a$2dZddlZddlZddlZddlZddlZddlZddlZddlZddl m Z ddl m Z m Z ddl mZddlmZmZddlmZddlmZdd lmZed Zd Zed Zd ZGddeZGddej<ZGddeZ GddeZ!GddeZ"GddeZ#GddeZ$GddeZ%GddeZ&y) z SSH Agent interface N)select)asbytesio_sleep)byte_chr) SSHExceptionAuthenticationException)Message)PKey)retry_on_signal c0eZdZdZdZdZdZdZdZy)AgentSSHc d|_d|_yN)_conn_keysselfs .lib/python3.12/site-packages/paramiko/agent.py__init__zAgentSSH.__init__/s  c|jS)a4 Return the list of keys available through the SSH agent, if any. If no SSH agent was running (or it couldn't be contacted), an empty list will be returned. :return: a tuple of `.AgentKey` objects representing keys available on the SSH agent )rrs rget_keyszAgentSSH.get_keys3szzrc<||_|jt\}}|tk7r t dg}t |j D];}|jt||j|j=t||_ y)Nz!could not get keys from ssh-agent) r _send_messagecSSH2_AGENTC_REQUEST_IDENTITIESSSH2_AGENT_IDENTITIES_ANSWERrrangeget_intappendAgentKey get_binary get_stringtupler)rconnptyperesultkeysis r_connectzAgentSSH._connect?s **+JK v 0 0BC Cv~~'( A KKv'8'8':; <     4[ rcl|j|jjd|_d|_yr)rcloserrs r_closezAgentSSH._closeJs* :: ! JJ     rcHt|}|jjtjdt ||z|j d}t|j tjd|d}t|j|fS)Nz>Ir) rrsendstructpacklen _read_allr unpackordget_byte)rmsgdatas rrzAgentSSH._send_messagePsvcl  D#c(3c9:~~a dnnV]]4%>q%ABC3<<>"C''rc2|jj|}t||krmt|dk(r td|jj|t|z }t|dk(r td||z }t||krm|S)Nrlost ssh-agent)rrecvr7r)rwantedr+extras rr8zAgentSSH._read_allWs(&kF"6{a"#344JJOOFS[$89E5zQ"#344 eOF &kF" rN) __name__ __module__ __qualname__rrr.r1rr8rrrrr.s   ! ( rrc(eZdZdZdZdZdZdZy)AgentProxyThreadz@ Class in charge of communication between two channels. cvtjj||j||_d|_y)N)targetF) threadingThreadrrun_agent_exitragents rrzAgentProxyThread.__init__hs-!!$txx!8  rc^ |j\}}||_||_|jj t |jt sA|jj t|jjds td|jy#xYw)NfilenozUnable to connect to SSH agent) get_connection_AgentProxyThread__inr_AgentProxyThread__addrrMconnect isinstanceintrhasattrr _communicate)rraddrs rrLzAgentProxyThread.runms ++-IQDJDK KK   !dkk3/ !!)t{{00(;-.NOO      s B&B))B,cvddl}|j|j|j}|j|j|j|tj z|j sJt|jj|jgggd}|dD]}|jj|k(ra|jjjd}t|dk7r|jj|k|jnr|j|k(s|jjd}t|dk7r&|jjj||jntjt |j sIyy)Nrg?i)fcntlrTF_GETFLF_SETFLos O_NONBLOCKrNrrMrr@r7r4r1timesleepr)rr^oldflagseventsfdr=s rrZzAgentProxyThread._communicates2;;tzz5==9 DJJ x"--/GH**T[[.. ;RSIFQi ;;$$*;;,,11#6D4yA~ - ZZ2%::??3/D4yA~ ))..t4   JJx #**rcd|_|jj|jjjy)NT)rNrTr0rMrrs rr1zAgentProxyThread._closes/   !rN)rCrDrE__doc__rrLrZr1rrrrGrGcs &!0"rrGceZdZdZdZdZy)AgentLocalProxyz Class to be used when wanting to ask a local SSH Agent being asked from a remote fake agent (so use a unix socket for ex.) c0tj||yN)rGrrOs rrzAgentLocalProxy.__init__s!!$.rctjtjtj} |j|jj |j d|j\}}||fS#xYw)zX Return a pair of socket object and string address. May block! )socketAF_UNIX SOCK_STREAMbindrM _get_filenamelistenaccept)rr)r[r\s rrSzAgentLocalProxy.get_connectionsi }}V^^V-?-?@  IIdkk//1 2 KKN IQd7N  s ABBNrCrDrErirrSrrrrkrks / rrkceZdZdZdZdZy)AgentRemoteProxyzA Class to be used when wanting to ask a remote SSH Agent c>tj||||_yrm)rGr_AgentRemoteProxy__chan)rrPchans rrzAgentRemoteProxy.__init__s!!$. rc|jdfSrm)r{rs rrSzAgentRemoteProxy.get_connections{{D  rNrwrrrryrys!rryc(eZdZdZdZdZdZdZy)AgentClientProxya Class proxying request as a client: #. client ask for a request_forward_agent() #. server creates a proxy and a fake SSH Agent #. server ask for establishing a connection when needed, calling the forward_agent_handler at client side. #. the forward_agent_handler launch a thread for connecting the remote fake agent and the local agent #. Communication occurs ... cvd|_||_t|||_|jj yrm)r_AgentClientProxy__chanRrythreadstartr chanRemotes rrzAgentClientProxy.__init__s. ! &tZ8  rc$|jyrmr0rs r__del__zAgentClientProxy.