HEX
Server: Apache
System: Linux server2.voipitup.com.au 4.18.0-553.104.1.lve.el8.x86_64 #1 SMP Tue Feb 10 20:07:30 UTC 2026 x86_64
User: posscale (1027)
PHP: 8.2.29
Disabled: exec,passthru,shell_exec,system
$ pwd: /opt/saltstack/salt/lib/python3.10/site-packages/salt/client/ssh/__pycache__/
Upload Files
File: //opt/saltstack/salt/lib/python3.10/site-packages/salt/client/ssh/__pycache__/shell.cpython-310.pyc
o

�N�g�@�@sdZddlZddlZddlZddlZddlZddlZddlZddlZ	ddl
Z	ddlZ	ddlZ	ddl
Z	e�e�Ze�dej�Ze�d�Ze�dej�ZdZe�dej�ZdZe�d	ed
�Ze	jj�d�pfdZe	jj�d�podZe	jj�d
�pxd
Zdd�Z dd�Z!Gdd�d�Z"dS)z#
Manage transport commands via ssh
�Nz"(?:.*)[Pp]assword(?: for .*)?:\s*$z.*\(yes\/no\).*zEnter passphrase for keyzS[salt:sudo:d11bd4221135c33324a6bdc09674146fbfdf519989847491e34a689369bbce23]passwd:zU\[salt:sudo:d11bd4221135c33324a6bdc09674146fbfdf519989847491e34a689369bbce23\]passwd:ZA_edbc7885e4f9aac9b83b35999b68d015148caf467b78fa39c05f669c0ff89878z(?:^|\r?\n)z(?:\r?\n|$)z
ssh-keygen�sshZscpcCsPtddd|dddg}tj�|�}|r!tj�|�s!t�tj�|��t�|�dS)z.
    Generate a key for use with salt-ssh
    z-P�z-fz-t�rsaz-qN)�SSH_KEYGEN_PATH�os�path�dirname�isdir�makedirs�
subprocess�call)r�cmdr�r�I/opt/saltstack/salt/lib/python3.10/site-packages/salt/client/ssh/shell.py�gen_key*s
rcKsl|dr,zddl}|j|fi|��}W|Sty+t�d�t�tjj	j
�Y|Swt|fi|��}|S)zB
    Return the correct shell interface for the target system
    �winrmrNz)The saltwinshell library is not available)�saltwinshell�Shell�ImportError�log�error�sys�exit�salt�defaults�	exitcodesZ
EX_GENERIC)�opts�kwargsr�shellrrr�	gen_shell5s�
�rc@s�eZdZdZ														d%dd�Zdd�Zdd	�Zd
d�Zdd
�Zdd�Z	dd�Z
dd�Zefdd�Z
dd�Zdd�Zdd�Zd&dd�Zdd�Zd d!�Zd'd#d$�ZdS)(rzH
    Create a shell connection object to encapsulate ssh executions
    NFcCs|||_|�d�|_||_||_|rt|�n||_||_||_||_	|	|_
|
|_||_||_
||_|dur9d|_dS||_dS)Nz[]r)r�strip�host�user�port�str�passwd�priv�priv_passwd�timeout�sudo�tty�mods�identities_only�remote_port_forwards�ssh_options)�selfrr!r"r#r%r&r'r(r)r*r+r,Z	sudo_userr-rr.rrr�__init__KszShell.__init__cCsB|�d�D]}|�d�r|S|�d�rqd|vrq|S|S)zG
        Parse out an error and return a targeted error string
        �
zssh:zPseudo-terminalzto the list of known hosts.)�split�
startswith)r/Zerrstr�linerrr�	get_errorns

zShell.get_errorcCs8dg}|jr|�d�n|�d�|j�dd�dkr|�d�|�d|j���|j�d	�r3|�d
�|j�d�r@|�d
dg�|j�d
�}|rVtj�|�rV|�d|���|j	rb|�d|j	���|j
rs|j
dkrs|�d|j
���|jr|�d|j���|jr�|�d�g}|D]}|�d|�d��q�d�
|�S)zJ
        Return options for the ssh command base for Salt to call
        �KbdInteractiveAuthentication=no�PasswordAuthentication=yes�PasswordAuthentication=no�_ssh_version)r���	�GSSAPIAuthentication=no�ConnectTimeout=�ignore_host_keys�StrictHostKeyChecking=no�no_host_keys�UserKnownHostsFile=/dev/nullZknown_hosts_filezUserKnownHostsFile=�Port=zagent-forwardingz
IdentityFile=�User=�IdentitiesOnly=yes�-o � r)r%�appendr�getr(�extendrr�isfiler#r&r"r,�join)r/�optionsZknown_hosts�ret�optionrrr�	_key_opts|s6�




