diff options
| author | Jeff Forcier <jeff@bitprophet.org> | 2018-09-17 18:33:49 -0700 |
|---|---|---|
| committer | Jeff Forcier <jeff@bitprophet.org> | 2018-09-17 18:33:49 -0700 |
| commit | dc82971c1af0d147433c948dc440ffabdc276a7c (patch) | |
| tree | 3bcf9317a71da26653cb614a9d7beb755d0f3cea /paramiko | |
| parent | 008ac2bfb2f886346ba17bd8f47e92fa8b436a3c (diff) | |
| download | paramiko-dc82971c1af0d147433c948dc440ffabdc276a7c.tar.gz | |
Blacken, 2.2 edition
Diffstat (limited to 'paramiko')
| -rw-r--r-- | paramiko/auth_handler.py | 2 | ||||
| -rw-r--r-- | paramiko/channel.py | 1 | ||||
| -rw-r--r-- | paramiko/ecdsakey.py | 9 | ||||
| -rw-r--r-- | paramiko/ed25519key.py | 13 | ||||
| -rw-r--r-- | paramiko/hostkeys.py | 2 | ||||
| -rw-r--r-- | paramiko/kex_ecdh_nist.py | 20 | ||||
| -rw-r--r-- | paramiko/kex_gss.py | 10 | ||||
| -rw-r--r-- | paramiko/rsakey.py | 5 | ||||
| -rw-r--r-- | paramiko/sftp_client.py | 39 | ||||
| -rw-r--r-- | paramiko/sftp_server.py | 2 | ||||
| -rw-r--r-- | paramiko/transport.py | 58 |
11 files changed, 103 insertions, 58 deletions
diff --git a/paramiko/auth_handler.py b/paramiko/auth_handler.py index 04ee2d75..c1616a5e 100644 --- a/paramiko/auth_handler.py +++ b/paramiko/auth_handler.py @@ -228,7 +228,7 @@ class AuthHandler(object): if event.is_set(): break if max_ts is not None and max_ts <= time.time(): - raise AuthenticationException('Authentication timeout.') + raise AuthenticationException("Authentication timeout.") if not self.is_authenticated(): e = self.transport.get_exception() diff --git a/paramiko/channel.py b/paramiko/channel.py index bf8fcb09..fd61bd65 100644 --- a/paramiko/channel.py +++ b/paramiko/channel.py @@ -25,6 +25,7 @@ import os import socket import time import threading + # TODO: switch as much of py3compat.py to 'six' as possible, then use six.wraps from functools import wraps diff --git a/paramiko/ecdsakey.py b/paramiko/ecdsakey.py index 7cfed333..e2e6604f 100644 --- a/paramiko/ecdsakey.py +++ b/paramiko/ecdsakey.py @@ -179,8 +179,13 @@ class ECDSAKey(PKey): return self.asbytes() def __hash__(self): - return hash((self.get_name(), self.verifying_key.public_numbers().x, - self.verifying_key.public_numbers().y)) + return hash( + ( + self.get_name(), + self.verifying_key.public_numbers().x, + self.verifying_key.public_numbers().y, + ) + ) def get_name(self): return self.ecdsa_curve.key_format_identifier diff --git a/paramiko/ed25519key.py b/paramiko/ed25519key.py index 1557c5b2..77d4d37d 100644 --- a/paramiko/ed25519key.py +++ b/paramiko/ed25519key.py @@ -67,6 +67,7 @@ class Ed25519Key(PKey): def _parse_signing_key_data(self, data, password): from paramiko.transport import Transport + # We may eventually want this to be usable for other key types, as # OpenSSH moves to it, but for now this is just for Ed25519 keys. # This format is described here: @@ -123,9 +124,9 @@ class Ed25519Key(PKey): ignore_few_rounds=True, ) decryptor = Cipher( - cipher["class"](key[:cipher["key-size"]]), - cipher["mode"](key[cipher["key-size"]:]), - backend=default_backend() + cipher["class"](key[: