7g^dZddlZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z m Z mZmZmZmZmZddlmZddlmZmZddlmZd ZGd d eZd ZGd dZdS)z Packet handling N)HMAC)util) linefeed_byte cr_byte_value MSG_NAMESDEBUG xffffffff zero_bytebyte_ord)u) SSHExceptionProxyCommandFailure)MessagecHt|||SN)rdigest)keymessage digest_classs I/var/www/html/syslog/venv/lib/python3.11/site-packages/paramiko/packet.py compute_hmacr.s Wl + + 2 2 4 44ceZdZdZdS)NeedRekeyExceptionz1 Exception indicating a rekey is needed. N)__name__ __module__ __qualname____doc__rrrr2s Drrcd}t|jtur%t|jdkr |jd}|SNr)typeargstuplelen)eargs r first_argr(:s: C AF||uQVqfQi JrcPeZdZdZeddZeddZeddZeddZdZ e dZ dZ dZ dZ d%d Z d&d Zd ZdZdZdZdZdZdZdZdZdZdZdZdZd'dZdZdZ dZ!dZ"dZ#d Z$d!Z%d"Z&d#Z'd$Z(d S)( Packetizerz9 Implementation of the base SSH packet protocol. c||_d|_d|_d|_d|_d|_t |_d|_d|_ d|_ d|_ d|_ d|_ d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_t |_t |_d|_d|_d|_d|_d|_d|_d|_ d|_!d|_"d|_#tIj%|_&d|_'tQj(|_)d|_*d|_+d|_,d|_-dS)NFr)._Packetizer__socket_Packetizer__logger_Packetizer__closed_Packetizer__dump_packets_Packetizer__need_rekey_Packetizer__init_countbytes_Packetizer__remainder_initial_kex_done_Packetizer__sent_bytes_Packetizer__sent_packets_Packetizer__received_bytes_Packetizer__received_packets$_Packetizer__received_bytes_overflow&_Packetizer__received_packets_overflow_Packetizer__block_size_out_Packetizer__block_size_in_Packetizer__mac_size_out_Packetizer__mac_size_in_Packetizer__block_engine_out_Packetizer__block_engine_in_Packetizer__sdctr_out_Packetizer__mac_engine_out_Packetizer__mac_engine_in_Packetizer__mac_key_out_Packetizer__mac_key_in _Packetizer__compress_engine_out_Packetizer__compress_engine_in _Packetizer__sequence_number_out_Packetizer__sequence_number_in_Packetizer__etm_out_Packetizer__etm_in_Packetizer__aead_out_Packetizer__aead_in_Packetizer__iv_out_Packetizer__iv_in threadingRLock_Packetizer__write_lock_Packetizer__keepalive_intervaltime_Packetizer__keepalive_last_Packetizer__keepalive_callback_Packetizer__timer_Packetizer__handshake_complete_Packetizer__timer_expired)selfsockets r__init__zPacketizer.__init__Qsr   #! 77!& !"#)*&+,(!" "&!%  $#"WW!GG%)"$(!%&"$%!    &O--%&! $ $(! $)!