a °…b¥3ã@shdZddlZddlZddlZddlZddlZddlZddlZddlZddl m Z ddl m Z m Z ddl mZddlmZmZddlmZddlmZdd lmZed ƒZd Zed ƒZd ZdZdZeedœZGdd„deƒZ Gdd„dej!ƒZ"Gdd„de"ƒZ#Gdd„de"ƒZ$dd„Z%Gdd„deƒZ&Gdd„de ƒZ'Gdd „d eƒZ(Gd!d"„d"e ƒZ)Gd#d$„d$eƒZ*dS)%z SSH Agent interface éN)Úselect)ÚasbytesÚio_sleep)Úbyte_chr)Ú SSHExceptionÚAuthenticationException)ÚMessage)ÚPKey)Úretry_on_signalé é é ééé)z rsa-sha2-256z rsa-sha2-512c@s<eZdZdd„Zdd„Zdd„Zdd„Zd d „Zd d „Zd S)ÚAgentSSHcCsd|_d|_dS©N©)Ú_connÚ_keys©Úselfrrú5/tmp/pip-target-98j97qn4/lib/python/paramiko/agent.pyÚ__init__;szAgentSSH.__init__cCs|jS)a4 Return the list of keys available through the SSH agent, if any. If no SSH agent was running (or it couldn't be contacted), an empty list will be returned. :return: a tuple of `.AgentKey` objects representing keys available on the SSH agent )rrrrrÚget_keys?s zAgentSSH.get_keyscCsd||_| t¡\}}|tkr$tdƒ‚g}t| ¡ƒD] }| t||  ¡ƒ¡|  ¡q4t |ƒ|_ dS)Nz!could not get keys from ssh-agent) rÚ _send_messageÚcSSH2_AGENTC_REQUEST_IDENTITIESÚSSH2_AGENT_IDENTITIES_ANSWERrÚrangeZget_intÚappendÚAgentKeyÚ get_binaryZ get_stringÚtupler)rÚconnÚptypeÚresultÚkeysÚirrrÚ_connectKs zAgentSSH._connectcCs$|jdur|j ¡d|_d|_dSr)rÚcloserrrrrÚ_closeVs  zAgentSSH._closecCsXt|ƒ}|j t dt|ƒ¡|¡| d¡}t| t d|¡d¡ƒ}t |  ¡ƒ|fS)Nz>Irr) rrÚsendÚstructÚpackÚlenÚ _read_allrÚunpackÚordZget_byte)rÚmsgÚdatarrrr\s  zAgentSSH._send_messagecCsb|j |¡}t|ƒ|kr^t|ƒdkr,tdƒ‚|j |t|ƒ¡}t|ƒdkrTtdƒ‚||7}q |S)Nrúlost ssh-agent)rÚrecvr.r)rÚwantedr%Úextrarrrr/cs     zAgentSSH._read_allN) Ú__name__Ú __module__Ú __qualname__rrr(r*rr/rrrrr:s   rc@s0eZdZdZdd„Zdd„Zdd„Zdd „Zd S) ÚAgentProxyThreadz@ Class in charge of communication between two channels. cCs"tjj||jd||_d|_dS)N)ÚtargetF)Ú threadingÚThreadrÚrunÚ_agentÚ_exit©rÚagentrrrrtszAgentProxyThread.__init__cCspz\| ¡\}}||_||_|j ¡t|jtƒsR|jjdusJt|jjdƒsRt dƒ‚|  ¡Wn‚Yn0dS)NÚfilenozUnable to connect to SSH agent) Úget_connectionÚ_AgentProxyThread__inrZ_AgentProxyThread__addrr@ÚconnectÚ isinstanceÚintrÚhasattrrÚ _communicate)rÚrÚaddrrrrr?ys    ÿ þ zAgentProxyThread.runcCsìddl}| |j|j¡}| |j|j|tjB¡|jsèt|jj |jgggdƒ}|dD]„}|jj |krœ|jj   d¡}t |ƒdkrŽ|j  |¡qÚ|  ¡qÜqV|j|krV|j  d¡}t |ƒdkrÎ|jj   |¡qV|  ¡qÜqVt t¡q0dS)Nrgà?i)ÚfcntlrFZF_GETFLZF_SETFLÚosÚ O_NONBLOCKrArr@rr5r.r+r*ÚtimeÚsleepr)rrNZoldflagsÚeventsÚfdr3rrrrKŒs&      zAgentProxyThread._communicatecCs d|_|j ¡|jj ¡dS)NT)rArFr)r@rrrrrr*¤s zAgentProxyThread._closeN)r8r9r:Ú__doc__rr?rKr*rrrrr;os r;c@s eZdZdZdd„Zdd„ZdS)ÚAgentLocalProxyzˆ Class to be used when wanting to ask a local SSH Agent being asked from a remote fake agent (so use a unix socket for ex.) cCst ||¡dS©N)r;rrBrrrr°szAgentLocalProxy.