diff options
| author | Chris Rose <offline@offby1.net> | 2018-05-17 10:13:38 -0400 |
|---|---|---|
| committer | Chris Rose <offline@offby1.net> | 2018-05-17 10:13:38 -0400 |
| commit | 7f2c35052183b400827d9949a68b41c90f90a32d (patch) | |
| tree | fea4a1ec04b7ee3ced14d61e8b6cf3f479e22704 /paramiko/kex_gss.py | |
| parent | 52551321a2297bdb966869fa719e584c868dd857 (diff) | |
| download | paramiko-7f2c35052183b400827d9949a68b41c90f90a32d.tar.gz | |
Blacken Paramiko on 2.4
Diffstat (limited to 'paramiko/kex_gss.py')
| -rw-r--r-- | paramiko/kex_gss.py | 199 |
1 files changed, 125 insertions, 74 deletions
diff --git a/paramiko/kex_gss.py b/paramiko/kex_gss.py index e21620fe..5eaaa5d5 100644 --- a/paramiko/kex_gss.py +++ b/paramiko/kex_gss.py @@ -47,14 +47,26 @@ from paramiko.py3compat import byte_chr, byte_mask, byte_ord from paramiko.ssh_exception import SSHException -MSG_KEXGSS_INIT, MSG_KEXGSS_CONTINUE, MSG_KEXGSS_COMPLETE, MSG_KEXGSS_HOSTKEY,\ - MSG_KEXGSS_ERROR = range(30, 35) -MSG_KEXGSS_GROUPREQ, MSG_KEXGSS_GROUP = range(40, 42) -c_MSG_KEXGSS_INIT, c_MSG_KEXGSS_CONTINUE, c_MSG_KEXGSS_COMPLETE,\ - c_MSG_KEXGSS_HOSTKEY, c_MSG_KEXGSS_ERROR = [ - byte_chr(c) for c in range(30, 35) - ] -c_MSG_KEXGSS_GROUPREQ, c_MSG_KEXGSS_GROUP = [ +( + MSG_KEXGSS_INIT, + MSG_KEXGSS_CONTINUE, + MSG_KEXGSS_COMPLETE, + MSG_KEXGSS_HOSTKEY, + MSG_KEXGSS_ERROR, +) = range( + 30, 35 +) +(MSG_KEXGSS_GROUPREQ, MSG_KEXGSS_GROUP) = range(40, 42) +( + c_MSG_KEXGSS_INIT, + c_MSG_KEXGSS_CONTINUE, + c_MSG_KEXGSS_COMPLETE, + c_MSG_KEXGSS_HOSTKEY, + c_MSG_KEXGSS_ERROR, +) = [ + byte_chr(c) for c in range(30, 35) +] +(c_MSG_KEXGSS_GROUPREQ, c_MSG_KEXGSS_GROUP) = [ byte_chr(c) for c in range(40, 42) ] @@ -98,10 +110,12 @@ class KexGSSGroup1(object): m.add_string(self.kexgss.ssh_init_sec_context(target=self.gss_host)) m.add_mpint(self.e) self.transport._send_message(m) - self.transport._expect_packet(MSG_KEXGSS_HOSTKEY, - MSG_KEXGSS_CONTINUE, - MSG_KEXGSS_COMPLETE, - MSG_KEXGSS_ERROR) + self.transport._expect_packet( + MSG_KEXGSS_HOSTKEY, + MSG_KEXGSS_CONTINUE, + MSG_KEXGSS_COMPLETE, + MSG_KEXGSS_ERROR, + ) def parse_next(self, ptype, m): """ @@ -120,7 +134,7 @@ class KexGSSGroup1(object): return self._parse_kexgss_complete(m) elif ptype == MSG_KEXGSS_ERROR: return self._parse_kexgss_error(m) - msg = 'GSS KexGroup1 asked to handle packet type {:d}' + msg = "GSS KexGroup1 asked to handle packet type {:d}" raise SSHException(msg.format(ptype)) # ## internals... @@ -152,8 +166,7 @@ class KexGSSGroup1(object): self.transport.host_key = host_key sig = m.get_string() self.transport._verify_key(host_key, sig) - self.transport._expect_packet(MSG_KEXGSS_CONTINUE, - MSG_KEXGSS_COMPLETE) + self.transport._expect_packet(MSG_KEXGSS_CONTINUE, MSG_KEXGSS_COMPLETE) def _parse_kexgss_continue(self, m): """ @@ -166,13 +179,14 @@ class KexGSSGroup1(object): srv_token = m.get_string() m = Message() m.add_byte(c_MSG_KEXGSS_CONTINUE) - m.add_string(self.kexgss.ssh_init_sec_context( - target=self.gss_host, recv_token=srv_token)) + m.add_string( + self.kexgss.ssh_init_sec_context( + target=self.gss_host, recv_token=srv_token + ) + ) self.transport.send_message(m) self.transport._expect_packet( - MSG_KEXGSS_CONTINUE, - MSG_KEXGSS_COMPLETE, - MSG_KEXGSS_ERROR + MSG_KEXGSS_CONTINUE, MSG_KEXGSS_COMPLETE, MSG_KEXGSS_ERROR ) else: pass @@ -200,8 +214,12 @@ class KexGSSGroup1(object): # okay, build up the hash H of # (V_C || V_S || I_C || I_S || K_S || e || f || K) hm = Message() - hm.add(self.transport.local_version, self.transport.remote_version, - self.transport.local_kex_init, self.transport.remote_kex_init) + hm.add( + self.transport.local_version, + self.transport.remote_version, + self.transport.local_kex_init, + self.transport.remote_kex_init, + ) hm.add_string(self.transport.host_key.__str__()) hm.add_mpint(self.e) hm.add_mpint(self.f) @@ -209,8 +227,9 @@ class KexGSSGroup1(object): H = sha1(str(hm)).digest() self.transport._set_K_H(K, H) if srv_token is not None: - self.kexgss.ssh_init_sec_context(target=self.gss_host, - recv_token=srv_token) + self.kexgss.ssh_init_sec_context( + target=self.gss_host, recv_token=srv_token + ) self.kexgss.ssh_check_mic(mic_token, H) else: self.kexgss.ssh_check_mic(mic_token, H) @@ -234,20 +253,26 @@ class KexGSSGroup1(object): # okay, build up the hash H of # (V_C || V_S || I_C || I_S || K_S || e || f || K) hm = Message() - hm.add(self.transport.remote_version, self.transport.local_version, - self.transport.remote_kex_init, self.transport.local_kex_init) + hm.add( + self.transport.remote_version, + self.transport.local_version, + self.transport.remote_kex_init, + self.transport.local_kex_init, + ) hm.add_string(key) hm.add_mpint(self.e) hm.add_mpint(self.f) hm.add_mpint(K) H = sha1(hm.asbytes()).digest() self.transport._set_K_H(K, H) - srv_token = self.kexgss.ssh_accept_sec_context(self.gss_host, - client_token) + srv_token = self.kexgss.ssh_accept_sec_context( + self.gss_host, client_token + ) m = Message() if self.kexgss._gss_srv_ctxt_status: - mic_token = self.kexgss.ssh_get_mic(self.transport.session_id, - gss_kex=True) + mic_token = self.kexgss.ssh_get_mic( + self.transport.session_id, gss_kex=True + ) m.add_byte(c_MSG_KEXGSS_COMPLETE) m.add_mpint(self.f) m.add_string(mic_token) @@ -263,9 +288,9 @@ class KexGSSGroup1(object): m.add_byte(c_MSG_KEXGSS_CONTINUE) m.add_string(srv_token) self.transport._send_message(m) - self.transport._expect_packet(MSG_KEXGSS_CONTINUE, - MSG_KEXGSS_COMPLETE, - MSG_KEXGSS_ERROR) + self.transport._expect_packet( + MSG_KEXGSS_CONTINUE, MSG_KEXGSS_COMPLETE, MSG_KEXGSS_ERROR + ) def _parse_kexgss_error(self, m): """ @@ -281,12 +306,16 @@ class KexGSSGroup1(object): maj_status = m.get_int() min_status = m.get_int() err_msg = m.get_string() - m.get_string() # we don't care about the language! - raise SSHException("""GSS-API Error: + m.get_string() # we don't care about the language! + raise SSHException( + """GSS-API Error: Major Status: {} Minor Status: {} Error Message: {} -""".format(maj_status, min_status, err_msg)) +""".format( + maj_status, min_status, err_msg + ) + ) class KexGSSGroup14(KexGSSGroup1): @@ -362,7 +391,7 @@ class KexGSSGex(object): return self._parse_kexgss_complete(m) elif ptype == MSG_KEXGSS_ERROR: return self._parse_kexgss_error(m) - msg = 'KexGex asked to handle packet type {:d}' + msg = "KexGex asked to handle packet type {:d}" raise SSHException(msg.format(ptype)) # ## internals... @@ -414,13 +443,12 @@ class KexGSSGex(object): # generate prime pack = self.transport._get_modulus_pack() if pack is None: - raise SSHException( - 'Can\'t do server-side gex with no modulus pack') + raise SSHException("Can't do server-side gex with no modulus pack") self.transport._log( DEBUG, # noqa - 'Picking p ({} <= {} <= {} bits)'.format( - minbits, preferredbits, maxbits, - ) + "Picking p ({} <= {} <= {} bits)".format( + minbits, preferredbits, maxbits + ), ) self.g, self.p = pack.get_modulus(minbits, preferredbits, maxbits) m = Message() @@ -442,9 +470,12 @@ class KexGSSGex(object): bitlen = util.bit_length(self.p) if (bitlen < 1024) or (bitlen > 8192): raise SSHException( - 'Server-generated gex p (don\'t ask) is out of range ' - '({} bits)'.format(bitlen)) - self.transport._log(DEBUG, 'Got server p ({} bits)'.format(bitlen)) # noqa + "Server-generated gex p (don't ask) is out of range " + "({} bits)".format(bitlen) + ) + self.transport._log( + DEBUG, "Got server p ({} bits)".format(bitlen) + ) # noqa self._generate_x() # now compute e = g^x mod p self.e = pow(self.g, self.x, self.p) @@ -453,10 +484,12 @@ class KexGSSGex(object): m.add_string(self.kexgss.ssh_init_sec_context(target=self.gss_host)) m.add_mpint(self.e) self.transport._send_message(m) - self.transport._expect_packet(MSG_KEXGSS_HOSTKEY, - MSG_KEXGSS_CONTINUE, - MSG_KEXGSS_COMPLETE, - MSG_KEXGSS_ERROR) + self.transport._expect_packet( + MSG_KEXGSS_HOSTKEY, + MSG_KEXGSS_CONTINUE, + MSG_KEXGSS_COMPLETE, + MSG_KEXGSS_ERROR, + ) def _parse_kexgss_gex_init(self, m): """ @@ -476,9 +509,13 @@ class KexGSSGex(object): # okay, build up the hash H of # (V_C || V_S || I_C || I_S || K_S || min || n || max || p || g || e || f || K) # noqa hm = Message() - hm.add(self.transport.remote_version, self.transport.local_version, - self.transport.remote_kex_init, self.transport.local_kex_init, - key) + hm.add( + self.transport.remote_version, + self.transport.local_version, + self.transport.remote_kex_init, + self.transport.local_kex_init, + key, + ) hm.add_int(self.min_bits) hm.add_int(self.preferred_bits) hm.add_int(self.max_bits) @@ -489,12 +526,14 @@ class KexGSSGex(object): hm.add_mpint(K) H = sha1(hm.asbytes()).digest() self.transport._set_K_H(K, H) - srv_token = self.kexgss.ssh_accept_sec_context(self.gss_host, - client_token) + srv_token = self.kexgss.ssh_accept_sec_context( + self.gss_host, client_token + ) m = Message() if self.kexgss._gss_srv_ctxt_status: - mic_token = self.kexgss.ssh_get_mic(self.transport.session_id, - gss_kex=True) + mic_token = self.kexgss.ssh_get_mic( + self.transport.session_id, gss_kex=True + ) m.add_byte(c_MSG_KEXGSS_COMPLETE) m.add_mpint(self.f) m.add_string(mic_token) @@ -510,9 +549,9 @@ class KexGSSGex(object): m.add_byte(c_MSG_KEXGSS_CONTINUE) m.add_string(srv_token) self.transport._send_message(m) - self.transport._expect_packet(MSG_KEXGSS_CONTINUE, - MSG_KEXGSS_COMPLETE, - MSG_KEXGSS_ERROR) + self.transport._expect_packet( + MSG_KEXGSS_CONTINUE, MSG_KEXGSS_COMPLETE, MSG_KEXGSS_ERROR + ) def _parse_kexgss_hostkey(self, m): """ @@ -525,8 +564,7 @@ class KexGSSGex(object): self.transport.host_key = host_key sig = m.get_string() self.transport._verify_key(host_key, sig) - self.transport._expect_packet(MSG_KEXGSS_CONTINUE, - MSG_KEXGSS_COMPLETE) + self.transport._expect_packet(MSG_KEXGSS_CONTINUE, MSG_KEXGSS_COMPLETE) def _parse_kexgss_continue(self, m): """ @@ -538,12 +576,15 @@ class KexGSSGex(object): srv_token = m.get_string() m = Message() m.add_byte(c_MSG_KEXGSS_CONTINUE) - m.add_string(self.kexgss.ssh_init_sec_context(target=self.gss_host, - recv_token=srv_token)) + m.add_string( + self.kexgss.ssh_init_sec_context( + target=self.gss_host, recv_token=srv_token + ) + ) self.transport.send_message(m) - self.transport._expect_packet(MSG_KEXGSS_CONTINUE, - MSG_KEXGSS_COMPLETE, - MSG_KEXGSS_ERROR) + self.transport._expect_packet( + MSG_KEXGSS_CONTINUE, MSG_KEXGSS_COMPLETE, MSG_KEXGSS_ERROR + ) else: pass @@ -568,9 +609,13 @@ class KexGSSGex(object): # okay, build up the hash H of # (V_C || V_S || I_C || I_S || K_S || min || n || max || p || g || e || f || K) # noqa hm = Message() - hm.add(self.transport.local_version, self.transport.remote_version, - self.transport.local_kex_init, self.transport.remote_kex_init, - self.transport.host_key.__str__()) + hm.add( + self.transport.local_version, + self.transport.remote_version, + self.transport.local_kex_init, + self.transport.remote_kex_init, + self.transport.host_key.__str__(), + ) if not self.old_style: hm.add_int(self.min_bits) hm.add_int(self.preferred_bits) @@ -584,8 +629,9 @@ class KexGSSGex(object): H = sha1(hm.asbytes()).digest() self.transport._set_K_H(K, H) if srv_token is not None: - self.kexgss.ssh_init_sec_context(target=self.gss_host, - recv_token=srv_token) + self.kexgss.ssh_init_sec_context( + target=self.gss_host, recv_token=srv_token + ) self.kexgss.ssh_check_mic(mic_token, H) else: self.kexgss.ssh_check_mic(mic_token, H) @@ -606,12 +652,16 @@ class KexGSSGex(object): maj_status = m.get_int() min_status = m.get_int() err_msg = m.get_string() - m.get_string() # we don't care about the language (lang_tag)! - raise SSHException("""GSS-API Error: + m.get_string() # we don't care about the language (lang_tag)! + raise SSHException( + """GSS-API Error: Major Status: {} Minor Status: {} Error Message: {} -""".format(maj_status, min_status, err_msg)) +""".format( + maj_status, min_status, err_msg + ) + ) class NullHostKey(object): @@ -620,6 +670,7 @@ class NullHostKey(object): in `RFC 4462 Section 5 <https://tools.ietf.org/html/rfc4462.html#section-5>`_ """ + def __init__(self): self.key = "" |