$rc|jSr)r1r]s rclosedzPacketizer.closeds }rcd|_dSr!)rKras rreset_seqno_outzPacketizer.reset_seqno_outs%&"""rcd|_dSr!)rLras rreset_seqno_inzPacketizer.reset_seqno_ins$%!!!rc||_dS)z? Set the Python log object to use for logging. N)r0)r]logs rset_logzPacketizer.set_logs rFNc ||_||_||_||_||_||_d|_d|_||_||_ | |_ |xj dzc_ |j dkrd|_ d|_ dSdS)zd Switch outbound data cipher. :param etm: Set encrypt-then-mac from OpenSSH rFN) rBrDr>rEr@rGr8r9rMrOrQr4r3) r] block_engine block_size mac_enginemac_sizemac_keysdctretmaeadiv_outs rset_outbound_cipherzPacketizer.set_outbound_ciphers #/  * *&$  Q   ! ! !D  %D    " !rc ||_||_||_||_||_d|_d|_d|_d|_||_ ||_ ||_ |xj dzc_ |j dkrd|_ d|_ dSdS)zc Switch inbound data cipher. :param etm: Set encrypt-then-mac from OpenSSH rr+rlFN)rCr?rFrArHr:r;r<r=rNrPrRr4r3) r]rmrnrorprqrsrtiv_ins rset_inbound_cipherzPacketizer.set_inbound_ciphers".))%# !"#)*&+,(   Q   ! ! !D  %D    " !rc||_dSr)rIr] compressors rset_outbound_compressorz"Packetizer.set_outbound_compressors%/"""rc||_dSr)rJr{s rset_inbound_compressorz!Packetizer.set_inbound_compressors$.!!!rcFd|_|jdSNT)r1r/closeras rrzPacketizer.closes#  rc||_dSrr2)r]hexdumps r set_hexdumpzPacketizer.set_hexdumps%rc|jSrrras r get_hexdumpzPacketizer.get_hexdump ""rc|jSr)rAras rget_mac_size_inzPacketizer.get_mac_size_ins !!rc|jSr)r@ras rget_mac_size_outzPacketizer.get_mac_size_outrrc|jS)z Returns ``True`` if a new set of keys needs to be negotiated. This will be triggered during a packet read or write, so it should be checked after every read or write, or at least after every few. r3ras r need_rekeyzPacketizer.need_rekeys   rcR||_||_tj|_dS)z Turn on/off the callback keepalive. If ``interval`` seconds pass with no data read from or written to the socket, the callback will be executed and the timer will be reset. N)rVrYrWrX)r]intervalcallbacks r set_keepalivezPacketizer.set_keepalives( %-!$,! $ rcd|_dSr)r\ras r read_timerzPacketizer.read_timers#rc|jsGtjt||j|_|jdSdS)z Tells `Packetizer` that the handshake process started. Starts a book keeping timer that can signal a timeout in the handshake process. :param float timeout: amount of seconds to wait before timing out N)rZrSTimerfloatrstart)r]timeouts rstart_handshakezPacketizer.start_handshakesM| !$?5>>4?KKDL L    ! !rc4|jsdS|jrdS|jS)aR Checks if the handshake has timed out. If `start_handshake` wasn't called before the call to this function, the return value will always be `False`. If the handshake completed before a timeout was reached, the return value will be `False` :return: handshake time out status, as a `bool` F)rZr[r\ras rhandshake_timed_outzPacketizer.handshake_timed_outs,| 5  $ 5##rcf|jr)|jd|_d|_dSdS)zF Tells `Packetizer` that the handshake has completed. FTN)rZcancelr\r[ras rcomplete_handshakezPacketizer.complete_handshake#sB < - L   ! ! !