o g^@sdZddlZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z m Z mZmZmZmZmZddlmZddlmZmZddlmZd d ZGd d d eZd dZGdddZdS)z Packet handling N)HMAC)util) linefeed_byte cr_byte_value MSG_NAMESDEBUG xffffffff zero_bytebyte_ord)u) SSHExceptionProxyCommandFailure)MessagecCst|||SN)rdigest)keymessage digest_classrI/var/www/html/api-tag/env/lib/python3.10/site-packages/paramiko/packet.py compute_hmac.src@seZdZdZdS)NeedRekeyExceptionz1 Exception indicating a rekey is needed. N)__name__ __module__ __qualname____doc__rrrrr2srcCs.d}t|jturt|jdkr|jd}|SNr)typeargstuplelen)eargrrr first_arg:s r#c@sHeZdZdZeddZeddZeddZeddZddZ e ddZ dd Z d d Z d d Z    dDddZ   dEddZddZddZddZddZddZddZd d!Zd"d#Zd$d%Zd&d'Zd(d)Zd*d+Zd,d-ZdFd.d/Zd0d1Zd2d3Z d4d5Z!d6d7Z"d8d9Z#d:d;Z$dd?Z&d@dAZ'dBdCZ(dS)G Packetizerz9 Implementation of the base SSH packet protocol. cCs||_d|_d|_d|_d|_d|_t|_d|_d|_ d|_ d|_ d|_ d|_ d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_t|_t|_d|_d|_d|_d|_d|_d|_d|_ d|_!d|_"d|_#t$%|_&d|_'t((|_)d|_*d|_+d|_,d|_-dS)NFr)._Packetizer__socket_Packetizer__logger_Packetizer__closed_Packetizer__dump_packets_Packetizer__need_rekey_Packetizer__init_countbytes_Packetizer__remainder_initial_kex_done_Packetizer__sent_bytes_Packetizer__sent_packets_Packetizer__received_bytes_Packetizer__received_packets$_Packetizer__received_bytes_overflow&_Packetizer__received_packets_overflow_Packetizer__block_size_out_Packetizer__block_size_in_Packetizer__mac_size_out_Packetizer__mac_size_in_Packetizer__block_engine_out_Packetizer__block_engine_in_Packetizer__sdctr_out_Packetizer__mac_engine_out_Packetizer__mac_engine_in_Packetizer__mac_key_out_Packetizer__mac_key_in _Packetizer__compress_engine_out_Packetizer__compress_engine_in _Packetizer__sequence_number_out_Packetizer__sequence_number_in_Packetizer__etm_out_Packetizer__etm_in_Packetizer__aead_out_Packetizer__aead_in_Packetizer__iv_out_Packetizer__iv_in threadingRLock_Packetizer__write_lock_Packetizer__keepalive_intervaltime_Packetizer__keepalive_last_Packetizer__keepalive_callback_Packetizer__timer_Packetizer__handshake_complete_Packetizer__timer_expired)selfsocketrrr__init__QsT   zPacketizer.__init__cC|jSr)r*rVrrrclosedszPacketizer.closedcC d|_dSr)rDrZrrrreset_seqno_out zPacketizer.reset_seqno_outcCr\r)rErZrrrreset_seqno_inr^zPacketizer.reset_seqno_incCs ||_dS)z? Set the Python log object to use for logging. N)r))rVlogrrrset_logs zPacketizer.set_logFNc Csn||_||_||_||_||_||_d|_d|_||_||_ | |_ |j dO_ |j dkr5d|_ d|_ dSdS)zd Switch outbound data cipher. :param etm: Set encrypt-then-mac from OpenSSH rFN) r;r=r7r>r9r@r1r2rFrHrJr-r,) rV block_engine block_size mac_enginemac_sizemac_keysdctretmaeadiv_outrrrset_outbound_ciphers   zPacketizer.set_outbound_cipherc Cst||_||_||_||_||_d|_d|_d|_d|_||_ ||_ ||_ |j dO_ |j dkr8d|_ d|_ dSdS)zc Switch inbound data cipher. :param etm: Set encrypt-then-mac from OpenSSH rr%rcFN)r<r8r?r:rAr3r4r5r6rGrIrKr-r,) rVrdrerfrgrhrjrkiv_inrrrset_inbound_ciphers"  zPacketizer.set_inbound_ciphercC ||_dSr)rBrV compressorrrrset_outbound_compressorr^z"Packetizer.set_outbound_compressorcCrpr)rCrqrrrset_inbound_compressorr^z!Packetizer.set_inbound_compressorcCsd|_|jdSNT)r*r(closerZrrrrvszPacketizer.closecCrprr+)rVhexdumprrr set_hexdumpr^zPacketizer.set_hexdumpcCrYrrwrZrrr get_hexdumpzPacketizer.get_hexdumpcCrYr)r:rZrrrget_mac_size_inr{zPacketizer.get_mac_size_incCrYr)r9rZrrrget_mac_size_outr{zPacketizer.get_mac_size_outcCrY)z Returns ``True`` if a new set of keys needs to be negotiated. This will be triggered during a packet read or write, so it should be checked after every read or