diff options
Diffstat (limited to 'paramiko/transport.py')
| -rw-r--r-- | paramiko/transport.py | 120 |
1 files changed, 83 insertions, 37 deletions
diff --git a/paramiko/transport.py b/paramiko/transport.py index c4f0ca7c..ca9a62b4 100644 --- a/paramiko/transport.py +++ b/paramiko/transport.py @@ -17,6 +17,7 @@ # along with Paramiko; if not, write to the Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. +# flake8: noqa """ Core protocol implementation """ @@ -38,18 +39,20 @@ from paramiko import util from paramiko.auth_handler import AuthHandler from paramiko.ssh_gss import GSSAuth from paramiko.channel import Channel -from paramiko.common import xffffffff, cMSG_CHANNEL_OPEN, cMSG_IGNORE, \ - cMSG_GLOBAL_REQUEST, DEBUG, MSG_KEXINIT, MSG_IGNORE, MSG_DISCONNECT, \ - MSG_DEBUG, ERROR, WARNING, cMSG_UNIMPLEMENTED, INFO, cMSG_KEXINIT, \ - cMSG_NEWKEYS, MSG_NEWKEYS, cMSG_REQUEST_SUCCESS, cMSG_REQUEST_FAILURE, \ - CONNECTION_FAILED_CODE, OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED, \ - OPEN_SUCCEEDED, cMSG_CHANNEL_OPEN_FAILURE, cMSG_CHANNEL_OPEN_SUCCESS, \ - MSG_GLOBAL_REQUEST, MSG_REQUEST_SUCCESS, MSG_REQUEST_FAILURE, \ - MSG_CHANNEL_OPEN_SUCCESS, MSG_CHANNEL_OPEN_FAILURE, MSG_CHANNEL_OPEN, \ - MSG_CHANNEL_SUCCESS, MSG_CHANNEL_FAILURE, MSG_CHANNEL_DATA, \ - MSG_CHANNEL_EXTENDED_DATA, MSG_CHANNEL_WINDOW_ADJUST, MSG_CHANNEL_REQUEST, \ - MSG_CHANNEL_EOF, MSG_CHANNEL_CLOSE, MIN_WINDOW_SIZE, MIN_PACKET_SIZE, \ - MAX_WINDOW_SIZE, DEFAULT_WINDOW_SIZE, DEFAULT_MAX_PACKET_SIZE +from paramiko.common import ( + xffffffff, cMSG_CHANNEL_OPEN, cMSG_IGNORE, cMSG_GLOBAL_REQUEST, DEBUG, + MSG_KEXINIT, MSG_IGNORE, MSG_DISCONNECT, MSG_DEBUG, ERROR, WARNING, + cMSG_UNIMPLEMENTED, INFO, cMSG_KEXINIT, cMSG_NEWKEYS, MSG_NEWKEYS, + cMSG_REQUEST_SUCCESS, cMSG_REQUEST_FAILURE, CONNECTION_FAILED_CODE, + OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED, OPEN_SUCCEEDED, + cMSG_CHANNEL_OPEN_FAILURE, cMSG_CHANNEL_OPEN_SUCCESS, MSG_GLOBAL_REQUEST, + MSG_REQUEST_SUCCESS, MSG_REQUEST_FAILURE, MSG_CHANNEL_OPEN_SUCCESS, + MSG_CHANNEL_OPEN_FAILURE, MSG_CHANNEL_OPEN, MSG_CHANNEL_SUCCESS, + MSG_CHANNEL_FAILURE, MSG_CHANNEL_DATA, MSG_CHANNEL_EXTENDED_DATA, + MSG_CHANNEL_WINDOW_ADJUST, MSG_CHANNEL_REQUEST, MSG_CHANNEL_EOF, + MSG_CHANNEL_CLOSE, MIN_WINDOW_SIZE, MIN_PACKET_SIZE, MAX_WINDOW_SIZE, + DEFAULT_WINDOW_SIZE, DEFAULT_MAX_PACKET_SIZE, +) from paramiko.compress import ZlibCompressor, ZlibDecompressor from paramiko.dsskey import DSSKey from paramiko.kex_gex import KexGex, KexGexSHA256 @@ -1811,7 +1814,6 @@ class Transport (threading.Thread, ClosingContextManager): self.saved_exception = e except EOFError as e: self._log(DEBUG, 'EOF in transport thread') - #self._log(DEBUG, util.tb_strings()) self.saved_exception = e except socket.error as e: if type(e.args) is tuple: @@ -2075,7 +2077,8 @@ class Transport (threading.Thread, ClosingContextManager): self.remote_kex_init = cMSG_KEXINIT + m.get_so_far() def _activate_inbound(self): - """switch on newly negotiated encryption parameters for inbound traffic""" + """switch on newly negotiated encryption parameters for + inbound traffic""" block_size = self._cipher_info[self.remote_cipher]['block-size'] if self.server_mode: IV_in = self._compute_key('A', block_size) @@ -2099,18 +2102,22 @@ class Transport (threading.Thread, ClosingContextManager): self.packetizer.set_inbound_compressor(compress_in()) def _activate_outbound(self): - """switch on newly negotiated encryption parameters for outbound traffic""" + """switch on