Eqg,pdZddlZddlZddlZddlZddlZddlZddlZddl ZGddej j Z Gddej j Z Gddej j ZGd d ej j ZGd d ej j ZGd deZGddeZGddeZGddeZejdZejdZejdZejdZejdZejdZejdZejdZejdZejdZ eZ!eded ed!ed"ed#ed$ed%ed!ed"e d&i Z"Gd'd(Z#Gd)d*Z$Gd+d,Z%d5d-Z&d.Z'd6d0Z( d7d1Z)d2Z*Gd3d4Z+dS)8zDNS TSIG support.NceZdZdZdS)BadTimez8The current time is not within the TSIG's validity time.N__name__ __module__ __qualname____doc__:/var/www/html/env/lib/python3.11/site-packages/dns/tsig.pyrrsBBBBr rceZdZdZdS) BadSignaturez#The TSIG signature fails to verify.Nrr r r rr#s----r rceZdZdZdS)BadKeyz2The TSIG record owner name does not match the key.Nrr r r rr's<<<s r r.zGSSTSigAdapter.__init__s  r c||jvrR|j|}t|tr.|jtkr|rt ||||SdSr0)r> isinstanceKey algorithmGSS_TSIGr<parse_tkey_and_step)r-messagekeynamekeys r __call__zGSSTSigAdapter.__call__se dl " ",w'C#s## N (A(AN"66sGWMMMJ4r c ||j|tjjtjj}|r)|dj}|j}| |SdS#t$rYdSwxYw)Nr) find_rrsetanswerdns rdataclassANY rdatatypeTKEYrGsecretstepKeyError)clsrGrErFrrsettokenr*s r rDz"GSSTSigAdapter.parse_tkey_and_steps &&);S]=OE 2a !$%**5111 2 2    DD sA%A** A87A8N)rrrr.rH classmethodrDr r r r<r<sM[r r<ceZdZdZeejeeje ej e ej dfe ej eej dfeejeejdfeeji ZdZdZdZdZd S) HMACTSigzo HMAC TSIG implementation. This uses the HMAC python module to handle the sign/verify operations. r&c |j|}n!#t$rtd|dwxYwt|tr/t j||d|_|d|_n"t j|||_d|_|jj |_ |jr|xj d|jz c_ dSdS)NzTSIG algorithm z is not supportedr) digestmod-) _hashesrSNotImplementedErrorr@tuplehmacnew hmac_contextsizer,)r-rGrBhashinfos r r.zHMACTSig.__init__s V|I.HH V V V%&T &T&T&TUU U V h & &  $ D D DD   DII $ A A AD DI%* 9 ) IITY (IIII ) )s .c6|j|Sr0)rer2r1s r r2zHMACTSig.updates ''---r cj|j}|jr|d|jdz}|S)N)redigestrf)r-rks r r5z HMACTSig.signs;"))++ 9 0.tyA~./F r cf|}tj||stdSr0)r5rccompare_digestr)r-r9macs r r:zHMACTSig.verifys4iikk"311    r N)rrrr HMAC_SHA1hashlibsha1 HMAC_SHA224sha224 HMAC_SHA256sha256HMAC_SHA256_128 HMAC_SHA384sha384HMAC_SHA384_192 HMAC_SHA512sha512HMAC_SHA512_256HMAC_MD5md5r`r.r2r5r:r r r rYrYs 7<W^W^'.#.W^'.#.W^'.#.'+ G)))"...r rYc(|o| }|r[t|}|rJ|tjdt ||||tjd|j||dd|r||j|tjdtj j |tjdd||j }|dz dz}|dz} tjd || |j } t |j } | dkrtd |rf||j| z|tjd |j| |j zn|| |S) zReturn a context containing the TSIG rdata for the input parameters @rtype: dns.tsig.HMACTSig or dns.tsig.GSSTSig object @raises ValueError: I{other_data} is too long @raises NotImplementedError: I{algorithm} is not supported !HNz!Irr!ilz!HIHz TSIG Other Data is > 65535 bytesz!HH) get_contextr2structpacklen original_idr, to_digestablerLrMrN time_signedfudgeother ValueErrorrBerror) wirerGrdatatime request_macctxmultifirst upper_time lower_time time_encoded other_lens r _digestrs E $#  $ JJv{4[)9)9:: ; ; ; JJ{ # # #JJv{4!233444JJtABBx ) 38))++,,, 6;tS^%788999 6;tQ''((( | "*&J "J;vz:u{KKLEK  I5;<<< ! 3=..00<?@@@ 6;uek9== KLLLL <   Jr c|r[t|}|tjdt ||||SdS)zIf this is the first message in a multi-message sequence, start a new context. @rtype: dns.tsig.HMACTSig or dns.tsig.GSSTSig object rN)rr2rrr)rGrnrrs r _maybe_start_digestrsV  # 6;tSXX../// 3 tr Fc t|||||||}|}|||}|t|||fS)a~Return a (tsig_rdata, mac, ctx) tuple containing the HMAC TSIG rdata for the input parameters, the HMAC MAC calculated by applying the TSIG signature algorithm, and the TSIG digest context. @rtype: (string, dns.tsig.HMACTSig or dns.tsig.GSSTSig object) @raises ValueError: I{other_data} is too long @raises NotImplementedError: I{algorithm} is not supported )rrn)rr5replacer) rrGrrrrrrntsigs r r5r5sW $UD+sE B BC ((**C ==Ts= 3 3D %c366 77r c Dtjd|dd\} | dkrtjj| dz} |ddtjd| z|d|z} |jdkr|jtjjkrt|jtjj krt|jtjj krt|jtjjkrtt!d|jzt#|j|z |jkrt(|j|krt,|j|jkrt0t3| ||d|||}||jt9||j|S)aFValidate the specified TSIG rdata against the other input parameters. @raises FormError: The TSIG is badly formed. @raises BadTime: There is too much time skew between the client and the server. @raises BadSignature: The TSIG signature did not validate @rtype: dns.tsig.HMACTSig or dns.tsig.GSSTSig objectr rr^zunknown TSIG error code %dN)runpackrL exception FormErrorrrrcodeBADSIGrBADKEYrBADTIMErBADTRUNCrrabsrrrr,rrBrrr:rnr) rrGownerrnowr tsig_startrradcountnew_wires r validatersutT"R%[11JW!||m%% qLGAbDzFKg666bm9LLH {a ;#)* * *" " [CI, , ,  [CI- - -  [CI. . .# #85;FGG G 5 s "##ek11  x5  }'' (Ck3 F FCJJuy sEIu 5 55r c~|jtkrt|jSt |j|jS)zReturns an HMAC context for the specified key. @rtype: HMAC context @raises NotImplementedError: I{algorithm} is not supported )rBrCr(rQrY)rGs r rr:s5 }  sz""" CM222r c$eZdZefdZdZdZdS)rAcvt|trtj|}||_t|tr&t j|}||_t|trtj|}||_ dSr0) r@strrLr, from_textbase64 decodebytesencoderQrB)r-r,rQrBs r r.z Key.__init__Hs dC  ,8%%d++D fc " " 9' 88F i % % 6**955I"r ct|to/|j|jko|j|jko|j|jkSr0)r@rAr,rQrB)r-rs r __eq__z Key.__eq__SsI uc " " 2 UZ' 2 u|+ 2%/1  r cd|jdd|jdz}|jtkr2|dtj|jdz }|dz }|S)Nz@11111111h    F    8 8 8 8"LQ#6#6#6#6L 3 3 3r