#(D (,D % % % - -rc>t}t|jdkr5|jd|}|j|d|_|t|z}|dkr:d}|rt  |j|}t|dkrt ||z }|t|z}nf#tj$rd}YnStj $rB}t|}|tj krd}n|j rt Yd}~nd}~wwxYw|rS|j rt |r(t|dkr|jrt||dk:|S)a& Read as close to N bytes as possible, blocking as long as necessary. :param int n: number of bytes to read :return: the data read, as a `str` :raises: ``EOFError`` -- if the socket was closed before all the bytes could be read rNFT)r5r%r6rEOFErrorr/recvr^rerrorr(errnoEAGAINr1r3r_check_keepalive)r]n check_rekeyout got_timeoutxr&r's rread_allzPacketizer.read_all,sgg t 1 $ $"2A2&C#/3D  SMA!eeK'')) !jj  M&&q))q66Q;;"**$qSVV > # # #" <    ll%,&&"&KK]"**$  KKKK  (=%"**$/CHHMMt7HM,...%%'''9!ee: sACD>.D><8D99D>c:tj|_d}t|dkrd} |j|}ni#t j$rd}YnVt j$r.}t|}|tj krd}nd}Yd}~nd}~wt$rt$rd}YnwxYw|r d}|j rd}n|dkr|dkrd}|dz }|dkrt|t|krn||d}t|dkdS)NrFT rk)rWrXr%r/sendr^rrr(rrr Exceptionr1r)r]r#iteration_with_zero_as_return_value retry_writerr&r's r write_allzPacketizer.write_all\sn $ ./+#hhllK M&&s++> # # #" <   ll%,&&"&KKA&        9=A66ABFF A3q831uujj CHH}}abb'CE#hhllF s#A B2B2-$BB21B2cJ|j}t|vr!|||z }t|v!|t}||dzd|_|d|}t |dkr|dt kr |dd}t |S)z Read a line from the socket. We assume no data is pending after the line, so it's okay to attempt large reads. rkNrr)r6r _read_timeoutindexr%rr )r]rbufrs rreadlinezPacketizer.readlines 3&& 4%%g.. .C3&& IIm $ $q1uww<"1"g HHqLLs2w-77crc(Cvv rc|dd}t|d}|dz}|dd}|dd|z}|S)Nbigrkr.r)int from_bytesto_bytes)r]iv iv_counter_b iv_counterinc_iv_counterinc_iv_counter_bnew_ivs r_inc_iv_counterzPacketizer._inc_iv_counters[!""v ^^L%88 #a)221e<<AaC++ rc|}t|d}|tvrt|}nd|}t |}|j |j||}||}|j r]| td||| ttj |d|j|jr.|dd|j|ddz}n|jr\|dd|j|j|dd|ddz}||j|_n|j|}n|}|jZ|jsSt+jd|j}||jr|n|z}|t1|j||jd|jz }|jdzt8z} | dkr|jst=d | |_|||xj t |z c_ |xj!dz c_!|j!|j"kp|j |j#k} | rd|j$s]d } | t| |j!|j d|_%d|_&|'|j(dS#|j(wxYw) zR Write a block of data using the current cipher, as an SSH block. r${:x}NzWrite packet <{}>, length {}zOUT: r>Irk/Sequence number rolled over during initial kex!z(Rekeying (hit {} packets, {} bytes sent)))asbytesr rformatr%rUacquirerI _build_packetr2_logrr format_binaryrBrMupdaterOencryptrQrstructpackrKrrGrEr@r r7r rr8r9 REKEY_PACKETS REKEY_BYTESr3r<r=_trigger_rekeyrelease) r]datacmdcmd_nameorig_lenpacketrpackedpayloadnext_seq sent_too_muchmsgs r send_messagezPacketizer.send_messages~ ||~~tAw )   ~HH~~c**Ht99 !!###; ()511$77''--F" F 299(HMM %!3FG!D!DEEE&2>A 1+(?(F(Fqrr ))CC_ A!1+(?(G(G vabbz6!A#;))C%)$8$8$G$GDMM188@@CC&24?2T4+EFF 4>$ECCvF|&1F'D''))2Q6)CH1}}T%;}"E*2D & NN3      S )     1 $  #t'999$(88  &T%6 &@ 3::d&94;LMM23.340##%%%   % % ' ' ' ' 'D  % % ' ' ' 's ?J/M M$c ( ||jd}|jrtjd|ddd}||jz dz}|dd||dz}||jd}tjd|j||z}t|j ||j d|j}tj ||std |}|jrtjd|ddd}|dd}||jz dz|jz}|dd||dz}|j|j||}||j|_|j!