write, or at least after every few. r,rZrrr need_rekeyszPacketizer.need_rekeycCs||_||_t|_dS)z Turn on/off the callback keepalive. If ``interval`` seconds pass with no data read from or written to the socket, the callback will be executed and the timer will be reset. N)rOrRrPrQ)rVintervalcallbackrrr set_keepaliveszPacketizer.set_keepalivecCr\ru)rUrZrrr read_timerr^zPacketizer.read_timercCs,|jstt||j|_|jdSdS)z Tells `Packetizer` that the handshake process started. Starts a book keeping timer that can signal a timeout in the handshake process. :param float timeout: amount of seconds to wait before timing out N)rSrLTimerfloatrstart)rVtimeoutrrrstart_handshakeszPacketizer.start_handshakecCs|jsdS|jr dS|jS)aR Checks if the handshake has timed out. If `start_handshake` wasn't called before the call to this function, the return value will always be `False`. If the handshake completed before a timeout was reached, the return value will be `False` :return: handshake time out status, as a `bool` F)rSrTrUrZrrrhandshake_timed_outs  zPacketizer.handshake_timed_outcCs$|jr|jd|_d|_dSdS)zF Tells `Packetizer` that the handshake has completed. FTN)rScancelrUrTrZrrrcomplete_handshake#s   zPacketizer.complete_handshakec Cs2t}t|jdkr|jd|}|j|d|_|t|8}|dkrd}|r,tz|j|}t|dkr, length {}zOUT: r>Irb/Sequence number rolled over during initial kex!z(Rekeying (hit {} packets, {} bytes sent)))asbytesr rformatr rNacquirerB _build_packetr+_logrr format_binaryr;rFupdaterHencryptrJrstructpackrDrr@r>r9rr0r rr1r2 REKEY_PACKETS REKEY_BYTESr,r5r6_trigger_rekeyrelease) rVdatacmdcmd_nameorig_lenpacketrpackedpayloadnext_seq sent_too_muchmsgrrr send_messages|                 zPacketizer.send_messagecCs>|j|jdd}|jrVtd|ddd}||jd}|dd|j|dd}|j|jdd}td|j||}t|j ||j d|j}t ||sTt d |}|jrtd|ddd}|dd}||jd|j}|dd|j|dd}|j|j||}||j|_|jdur|js|j|}|jr|tt |d |js|jr|}nQtd|ddd}|dd} |t| |jdkrt d |||jt| } | d|t| }| |t| d} |jdur|j|}| |}|jr|tt |d |jdkrL|jsL|jsL| d|j}td|j||}t|j ||j d|j}t ||sLt d t|d} |d || } |jrh|td || |jdurs|| } t| d d}|j|_|jd t@}|dkr|jst d||_||jd}|j |7_ |j!d 7_!|j"r|j#|7_#|j$d 7_$|j$|j%ks|j#|j&krt dn&|j!|j'ks|j |j(krd}|t||j!|j d|_#d|_$|)t| d}|t*vrt*|}nd|}|jr|td|t| ||fS)z Only one thread should ever be in this function (no other locking is done). :raises: `.SSHException` -- if the packet is mangled :raises: `.NeedRekeyException` -- if the transport should rekey T)rrNrrFz>IIzMismatched MACzIN: zInvalid packet blockingrbz"Got payload ({} bytes, {} padding)rz+Remote transport is ignoring rekey requestsz,Rekeying (hit {} packets, {} bytes received)rzRead packet <{}>, length {})+rr8rGrunpackr:rrErrAr?rconstant_time_bytes_eqr rIr<decryptrKrrr+rrrr r rrCrseqnorr0r3r4r,r5r6REKEY_PACKETS_OVERFLOW_MAXREKEY_BYTES_OVERFLOW_MAXrrrr)rVheader packet_size remainingrmac mac_payloadmy_macaadleftoverr post_packetpaddingrrrraw_packet_sizeerrrrrrr read_messages                zPacketizer.read_messagecCsJ|jdurdStt|tr|D] }|j||qdS|j||dSr)r) issubclassrlistr`)rVlevelrmrrrr}s zPacketizer._logcCsD|jr |jr |jr dSt}||j|jkr |||_dSdSr)rOr;r,rPrQrR)rVnowrrrrs zPacketizer._check_keepalivecCsnt} z|jd}t|dkrtW|Stjy!Ynw|jr(tt}|||kr6tq)NTr)rPr(rr rrWrr*)rVrrrrrrrrs"   zPacketizer._read_timeoutcCs|j}|js |jr dnd}d|t|||}tdt||d|}||7}|js2|jdur:|t|7}|S|t |7}|S)Nrr'rcz>IBrb) r7rFrHr rrr=r;r osurandom)rVrbsizeaddlenrrrrrrs zPacketizer._build_packetcCr\rur~rZrrrrs zPacketizer._trigger_rekey)FFFN)FFN)F))rrrrpowrrrrrXpropertyr[r]r_rarmrorsrtrvryrzr|r}rrrrrrrrrrrrrrrrrrrrrr$As\    7   ) "   0( J   r$)rrrrWrrLrPhmacrparamikorparamiko.commonrrrrrr r paramiko.utilr paramiko.ssh_exceptionr r paramiko.messagerrrrr#r$rrrrs"  $