U wej @sdZddlZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z d\Z Zz ddl Z Wn&ek rZzeZW5dZ[XYnXddlmZmZd ZGd d d Zd d ZGdddZGdddeZdS)z2 Configuration file (aka ``ssh_config``) support. N)sha1)StringIO)partial)NN)CouldNotCanonicalizeConfigParseErrorc@seZdZdZedZddddddd d gdgdd d ddd d gd ddd gddd gdd dddddd d g d ZddZe ddZ e ddZ e ddZ ddZ ddZd2ddZddZd d!Zd"d#Zd$d%Zd&d'Zd(d)Zd*d+Zd,d-Zd.d/Zd0d1ZdS)3 SSHConfiga Representation of config information as stored in the format used by OpenSSH. Queries can be made via `lookup`. The format is described in OpenSSH's ``ssh_config`` man page. This class is provided primarily as a convenience to posix users (since the OpenSSH format is a de-facto standard on posix) but should work fine on Windows too. .. versionadded:: 1.6 z(\w+)(?:\s*=\s*|\s+)(.+)%C%h%l%L%n%p%r%u~%d)Z controlpathhostname identityfile proxycommandZ proxyjump match-execcCs g|_dS)a Create a new OpenSSH config object. Note: the newer alternate constructors `from_path`, `from_file` and `from_text` are simpler to use, as they parse on instantiation. For example, instead of:: config = SSHConfig() config.parse(open("some-path.config") you could:: config = SSHConfig.from_file(open("some-path.config")) # Or more directly: config = SSHConfig.from_path("some-path.config") # Or if you have arbitrary ssh_config text from some other source: config = SSHConfig.from_text("Host foo\n\tUser bar") N)_config)selfrn/mounts/lovelace/software/anaconda3/envs/qiime2-amplicon-2024.2/lib/python3.8/site-packages/paramiko/config.py__init__HszSSHConfig.__init__cCs|t|S)zg Create a new, parsed `SSHConfig` from ``text`` string. .. versionadded:: 2.7 ) from_filer)clstextrrr from_text]szSSHConfig.from_textc Cs*t|}||W5QRSQRXdS)zr Create a new, parsed `SSHConfig` from the file found at ``path``. .. versionadded:: 2.7 N)openr)rpathflorrr from_pathfs zSSHConfig.from_pathcCs|}|||S)zp Create a new, parsed `SSHConfig` from file-like object ``flo``. .. versionadded:: 2.7 )parse)rr#objrrrrps zSSHConfig.from_filecCsRdgid}|D].}|}|r|dr.qt|j|}|sNtd||d}|d}|dkr|j |dii}|d kr| ||d <n| ||d <q|d kr|d krd |d|<q|dr| dr|dd}|dkr(||dkr|d| |n|g|d|<q||dkr||d|<q|j |d S)z Read an OpenSSH config from the given file object. :param file_obj: a file-like object to read the config file from *)hostconfig#zUnparsable line {}r)r(matchr)r(matchesrnoneN")rZ localforwardZ remoteforward)strip startswithrer,SETTINGS_REGEXrformatgrouplowerrappend _get_hosts _get_matchesendswith)rfile_objcontextliner,keyvaluerrrr%{s6       zSSHConfig.parsecCs|j|d}d|kr||d<|dddk}t|dd}|r|d|kr|d }||||}||d<|j||d d d }n|j||d d d }|S) a  Return a dict (`SSHConfigDict`) of config options for a given hostname. The host-matching rules of OpenSSH's ``ssh_config`` man page are used: For each parameter, the first obtained value will be used. The configuration files contain sections separated by ``Host`` and/or ``Match`` specifications, and that section is only applied for hosts which match the given patterns or keywords Since the first obtained value for each parameter is used, more host- specific declarations should be given near the beginning of the file, and general defaults at the end. The keys in the returned dict are all normalized to lowercase (look for ``"port"``, not ``"Port"``. The values are processed according to the rules for substitution variable expansion in ``ssh_config``. Finally, please see the docs for `SSHConfigDict` for deeper info on features such as optional type conversion methods, e.g.:: conf = my_config.lookup('myhost') assert conf['passwordauthentication'] == 'yes' assert conf.as_bool('passwordauthentication') is True .. note:: If there is no explicitly configured ``HostName`` value, it will be set to the being-looked-up hostname, which is as close as we can get to OpenSSH's behavior around that particular option. :param