o gj @sdZddlZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z d\Z Zzddl Z WneyJZzeZWYdZ[ndZ[wwddlmZmZd ZGd d d Zd d ZGdddZGdddeZdS)z2 Configuration file (aka ``ssh_config``) support. N)sha1)StringIO)partial)NN)CouldNotCanonicalizeConfigParseErrorc@seZdZdZedZgddggdgdgdgdd Zd d Ze d d Z e ddZ e ddZ ddZ ddZd.ddZddZddZddZd d!Zd"d#Zd$d%Zd&d'Zd(d)Zd*d+Zd,d-ZdS)/ SSHConfiga Representation of config information as stored in the format used by OpenSSH. Queries can be made via `lookup`. The format is described in OpenSSH's ``ssh_config`` man page. This class is provided primarily as a convenience to posix users (since the OpenSSH format is a de-facto standard on posix) but should work fine on Windows too. .. versionadded:: 1.6 z(\w+)(?:\s*=\s*|\s+)(.+))%C%h%l%L%n%p%r%ur )r ~%dr r rr)rr rr)r rr) r rr r r rrrr) controlpathhostname identityfile proxycommand proxyjump match-execcCs g|_dS)a Create a new OpenSSH config object. Note: the newer alternate constructors `from_path`, `from_file` and `from_text` are simpler to use, as they parse on instantiation. For example, instead of:: config = SSHConfig() config.parse(open("some-path.config") you could:: config = SSHConfig.from_file(open("some-path.config")) # Or more directly: config = SSHConfig.from_path("some-path.config") # Or if you have arbitrary ssh_config text from some other source: config = SSHConfig.from_text("Host foo\n\tUser bar") N)_config)selfrI/var/www/html/api-tag/env/lib/python3.10/site-packages/paramiko/config.py__init__Hs zSSHConfig.__init__cCs|t|S)zg Create a new, parsed `SSHConfig` from ``text`` string. .. versionadded:: 2.7 ) from_filer)clstextrrr from_text]szSSHConfig.from_textcCs6t| }||WdS1swYdS)zr Create a new, parsed `SSHConfig` from the file found at ``path``. .. versionadded:: 2.7 N)openr)r pathflorrr from_pathfs $zSSHConfig.from_pathcCs|}|||S)zp Create a new, parsed `SSHConfig` from file-like object ``flo``. .. versionadded:: 2.7 )parse)r r%objrrrrps zSSHConfig.from_filecCsLdgid}|D]}|}|r|drqt|j|}|s&td||d}|d}|dvrT|j |dii}|d krL| ||d <q| ||d <q|d kre|d kred |d|<q|dru| dru|dd}|dvr||dvr|d| |q|g|d|<q||dvr||d|<q|j |d S)z Read an OpenSSH config from the given file object. :param file_obj: a file-like object to read the config file from *)hostconfig#zUnparsable line {}r)r*matchr+r*matchesrnoneN")r localforward remoteforward)strip startswithrer.SETTINGS_REGEXrformatgrouplowerrappend _get_hosts _get_matchesendswith)rfile_objcontextliner.keyvaluerrrr'{s8       zSSHConfig.parsecCs|j|d}d|vr||d<|dddv}t|dd}|rC|d|krC|d }||||}||d<|j||d d d }|S|j||d d d }|S) a  Return a dict (`SSHConfigDict`) of config options for a given hostname. The host-matching rules of OpenSSH's ``ssh_config`` man page are used: For each parameter, the first obtained value will be used. The configuration files contain sections separated by ``Host`` and/or ``Match`` specifications, and that section is only applied for hosts which match the given patterns or keywords Since the first obtained value for each parameter is used, more host- specific declarations should be given near the beginning of the file, and general defaults at the end. The keys in the returned dict are all normalized to lowercase (look for ``"port"``, not ``"Port"``. The values are processed according to the rules for substitution variable expansion in ``ssh_config``. Finally, please see the docs for `SSHConfigDict` for deeper info on features such as optional type conversion methods, e.g.:: conf = my_config.lookup('myhost') assert conf['passwordauthentication'] == 'yes' assert conf.as_bool('passwordauthentication') is True .. note:: If there is no explicitly configured ``HostName`` value, it will be set to the being-looked-up hostname, which is as close as we can get to OpenSSH's behavior around that particular option. :param