newly negotiated encryption parameters for + outbound traffic""" m = Message() m.add_byte(cMSG_NEWKEYS) self._send_message(m) block_size = self._cipher_info[self.local_cipher]['block-size'] if self.server_mode: IV_out = self._compute_key('B', block_size) - key_out = self._compute_key('D', self._cipher_info[self.local_cipher]['key-size']) + key_out = self._compute_key( + 'D', self._cipher_info[self.local_cipher]['key-size']) else: IV_out = self._compute_key('A', block_size) - key_out = self._compute_key('C', self._cipher_info[self.local_cipher]['key-size']) - engine = self._get_cipher(self.local_cipher, key_out, IV_out, self._ENCRYPT) + key_out = self._compute_key( + 'C', self._cipher_info[self.local_cipher]['key-size']) + engine = self._get_cipher( + self.local_cipher, key_out, IV_out, self._ENCRYPT) mac_size = self._mac_info[self.local_mac]['size'] mac_engine = self._mac_info[self.local_mac]['class'] # initial mac keys are done in the hash's natural size (not the @@ -2120,9 +2127,16 @@ class Transport (threading.Thread, ClosingContextManager): else: mac_key = self._compute_key('E', mac_engine().digest_size) sdctr = self.local_cipher.endswith('-ctr') - self.packetizer.set_outbound_cipher(engine, block_size, mac_engine, mac_size, mac_key, sdctr) + self.packetizer.set_outbound_cipher( + engine, block_size, mac_engine, mac_size, mac_key, sdctr) compress_out = self._compression_info[self.local_compression][0] - if (compress_out is not None) and ((self.local_compression != 'zlib@openssh.com') or self.authenticated): + if ( + compress_out is not None and + ( + self.local_compression != 'zlib@openssh.com' or + self.authenticated + ) + ): self._log(DEBUG, 'Switching on outbound compression ...') self.packetizer.set_outbound_compressor(compress_out()) if not self.packetizer.need_rekey(): @@ -2178,7 +2192,10 @@ class Transport (threading.Thread, ClosingContextManager): self._log(DEBUG, 'Received global request "%s"' % kind) want_reply = m.get_boolean() if not self.server_mode: - self._log(DEBUG, 'Rejecting "%s" global request from server.' % kind) + self._log( + DEBUG, + 'Rejecting "%s" global request from server.' % kind + ) ok = False elif kind == 'tcpip-forward': address = m.get_text() @@ -2229,7 +2246,8 @@ class Transport (threading.Thread, ClosingContextManager): return self.lock.acquire() try: - chan._set_remote_channel(server_chanid, server_window_size, server_max_packet_size) + chan._set_remote_channel( + server_chanid, server_window_size, server_max_packet_size) self._log(DEBUG, 'Secsh channel %d opened.' % chanid) if chanid in self.channel_events: self.channel_events[chanid].set() @@ -2242,9 +2260,13 @@ class Transport (threading.Thread, ClosingContextManager): chanid = m.get_int() reason = m.get_int() reason_str = m.get_text() - lang = m.get_text() + m.get_text() # ignored language reason_text = CONNECTION_FAILED_CODE.get(reason, '(unknown code)') - self._log(ERROR, 'Secsh channel %d open FAILED: %s: %s' % (chanid, reason_str, reason_text)) + self._log( + ERROR, + 'Secsh channel %d open FAILED: %s: %s' % ( + chanid, reason_str, reason_text) + ) self.lock.acquire() try: self.saved_exception = ChannelException(reason, reason_text) @@ -2263,7 +2285,10 @@ class Transport (threading.Thread, ClosingContextManager): initial_window_size = m.get_int() max_packet_size = m.get_int() reject = False - if (kind == 'auth-agent@openssh.com') and (self._forward_agent_handler is not None): + if ( + kind == 'auth-agent@openssh.com' and + self._forward_agent_handler is