Codebase list pywinrm / a72d3b9
New upstream release. Kali Janitor 2 years ago
12 changed file(s) with 96 addition(s) and 102 deletion(s). Raw diff Collapse all Expand all
+49
-41
.github/workflows/ci.yml less more
77 branches:
88 - master
99
10 env:
11 WINRM_USERNAME: pywinrm-test
12 WINRM_PASSWORD: Password123!
10 # env:
11 # WINRM_USERNAME: pywinrm-test
12 # WINRM_PASSWORD: Password123!
1313
1414 jobs:
1515 test:
2727 - 3.7
2828 - 3.8
2929 - 3.9
30 - '3.10'
3031 - pypy-2.7
3132 - pypy-3.7
3233 arch:
5657 python-version: ${{ matrix.python-version }}
5758 architecture: ${{ matrix.arch }}
5859
59 - name: set up Windows integration tests
60 if: startsWith(matrix.os, 'windows')
61 shell: pwsh
62 run: |
63 Write-Host 'Create local admin user'
64 $userParams = @{
65 Name = $env:WINRM_USERNAME
66 Password = (ConvertTo-SecureString -AsPlainText -Force -String $env:WINRM_PASSWORD)
67 AccountNeverExpires = $true
68 PasswordNeverExpires = $true
69 }
70 $null = New-LocalUser @userParams
71 Add-LocalGroupMember -Group Administrators -Member $userParams.Name
60 # - name: Remove extra modules to speed up PowerShell startup module due to slow WinRM issue
61 # if: startsWith(matrix.os, 'windows')
62 # shell: bash
63 # run: |
64 # rm -rf "/c/Program Files/WindowsPowerShell/Modules/AWSPowerShell"
65 # rm -rf "/c/Program Files/WindowsPowerShell/Modules/Microsoft.Graph*"
7266
73 Write-Host 'Setting up WinRM settings'
74 Enable-PSRemoting -Force -SkipNetworkProfileCheck
75 Enable-WSManCredSSP -Role Server -Force
76 Set-Item WSMan:\localhost\Service\Auth\Basic $true
77 Set-Item WSMan:\localhost\Service\Auth\CredSSP $true
78 Set-Item WSMan:\localhost\Service\AllowUnencrypted $true
67 # - name: set up Windows integration tests
68 # if: startsWith(matrix.os, 'windows')
69 # shell: pwsh
70 # run: |
71 # Write-Host 'Create local admin user'
72 # $userParams = @{
73 # Name = $env:WINRM_USERNAME
74 # Password = (ConvertTo-SecureString -AsPlainText -Force -String $env:WINRM_PASSWORD)
75 # AccountNeverExpires = $true
76 # PasswordNeverExpires = $true
77 # }
78 # $null = New-LocalUser @userParams
79 # Add-LocalGroupMember -Group Administrators -Member $userParams.Name
80
81 # Write-Host 'Setting up WinRM settings'
82 # Enable-PSRemoting -Force -SkipNetworkProfileCheck
83 # Enable-WSManCredSSP -Role Server -Force
84 # Set-Item WSMan:\localhost\Service\Auth\Basic $true
85 # Set-Item WSMan:\localhost\Service\Auth\CredSSP $true
86 # Set-Item WSMan:\localhost\Service\AllowUnencrypted $true
7987
8088 - name: set up Linux dependencies
8189 if: startsWith(matrix.os, 'ubuntu')
102110 if: startsWith(matrix.os, 'windows')
103111 run: |
104112 pytest -v --flake8 --cov=winrm --cov-report=term-missing winrm/tests/
105 env:
106 WINRM_TRANSPORT: basic
107 WINRM_ENDPOINT: http://localhost:5985/wsman
113 # env:
114 # WINRM_TRANSPORT: basic
115 # WINRM_ENDPOINT: http://localhost:5985/wsman
108116
109117 - name: upload coverage data
110118 if: "!endsWith(matrix.python-version, '2.7')" # Uses an older coverals version that doesn't support GHA
112120 env:
113121 GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
114122
115 - name: run integration with NTLM
116 if: startsWith(matrix.os, 'windows')
117 run: |
118 Set-Item WSMan:\localhost\Service\AllowUnencrypted $false
119 py.test -v winrm/tests/test_integration_protocol.py winrm/tests/test_integration_session.py
120 env:
121 WINRM_TRANSPORT: ntlm
122 WINRM_ENDPOINT: http://localhost:5985/wsman
123 # - name: run integration with NTLM
124 # if: startsWith(matrix.os, 'windows')
125 # run: |
126 # Set-Item WSMan:\localhost\Service\AllowUnencrypted $false
127 # py.test -v winrm/tests/test_integration_protocol.py winrm/tests/test_integration_session.py
128 # env:
129 # WINRM_TRANSPORT: ntlm
130 # WINRM_ENDPOINT: http://localhost:5985/wsman
123131
124 - name: run integration with CredSSP
125 if: startsWith(matrix.os, 'windows')
126 run: |
127 Set-Item WSMan:\localhost\Service\AllowUnencrypted $false
128 py.test -v winrm/tests/test_integration_protocol.py winrm/tests/test_integration_session.py
129 env:
130 WINRM_TRANSPORT: credssp
131 WINRM_ENDPOINT: http://localhost:5985/wsman
132 # - name: run integration with CredSSP
133 # if: startsWith(matrix.os, 'windows')
134 # run: |
135 # Set-Item WSMan:\localhost\Service\AllowUnencrypted $false
136 # py.test -v winrm/tests/test_integration_protocol.py winrm/tests/test_integration_session.py
137 # env:
138 # WINRM_TRANSPORT: credssp
139 # WINRM_ENDPOINT: http://localhost:5985/wsman
+5
-0
CHANGELOG.md less more
00 # Changelog
1
2 ### Version 0.4.3
3 - Fix invalid regex escape sequences.