cipher["key-size"]]), + cipher["mode"](key[cipher["key-size"] :]), + backend=default_backend(), ).decryptor() private_data = ( decryptor.update(private_ciphertext) + decryptor.finalize() @@ -147,8 +148,10 @@ class Ed25519Key(PKey): signing_key = nacl.signing.SigningKey(key_data[:32]) # Verify that all the public keys are the same... assert ( - signing_key.verify_key.encode() == public == public_keys[i] == - key_data[32:] + signing_key.verify_key.encode() + == public + == public_keys[i] + == key_data[32:] ) signing_keys.append(signing_key) # Comment, ignore. diff --git a/paramiko/hostkeys.py b/paramiko/hostkeys.py index 20a2d93c..1cdddb62 100644 --- a/paramiko/hostkeys.py +++ b/paramiko/hostkeys.py @@ -360,7 +360,7 @@ class HostKeyEntry: key = DSSKey(data=decodebytes(key)) elif keytype in ECDSAKey.supported_key_format_identifiers(): key = ECDSAKey(data=decodebytes(key), validate_point=False) - elif keytype == 'ssh-ed25519': + elif keytype == "ssh-ed25519": key = Ed25519Key(data=decodebytes(key)) else: log.info("Unable to handle key of type %s" % (keytype,)) diff --git a/paramiko/kex_ecdh_nist.py b/paramiko/kex_ecdh_nist.py index 702a872d..496805ab 100644 --- a/paramiko/kex_ecdh_nist.py +++ b/paramiko/kex_ecdh_nist.py @@ -15,7 +15,7 @@ _MSG_KEXECDH_INIT, _MSG_KEXECDH_REPLY = range(30, 32) c_MSG_KEXECDH_INIT, c_MSG_KEXECDH_REPLY = [byte_chr(c) for c in range(30, 32)] -class KexNistp256(): +class KexNistp256: name = "ecdh-sha2-nistp256" hash_algo = sha256 @@ -45,7 +45,7 @@ class KexNistp256(): return self._parse_kexecdh_init(m) elif not self.transport.server_mode and (ptype == _MSG_KEXECDH_REPLY): return self._parse_kexecdh_reply(m) - raise SSHException('KexECDH asked to handle packet type %d' % ptype) + raise SSHException("KexECDH asked to handle packet type %d" % ptype) def _generate_key_pair(self): self.P = ec.generate_private_key(self.curve, default_backend()) @@ -64,8 +64,12 @@ class KexNistp256(): K = long(hexlify(K), 16) # compute exchange hash hm = Message() - hm.add(self.transport.remote_version, self.transport.local_version, - self.transport.remote_kex_init, self.transport.local_kex_init) + hm.add( + self.transport.remote_version, + self.transport.local_version, + self.transport.remote_kex_init, + self.transport.local_kex_init, + ) hm.add_string(K_S) hm.add_string(Q_C_bytes) # SEC1: V2.0 2.3.3 Elliptic-Curve-Point-to-Octet-String Conversion @@ -94,8 +98,12 @@ class KexNistp256(): K = long(hexlify(K), 16) # compute exchange hash and verify signature hm = Message() - hm.add(self.transport.local_version, self.transport.remote_version, - self.transport.local_kex_init, self.transport.remote_kex_init) + hm.add( + self.transport.local_version, + self.transport.remote_version, + self.transport.local_kex_init, + self.transport.remote_kex_init, + ) hm.add_string(K_S) # SEC1: V2.0 2.3.3 Elliptic-Curve-Point-to-Octet-String Conversion hm.add_string(self.Q_C.public_numbers().encode_point()) diff --git