not None + ): self._log(DEBUG, 'Incoming forward agent connection') self.lock.acquire() try: @@ -2273,7 +2298,11 @@ class Transport (threading.Thread, ClosingContextManager): elif (kind == 'x11') and (self._x11_handler is not None): origin_addr = m.get_text() origin_port = m.get_int() - self._log(DEBUG, 'Incoming x11 connection from %s:%d' % (origin_addr, origin_port)) + self._log( + DEBUG, + 'Incoming x11 connection from %s:%d' % ( + origin_addr, origin_port) + ) self.lock.acquire() try: my_chanid = self._next_channel() @@ -2284,14 +2313,20 @@ class Transport (threading.Thread, ClosingContextManager): server_port = m.get_int() origin_addr = m.get_text() origin_port = m.get_int() - self._log(DEBUG, 'Incoming tcp forwarded connection from %s:%d' % (origin_addr, origin_port)) + self._log( + DEBUG, + 'Incoming tcp forwarded connection from %s:%d' % ( + origin_addr, origin_port) + ) self.lock.acquire() try: my_chanid = self._next_channel() finally: self.lock.release() elif not self.server_mode: - self._log(DEBUG, 'Rejecting "%s" channel request from server.' % kind) + self._log( + DEBUG, + 'Rejecting "%s" channel request from server.' % kind) reject = True reason = OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED else: @@ -2307,11 +2342,17 @@ class Transport (threading.Thread, ClosingContextManager): origin_addr = m.get_text() origin_port = m.get_int() reason = self.server_object.check_channel_direct_tcpip_request( - my_chanid, (origin_addr, origin_port), (dest_addr, dest_port)) + my_chanid, + (origin_addr, origin_port), + (dest_addr, dest_port) + ) else: - reason = self.server_object.check_channel_request(kind, my_chanid) + reason = self.server_object.check_channel_request( + kind, my_chanid) if reason != OPEN_SUCCEEDED: - self._log(DEBUG, 'Rejecting "%s" channel request from client.' % kind) + self._log( + DEBUG, + 'Rejecting "%s" channel request from client.' % kind) reject = True if reject: msg = Message() @@ -2329,8 +2370,10 @@ class Transport (threading.Thread, ClosingContextManager): self._channels.put(my_chanid, chan) self.channels_seen[my_chanid] = True chan._set_transport(self) - chan._set_window(self.default_window_size, self.default_max_packet_size) - chan._set_remote_channel(chanid, initial_window_size, max_packet_size) + chan._set_window( + self.default_window_size, self.default_max_packet_size) + chan._set_remote_channel( + chanid, initial_window_size, max_packet_size) finally: self.lock.release() m = Message() @@ -2347,14 +2390,18 @@ class Transport (threading.Thread, ClosingContextManager): self._x11_handler(chan, (origin_addr, origin_port)) elif kind == 'forwarded-tcpip': chan.origin_addr = (origin_addr, origin_port) - self._tcp_handler(chan, (origin_addr, origin_port), (server_addr, server_port)) + self._tcp_handler( + chan, + (origin_addr, origin_port), + (server_addr, server_port) + ) else: self._queue_incoming_channel(chan) def _parse_debug(self, m): - always_display = m.get_boolean() + m.get_boolean() # always_display msg = m.get_string() - lang = m.get_string() + m.get_string() # language self._log(DEBUG, 'Debug msg: {0}'.format(util.safe_string(msg))) def _get_subsystem_handler(self, name): @@ -2401,7 +2448,6 @@ class SecurityOptions (object): ``ValueError`` will be raised. If you try to assign something besides a tuple to one of the fields, ``TypeError`` will be raised. """ - #__slots__ = [ 'ciphers', 'digests', 'key_types', 'kex', 'compression', '_transport' ] __slots__ = '_transport' def __init__(self, transport): |