__init__cCsTt tjtj¡}z0| |j ¡¡| d¡| ¡\}}||fWS‚Yn0dS)zX Return a pair of socket object and string address. May block! éN)ÚsocketÚAF_UNIXÚ SOCK_STREAMÚbindr@Ú _get_filenameÚlistenÚaccept)rr#rLrMrrrrE³s   zAgentLocalProxy.get_connectionN©r8r9r:rUrrErrrrrVªsrVc@s eZdZdZdd„Zdd„ZdS)ÚAgentRemoteProxyzA Class to be used when wanting to ask a remote SSH Agent cCst ||¡||_dSrW)r;rÚ_AgentRemoteProxy__chan)rrCZchanrrrrÈs zAgentRemoteProxy.__init__cCs |jdfSrW)rbrrrrrEÌszAgentRemoteProxy.get_connectionNr`rrrrraÃsracs˜dtjvrLtjdkrLt tjtj¡‰zt‡fdd„ƒˆWSYdS0nHtjdkrddlm }m }d‰|  ¡r||  ¡‰n|  ¡rŒ|  ¡‰ˆSdSdS)zj Returns some SSH agent object, or None if none were found/supported. .. versionadded:: 2.10 Ú SSH_AUTH_SOCKÚwin32csˆ tjd¡S)Nrc)rGrOÚenvironr©r#rrÚÙóz&get_agent_connection..NrX©Ú win_pageantÚ win_openssh)rOreÚsysÚplatformrYrZr[r ÚrjrkZcan_talk_to_agentZPageantConnectionZOpenSSHAgentConnectionrirrfrÚget_agent_connectionÐs    roc@s0eZdZdZdd„Zdd„Zdd„Zdd „Zd S) ÚAgentClientProxya˜ Class proxying request as a client: #. client ask for a request_forward_agent() #. server creates a proxy and a fake SSH Agent #. server ask for establishing a connection when needed, calling the forward_agent_handler at client side. #. the forward_agent_handler launch a thread for connecting the remote fake agent and the local agent #. Communication occurs ... cCs&d|_||_t||ƒ|_|j ¡dSrW)rZ_AgentClientProxy__chanRraÚthreadÚstart©rZ chanRemoterrrrùs zAgentClientProxy.__init__cCs | ¡dSrW©r)rrrrÚ__del__ÿszAgentClientProxy.__del__cCstƒ}|sdS||_dS)zJ Method automatically called by ``AgentProxyThread.run``. N)ror©rr#rrrrGszAgentClientProxy.connectcCs6t|dƒrd|j_|j d¡|jdur2|j ¡dS)zh Close the current connection and terminate the agent Should be called manually rqTéèN)rJrqrAÚjoinrr)rrrrr) s    zAgentClientProxy.closeN)r8r9r:rUrrurGr)rrrrrpìs   rpc@s@eZdZdZdd„Zdd„Zdd„Zdd „Zd d „Zd d „Z dS)ÚAgentServerProxyz‘ :param .Transport t: Transport used for SSH Agent communication forwarding :raises: `.SSHException` -- mostly if we lost the agent cCsPt |¡||_t d¡|_t |jtj ¡|jd|_ t |ƒ|_ |j   ¡dS)NZsshproxyz /sshproxy.ssh)rrÚ_AgentServerProxy__tÚtempfileÚmkdtempÚ_dirrOÚchmodÚstatÚS_IRWXUÚ_filerVrqrr)rÚtrrrrs    zAgentServerProxy.__init__cCs | ¡dSrWrtrrrrru'szAgentServerProxy.__del__cCs2|j ¡}|durtdƒ‚| d¡| |¡dS)Nr4z auth-agent)rzZopen_forward_agent_channelrÚset_namer()rZ conn_sockrrrrG*s   zAgentServerProxy.connectcCs8t |j¡t |j¡d|j_|j d¡| ¡dS)zk Terminate the agent, clean the files, close connections Should be called manually TrwN) rOÚremoverÚrmdirr}rqrArxr*rrrrr)1s    zAgentServerProxy.closecCs d| ¡iS)z— Helper for the environnement under unix :return: a dict containing the ``SSH_AUTH_SOCK`` environnement variables rc)r]rrrrÚget_env<szAgentServerProxy.get_envcCs|jSrW)rrrrrr]EszAgentServerProxy._get_filenameN) r8r9r:rUrrurGr)r†r]rrrrrys   ryc@s0eZdZdZdd„Zdd„Zdd„Zdd „Zd S) ÚAgentRequestHandlera¥ Primary/default implementation of SSH agent forwarding