zShell._key_optscCs�ddg}|jddkr|�d�|�d|j���|j�d�r$|�d�|j�d�r1|�dd	g�|jr<|�d
dg�n|�gd��|jrO|�d
|j���|jr[|�d|j���|jrc|�d�g}|D]}|�d|�d��qgd�	|�S)z/
        Return options to pass to ssh
        zControlMaster=autor@r9r:r=r>r?rArBr7�PubkeyAuthentication=yes)r8rQr6z"ChallengeResponseAuthentication=noz
BatchMode=yesrCrDrErFrGr)
rrHr(rIrJr%r#r"r,rL)r/rMrNrOrrr�_passwd_opts�s2�

�	

zShell._passwd_optscCsd�dd�|jD��S)NrGcS�g|]}d|���qS)rFr)�.0�optrrr�
<listcomp>��z#Shell._ssh_opts.<locals>.<listcomp>)rLr.�r/rrr�	_ssh_opts�szShell._ssh_optsc	C�8|jrd�dd|j�d�|��|j|��|j|j�SdS)z:
        Return the string to execute ssh-copy-id
        z{} {} '{} -p {} {} {}@{}'�ssh-copy-id�-i �.pubN�r%�formatr&rRr#rYr"r!rXrrr�_copy_id_str_old�s�	zShell._copy_id_str_oldc	CrZ)zq
        Since newer ssh-copy-id commands ingest option differently we need to
        have two commands
        z{} {} {} -p {} {} {}@{}r[r\r]Nr^rXrrr�_copy_id_str_new�s�	zShell._copy_id_str_newcCsH|�|���\}}}tjjj|krd|vr|�|���\}}}|||fS)zH
        Execute ssh-copy-id to plant the id file on the target
        ZUsage)�_run_cmdr`rrr�EX_OKra)r/�stdout�stderr�retcoderrr�copy_id�s
z
Shell.copy_idcCs�|g}|tkr
|�|j�|jr|tkr|�d�|js|jr-|�|jr(|��p+|���|tkrE|j	rE|�d�
dd�|j	�d�D���|jrO|�|�
��|�|�d�
|�S)z2
        Return the cmd string to execute
        z-t -trGcSrS)z-R r)rT�itemrrrrV
rWz"Shell._cmd_str.<locals>.<listcomp>�,)�SCP_PATHrHr!r*�SSH_PATHr%r&rPrRr-rLr2r.rY)r/r
rZcommandrrr�_cmd_str�s"
��

zShell._cmd_strccs��z9tjjj|�|�tjtjd�}	t�d�|�	�}|�
�}|j}|dur-|dur-WdS|r4|�|�}|||fVqt
yGdVYdSw)z
        cmd iterator
        )rerdTg�������?N)rz
Unknown ErrorN)r�utilsZnb_popenZNonBlockingPopen�
_split_cmdr�PIPE�time�sleep�recvZrecv_err�
returncoder5�	Exception)r/r
�proc�out�err�rcoderrr�_run_nb_cmds*��

�
�zShell._run_nb_cmdccs��g}g}d}|�|�}d|��}|jr|�|jd�}t�|�|�|�D]\}}}|dur3|�|�|dur<|�|�dVq%d�|�d�|�|fVdS)z/
        Yield None until cmd finished
        Nz Executing non-blocking command: �******)NNNr)rlr%�replacer�debugryrHrL)r/r
Zr_outZr_errrx�logmsgrvrwrrr�exec_nb_cmd.s �




zShell.exec_nb_cmdcCsf|�|�}d|��}|jr|�|jd�}d|vsd|vr't�d�t�|�nt�|�|�|�}|S)z*
        Execute a remote command
        �Executing command: rzzdecode("base64")zbase64.b64decode(z.Executed SHIM command. Command logged to TRACE)rlr%r{rr|�tracerb)r/r
r}rNrrr�exec_cmdDs




