ó =OXc@s dZddlZddlmZmZddlmZddlmZddl m Z ddl m Z m Z mZddlmZed d ƒ\ZZZZZged d ƒD]Ze eƒ^q²\ZZZZZd efd „ƒYZd efd„ƒYZdS(sÒ Variant on `KexGroup1 ` where the prime "p" and generator "g" are provided by the server. A bit more work is required on the client side, and a **lot** more on the server side. iÿÿÿÿN(tsha1tsha256(tutil(tDEBUG(tMessage(tbyte_chrtbyte_ordt byte_mask(t SSHExceptionii#tKexGexcBszeZdZdZdZdZeZd„Ze d„Z d„Z d„Z d„Z d „Zd „Zd „Zd „ZRS( s"diffie-hellman-group-exchange-sha1ii icCsL||_d|_d|_d|_d|_d|_d|_t|_ dS(N( t transporttNonetptqtgtxtetftFalset old_style(tselfR ((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyt__init__1s       cCs¼|jjr#|jjttƒdStƒ}|r[|jtƒ|j|j ƒt |_ n=|jt ƒ|j|j ƒ|j|j ƒ|j|jƒ|jj|ƒ|jjtƒdS(N(R t server_modet_expect_packett_MSG_KEXDH_GEX_REQUESTt_MSG_KEXDH_GEX_REQUEST_OLDRtadd_bytetc_MSG_KEXDH_GEX_REQUEST_OLDtadd_inttpreferred_bitstTrueRtc_MSG_KEXDH_GEX_REQUESTtmin_bitstmax_bitst _send_messaget_MSG_KEXDH_GEX_GROUP(Rt_test_old_styletm((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyt start_kex;s     cCs—|tkr|j|ƒS|tkr2|j|ƒS|tkrK|j|ƒS|tkrd|j|ƒS|tkr}|j |ƒSt d|j |ƒ‚dS(Ns(KexGex %s asked to handle packet type %d( Rt_parse_kexdh_gex_requestR#t_parse_kexdh_gex_groupt_MSG_KEXDH_GEX_INITt_parse_kexdh_gex_initt_MSG_KEXDH_GEX_REPLYt_parse_kexdh_gex_replyRt_parse_kexdh_gex_request_oldRtname(RtptypeR%((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyt parse_nextPs          cCsÜ|jdd}tj|dƒ}t|dƒ}t|ƒ}d}x"|d@si|dK}|dL}qHWxbtrÎtj|ƒ}t|d|ƒ|d}tj |dƒ}|dkrm||krmPqmqmW||_ dS(Niiiiÿi€( R Rt deflate_longRtlenRtosturandomRt inflate_longR(RR tqnormtqhbytet byte_counttqmasktx_bytesR((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyt _generate_x_s    cCsd|jƒ}|jƒ}|jƒ}||jkr?|j}n||jkrZ|j}n||kro|}n||kr„|}n||_||_||_|jjƒ}|dkrÉtdƒ‚n|jjt d|||fƒ|j |||ƒ\|_ |_ t ƒ}|jtƒ|j|j ƒ|j|j ƒ|jj|ƒ|jjtƒdS(Ns-Can't do server-side gex with no modulus packsPicking p (%d <= %d <= %d bits)(tget_intR!R RR t_get_modulus_packR Rt_logRt get_modulusRR RRtc_MSG_KEXDH_GEX_GROUPt add_mpintR"RR)(RR%tminbitst preferredbitstmaxbitstpack((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyR'qs2              !  cCs%|jƒ|_|j|jkr0|j|_n|j|jkrQ|j|_n|jjƒ}|dkr{tdƒ‚n|jjt d|jfƒ|j |j|j|jƒ\|_ |_ t ƒ}|jtƒ|j|j ƒ|j|j ƒ|jj|ƒ|jjtƒt|_dS(Ns-Can't do server-side gex with no modulus packsPicking p (~ %d bits)(R<RR!R R R=R RR>RR?RR RRR@RAR"RR)RR(RR%RE((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyR-’s" *  cCsä|jƒ|_|jƒ|_tj|jƒ}|dksH|dkr[td|ƒ‚n|jjtd|ƒ|j ƒt |j|j |jƒ|_ t ƒ}|jtƒ|j|j ƒ|jj|ƒ|jjtƒdS(Nii s<Server-generated gex p (don't ask) is out of range (%d bits)sGot server p (%d bits)(t get_mpintR RRt bit_lengthRR R>RR;tpowRRRRtc_MSG_KEXDH_GEX_INITRAR"RR+(RR%tbitlen((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyR(¨s   cCs|jƒ|_|jdks4|j|jdkrCtdƒ‚n|jƒt|j|j|jƒ|_t|j|j|jƒ}|j j ƒj ƒ}t ƒ}|j |j j|j j|j j|j j|ƒ|jsñ|j|jƒn|j|jƒ|js|j|jƒn|j|jƒ|j|jƒ|j|jƒ|j|jƒ|j|ƒ|j|j ƒƒjƒ}|j j||ƒ|j j ƒj|ƒ}t ƒ}|jtƒ|j|ƒ|j|jƒ|j|ƒ|j j|ƒ|j j ƒdS(NisClient kex "e" is out of range(!RFRR RR;RHRRRR tget_server_keytasbytesRtaddtremote_versiont local_versiontremote_kex_inittlocal_kex_initRRR RR!RAt hash_algotdigestt_set_K_Ht sign_ssh_dataRtc_MSG_KEXDH_GEX_REPLYt add_stringR"t_activate_outbound(RR%tKtkeythmtHtsig((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyR*¹s>%         cCs‘|jƒ}|jƒ|_|jƒ}|jdksL|j|jdkr[tdƒ‚nt|j|j|jƒ}tƒ}|j|j j |j j |j j |j j |ƒ|jsÌ|j|jƒn|j|jƒ|jsø|j|jƒn|j|jƒ|j|jƒ|j|jƒ|j|jƒ|j|ƒ|j j||j|jƒƒjƒƒ|j j||ƒ|j jƒdS(NisServer kex "f" is out of range(t get_stringRFRR RRHRRRMR RORNRQRPRRR RR!RARRRTRRRLRSt _verify_keyRX(RR%thost_keyR]RYR[((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyR,Ýs.  %    ((t__name__t __module__R.R R!RRRRRRR&R0R;R'R-R(R*R,(((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyR )s    !   $t KexGexSHA256cBseZdZeZRS(s$diffie-hellman-group-exchange-sha256(RaRbR.RRR(((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyRc÷s( t__doc__R3thashlibRRtparamikoRtparamiko.commonRtparamiko.messageRtparamiko.py3compatRRRtparamiko.ssh_exceptionRtrangeRR#R)R+RtcRR@RIRVRtobjectR Rc(((s4/usr/lib/python2.7/site-packages/paramiko/kex_gex.pyts 7Î