��\�)�B�{�O�;�g�E��6�
�R�
�	
�	
���*�*�2�c�7�R��W�+<�=�����O�O�%�%�-�-�b�1��-�-��6�
�R��\�)�B�{�O�;�g�E��6�
�UV��V�
�	
r%c�|�d�|j_|j|jjd��y)zK
        If getPassword returns None, tryAuth should return False.
        c��yrHr$r$r%r&ryz9SSHUserAuthClientTests.test_no_password.<locals>.<lambda>rzr%r�N)r(rArr�r7s r&�test_no_passwordz'SSHUserAuthClientTests.test_no_passwords-��'3����#�������0�0��=�>r%c�V�|jjtd�td�ztd�zdztd�zdz�|j|jjj
dtjdtd�ztd�zf�y)	zj
        Make sure that the client can authenticate with the keyboard
        interactive method.
        r%ss
Password: r�r�sr>N)r(�'ssh_USERAUTH_PK_OK_keyboard_interactiverr�rrhr�MSG_USERAUTH_INFO_RESPONSEr7s r&�test_keyboardInteractivez/SSHUserAuthClientTests.test_keyboardInteractives���
	
���?�?��s�G���g�
���g�
�"�
"����	
 �
�
�	
�	
����O�O�%�%�-�-�b�1��3�3�#�b��j�0�2�f�:�=�
�	
r%c�V�d|j_g|jj_|jj	d�|j|jjjtjtd�td�ztd�zfg�y)z�
        If C{SSHUserAuthClient} gets a MSG_USERAUTH_PK_OK packet when it's not
        expecting it, it should fail the current authentication and move on to
        the next type.
        sunknownr%r>rXr_N)	r(�lastAuthrrhr6r�rr�rr7s r&�"test_USERAUTH_PK_OK_unknown_methodz9SSHUserAuthClientTests.test_USERAUTH_PK_OK_unknown_methods|��$.���� �,.����!�!�)����*�*�3�/�����O�O�%�%�-�-��+�+�R��Z�"�X�,�-F��G��-T�
U�V�	
r%c�J���fd�}�fd�}|�j_|�j_�jjt	d�dz��j�jjjdtjt	d�t	d�zt	d�zdzt	d�zf��jjt	d	�d
z��j�jjjddd
dg�y)z�
        ssh_USERAUTH_FAILURE should sort the methods by their position
        in SSHUserAuthClient.preferredOrder.  Methods that are not in
        preferredOrder should be sorted at the end of that list.
        c�R���jjjdd�y)N��here is data�r(rrnr7s�r&�auth_firstmethodzNSSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting.<locals>.auth_firstmethod2s����O�O�%�%�0�0��o�Fr%c�R���jjjdd�y)N��
other dataTrPr7s�r&�auth_anothermethodzPSSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting.<locals>.auth_anothermethod5s ����O�O�%�%�0�0��m�D�r%sanothermethod,passwordr�r�r>rXr�s"firstmethod,anothermethod,passwordr����N)rNrO)rSrT)
r(rQrUr5rr�rrhrr�)r8rQrUs`  r&�test_USERAUTH_FAILURE_sortingz4SSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting+s����	G�	�,<����(�-?����*�	
���,�,�R�0I�-J�W�-T�U�����O�O�%�%�-�-�b�1��-�-��6�
�R��\�)�B�{�O�;�g�E��6�
�R�
�	
�	
���,�,��4�5��?�	
�	
����O�O�%�%�-�-�b�c�2�
#�%9�:�	
r%c�D�|jjtd�dz�|jjtd�dz�|j|jjj
dtjdtd�zdzf�y)	z�
        If there are no more available user authentication messages,
        the SSHUserAuthClient should disconnect with code
        DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE.
        r�r�r�r�ss(no more authentication methods availablesN)r(r5rr�rrhr	r7s r&�%test_disconnectIfNoMoreAuthenticationz<SSHUserAuthClientTests.test_disconnectIfNoMoreAuthenticationOs���	
���,�,�R��_�w�-F�G����,�,�R��_�w�-F�G�����O�O�%�%�-�-�b�1��(�(�#��@�A�B�%�&�
�	
r%c�4�g|jj_|jjd�|j	|jjjt
jtd�td�ztd�zfg�y)z�
        _ebAuth (the generic authentication error handler) should send
        a request for the 'none' authentication method.
        Nr>rXr_)r(rrh�_ebAuthr�rr�rr7s r&�test_ebAuthz"SSHUserAuthClientTests.test_ebAuthasp��
-/����!�!�)�������%�����O�O�%�%�-�-��+�+�R��Z�"�X�,�-F��G��-T�
U�V�	
r%c�.�����tjdtj����j	�j�����fd�}���fd��d���j
�}|j�j�j|�S)z�
        getPublicKey() should return None.  getPrivateKey() should return a
        failed Deferred.  getPassword() should return a failed Deferred.
        getGenericAnswers() should return a failed Deferred.
        r>c���|jt��j�}|j�j�j��SrH)�trap�NotImplementedErrorrAr�r��
addErrback)r>r�r(�check2r8s  ���r&r�z3SSHUserAuthClientTests.test_defaults.<locals>.checkvs<����K�K�+�,��&�&�(�A��=�=����+�6�6�v�>�>r%c���|jt��jddd�}|j�j�j��SrH)r_r`rGr�r�ra)r>r�r(�check3r8s  ���r&rbz4SSHUserAuthClientTests.test_defaults.<locals>.check2{sB����K�K�+�,��,�,�T�4��>�A��=�=����+�6�6�v�>�>r%c�.�|jt�yrH)r_r`)r>s r&rdz4SSHUserAuthClientTests.test_defaults.<locals>.check3�s���K�K�+�,r%)
rr-rUr[r9r9r<r�r�ra)r8r�r�r(rbrds`  @@@r&�
test_defaultsz$SSHUserAuthClientTests.test_defaultsmst����/�/��
�8M�8M�8O�P�
����*�1�1�3�4�	?�
	?�
	-�
�$�$�&���}�}�T�Y�Y�'�2�2�5�9�9r%)r r!r"r#rr$r�r�r,r2r7r:r?rArDrHrKrWrYr\rfr$r%r&r&r&csa����|�0��)��	
�@�<
�|
�&$�
�,?�
�*
�"
�H
�$