zShell.exec_cmdcCs�|r|�dtj�|����|j}d|vrd|�d�}|�d|�d|��}|j|td�}d|��}|jr;|�|jd�}t	�
|�|�|�S)	z8
        scp a file or files to a remote system
        z	mkdir -p �:�[�]rG)rrrz)r�rrrr!rlrjr%r{rr|rb)r/�localZremoter
r!r
r}rrr�sendVs


z
Shell.sendcCsPz	|�d�\}}Wntyt�|�}Y|Swt�|�}|�d|���|S)z�
        Split a command string so that it is suitable to pass to Popen without
        shell=True. This prevents shell injection attacks in the options passed
        to ssh or some other command.
        z/bin/shz/bin/sh )r2�
ValueError�shlexrH)r/r
Zssh_partZcmd_partZcmd_lstrrrrnls�
zShell._split_cmdcCs(|s|Sd}t�dt�|�d||�S)z1Remove all occurrences of sanitize_text from textrzz\b)�re�sub�escape)r/�textZ
sanitize_textZreplace_strrrr�
_sanitize_str{szShell._sanitize_str�c
Cs�|sdSd}|jr|j}tjjj|�|�dddd|ddd�}d}d}d}d}	d}
z�|j�r|��\}}|r>||7}|
|}
n|}
|rF|	|7}	|
rOt�	|
�rOd}|
rjt
�	|
�rj|jscW|jddd	�d
S|�
|j�q)|
r�t�	|
�r�|r�|js�W|jddd	�dS||kr�|�
|j�|d7}q)W|jddd	�d
S|
r�t�	|
�r�|r�|�
d�q)|�
d�d|�||j���}|ddfW|jddd	�S|
r�t�	|
�r�|js�W|jddd	�dS|�
|j�q)|
r�|
�d�r�tjjj|jdd�d}|�
|�|r�|}
t�d�|js-W|jddd	�n|jddd	�w|j}|du�r-|jdu�r(d|j}nt�d�|�||j�}|�|	|j�}	||	|fS)zl
        Execute a shell command via VT. This is blocking and assumes that ssh
        is being run
        )rzNo command or passphrase�NTr�F)Z
log_stdoutZlog_stdout_levelZ
log_stderrZlog_stderr_level�log_sanitizeZ
stream_stdoutZ
stream_stderrrr)�	terminate�kill)rz Private key file need passphrase�)rz0Permission denied, no authentication informationr��)rzPassword authentication failedr�Zyes�nozQThe host key needs to be accepted, to auto accept run salt-ssh with the -i flag:
r�)rz*Sudo password is required but not providedr�z_||ext_mods||_)rir�)�
separatorsz|_E|0|g{�G�z�?�zKVT reported both exitstatus and signalstatus as None. This is likely a bug.)r%rrmZvtZTerminalrnZhas_unread_datarr�RSTR_RE�search�"SSH_PRIVATE_KEY_PASSWORD_PROMPT_REr'�closeZsendline�SSH_PASSWORD_PROMPT_RE�KEY_VALID_REr��SUDO_PROMPT_RE�endswith�json�dumpsr+rprqZ
exitstatusZsignalstatusr�warning)r/r
Z
key_acceptZpasswd_retriesr�ZtermZsent_passwdZ
send_passwordZ
ret_stdoutZ
ret_stderrZ
old_stdoutrdreZbuffZmods_rawZ
ret_statusrrrrb�s��

-�(��

��
����

�� ;
�
zShell._run_cmd)NNNNNNFFNFNNFN)F)Fr�)�__name__�
__module__�__qualname__�__doc__r0r5rPrRrYr`rargrkrlryr~r�r�rnr�rbrrrrrFs@
�##+	
r)#r��loggingrr�r�rrrpZsalt.defaults.exitcodesrZsalt.utils.jsonZsalt.utils.nb_popenZsalt.utils.pathZ
salt.utils.vt�	getLoggerr�r�compile�Mr�r�r�ZSUDO_PROMPTr�ZRSTRr�rmr�whichrrkrjrrrrrrr�<module>s<

�
@ Telegram