U ςdT@sdZddlZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z m Z mZmZmZmZmZddlmZddlmZmZddlmZd d ZGd d d eZd dZGdddZdS)z Packet handling N)HMAC)util) linefeed_byte cr_byte_value MSG_NAMESDEBUG xffffffff zero_bytebyte_ord)u) SSHExceptionProxyCommandFailure)MessagecCst|||SN)rdigest)keymessageZ digest_classrL/var/www/html/myproject/myenv/lib/python3.8/site-packages/paramiko/packet.py compute_hmac.src@seZdZdZdS)NeedRekeyExceptionz1 Exception indicating a rekey is needed. N)__name__ __module__ __qualname____doc__rrrrr2srcCs.d}t|jtkr*t|jdkr*|jd}|S)Nr)typeargstuplelen)eargrrr first_arg:s r!c@s"eZdZdZeddZeddZeddZeddZddZ e ddZ dd Z d>d d Z d?d dZddZddZddZddZddZddZddZddZdd Zd!d"Zd#d$Zd%d&Zd'd(Zd@d)d*Zd+d,Zd-d.Zd/d0Zd1d2Z d3d4Z!d5d6Z"d7d8Z#d9d:Z$d;d<Z%d=S)A Packetizerz9 Implementation of the base SSH packet protocol. cCs||_d|_d|_d|_d|_d|_t|_d|_d|_ d|_ d|_ d|_ d|_ d|_d|_d|_d|_d|_d|_d|_d|_d|_t|_t|_d|_d|_d|_d|_d|_d|_t |_!d|_"t##|_$d|_%d|_&d|_'d|_(dS)NFr))_Packetizer__socket_Packetizer__logger_Packetizer__closed_Packetizer__dump_packets_Packetizer__need_rekey_Packetizer__init_countbytes_Packetizer__remainder_Packetizer__sent_bytes_Packetizer__sent_packets_Packetizer__received_bytes_Packetizer__received_packets$_Packetizer__received_bytes_overflow&_Packetizer__received_packets_overflow_Packetizer__block_size_out_Packetizer__block_size_in_Packetizer__mac_size_out_Packetizer__mac_size_in_Packetizer__block_engine_out_Packetizer__block_engine_in_Packetizer__sdctr_out_Packetizer__mac_engine_out_Packetizer__mac_engine_in_Packetizer__mac_key_out_Packetizer__mac_key_in _Packetizer__compress_engine_out_Packetizer__compress_engine_in _Packetizer__sequence_number_out_Packetizer__sequence_number_in_Packetizer__etm_out_Packetizer__etm_in threadingRLock_Packetizer__write_lock_Packetizer__keepalive_intervaltime_Packetizer__keepalive_last_Packetizer__keepalive_callback_Packetizer__timer_Packetizer__handshake_complete_Packetizer__timer_expired)selfsocketrrr__init__QsJ  zPacketizer.__init__cCs|jSr)r(rOrrrclosedszPacketizer.closedcCs ||_dS)z? Set the Python log object to use for logging. N)r')rOlogrrrset_logszPacketizer.set_logFcCs^||_||_||_||_||_||_d|_d|_||_|j dO_ |j dkrZd|_ d|_ dS)zd Switch outbound data cipher. :param etm: Set encrypt-then-mac from OpenSSH rFN) r8r:r4r;r6r=r.r/rCr+r*)rO block_engine block_size mac_enginemac_sizemac_keyZsdctretmrrrset_outbound_ciphers zPacketizer.set_outbound_ciphercCsd||_||_||_||_||_d|_d|_d|_d|_||_ |j dO_ |j dkr`d|_ d|_ dS)zc Switch inbound data cipher. :param etm: Set encrypt-then-mac from OpenSSH rr#rWFN) r9r5r<r7r>r0r1r2r3rDr+r*)rOrXrYrZr[r\r]rrrset_inbound_ciphers  zPacketizer.set_inbound_ciphercCs ||_dSr)r?rOZ compressorrrrset_outbound_compressorsz"Packetizer.set_outbound_compressorcCs ||_dSr)r@r`rrrset_inbound_compressorsz!Packetizer.set_inbound_compressorcCsd|_|jdSNT)r(r&closerRrrrrdszPacketizer.closecCs ||_dSrr))rOhexdumprrr set_hexdumpszPacketizer.set_hexdumpcCs|jSrrerRrrr get_hexdumpszPacketizer.get_hexdumpcCs|jSr)r7rRrrrget_mac_size_inszPacketizer.get_mac_size_incCs|jSr)r6rRrrrget_mac_size_outszPacketizer.get_mac_size_outcCs|jS)z Returns ``True`` if a new set of keys needs to be negotiated. This will be triggered during a packet read or write, so it should be checked after every read or write, or at least after every few. r*rRrrr need_rekeyszPacketizer.need_rekeycCs||_||_t|_dS)z Turn on/off the callback keepalive. If ``interval`` seconds pass with no data read from or written to the socket, the callback will be executed and the timer will be reset. N)rHrKrIrJ)rOintervalcallbackrrr set_keepaliveszPacketizer.set_keepalivecCs d|_dSrc)rNrRrrr read_timerszPacketizer.read_timercCs(|js$tt||j|_|jdS)z Tells `Packetizer` that the handshake process started. Starts a book keeping timer that can signal a timeout in the handshake process. :param float timeout: amount of seconds to wait before timing out N)rLrETimerfloatrpstart)rOtimeoutrrrstart_handshakeszPacketizer.start_handshakecCs|js dS|jrdS|jS)aR Checks if the handshake has timed out. If `start_handshake` wasn't called before the call to this function, the return value will always be `False`. If the handshake completed before a timeout was reached, the return value will be `False` :return: handshake time out status, as a `bool` F)rLrMrNrRrrrhandshake_timed_outs zPacketizer.handshake_timed_outcCs |jr|jd|_d|_dS)zF Tells `Packetizer` that the handshake has completed. FTN)rLcancelrNrMrRrrrcomplete_handshakes zPacketizer.complete_handshakec Cs8t}t|jdkr>|jd|}|j|d|_|t|8}|dkr4d}|rZtz6|j|}t|dkrzt||7}|t|8}Wndtjk rd}YnLtj k r}z,t |}|t j krd}n|j rtnW5d}~XYnX|r>|j rt|r*t|dkr*|jr*t|q>|S)a& Read as close to N bytes as possible, blocking as long as necessary. :param int n: number of bytes to read :return: the data read, as a `str` :raises: ``EOFError`` -- if the socket was closed before all the bytes could be read rNFT)r,rr-rvEOFErrorr&recvrPrterrorr!errnoEAGAINr(r*r_check_keepalive)rOn check_rekeyoutZ got_timeoutxrr rrrread_alls>       zPacketizer.read_allc Cst|_d}t|dkrd}z|j|}Wntjk rJd}Ynjtjk r}z t|}|t j krtd}nd}W5d}~XYn,t k rYnt k rd}YnX|rd}|j rd}n|dkr|dkrd}|d7}|dkrt|t|krq||d}qdS)NrFT rV)rIrJrr&sendrPrtr{r!r|r}r Exceptionr(ry)rOrZ#iteration_with_zero_as_return_valueZ retry_writerrr rrr write_allGs<   zPacketizer.write_allcCsr|j}t|kr|||7}q|t}||dd|_|d|}t|dkrj|dtkrj|dd}t|S)z Read a line from the socket. We assume no data is pending after the line, so it's okay to attempt large reads. rVNrr)r-r _read_timeoutindexrrr )rOrtbufrrrrreadlineos   zPacketizer.readlinec Cs|}t|d}|tkr&t|}n d|}t|}|jzp|jdk rZ||}| |}|j r| t d||| t t |d|jdk r|jr|dd|j|dd}q|j|}n|}|jdk r td|j}||jr|n|}|t|j||jd|j7}|jdt@|_|||jt|7_|jd7_|j|jkpr|j|jk} | r|jsd } | t | |j|jd|_ d|_!