�:r%r&c�.�eZdZe�dZGd�d�Zd�Zy)�
LoopbackTestsNr�c�&�eZdZGd�d�Zd�Zy)�LoopbackTests.Factoryc��eZdZdZd�Zd�Zy)�LoopbackTests.Factory.Service�TestServicec�8�|jj�yrH)rrtr7s r&rZz,LoopbackTests.Factory.Service.serviceStarted�s�����-�-�/r%c��yrHr$r7s r&r�z,LoopbackTests.Factory.Service.serviceStopped�s��r%N)r r!r"rDrZr�r$r%r&r[rl�s��!�D�
0�
r%r[c��|jSrH)r[)r8�avatarrDs   r&raz LoopbackTests.Factory.getService�s���<�<�r%N)r r!r"r[rar$r%r&rbrj�s��	�	�	 r%rbc�Z����tj��td�jj	��}tj��_��j
_d��j
_tj�|_||j
_dx�j
_	|j
_	d�x�j
_
|j
_
�j��j
_d�_t�}t|�}t���j!t#���j!t%���fd��_|j!��|�j
j_t+j,�j
|j
�}d��j
j
_d�|j
j
_�j1�|j1���fd	�}|j3|�S)
zW
        Test that the userauth server and client play nicely with each other.
        r>c��yrsr$r�s r&ryz-LoopbackTests.test_loopback.<locals>.<lambda>�rzr%r%c��yrHr$r$r%r&ryz-LoopbackTests.test_loopback.<locals>.<lambda>�rzr%rc�:��t�j|�dk(S)Nr�)�len�successfulCredentials)�aId�checkers �r&ryz-LoopbackTests.test_loopback.<locals>.<lambda>�s���s�7�+H�+H��+M�'N�RS�'S�r%c��y)N�_ServerLoopbackr$r$r%r&ryz-LoopbackTests.test_loopback.<locals>.<lambda>�rzr%c��y)N�_ClientLoopbackr$r$r%r&ryz-LoopbackTests.test_loopback.<locals>.<lambda>�rzr%c�f���j�jjjd�y)Nrm)r�rr`rD)r�r8r�s ��r&r�z*LoopbackTests.test_loopback.<locals>.check�s%������V�-�-�5�5�:�:�N�Kr%)rr�r/rbr[rr'r`rqr��sendKexInitre�
passwordDelayrvrrr�r�r��areDonerfr�
loopbackAsync�	logPrefixrZr�)r8�clientr�rfr�r�ryr�s`     @@r&�
test_loopbackzLoopbackTests.test_loopback�s�����+�+�-�������(<�(<�(>�?��%�5�5�7���#)���� �'5����$�$�5�5�7���#)���� �BE�E����"�V�%5�%5�%?�FR�R����$�v�'7�'7�'C�$(�<�<�>���� � ����������$�&������ 1�2���� 1� 3�4�T������w�'�*0���� � �'��"�"�6�#3�#3�V�5E�5E�F��/H����"�"�,�/H����"�"�,���������	L��}�}�U�#�#r%)r r!r"rr$rbr�r$r%r&rhrh�s���|�0�� � �'$r%rhc��eZdZe�dZd�Zy)�ModuleInitializationTestsNr�c��|jtjjdd�|jtjjdd�y)N�<r�)r�rr��protocolMessagesr-r7s r&�
test_messagesz'ModuleInitializationTests.test_messages�sP��	
����&�&�7�7��;�=Q�	
�	
����&�&�7�7��;�=Q�	
r%)r r!r"rr$r�r$r%r&r�r��s���|�0��
r%r�)8r#�typesr�typingr�zope.interfacer�twisted.conch.errorrr�twisted.cred.checkersr�twisted.cred.credentialsr	r
r�twisted.cred.errorr�twisted.cred.portalr
r�twisted.internetrr�twisted.protocolsr�twisted.python.reflectr�
twisted.trialrr�__annotations__�twisted.conch.checkersr�twisted.conch.sshrr�twisted.conch.ssh.commonr�twisted.conch.testrr-r/rJrQr'rUrvr�r�r��TestCaser�r&rhr�r$r%r&�<module>r�s������&�:�5�R�R�0�.�(�&�0�"�!��h�z��!��� �9�;�;�+�*����� -�X�/�/� -�F
E�H�.�.�
E�	>�(�"<�"<�	>�>#�I�.�.�>#�B
�V��	B�	B��	B�
�
 �!�O�O�"�O�
�
 �!�"�"�"�"�&
�
 �!�	
�	
�"�	
�xJ�X�.�.�xJ�va:�X�.�.�a:�H	8$�H�%�%�8$�v
�� 1� 1�
r%

Zerion Mini Shell 1.0