functionality. Simply instantiate this class, handing it a live command-executing session object, and it will handle forwarding any local SSH agent processes it finds. For example:: # Connect client = SSHClient() client.connect(host, port, username) # Obtain session session = client.get_transport().open_session() # Forward local agent AgentRequestHandler(session) # Commands executed after this point will see the forwarded agent on # the remote end. session.exec_command("git clone https://my.git.repository/") cCs"d|_||_| |j¡g|_dSrW)rZ_AgentRequestHandler__chanCZrequest_forward_agentÚ_forward_agent_handlerÚ"_AgentRequestHandler__clientProxys)rZ chanClientrrrr_s zAgentRequestHandler.__init__cCs|j t|ƒ¡dSrW)r‰rrprsrrrrˆesz*AgentRequestHandler._forward_agent_handlercCs | ¡dSrWrtrrrrruhszAgentRequestHandler.__del__cCs|jD] }| ¡qdSrW)r‰r))rÚprrrr)ks zAgentRequestHandler.closeN)r8r9r:rUrrˆrur)rrrrr‡Is r‡c@s eZdZdZdd„Zdd„ZdS)ÚAgenta× Client interface for using private keys from an SSH agent running on the local machine. If an SSH agent is running, this class can be used to connect to it and retrieve `.PKey` objects which can be used when attempting to authenticate to remote SSH servers. Upon initialization, a session with the local machine's SSH agent is opened, if one is running. If no agent is running, initialization will succeed, but `get_keys` will return an empty tuple. :raises: `.SSHException` -- if an SSH agent is found, but speaks an incompatible protocol .. versionchanged:: 2.10 Added support for native openssh agent on windows (extending previous putty pageant support) cCs&t |¡tƒ}|sdS| |¡dSrW)rrror(rvrrrrƒs  zAgent.__init__cCs | ¡dS)z1 Close the SSH agent connection. N)r*rrrrr)‹sz Agent.closeN)r8r9r:rUrr)rrrrr‹psr‹c@sFeZdZdZdd„Zdd„Zdd„Zdd „Zed d „ƒZ dd d„Z d S)r z´ Private key held in a local SSH agent. This type of key can be used for authenticating to a remote server (signing). Most other key operations work as expected. cCs$||_||_d|_t|ƒ ¡|_dSrW)rCÚblobZ public_blobrZget_textÚname)rrCrŒrrrr™szAgentKey.__init__cCs|jSrW)rŒrrrrrŸszAgentKey.asbytescCs| ¡SrW)rrrrrÚ__str__¢szAgentKey.__str__cCs|jSrW)rrrrrÚget_name¥szAgentKey.get_namecCst‚dSrW)ÚNotImplementedErrorrrrrÚ_fields¨szAgentKey._fieldsNcCs`tƒ}| t¡| |j¡| |¡| t |d¡¡|j  |¡\}}|t krXt dƒ‚|  ¡S)Nrzkey cannot be used for signing) rZadd_byteÚcSSH2_AGENTC_SIGN_REQUESTZ add_stringrŒZadd_intÚALGORITHM_FLAG_MAPÚgetrCrÚSSH2_AGENT_SIGN_RESPONSErr!)rr3Ú algorithmr2r$r%rrrÚ sign_ssh_data¬s   zAgentKey.sign_ssh_data)N) r8r9r:rUrrrŽrÚpropertyr‘r—rrrrr ’s r )+rUrOrYr,rlr=rQr{rrZparamiko.commonrrZparamiko.py3compatrZparamiko.ssh_exceptionrrZparamiko.messagerZ paramiko.pkeyr Z paramiko.utilr rrr’r•ZSSH_AGENT_RSA_SHA2_256ZSSH_AGENT_RSA_SHA2_512r“Úobjectrr>r;rVrarorpryr‡r‹r rrrrÚsD     þ5; +2'"