o g_@sdZddlZddlmZddlmZmZmZmZm Z m Z ddl m Z ddl mZddlmZedd \ZZZZZed d \ZZd d edd D\ZZZZZdd ed d D\ZZGdddZ Gddde Z!GdddZ"GdddZ#dS)a This module provides GSS-API / SSPI Key Exchange as defined in :rfc:`4462`. .. note:: Credential delegation is not supported in server mode. .. note:: `RFC 4462 Section 2.2 `_ says we are not required to implement GSS-API error messages. Thus, in many methods within this module, if an error occurs an exception will be thrown and the connection will be terminated. .. seealso:: :doc:`/api/ssh_gss` .. versionadded:: 1.15 N)sha1)DEBUGmax_byte zero_bytebyte_chr byte_maskbyte_ord)util)Message) SSHException#(*cCg|]}t|qSr.0crrJ/var/www/html/api-tag/env/lib/python3.10/site-packages/paramiko/kex_gss.py FsrcCrrrrrrrrGsc@s|eZdZdZdZdZededZe dZ dZ dd Z d d Z d d ZddZddZddZddZddZddZdS) KexGSSGroup1z GSS-API / SSPI Authenticated Diffie-Hellman Key Exchange as defined in `RFC 4462 Section 2 `_ lE8{3If?E yZ3V58noPe?a- tBL y3W[sX                 zKexGSSGroup1._parse_kexgss_initcC2|}|}|}|td|||)a Parse the SSH2_MSG_KEXGSS_ERROR message (client mode). The server may send a GSS-API error message. if it does, we display the error by throwing an exception (client mode). :param `.Message` m: The content of the SSH2_MSG_KEXGSS_ERROR message :raise SSHException: Contains GSS-API major and minor status as well as the error message and the language tag of the message CGSS-API Error: Major Status: {} Minor Status: {} Error Message: {} get_intrSr rCr%r; maj_status min_statuserr_msgrrrrB* z KexGSSGroup1._parse_kexgss_errorN)__name__ __module__ __qualname____doc__r-r,rrrLrrMNAMEr&r<rGr)r?r@rAr>rBrrrrrLs  - 8rc@seZdZdZdZdZdZdS) KexGSSGroup14z GSS-API / SSPI Authenticated Diffie-Hellman Group14 Key Exchange as defined in `RFC 4462 Section 2 `_ l&UG9 tcb0]Q\-:$90.`U_b;YS7x]Ek`:xds! ,w=HG2Cdc_.K?&j_c}z[\V_1M.D^/1v5 I jV&| /mVlR<6#{n4(EY91T:g8 H Apcb4BBj~Hrz)gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==N)rrrrr-r,rrrrrrDs rc@sxeZdZdZdZdZdZdZddZdd Z d d Z d d Z ddZ ddZ ddZddZddZddZddZdS) KexGSSGexz GSS-API / SSPI Authenticated Diffie-Hellman Group Exchange as defined in `RFC 4462 Section 2 `_ z%gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g== icCsD||_|jj|_d|_d|_d|_d|_d|_d|_d|_ d|_ dS)NF) rrrr pqgr!r"r# old_styler$rrrr&[s  zKexGSSGex.__init__cCsr|jjr |jtdS|jj|_t}|t||j ||j ||j |j ||jt dS)zV Start the GSS-API / SSPI Authenticated Diffie-Hellman Group Exchange N)rr*r.MSG_KEXGSS_GROUPREQr r r0c_MSG_KEXGSS_GROUPREQadd_intmin_bitspreferred_bitsmax_bitsr5MSG_KEXGSS_GROUPr:rrrr<gs       zKexGSSGex.start_kexcCs|tkr ||S|tkr||S|tkr||S|tkr$||S|tkr-| |S|t kr6| |S|t kr?| |Sd}t||)r=z'KexGex asked to handle packet type {:d})r_parse_kexgss_groupreqr_parse_kexgss_groupr/_parse_kexgss_gex_initr6r?r7r@r8rAr9rBr rCrDrrrrGzs        zKexGSSGex.parse_nextcCs|jdd}t|d}t|d}t|}d}|d@s)|dK}|dL}|d@r t|}t|d||dd}t|d}|dkrK||krKnq*||_ dS)NrHrrrI) rr deflate_longrlenrJrKrrNr!)r%rqnormqhbyte byte_countqmaskrOr!rrrr)s"     zKexGSSGex._generate_xcCs|}|}|}||jkr|j}||jkr|j}||kr"|}||kr(|}||_||_||_|j}|dur>td|jtd |||| |||\|_ |_ t }|t||j ||j |j||jtdS)z Parse the SSH2_MSG_KEXGSS_GROUPREQ message (server mode). :param `.Message` m: The content of the SSH2_MSG_KEXGSS_GROUPREQ message Nz-Can't do server-side gex with no modulus packzPicking p ({} <= {} <= {} bits))rrrrr_get_modulus_packr _logrrC get_modulusrrr r0c_MSG_KEXGSS_GROUPr4r5r.r/)r%r;minbits preferredbitsmaxbitspackrrrrs<       z KexGSSGex._parse_kexgss_groupreqcCs||_||_t|j}|dks|dkrtd||jt d|| t |j|j |j|_ t}|t||jj|jd||j |j||jttttdS)z Parse the SSH2_MSG_KEXGSS_GROUP message (client mode). :param `Message` m: The content of the SSH2_MSG_KEXGSS_GROUP message rrzs  z KexGSSGex._parse_kexgss_continuecCsz|jjdur t|j_||_|}|}d}|r |}|jdks-|j|jdkr1tdt |j|j |j}t }| |jj |jj|jj|jj|jj|js[||j||j|jsj||j||j||j||j||j||t|}|j|||dur|jj|j |d|j!||n|j!||d|j_"|j#dS)z Parse the SSH2_MSG_KEXGSS_COMPLETE message (client mode). :param `Message` m: The content of the SSH2_MSG_KEXGSS_COMPLETE message NrHrarZT)$rrTrbrcr#rSrdrr r+r!r rerfrgrhrirjrrrrrr4rr"rrzrlrmrr3r rnrorprqrrrrATsN            z KexGSSGex._parse_kexgss_completecCr)a Parse the SSH2_MSG_KEXGSS_ERROR message (client mode). The server may send a GSS-API error message. if it does, we display the error by throwing an exception (client mode). :param `Message` m: The content of the SSH2_MSG_KEXGSS_ERROR message :raise SSHException: Contains GSS-API major and minor status as well as the error message and the language tag of the message rrrrrrrBrzKexGSSGex._parse_kexgss_errorN)rrrrrrrrr&r<rGr)rrrr?r@rArBrrrrrPs" ,!>  2rc@s(eZdZdZddZddZddZdS) rbz This class represents the Null Host Key for GSS-API Key Exchange as defined in `RFC 4462 Section 5 `_ cCs d|_dS)Nrr%rrrr&s zNullHostKey.__init__cC|jSNrrrrrrjzNullHostKey.__str__cCrrrrrrrget_namerzNullHostKey.get_nameN)rrrrr&rjrrrrrrbs  rb)$rrJhashlibrparamiko.commonrrrrrrparamikor paramiko.messager paramiko.ssh_exceptionr ranger/r7r8r6r9rrr1r]rc_MSG_KEXGSS_HOSTKEYc_MSG_KEXGSS_ERRORrrrrrrbrrrrs@       y R