str hostname: the hostname to lookup .. versionchanged:: 2.5 Returns `SSHConfigDict` objects instead of dict literals. .. versionchanged:: 2.7 Added canonicalization support. .. versionchanged:: 2.7 Added ``Match`` support. .. versionchanged:: 3.3 Added ``Match final`` support. )rrcanonicalizehostnameN)yesalwayscanonicalizemaxdotsr.canonicaldomainsT) canonicalfinalF)_lookupgetintcountsplit canonicalize)rroptionscanonmaxdotsdomainsrrrlookups" * zSSHConfig.lookupNFcsdurt|jD]K}||dg|s$||dg|||s$q |dD]*\}vrA|dur<|ddn|<q*dkrTfdd|Dq*q |r^||S)Nr*r/r+rc3s |] }|vr|VqdSNr.0xrCrSrr sz$SSHConfig._lookup..) SSHConfigDictr_pattern_matchesrN _does_matchitemsextend_expand_variables)rrrSrKrLrArDrr\rrMs4    zSSHConfig._lookupc Csd}|D].}d||}t||}|dur|d}nzt|}Wn tjy+Ynw|r2|Sq|dddkr=|St|)ag Return canonicalized version of ``hostname``. :param str hostname: Target hostname. :param options: An `SSHConfigDict` from a previous lookup pass. :param domains: List of domains (e.g. ``["paramiko.org"]``). :returns: A canonicalized hostname if one was found, else ``None``. .. versionadded:: 2.7 Fz{}.{}NrcanonicalizefallbacklocalrF)r9_addressfamily_host_lookupsocket gethostbynamegaierrorrNr)rrrSrVfounddomain candidatefamily_specificrrrrRs"    zSSHConfig.canonicalizecCs$t}|jD] }||dq|S)z Return the set of literal hostnames defined in the SSH config (both explicit hostnames and wildcard entries). r*)setrupdate)rhostsentryrrr get_hostnamesEs zSSHConfig.get_hostnamescCsZt|dr |d}d}|D]}|dr"t||ddr"dSt||r*d}q|S)NrQ,F!rT)hasattrrQr6fnmatch)rpatternstargetr.patternrrrr_Os    zSSHConfig._pattern_matchescCsNg}|dd}t}|r|d} d} |dd} |dd} | d| d} }| dkr6||| r6dS| dkr=|} nU| d krCd S| d krR| pJ|}|||} n@| d kr]|||} n5| dkrl| pd|}|||} n&| d krw|||} n| dkr|||d|}tdurttj |dd dj } | dur|| | rdS| | |s|S)NrrusertypeparamrKFrLallTr* originalhost localuserexecrstdout)hidewarn) getpassgetuserpoprN _should_failr_ _tokenizeinvokeinvoke_import_errorrunokr<)r match_listtarget_hostnamerKrLrSmatched candidateslocal_usernamerkpassedconfigured_hostconfigured_usertype_r{hostvalryexec_cmdrrrr``sL      0zSSHConfig._does_matchcCs|dr|S| S)Nnegater)r would_passrkrrrrszSSHConfig._should_failc Cs||}|s |S|}|dkr|d|}d|vr|d}nt}t}d|vr-|d} n|} tdd} t|| } t j d} | |t || } t | | || | ||| || d }|}|D]\}}||vroqf||t|}qf|S)a Tokenize a string based on current config/hostname data. :param config: Current config data. :param target_hostname: Original target connection hostname. :param key: Config key being tokenized (used to filter token list). :param value: Config value being tokenized. :returns: The tokenized version of the input ``value`` string. rportryrIrr) r rr r r rrrrr)_allowed_tokensrNSSH_PORTrrrf gethostnamerQLazyFqdnosr$ expanduserreprrencode hexdigestrareplacestr)rr+rrCrDallowed_tokensconfigured_hostnamerry remoteuserlocal_hostname local_fqdnhomedirtohash replacements tokenizedfindrrrrrsD      zSSHConfig._tokenizecCs|j|gS)aJ Given config ``key``, return list of token strings to tokenize. .. note:: This feels like it wants to eventually go away, but is used to preserve as-strict-as-possible compatibility with OpenSSH, which for whatever reason only applies some tokens to some config keys. )TOKENS_BY_CONFIG_KEYrNrrCrrrrs zSSHConfig._allowed_tokenscCsr|D]4}||dur qt|j|||}t||tr.t||D] \}}|||||<q q|||||<q|S)aA Return a dict of config options with expanded substitutions for a given original & current target hostname. Please refer to :doc:`/api/config` for details. :param dict config: the currently parsed config :param str hostname: the hostname whose config is being looked up N)rr isinstancelist enumerate)rr+rk tokenizerirDrrrrcs zSSHConfig._expand_variablescCs*zt|WStytd|w)z> Return a list of host_names from host value. zUnparsable host {})shlexrQ ValueErrorrr9)rr*rrrr=s   zSSHConfig._get_hostsc