__del__  rctdtjvr\tjdk7rIt jtj tj  tfd|_ ytjdk(r/ddlm }|jr|j|_ yyy#YyxYw)zJ Method automatically called by ``AgentProxyThread.run``. SSH_AUTH_SOCKwin32cHjtjdS)Nr)rVraenviron)r)srz*AgentClientProxy.connect..sDLLO)DErNr) rarsysplatformrprqrrr paramiko.win_pageant win_pageantcan_talk_to_agentPageantConnectionr)rrr)s @rrVzAgentClientProxy.connects rzz ) 0G==1C1CDD E  \\W $ 6,,."446    s B33B7ct|dr,d|j_|jjd|j|jj yy)zh Close the current connection and terminate the agent Should be called manually rTN)rYrrNjoinrr0rs rr0zAgentClientProxy.closesK 4 " $DKK  KK  T " :: ! JJ    "rN)rCrDrErirrrVr0rrrrrs  2 rrc4eZdZdZdZdZdZdZdZdZ y) AgentServerProxyz :param .Transport t: Transport used for SSH Agent communication forwarding :raises: `.SSHException` -- mostly if we lost the agent cHtj|||_tjd|_t j|j tj|j dz|_ t||_ |jjy)Nsshproxyz /sshproxy.ssh)rr_AgentServerProxy__ttempfilemkdtemp_dirrachmodstatS_IRWXU_filerkrr)rts rrzAgentServerProxy.__init__sk$$$Z0  DLL)YY0 %d+  rc$|jyrmrrs rrzAgentServerProxy.__del__rrc|jj}| td|jd|j |y)Nr?z auth-agent)ropen_forward_agent_channelrset_namer.)r conn_socks rrVzAgentServerProxy.connects@HH779  /0 0<( i rctj|jtj|jd|j _|j jd|jy)zk Terminate the agent, clean the files, close connections Should be called manually TrN) raremoverrmdirrrrNrr1rs rr0zAgentServerProxy.closesK $**     rc&d|jiS)z Helper for the environnement under unix :return: a dict containing the ``SSH_AUTH_SOCK`` environnement variables r)rtrs rget_envzAgentServerProxy.get_env$s !3!3!566rc|jSrm)rrs rrtzAgentServerProxy._get_filename-s zzrN) rCrDrErirrrVr0rrtrrrrrs% ! 7rrc(eZdZdZdZdZdZdZy)AgentRequestHandlera Primary/default implementation of SSH agent forwarding functionality. Simply instantiate this class, handing it a live command-executing session object, and it will handle forwarding any local SSH agent processes it finds. For example:: # Connect client = SSHClient() client.connect(host, port, username) # Obtain session session = client.get_transport().open_session() # Forward local agent AgentRequestHandler(session) # Commands executed after this point will see the forwarded agent on # the remote end. session.exec_command("git clone https://my.git.repository/") cdd|_||_|j|jg|_yrm)r_AgentRequestHandler__chanCrequest_forward_agent_forward_agent_handler"_AgentRequestHandler__clientProxys)r chanClients rrzAgentRequestHandler.__init__Gs, ! (()D)DE rcL|jjt|yrm)rr$rrs rrz*AgentRequestHandler._forward_agent_handlerMs ""#3J#?@rc$|jyrmrrs rrzAgentRequestHandler.__del__PrrcF|jD]}|jyrm)rr0)rps rr0zAgentRequestHandler.closeSs $$ A GGI rN)rCrDrErirrrr0rrrrr1s*! ArrceZdZdZdZdZy)AgentaL Client interface for using private keys from an SSH agent running on the local machine. If an SSH agent is running, this class can be used to connect to it and retrieve `.PKey` objects which can be used when attempting to authenticate to remote SSH servers. Upon initialization, a session with the local machine's SSH agent is opened, if one is running. If no agent is running, initialization will succeed, but `get_keys` will return an empty tuple. :raises: `.SSHException` -- if an SSH agent is found, but speaks an incompatible protocol ctj|dtjvritj dk7rVt j t jt j} |jtjdneZdZdZdZdZdZdZedZ dZ y) r%z Private key held in a local SSH agent. This type of key can be used for authenticating to a remote server (signing). Most other key operations work as expected. cj||_||_d|_t|j |_yrm)rPblob public_blobr get_textname)rrPrs rrzAgentKey.__init__s,  DM**, rc|jSrm)rrs rrzAgentKey.asbytes yyrc"|jSrm)rrs r__str__zAgentKey.__str__s||~rc|jSrm)rrs rget_namezAgentKey.get_namerrctrm)NotImplementedErrorrs r_fieldszAgentKey._fieldss!!rc>t}|jt|j|j|j||j d|j j|\}}|tk7r td|jS)Nrzkey cannot be used for signing) r add_bytecSSH2_AGENTC_SIGN_REQUEST add_stringradd_intrPrSSH2_AGENT_SIGN_RESPONSErr&)rr=r<r*r+s r sign_ssh_datazAgentKey.sign_ssh_datasyi ./ tyy! t A 005 v , ,?@ @  ""rN) rCrDrErirrrrpropertyrrrrrr%r%s4 - "" #rr%)'rirarpr5rrJrcrrrparamiko.commonrrparamiko.py3compatrparamiko.ssh_exceptionrrparamiko.messager paramiko.pkeyr paramiko.utilr r r!rrobjectrrKrGrkryrrrrr%rrrrs&   -'H$)"*2,!$RL2v2j8"y''8"v&2 !' !8v8v/x/d$&$N)H)X##t##r