a h#@sddlZddlZddlZddlZddlmZmZmZmZddl m Z ddl m Z m Z mZmZddlmZmZddlmZmZeeZGdd d e jZGd d d eZGd d d eZdS)N)DictListOptionalTuple)ferny) JsonObject JsonValueget_strget_str_or_none)Peer PeerError)Router RoutingRulec@seZdZUedZeeed<e e eeeeefed<eeed<e ed<eedddZ eeeeee d d d Zeeeeed d dZdS)PasswordResponderz!Enter passphrase for key '(.*)': password hostkeys_seen error_messagepassword_attemptsrcCs||_g|_d|_d|_dS)Nr)rrrr)selfrr2/usr/lib/python3.9/site-packages/cockpit/remote.py__init__*szPasswordResponder.__init__)reasonhost algorithmkey fingerprintreturncs|j|||||fdS)NF)rappend)rrrrrrrrr do_hostkey1szPasswordResponder.do_hostkey)messagesprompthintrcs\td||tj|}|durH|d}td|d||_dS|jd7_|jS)NzGot askpass(%s): %srzCThis is a passphrase request for %s, but we don't do those. Abort.zlocked identity: ) loggerdebugr PASSPHRASE_RE fullmatchgrouprrr)rr"r#r$matchpathrrr do_askpass5s    zPasswordResponder.do_askpassN)__name__ __module__ __qualname__recompiler'rstr__annotations__rrintrboolr!r,rrrrr!s    rcseZdZUdZeejed<eed<eeed<eeed<e ed<dddd Z d d e dd fd d Z e ddddZ ddddZeeeee e ddfdd ZZS)SshPeerNsessionruserrprivaterc std|j|j|j|jd\}}}|rB|rB|}t|}n |j}d}t|j }ddi}|j durv|j ddn|j dddz(|j j ||j||j||d IdHWnt tjfy}z0td ||td d t|d |WYd}~nd}~0tjy}z|jrD|jd \} }} } } |d| d| | d} ni} t|tjr\d}n|jrjd}nd}tdt|||j|j|| t|| |id|WYd}~nd}~0tjy@}zttd||t|jd}d|vr|j dur|jd kr d|d<nd|d<td|jp"d|d|WYd}~nPd}~0tjy}z,td||tdt|d|WYd}~n d}~00|j dg}| |gIdHdS)Nz1Starting ssh session user=%s, host=%s, private=%s:ZStrictHostKeyCheckingZyes1)ZNumberOfPasswordPromptsno)ZPasswordAuthenticationZKbdInteractiveAuthentication)Z login_nameportZhandle_host_keyoptionsZinteraction_responderz connecting to host %s failed: %szno-host)errormessager )zhost-keyzhost-fingerprintzinvalid-hostkeyzunknown-hostkeyz unknown-hostzPSshPeer got a %s %s; private %s, seen hostkeys %r; raising %s with extra args %r)r@Zauth_method_resultsz$authentication to host %s failed: %sz not-providedrz not-triedZdeniedzauthentication-failedz)unknown failure connecting to host %s: %szinternal-error)rAzcockpit-bridge)!r%r&r8rr9 rpartitionisdigitr4rrupdater7ZconnectOSErrorsocketZgaierrorr r2rZSshHostKeyErrorr isinstanceZSshChangedHostKeyErrortypeZSshAuthenticationErrordictfromkeysmethodsrrZSshErrorZwrap_subprocess_argsZspawn)rbasenamecolonZportstrrr>Z responderr?excZ_reasonrrrZ error_argsr@resultsargsrrrdo_connect_transportOsh    *&   (zSshPeer.do_connect_transportz str | None)rr)rArcs0||jkr|n|dur,t|||dSN)rclosesuperdo_kill)rrr)rA __class__rrrVs  zSshPeer.do_kill)rArcCs:t|ddr6t|d}|jd||jp*ddd|_dS)NZ challengezplain1:cookieZ authorize)ZcommandrYZresponse)r startswithZ write_controlr)rrArYrrr do_authorizes zSshPeer.do_authorizecCs d|_dSrSr)rrrrdo_superuser_init_doneszSshPeer.do_superuser_init_done)routerrr8r?r9rcsjt|||_||_t|dd|_||_t|_ t |dd}|dvrPd}nd|i}|j ||ddS)Nrzinit-superuser)NZnoneFid) init_host superuser) rUrrr8r rr9rSessionr7r Zstart_in_background)rr^rr8r?r9Zinit_superuserrarWrrrs   zSshPeer.__init__)r-r.r/r7rrrbr3r2r5rRrrVr\r]rr __classcell__rrrWrr6Hs   Gr6csbeZdZUeeeeeeefefed<fddZ e eedddZ ddd d Z Z S) HostRoutingRuleremotescst|i|_dSrS)rUrre)rr^rWrrrs zHostRoutingRule.__init__)r?rcst|djj}|jjkr dSt|dd}|tkrz,HostRoutingRule.apply_rule..) r r^r`getpassZgetuserrCr%r&rer6Zadd_done_callback)rr?rr8Zuser_from_host_Znoncepeerrrhr apply_rules*         zHostRoutingRule.apply_ruleNr:cCs t|jD] }|qdSrS)setrevaluesrT)rrmrrrshutdownszHostRoutingRule.shutdown)r-r.r/rrr2rr r3rrrnrqrcrrrWrrds " (rd)rkZloggingr0rGtypingrrrrZcockpit._vendorrZjsonutilrr r r rmr r r^rrZ getLoggerr-r%ZAskpassHandlerrr6rdrrrrs  'p