|js|j|}|jr.|t,tj|d |js|jr|}ntjd|ddd}|dd} |t1| z |jzdkrtd |||jzt1| z } | d|t1| z }| |t1| z d} |j|j|}| |z}|jr.|t,tj|d |jdkr|js|jsy| d|j}tjd|j||z}t|j ||j d|j}tj ||std t3|d} |d || z } |jr/|t,d || |j|| } t9| d d}|j|_|jd zt<z}|dkr|jstd||_||jzdz}|xj |z c_ |xj!d z c_!|j"rP|xj#|z c_#|xj$d z c_$|j$|j%ks|j#|j&krtdn}|j!|j'ks|j |j(kr]d}|t,||j!|j d|_#d|_$|)t3| d}|tTvrtT|}nd|}|jr<|t,d|t1| ||fS)z Only one thread should ever be in this function (no other locking is done). :raises: `.SSHException` -- if the packet is mangled :raises: `.NeedRekeyException` -- if the transport should rekey T)rrNrrFz>IIzMismatched MACzIN: zInvalid packet blockingrkz"Got payload ({} bytes, {} padding)rz+Remote transport is ignoring rekey requestsz,Rekeying (hit {} packets, {} bytes received)rzRead packet <{}>, length {})+rr?rNrunpackrArrLrrHrFrconstant_time_bytes_eqr rPrCdecryptrRrrr2rrrr%r rrJrseqnor r7r:r;r3r<r=REKEY_PACKETS_OVERFLOW_MAXREKEY_BYTES_OVERFLOW_MAXrrrr)r]header packet_size remainingrmac mac_payloadmy_macaadleftoverr post_packetpaddingrrrraw_packet_sizeerrrrs r read_messagezPacketizer.read_messagesot3FF =  -fRaRj99!IABBZ$-- u-"M"MMF-- 2-FFC E4# >!-fRaRj99!>&F   A IIeT/?? @ @ @   ! !$- ! !2 223C E4# q==!7=A %-!&(::Q> 0 1$   "  * *o = * *  , , 1 , ,0233.$2OOO"AP %);;;  !T%5 5 5AC II 42D4IJJ   ./D */0D ,    ! ! !wqz"" )   ~HH~~c**H    II-44Xs7||LL   Cxrc|jdStt|tr"|D]}|j||dS|j||dSr)r0 issubclassr"listrh)r]levelrms rrzPacketizer._log}s{ = F d3ii & & * , , !!%++++ , , M  eS ) ) ) ) )rc|jr|jr|jrdStj}||j|jzkr|||_dSdSr)rVrBr3rWrXrY)r]nows rrzPacketizer._check_keepalivesv) *    Fikk &)BB B B  % % ' ' '$'D ! ! ! C Brc\tj} |jd}t|dkrt nZ#t j$rYnwxYw|jrt tj}||z |krt j|S)NTr)rWr/rr%rr^rr1)r]rrrrs rrzPacketizer._read_timeouts  ' M&&s++q66Q;;"**$>    } !jj )++CU{g%%n&&& 's;AA$#A$c0|j}|js|jrdnd}d|zt||z|zz }t jdt||zdz|}||z }|js|j|t|zz }n|tj |z }|S)Nrr.rlz>IBrk) r>rMrOr%rrrDrBr osurandom)r]rbsizeaddlenrrs rrzPacketizer._build_packets%n>>Qe)G v 5>?UCLL7$:Q$>HH'   *t6> i') )FF bj)) )F rcd|_dSrrras rrzPacketizer._trigger_rekeys r)FFFN)FFN)F))rrrrpowrrrrr_propertyrbrdrfrirvryr}rrrrrrrrrrrrrrrrrrrrrrrrrrr*r*Asr C2JJM#a**K"%Q"s1bzz5%5%5%nX'''&&&   & & & &R   & & & &D000///&&&###"""###!!!,,,$$$ ! ! !$$$ ---....`&&&P      H(H(H(TQQQj*** ( ( ("$!!!!!rr*)rrrr^rrSrWhmacrparamikorparamiko.commonrrrrr r r paramiko.utilr paramiko.ssh_exceptionr rparamiko.messagerrrrr(r*rrrrs&  DDDDDDDD$$$$$$555        w !w !w !w !w !w !w !w !w !w !r