|"W5|jXdS) zR Write a block of data using the current cipher, as an SSH block. r${:x}NzWrite packet <{}>, length {}zOUT: >IrVz(Rekeying (hit {} packets, {} bytes sent))#Zasbytesr rformatrrGacquirereleaser? _build_packetr)_logrr format_binaryr8rCupdatestructpackrArr=r;r6rrr.r/ REKEY_PACKETS REKEY_BYTESr*r2r3_trigger_rekey) rOdatacmdcmd_nameZorig_lenpacketrpackedpayloadZ sent_too_muchmsgrrr send_message~sj              zPacketizer.send_messagecCs|j|jdd}|jrtd|ddd}||jd}|dd|j|dd}|j|jdd}td|j||}t|j ||j d|j}t ||st d |}|jdk r|j|}|jr|tt |d |jr|}ntd|ddd}|dd}|t||jdkr,t d |||jt|} | d|t|}| |t|d} |jdk r|j|}||}|jr|tt |d |jdkr|js| d|j}td|j||}t|j ||j d|j}t ||st d t|d} |d || } |jrF|td || |jdk r\|| } t| d d} |j| _|jd t@|_||jd}|j|7_|jd 7_|jr|j|7_|jd 7_|j|j ks|j|j!krDt dnL|j|j"ks|j|j#krDd}|t||j|jd|_d|_|$t| d}|t%krdt%|}n d|}|jr|td|t| || fS)z Only one thread should ever be in this function (no other locking is done). :raises: `.SSHException` -- if the packet is mangled :raises: `.NeedRekeyException` -- if the transport should rekey T)rrNrrFz>IIzMismatched MACzIN: zInvalid packet blockingrVz"Got payload ({} bytes, {} padding)z+Remote transport is ignoring rekey requestsz,Rekeying (hit {} packets, {} bytes received)rzRead packet <{}>, length {})&rr5rDrunpackr7rrBrr>r<rZconstant_time_bytes_eqr r9rr)rrrrr rr@rZseqnorr0r1r*r2r3REKEY_PACKETS_OVERFLOW_MAXREKEY_BYTES_OVERFLOW_MAXrrrr)rOheaderZ packet_size remainingrmacZ mac_payloadZmy_macleftoverrZ post_packetpaddingrrZraw_packet_sizeerrrrrrr read_messages               zPacketizer.read_messagecCsH|jdkrdStt|tr6|D]}|j||q n|j||dSr)r' issubclassrlistrT)rOlevelrmrrrr?s  zPacketizer._logcCs@|jr|jr|jrdSt}||j|jkr<|||_dSr)rHr8r*rIrJrK)rOnowrrrr~HszPacketizer._check_keepalivecCstt}z&|jd}t|dkr(tWqpWntjk rDYnX|jrRtt}|||krtq|S)Nr)rIr&rzrryrPrtr()rOrtrsrrrrrrUs    zPacketizer._read_timeoutcCs~|j}|jrdnd}d|t|||}tdt||d|}||7}|js^|jdkrl|t|7}n|t |7}|S)Nrr%rWz>IBrV) r4rCrrrr:r8r osurandom)rOrZbsizeZaddlenrrrrrrfszPacketizer._build_packetcCs d|_dSrcrkrRrrrrxszPacketizer._trigger_rekeyN)FF)F)F)&rrrrpowrrrrrQpropertyrSrUr^r_rarbrdrgrhrirjrlrorprurvrxrrrrrrr~rrrrrrrr"AsL    0   %    0(?  r")rr|rrPrrErIhmacrZparamikorZparamiko.commonrrrrrr r Z paramiko.utilr Zparamiko.ssh_exceptionr r Zparamiko.messagerrrrr!r"rrrrs   $