str hostname: the hostname to lookup .. versionchanged:: 2.5 Returns `SSHConfigDict` objects instead of dict literals. .. versionchanged:: 2.7 Added canonicalization support. .. versionchanged:: 2.7 Added ``Match`` support. .. versionchanged:: 3.3 Added ``Match final`` support. )rrZcanonicalizehostnameN)yesalwaysZcanonicalizemaxdotsr.ZcanonicaldomainsT) canonicalfinalF)_lookupgetintcountsplit canonicalize)rroptionsZcanonZmaxdotsdomainsrrrlookups,*  zSSHConfig.lookupNFcsdkrt|jD]}||dg|sH||dg|||sHq|dD]T\}kr|dk rx|ddn|<qTdkrTfdd|DqTq|r||S)Nr(r-r)rc3s|]}|kr|VqdSNr.0xr?rLrr s z$SSHConfig._lookup..) SSHConfigDictr_pattern_matchesrG _does_matchitemsextend_expand_variables)rrrLrDrEr=r@rrSrrFs0     zSSHConfig._lookupc Csd}|D]^}d||}t||}|dk r4|d}n&zt|}Wntjk rXYnX|r|Sq|dddkr||St|dS)ag Return canonicalized version of ``hostname``. :param str hostname: Target hostname. :param options: An `SSHConfigDict` from a previous lookup pass. :param domains: List of domains (e.g. ``["paramiko.org"]``). :returns: A canonicalized hostname if one was found, else ``None``. .. versionadded:: 2.7 Fz{}.{}NrZcanonicalizefallbacklocalrA)r5_addressfamily_host_lookupsocket gethostbynamegaierrorrGr)rrrLrMfounddomain candidateZfamily_specificrrrrKs     zSSHConfig.canonicalizecCs$t}|jD]}||dq |S)z Return the set of literal hostnames defined in the SSH config (both explicit hostnames and wildcard entries). r()setrupdate)rhostsentryrrr get_hostnamesEs zSSHConfig.get_hostnamescCsZt|dr|d}d}|D]8}|drDt||ddrDdSt||rd}q|S)NrJ,F!rT)hasattrrJr2fnmatch)rpatternstargetr,patternrrrrVOs    zSSHConfig._pattern_matchescCsVg}|dd}t}|rR|d} d} |dd} |dd} | d| d} }| dkrn||| rndS| dkr||} n| d krd S| d kr| p|}|||} n| d kr|||} nn| dkr| p|}|||} nP| d kr|||} n:| dkr*|||d|}tdkrttj |dd dj } | dk rF|| | rFdS| | q|S)NrrusertypeparamrDFrEallTr(Z originalhostZ localuserexecrstdout)Zhidewarn) getpassgetuserpoprG _should_failrV _tokenizeinvokeinvoke_import_errorrunokr8)r match_listtarget_hostnamerDrErLmatched candidatesZlocal_usernamerapassedZconfigured_hostZconfigured_usertype_rpZhostvalrnZexec_cmdrrrrW`sP        zSSHConfig._does_matchcCs|dr |S| S)Nnegater)rZ would_passrarrrrxszSSHConfig._should_failc Cs||}|s|S|}|dkr*|d|}d|kr<|d}nt}t}d|krZ|d} n|} tdd} t|| } t j d} | |t || } t | | || | ||| || d }|}|D]"\}}||krq||t|}q|S)a Tokenize a string based on current config/hostname data. :param config: Current config data. :param target_hostname: Original target connection hostname. :param key: Config key being tokenized (used to filter token list). :param value: Config value being tokenized. :returns: The tokenized version of the input ``value`` string. rportrnrCrr) r rr r r rrrrr)_allowed_tokensrGSSH_PORTrurvr\ gethostnamerJLazyFqdnosr" expanduserreprrencode hexdigestrXreplacestr)rr)rr?r@Zallowed_tokensZconfigured_hostnamerrnZ remoteuserZlocal_hostnameZ local_fqdnhomedirZtohash replacements tokenizedfindrrrrrysD      zSSHConfig._tokenizecCs|j|gS)aJ Given config ``key``, return list of token strings to tokenize. .. note:: This feels like it wants to eventually go away, but is used to preserve as-strict-as-possible compatibility with OpenSSH, which for whatever reason only applies some tokens to some config keys. )TOKENS_BY_CONFIG_KEYrGrr?rrrrs zSSHConfig._allowed_tokenscCsr|D]h}||dkrqt|j|||}t||tr\t||D]\}}|||||<q@q|||||<q|S)aA Return a dict of config options with expanded substitutions for a given original & current target hostname. Please refer to :doc:`/api/config` for details. :param dict config: the currently parsed config :param str hostname: the hostname whose config is being looked up N)rry isinstancelist enumerate)rr)rk tokenizerir@rrrrZs  zSSHConfig._expand_variablescCs4z t|WStk r.td|YnXdS)z> Return a list of host_names from host value. zUnparsable host {}N)shlexrJ ValueErrorrr5)rr(rrrr9s zSSHConfig._get_hostsc