ó õùPc@s˜dZddlmZddlmZddlTddlmZddlm Z ddl m Z e dd ƒ\Z ZZZZd efd „ƒYZd S( sÒ Variant on L{KexGroup1 } where the prime "p" and generator "g" are provided by the server. A bit more work is required on the client side, and a B{lot} more on the server side. iÿÿÿÿ(tSHA(tnumber(t*(tutil(tMessage(t SSHExceptionii#tKexGexcBsteZdZdZdZdZd„Zed„Zd„Z d„Z d„Z d „Z d „Z d „Zd „ZRS( s"diffie-hellman-group-exchange-sha1ii icCsL||_d|_d|_d|_d|_d|_d|_t|_ dS(N( t transporttNonetptqtgtxtetftFalset old_style(tselfR((s+..\python\site-packages\paramiko\kex_gex.pyt__init__-s       cCsÈ|jjr#|jjttƒdStƒ}|ra|jttƒƒ|j|j ƒt |_ nC|jttƒƒ|j|j ƒ|j|j ƒ|j|j ƒ|jj|ƒ|jjtƒdS(N(Rt server_modet_expect_packett_MSG_KEXDH_GEX_REQUESTt_MSG_KEXDH_GEX_REQUEST_OLDRtadd_bytetchrtadd_inttpreferred_bitstTrueRtmin_bitstmax_bitst _send_messaget_MSG_KEXDH_GEX_GROUP(Rt_test_old_styletm((s+..\python\site-packages\paramiko\kex_gex.pyt start_kex7s   cCs‘|tkr|j|ƒS|tkr2|j|ƒS|tkrK|j|ƒS|tkrd|j|ƒS|tkr}|j |ƒSt d|ƒ‚dS(Ns%KexGex asked to handle packet type %d( Rt_parse_kexdh_gex_requestRt_parse_kexdh_gex_groupt_MSG_KEXDH_GEX_INITt_parse_kexdh_gex_initt_MSG_KEXDH_GEX_REPLYt_parse_kexdh_gex_replyRt_parse_kexdh_gex_request_oldR(RtptypeR!((s+..\python\site-packages\paramiko\kex_gex.pyt parse_nextLs          cCsé|jdd}tj|dƒ}t|dƒ}t|ƒ}d}x"|d@si|dK}|dL}qHWxotrÛ|jjj|ƒ}t t|dƒ|@ƒ|d}tj |dƒ}|dkrm||krmPqmqmW||_ dS(Niiiiÿi€( R Rt deflate_longtordtlenRRtrngtreadRt inflate_longR (RR tqnormtqhbytetbytestqmasktx_bytesR ((s+..\python\site-packages\paramiko\kex_gex.pyt _generate_x]s    "cCsj|jƒ}|jƒ}|jƒ}||jkr?|j}n||jkrZ|j}n||kro|}n||kr„|}n||_||_||_|jjƒ}|dkrÉtdƒ‚n|jjt d|||fƒ|j |||ƒ\|_ |_ t ƒ}|jttƒƒ|j|j ƒ|j|j ƒ|jj|ƒ|jjtƒdS(Ns-Can't do server-side gex with no modulus packsPicking p (%d <= %d <= %d bits)(tget_intRRRRt_get_modulus_packRRt_logtDEBUGt get_modulusR R RRRRt add_mpintRRR%(RR!tminbitst preferredbitstmaxbitstpack((s+..\python\site-packages\paramiko\kex_gex.pyR#os2              ! cCs+|jƒ|_|j|jkr0|j|_n|j|jkrQ|j|_n|jjƒ}|dkr{tdƒ‚n|jjt d|jfƒ|j |j|j|jƒ\|_ |_ t ƒ}|jttƒƒ|j|j ƒ|j|j ƒ|jj|ƒ|jjtƒt|_dS(Ns-Can't do server-side gex with no modulus packsPicking p (~ %d bits)(R8RRRRR9RRR:R;R<R R RRRRR=RRR%RR(RR!RA((s+..\python\site-packages\paramiko\kex_gex.pyR)s" * cCsê|jƒ|_|jƒ|_tj|jƒ}|dksH|dkr[td|ƒ‚n|jjtd|ƒ|j ƒt |j|j |jƒ|_ t ƒ}|jttƒƒ|j|j ƒ|jj|ƒ|jjtƒdS(Nii s<Server-generated gex p (don't ask) is out of range (%d bits)sGot server p (%d bits)(t get_mpintR R Rt bit_lengthRRR:R;R7tpowR R RRRR%R=RRR'(RR!tbitlen((s+..\python\site-packages\paramiko\kex_gex.pyR$¦s  cCs&|jƒ|_|jdks4|j|jdkrCtdƒ‚n|jƒt|j|j|jƒ|_t|j|j|jƒ}t |j j ƒƒ}t ƒ}|j |j j|j j|j j|j j|ƒ|jsñ|j|jƒn|j|jƒ|js|j|jƒn|j|jƒ|j|jƒ|j|jƒ|j|jƒ|j|ƒtjt |ƒƒjƒ}|j j||ƒ|j j ƒj|j j|ƒ}t ƒ}|jtt ƒƒ|j!|ƒ|j|jƒ|j!t |ƒƒ|j j"|ƒ|j j#ƒdS(NisClient kex "e" is out of range($RBR R RR7RDR R RtstrRtget_server_keyRtaddtremote_versiont local_versiontremote_kex_inittlocal_kex_initRRRRRR=Rtnewtdigestt_set_K_Ht sign_ssh_dataR/RRR't add_stringRt_activate_outbound(RR!tKtkeythmtHtsig((s+..\python\site-packages\paramiko\kex_gex.pyR&·s>%     !  cCs‘|jƒ}|jƒ|_|jƒ}|jdksL|j|jdkr[tdƒ‚nt|j|j|jƒ}tƒ}|j|j j |j j |j j |j j |ƒ|jsÌ|j|jƒn|j|jƒ|jsø|j|jƒn|j|jƒ|j|jƒ|j|jƒ|j|jƒ|j|ƒ|j j|tjt|ƒƒjƒƒ|j j||ƒ|j jƒdS(NisServer kex "f" is out of range(t get_stringRBRR RRDR RRHRRJRIRLRKRRRRRR=R R RORRMRFRNt _verify_keyRR(RR!thost_keyRWRSRU((s+..\python\site-packages\paramiko\kex_gex.pyR(Ûs.  %    ((t__name__t __module__tnameRRRRRR"R+R7R#R)R$R&R((((s+..\python\site-packages\paramiko\kex_gex.pyR&s    !   $N(t__doc__t Crypto.HashRt Crypto.UtilRtparamiko.commontparamikoRtparamiko.messageRtparamiko.ssh_exceptionRtrangeRRR%R'RtobjectR(((s+..\python\site-packages\paramiko\kex_gex.pyts