sg}t|}|rHdddd}|d}|dr#d|d<|dd}||d <|d vr1||q|s:td ||d|d <|||s d d|D}d|vrdttfdd|ttfdd|}}d}t |rud}nd|vr| d| dkrd}|durt||S)z Parse a specific Match config line into a list-of-dicts for its values. Performs some parse-time validation as well. NF)rzr{rrrsTrrrz)r|rKrLz'Missing parameter to Match '{}' keywordr{cSsg|]}|dqS)rzrrYrrr sz*SSHConfig._get_matches..r|)r|rKcs|vSrXrr[ allowablerr"z(SSHConfig._get_matches..cs|vSrXrrrrrr#rz>Match does not allow 'all' mixed with anything but 'canonical'rKz-Match does not allow 'all' before 'canonical') rrQrr6r<rr9rfilteranyindex) rr.r/tokensrkeywordsrbaderrrrrr>sB       zSSHConfig._get_matches)NFF)__name__ __module__ __qualname____doc__r7compiler8rr classmethodr"r&rr'rWrMrRrqr_r`rrrrcr=r>rrrrr .s<      < B#) 8>  r cCsd|dd}|dkrdSztj}|dkrtj}t|d|tjtjtjWStj y1YdSw)a Try looking up ``hostname`` in an IPv4 or IPv6 specific manner. This is an odd duck due to needing use in two divergent use cases. It looks up ``AddressFamily`` in ``options`` and if it is ``inet`` or ``inet6``, this function uses `socket.getaddrinfo` to perform a family-specific lookup, returning the result if successful. In any other situation -- lookup failure, or ``AddressFamily`` being unspecified or ``any`` -- ``None`` is returned instead and the caller is expected to do something situation-appropriate like calling `socket.gethostbyname`. :param str hostname: Hostname to look up. :param options: `SSHConfigDict` instance w/ parsed options. :returns: ``getaddrinfo``-style tuples, or ``None``, depending. addressfamilyrNinet) rNr;rfAF_INET6AF_INET getaddrinfo SOCK_DGRAM IPPROTO_IP AI_CANONNAMErh)rrSaddress_familyfamilyrrrre/s$rec@s"eZdZdZdddZddZdS)rz7 Returns the host's fqdn on request as string. NcCsd|_||_||_dSrX)fqdnr+r*)rr+r*rrrrYs zLazyFqdn.__init__c Csl|jdur3d}t|j|j}|dur(|D]}|\}}}}}|r'd|vr'|}nq|dur0t}||_|jS)NrI)rrer*r+rfgetfqdn) rrresultsresafsocktypeproto canonnamesarrr__str__^s   zLazyFqdn.__str__rX)rrrrrrrrrrrTs  rc@s eZdZdZddZddZdS)r^a A dictionary wrapper/subclass for per-host configuration structures. This class introduces some usage niceties for consumers of `SSHConfig`, specifically around the issue of variable type conversions: normal value access yields strings, but there are now methods such as `as_bool` and `as_int` that yield casted values instead. For example, given the following ``ssh_config`` file snippet:: Host foo.example.com PasswordAuthentication no Compression yes ServerAliveInterval 60 the following code highlights how you can access the raw strings as well as usefully Python type-casted versions (recalling that keys are all normalized to lowercase first):: my_config = SSHConfig() my_config.parse(open('~/.ssh/config')) conf = my_config.lookup('foo.example.com') assert conf['passwordauthentication'] == 'no' assert conf.as_bool('passwordauthentication') is False assert conf['compression'] == 'yes' assert conf.as_bool('compression') is True assert conf['serveraliveinterval'] == '60' assert conf.as_int('serveraliveinterval') == 60 .. versionadded:: 2.5 cCs"||}t|tr |S|dkS)a Express given key's value as a boolean type. Typically, this is used for ``ssh_config``'s pseudo-boolean values which are either ``"yes"`` or ``"no"``. In such cases, ``"yes"`` yields ``True`` and any other value becomes ``False``. .. note:: If (for whatever reason) the stored value is already boolean in nature, it's simply returned. .. versionadded:: 2.5 rF)rboolr;)rrCvalrrras_bools  zSSHConfigDict.as_boolcCs t||S)z Express given key's value as an integer, if possible. This method will raise ``ValueError`` or similar if the value is not int-appropriate, same as the builtin `int` type. .. versionadded:: 2.5 )rOrrrras_ints zSSHConfigDict.as_intN)rrrrrrrrrrr^zs! r^)rrurrr7rrfhashlibrior functoolsrrr ImportErrore ssh_exceptionrrrr rerdictr^rrrrs6    %&