s$g}t|}|rdddd}|d}|drFd|d<|dd}||d <|d krb||q|sttd ||d|d <||qd d|D}d|kr dttfdd|ttfdd|}}d}t |rd}n$d|kr| d| dkrd}|dk r t||S)z Parse a specific Match config line into a list-of-dicts for its values. Performs some parse-time validation as well. NF)rorprrrhTrrro)rqrDrEz'Missing parameter to Match '{}' keywordrpcSsg|] }|dqS)rorrPrrr sz*SSHConfig._get_matches..rq)rqrDcs|kSrOrrRZ allowablerr"z(SSHConfig._get_matches..cs|kSrOrrrrrr#rz>Match does not allow 'all' mixed with anything but 'canonical'rDz-Match does not allow 'all' before 'canonical') rrJrwr2r8rr5rfilteranyindex) rr,r-tokensrkeywordsr}Zbaderrrrrr:s@          zSSHConfig._get_matches)NFF)__name__ __module__ __qualname____doc__r3compiler4rr classmethodr r$rr%rNrFrKrfrVrWrxryrrZr9r:rrrrr .s:      <B #) 8>  r cCsh|dd}|dkrdSz0tj}|dkr2tj}t|d|tjtjtjWStj k rbYnXdS)a Try looking up ``hostname`` in an IPv4 or IPv6 specific manner. This is an odd duck due to needing use in two divergent use cases. It looks up ``AddressFamily`` in ``options`` and if it is ``inet`` or ``inet6``, this function uses `socket.getaddrinfo` to perform a family-specific lookup, returning the result if successful. In any other situation -- lookup failure, or ``AddressFamily`` being unspecified or ``any`` -- ``None`` is returned instead and the caller is expected to do something situation-appropriate like calling `socket.gethostbyname`. :param str hostname: Hostname to look up. :param options: `SSHConfigDict` instance w/ parsed options. :returns: ``getaddrinfo``-style tuples, or ``None``, depending. Z addressfamilyrNinet) rGr7r\AF_INET6AF_INET getaddrinfo SOCK_DGRAM IPPROTO_IP AI_CANONNAMEr^)rrLZaddress_familyfamilyrrrr[/s"r[c@s"eZdZdZdddZddZdS)rz7 Returns the host's fqdn on request as string. NcCsd|_||_||_dSrO)fqdnr)r()rr)r(rrrrYszLazyFqdn.__init__c Csl|jdkrfd}t|j|j}|dk rP|D]&}|\}}}}}|r(d|kr(|}qPq(|dkr`t}||_|jS)NrC)rr[r(r)r\getfqdn) rrresultsresafsocktypeproto canonnamesarrr__str__^s  zLazyFqdn.__str__)N)rrrrrrrrrrrTs rc@s eZdZdZddZddZdS)rUa A dictionary wrapper/subclass for per-host configuration structures. This class introduces some usage niceties for consumers of `SSHConfig`, specifically around the issue of variable type conversions: normal value access yields strings, but there are now methods such as `as_bool` and `as_int` that yield casted values instead. For example, given the following ``ssh_config`` file snippet:: Host foo.example.com PasswordAuthentication no Compression yes ServerAliveInterval 60 the following code highlights how you can access the raw strings as well as usefully Python type-casted versions (recalling that keys are all normalized to lowercase first):: my_config = SSHConfig() my_config.parse(open('~/.ssh/config')) conf = my_config.lookup('foo.example.com') assert conf['passwordauthentication'] == 'no' assert conf.as_bool('passwordauthentication') is False assert conf['compression'] == 'yes' assert conf.as_bool('compression') is True assert conf['serveraliveinterval'] == '60' assert conf.as_int('serveraliveinterval') == 60 .. versionadded:: 2.5 cCs"||}t|tr|S|dkS)a Express given key's value as a boolean type. Typically, this is used for ``ssh_config``'s pseudo-boolean values which are either ``"yes"`` or ``"no"``. In such cases, ``"yes"`` yields ``True`` and any other value becomes ``False``. .. note:: If (for whatever reason) the stored value is already boolean in nature, it's simply returned. .. versionadded:: 2.5 rA)rboolr7)rr?valrrras_bools zSSHConfigDict.as_boolcCs t||S)z Express given key's value as an integer, if possible. This method will raise ``ValueError`` or similar if the value is not int-appropriate, same as the builtin `int` type. .. versionadded:: 2.5 )rHrrrras_ints zSSHConfigDict.as_intN)rrrrrrrrrrrUzs!rU)rrjrurr3rr\hashlibrior functoolsrrzr{ ImportErroreZ ssh_exceptionrrrr r[rdictrUrrrrs0    %&