a/paramiko/kex_gss.py b/paramiko/kex_gss.py index 362d211c..d76bb2dd 100644 --- a/paramiko/kex_gss.py +++ b/paramiko/kex_gss.py @@ -225,8 +225,9 @@ class KexGSSGroup1(object): H = sha1(str(hm)).digest() self.transport._set_K_H(K, H) if srv_token is not None: - self.kexgss.ssh_init_sec_context(target=self.gss_host, - recv_token=srv_token) + self.kexgss.ssh_init_sec_context( + target=self.gss_host, recv_token=srv_token + ) self.kexgss.ssh_check_mic(mic_token, H) else: self.kexgss.ssh_check_mic(mic_token, H) @@ -619,8 +620,9 @@ class KexGSSGex(object): H = sha1(hm.asbytes()).digest() self.transport._set_K_H(K, H) if srv_token is not None: - self.kexgss.ssh_init_sec_context(target=self.gss_host, - recv_token=srv_token) + self.kexgss.ssh_init_sec_context( + target=self.gss_host, recv_token=srv_token + ) self.kexgss.ssh_check_mic(mic_token, H) else: self.kexgss.ssh_check_mic(mic_token, H) diff --git a/paramiko/rsakey.py b/paramiko/rsakey.py index bf7f5750..d6230989 100644 --- a/paramiko/rsakey.py +++ b/paramiko/rsakey.py @@ -97,8 +97,9 @@ class RSAKey(PKey): return self.asbytes().decode("utf8", errors="ignore") def __hash__(self): - return hash((self.get_name(), self.public_numbers.e, - self.public_numbers.n)) + return hash( + (self.get_name(), self.public_numbers.e, self.public_numbers.n) + ) def get_name(self): return "ssh-rsa" diff --git a/paramiko/sftp_client.py b/paramiko/sftp_client.py index ea81fa5a..425aa87d 100644 --- a/paramiko/sftp_client.py +++ b/paramiko/sftp_client.py @@ -30,12 +30,37 @@ from paramiko.message import Message from paramiko.common import INFO, DEBUG, o777 from paramiko.py3compat import bytestring, b, u, long from paramiko.sftp import ( - BaseSFTP, CMD_OPENDIR, CMD_HANDLE, SFTPError, CMD_READDIR, CMD_NAME, - CMD_CLOSE, SFTP_FLAG_READ, SFTP_FLAG_WRITE, SFTP_FLAG_CREATE, - SFTP_FLAG_TRUNC, SFTP_FLAG_APPEND, SFTP_FLAG_EXCL, CMD_OPEN, CMD_REMOVE, - CMD_RENAME, CMD_MKDIR, CMD_RMDIR, CMD_STAT, CMD_ATTRS, CMD_LSTAT, - CMD_SYMLINK, CMD_SETSTAT, CMD_READLINK, CMD_REALPATH, CMD_STATUS, - CMD_EXTENDED, SFTP_OK, SFTP_EOF, SFTP_NO_SUCH_FILE, SFTP_PERMISSION_DENIED, + BaseSFTP, + CMD_OPENDIR, + CMD_HANDLE, + SFTPError, + CMD_READDIR, + CMD_NAME, + CMD_CLOSE, + SFTP_FLAG_READ, + SFTP_FLAG_WRITE, + SFTP_FLAG_CREATE, + SFTP_FLAG_TRUNC, + SFTP_FLAG_APPEND, + SFTP_FLAG_EXCL, + CMD_OPEN, + CMD_REMOVE, + CMD_RENAME, + CMD_MKDIR, + CMD_RMDIR, + CMD_STAT, + CMD_ATTRS, + CMD_LSTAT, + CMD_SYMLINK, + CMD_SETSTAT, + CMD_READLINK, + CMD_REALPATH, + CMD_STATUS, + CMD_EXTENDED, + SFTP_OK, + SFTP_EOF, + SFTP_NO_SUCH_FILE, + SFTP_PERMISSION_DENIED, ) from paramiko.sftp_attr import SFTPAttributes @@ -406,7 +431,7 @@ class SFTPClient(BaseSFTP, ClosingContextManager): """ oldpath = self._adjust_cwd(oldpath) newpath = self._adjust_cwd(newpath) - self._log(DEBUG, 'posix_rename(%r, %r)' % (oldpath, newpath)) + self._log(DEBUG, "posix_rename(%r, %r)" % (oldpath, newpath)) self._request( CMD_EXTENDED, "posix-rename@openssh.com", oldpath, newpath ) diff --git a/paramiko/sftp_server.py