a h#@sddlZddlZddlZddlZddlmZmZmZmZddl m Z ddl m Z m Z mZmZddlmZmZddlmZmZeeZGdd d e jZGd d d eZGd d d eZdS)N)DictListOptionalTuple)ferny) JsonObject JsonValueget_strget_str_or_none)Peer PeerError)Router RoutingRulec@seZdZUedZeeed<e e eeeeefed<eeed<e ed<eedddZ eeeeee d d d Zeeeeed d dZdS)PasswordResponderz!Enter passphrase for key '(.*)': password hostkeys_seen error_messagepassword_attemptsrcCs||_g|_d|_d|_dS)Nr)rrrr)selfrr2/usr/lib/python3.9/site-packages/cockpit/remote.py__init__*szPasswordResponder.__init__)reasonhost algorithmkey fingerprintreturncs|j|||||fdS)NF)rappend)rrrrrrrrr do_hostkey1szPasswordResponder.do_hostkey)messagesprompthintrcsxtd||tj|}|durH|d}td|d||_dS|jdusVJ|jdksdJ|jd7_|jS)NzGot askpass(%s): %srzCThis is a passphrase request for %s, but we don't do those. Abort.zlocked identity: r) loggerdebugr PASSPHRASE_RE fullmatchgrouprrr)rr"r#r$matchpathrrr do_askpass5s    zPasswordResponder.do_askpassN)__name__ __module__ __qualname__recompiler'rstr__annotations__rrintrboolr!r,rrrrr!s    rcseZdZUdZeejed<eed<eeed<eeed<e ed<dddd Z d d e dd fd d Z e ddddZ ddddZeeeee e ddfdd ZZS)SshPeerNsessionruserrprivaterc s|jdusJtd|j|j|j|jd\}}}|rP|rP|}t|}n |j}d}t |j }ddi}|j dur|j ddn|j dddz(|jj ||j||j||d IdHWnt tjfy }z0td ||td d t|d |WYd}~nd}~0tjy}z|jrT|jd \} }} } } |d| d| | d} ni} t|tjrld}n|jrzd}nd}tdt|||j|j|| t|| |id|WYd}~nd}~0tjyP}zttd||t|jd}d|vr$|j dur$|jd krd|d<nd|d<td|jp2d|d|WYd}~nPd}~0tjy}z,td||tdt|d|WYd}~n d}~00|jdg}| |gIdHdS)Nz1Starting ssh session user=%s, host=%s, private=%s:ZStrictHostKeyCheckingZyes1)ZNumberOfPasswordPromptsno)ZPasswordAuthenticationZKbdInteractiveAuthentication)Z login_nameportZhandle_host_keyoptionsZinteraction_responderz connecting to host %s failed: %szno-host)errormessager )zhost-keyzhost-fingerprintzinvalid-hostkeyzunknown-hostkeyz unknown-hostzPSshPeer got a %s %s; private %s, seen hostkeys %r; raising %s with extra args %r)r@Zauth_method_resultsz$authentication to host %s failed: %sz not-providedrz not-triedZdeniedzauthentication-failedz)unknown failure connecting to host %s: %szinternal-error)rAzcockpit-bridge)!r7r%r&r8rr9 rpartitionisdigitr4rrupdateZconnectOSErrorsocketZgaierrorr r2rZSshHostKeyErrorr isinstanceZSshChangedHostKeyErrortypeZSshAuthenticationErrordictfromkeysmethodsrrZSshErrorZwrap_subprocess_argsZspawn)rbasenamecolonZportstrrr>Z responderr?excZ_reasonrrrZ error_argsr@resultsargsrrrdo_connect_transportOsj    *&   (zSshPeer.do_connect_transportz str | None)rr)rArcs0||jkr|n|dur,t|||dSN)rclosesuperdo_kill)rrr)rA __class__rrrVs  zSshPeer.do_kill)rArcCs:t|ddr6t|d}|jd||jp*ddd|_dS)NZ challengezplain1:cookieZ authorize)ZcommandrYZresponse)r startswithZ write_controlr)rrArYrrr do_authorizes zSshPeer.do_authorizecCs d|_dSrSr)rrrrdo_superuser_init_doneszSshPeer.do_superuser_init_done)routerrr8r?r9rcsjt|||_||_t|dd|_||_t|_ t |dd}|dvrPd}nd|i}|j ||ddS)Nrzinit-superuser)NZnoneFid) init_host superuser) rUrrr8r rr9rSessionr7r Zstart_in_background)rr^rr8r?r9Zinit_superuserrarWrrrs   zSshPeer.__init__)r-r.r/r7rrrbr3r2r5rRrrVr\r]rr __classcell__rrrWrr6Hs   Gr6csbeZdZUeeeeeeefefed<fddZ e eedddZ ddd d Z Z S) HostRoutingRuleremotescst|i|_dSrS)rUrre)rr^rWrrrs zHostRoutingRule.__init__)r?rcsNjdusJjjdusJt|djj}|jjkr>dSt|dd}|tkrZd}|sv|d\}}}|ptd}t|dddkrt|d}nd}t|tsJ|dust|tsJ|dust|tsJ|||ft d|t dj vrDt d j t j||||dud }| fd d |j <j S) Nrr8@r7r9Zchannelz!Request for channel %s is remote.zkey=%szC%s is not among the existing remotes %s. Opening a new connection.)r9cs jSrS)re __delitem__rrrrrz,HostRoutingRule.apply_rule..) r^r`r getpassZgetuserrCrHr2r%r&rer6Zadd_done_callback)rr?rr8Zuser_from_host_Znoncepeerrrhr apply_rules4         zHostRoutingRule.apply_ruleNr:cCs t|jD] }|qdSrS)setrevaluesrT)rrmrrrshutdownszHostRoutingRule.shutdown)r-r.r/rrr2rr r3rrrnrqrcrrrWrrds " (rd)rkZloggingr0rGtypingrrrrZcockpit._vendorrZjsonutilrr r r rmr r r^rrZ getLoggerr-r%ZAskpassHandlerrr6rdrrrrs  'p