3 L]`@sdZddlZddlmZddlmZmZmZddlm Z ddl m Z ddl m Z mZmZddlmZed d \ZZZZZed d \ZZd ded d D\ZZZZZdded d D\ZZ Gddde!Z"Gddde"Z#Gddde!Z$Gddde!Z%dS)a This module provides GSS-API / SSPI Key Exchange as defined in :rfc:`4462`. .. note:: Credential delegation is not supported in server mode. .. note:: `RFC 4462 Section 2.2 `_ says we are not required to implement GSS-API error messages. Thus, in many methods within this module, if an error occurs an exception will be thrown and the connection will be terminated. .. seealso:: :doc:`/api/ssh_gss` .. versionadded:: 1.15 N)sha1)DEBUGmax_byte zero_byte)util)Message)byte_chr byte_maskbyte_ord) SSHException#(*cCsg|] }t|qS)r).0crr6/tmp/pip-install-wfra5znf/paramiko/paramiko/kex_gss.py @srcCsg|] }t|qSr)r)rrrrrrBsc@s|eZdZdZdZdZededZe dZ dZ dd Z d d Z d d ZddZddZddZddZddZddZdS) KexGSSGroup1z GSS-API / SSPI Authenticated Diffie-Hellman Key Exchange as defined in `RFC 4462 Section 2 `_ lE8{3If?E yZ3V58noPe?a- tBL y3W[`_ l&UG9 tcb0]Q\-:$90.`U_b;YS7x]Ek`:xds! ,w=HG2Cdc_.K?&j_c}z[\V_1M.D^/1v5 I jV&| /mVlR<6#{n4(EY91T:g8 H Apcb4BBj~Hrz)gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==N)rsrtrurvr(r'rwrrrrrx>srxc@sxeZdZdZdZdZdZdZddZdd Z d d Z d d Z ddZ ddZ ddZddZddZddZddZdS) KexGSSGexz GSS-API / SSPI Authenticated Diffie-Hellman Group Exchange as defined in `RFC 4462 Section 2 `_ z%gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==ii icCsD||_|jj|_d|_d|_d|_d|_d|_d|_d|_ d|_ dS)NF) rrrrpqgrrr old_style)r!rrrrr"Us zKexGSSGex.__init__cCsr|jjr|jjtdS|jj|_t}|jt|j|j |j|j |j|j |jj ||jjt dS)zV Start the GSS-API / SSPI Authenticated Diffie-Hellman Group Exchange N)rr%r)MSG_KEXGSS_GROUPREQrrr+c_MSG_KEXGSS_GROUPREQadd_intmin_bitspreferred_bitsmax_bitsr0MSG_KEXGSS_GROUP)r!r5rrrr6as       zKexGSSGex.start_kexcCs|tkr|j|S|tkr$|j|S|tkr6|j|S|tkrH|j|S|tkrZ|j |S|t krl|j |S|t kr~|j |Sd}t|j|dS)z Parse the next packet. :param ptype: The (string) type of the incoming packet :param `.Message` m: The paket content z'KexGex asked to handle packet type {:d}N)r~_parse_kexgss_groupreqr_parse_kexgss_groupr*_parse_kexgss_gex_initr1r8r2r9r3r:r4r;r r<)r!r=r5r>rrrr?ts        zKexGSSGex.parse_nextcCs|jdd}tj|d}t|d}t|}d}x|d@sN|dK}|dL}q4WxFtj|}t|d||dd}tj|d}|dkrR||krRPqRW||_ dS)NrArrr@) rzrZ deflate_longr lenrBrCr rFr)r!r{ZqnormZqhbyteZ byte_countZqmaskrGrrrrr$s      zKexGSSGex._generate_xcCs|j}|j}|j}||jkr(|j}||jkr8|j}||krD|}||krP|}||_||_||_|jj}|dkr|td|jjtdj ||||j |||\|_ |_ t }|jt|j|j |j|j |jj||jjtdS)z Parse the SSH2_MSG_KEXGSS_GROUPREQ message (server mode). :param `.Message` m: The content of the SSH2_MSG_KEXGSS_GROUPREQ message Nz-Can't do server-side gex with no modulus packzPicking p ({} <= {} <= {} bits))rorrrrZ_get_modulus_packr _logrr<Z get_modulusr|rzrr+c_MSG_KEXGSS_GROUPr/r0r)r*)r!r5ZminbitsZ preferredbitsZmaxbitspackrrrrs8        z KexGSSGex._parse_kexgss_groupreqcCs|j|_|j|_tj|j}|dks0|dkr>tdj||jjt dj||j t |j|j |j|_ t}|jt|j|jj|jd|j|j |jj||jjttttdS)z Parse the SSH2_MSG_KEXGSS_GROUP message (client mode). :param `Message` m: The content of the SSH2_MSG_KEXGSS_GROUP message ii z 2ryc@s(eZdZdZddZddZddZdS) rQz This class represents the Null Host Key for GSS-API Key Exchange as defined in `RFC 4462 Section 5 `_ cCs d|_dS)N)rn)r!rrrr"szNullHostKey.__init__cCs|jS)N)rn)r!rrrrYszNullHostKey.__str__cCs|jS)N)rn)r!rrrget_nameszNullHostKey.get_nameN)rsrtrurvr"rYrrrrrrQsrQ)&rvrBhashlibrZparamiko.commonrrrZparamikorZparamiko.messagerZparamiko.py3compatrr r Zparamiko.ssh_exceptionr ranger*r2r3r1r4r~rr,rNrkZc_MSG_KEXGSS_HOSTKEYZc_MSG_KEXGSS_ERRORrrobjectrrxryrQrrrr&s$    y R