b/paramiko/sftp_server.py index 8c5e68fc..5c23ea2b 100644 --- a/paramiko/sftp_server.py +++ b/paramiko/sftp_server.py @@ -526,7 +526,7 @@ class SFTPServer(BaseSFTP, SubsystemHandler): tag = msg.get_text() if tag == "check-file": self._check_file(request_number, msg) - elif tag == 'posix-rename@openssh.com': + elif tag == "posix-rename@openssh.com": oldpath = msg.get_text() newpath = msg.get_text() self._send_status( diff --git a/paramiko/transport.py b/paramiko/transport.py index a0890805..d1aa6b19 100644 --- a/paramiko/transport.py +++ b/paramiko/transport.py @@ -160,21 +160,21 @@ class Transport(threading.Thread, ClosingContextManager): "hmac-md5-96", ) _preferred_keys = ( - 'ssh-ed25519', - 'ecdsa-sha2-nistp256', - 'ecdsa-sha2-nistp384', - 'ecdsa-sha2-nistp521', - 'ssh-rsa', - 'ssh-dss', + "ssh-ed25519", + "ecdsa-sha2-nistp256", + "ecdsa-sha2-nistp384", + "ecdsa-sha2-nistp521", + "ssh-rsa", + "ssh-dss", ) _preferred_kex = ( - 'ecdh-sha2-nistp256', - 'ecdh-sha2-nistp384', - 'ecdh-sha2-nistp521', - 'diffie-hellman-group-exchange-sha256', - 'diffie-hellman-group-exchange-sha1', - 'diffie-hellman-group14-sha1', - 'diffie-hellman-group1-sha1', + "ecdh-sha2-nistp256", + "ecdh-sha2-nistp384", + "ecdh-sha2-nistp521", + "diffie-hellman-group-exchange-sha256", + "diffie-hellman-group-exchange-sha1", + "diffie-hellman-group14-sha1", + "diffie-hellman-group1-sha1", ) _preferred_gsskex = ( "gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==", @@ -244,25 +244,25 @@ class Transport(threading.Thread, ClosingContextManager): } _key_info = { - 'ssh-rsa': RSAKey, - 'ssh-dss': DSSKey, - 'ecdsa-sha2-nistp256': ECDSAKey, - 'ecdsa-sha2-nistp384': ECDSAKey, - 'ecdsa-sha2-nistp521': ECDSAKey, - 'ssh-ed25519': Ed25519Key, + "ssh-rsa": RSAKey, + "ssh-dss": DSSKey, + "ecdsa-sha2-nistp256": ECDSAKey, + "ecdsa-sha2-nistp384": ECDSAKey, + "ecdsa-sha2-nistp521": ECDSAKey, + "ssh-ed25519": Ed25519Key, } _kex_info = { - 'diffie-hellman-group1-sha1': KexGroup1, - 'diffie-hellman-group14-sha1': KexGroup14, - 'diffie-hellman-group-exchange-sha1': KexGex, - 'diffie-hellman-group-exchange-sha256': KexGexSHA256, - 'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==': KexGSSGroup1, - 'gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==': KexGSSGroup14, - 'gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==': KexGSSGex, - 'ecdh-sha2-nistp256': KexNistp256, - 'ecdh-sha2-nistp384': KexNistp384, - 'ecdh-sha2-nistp521': KexNistp521, + "diffie-hellman-group1-sha1": KexGroup1, + "diffie-hellman-group14-sha1": KexGroup14, + "diffie-hellman-group-exchange-sha1": KexGex, + "diffie-hellman-group-exchange-sha256": KexGexSHA256, + "gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==": KexGSSGroup1, + "gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==": KexGSSGroup14, + "gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==": KexGSSGex, + "ecdh-sha2-nistp256": KexNistp256, + "ecdh-sha2-nistp384": KexNistp384, + "ecdh-sha2-nistp521": KexNistp521, } _compression_info = { |