4 - Decoding CLIXML failures for `run_ps` will create a `UserWarning` rather than printing the warning.
5 - Remove usage of deprecated Python API to support Python 3.11
16
27 ### Version 0.4.2
38 - Dropped Python 3.5 from support matrix as it is EOL.
+3
-2
debian/changelog less more
0 pywinrm (0.4.2-0kali1) UNRELEASED; urgency=low
0 pywinrm (0.4.3-0kali1) UNRELEASED; urgency=low
11
22 * New upstream release.
3 * New upstream release.
34
4 -- Kali Janitor <[email protected]> Wed, 26 Jan 2022 01:48:02 -0000
5 -- Kali Janitor <[email protected]> Mon, 16 May 2022 02:53:28 -0000
56
67 pywinrm (0.4.1-0kali2) kali-dev; urgency=medium
78
+3
-4
requirements-test.txt less more
00 # this assumes the base requirements have been satisfied via setup.py
1 # pin specific versions to keep things more stable over time; only pin sub-packages if necessary
2 pytest==4.4.2
3 pytest-cov==2.7.1
1 pytest
2 pytest-cov
43 pytest-flake8==1.0.7
5 mock==3.0.5
4 mock
+3
-2
setup.py less more
00 from setuptools import setup, find_packages
11
2 __version__ = '0.4.2'
2 __version__ = '0.4.3'
33 project_name = 'pywinrm'
44
55 # PyPi supports only reStructuredText, so pandoc should be installed
2222 license='MIT license',
2323 packages=find_packages(),
2424 package_data={'winrm.tests': ['*.ps1']},
25 install_requires=['xmltodict', 'requests>=2.9.1', 'requests_ntlm>=0.3.0', 'six'],
25 install_requires=['xmltodict', 'requests>=2.9.1', 'requests_ntlm>=1.1.0', 'six'],
2626 extras_require={
2727 'credssp': ['requests-credssp>=1.0.0'],
2828 'kerberos:sys_platform=="win32"': ['winkerberos>=0.5.0'],
4343 'Programming Language :: Python :: 3.7',
4444 'Programming Language :: Python :: 3.8',
4545 'Programming Language :: Python :: 3.9',
46 'Programming Language :: Python :: 3.10',
4647 'Programming Language :: Python :: Implementation :: PyPy',
4748 'Topic :: Software Development :: Libraries :: Python Modules',
4849 'Topic :: System :: Clustering',
+6
-5
winrm/__init__.py less more
11 import re
22 from base64 import b64encode
33 import xml.etree.ElementTree as ET
4 import warnings
45
56 from winrm.protocol import Protocol
67
7778 new_msg += s.text.replace("_x000D__x000A_", "\n")
7879 except Exception as e:
7980 # if any of the above fails, the msg was not true xml
80 # print a warning and return the orignal string
81 # TODO do not print, raise user defined error instead
82 print("Warning: there was a problem converting the Powershell"
83 " error message: %s" % (e))
81 # print a warning and return the original string
82 warnings.warn(
83 "There was a problem converting the Powershell error "
84 "message: %s" % (e))
8485 else:
8586 # if new_msg was populated, that's our error message
8687 # otherwise the original error message will be used
103104 @staticmethod
104105 def _build_url(target, transport):
105106 match = re.match(
106 '(?i)^((?P<scheme>http[s]?)://)?(?P<host>[0-9a-z-_.]+)(:(?P<port>\d+))?(?P<path>(/)?(wsman)?)?', target) # NOQA
107 r'(?i)^((?P<scheme>http[s]?)://)?(?P<host>[0-9a-z-_.]+)(:(?P<port>\d+))?(?P<path>(/)?(wsman)?)?', target) # NOQA
107108 scheme = match.group('scheme')
108109 if not scheme:
109110 # TODO do we have anything other than HTTP/HTTPS
+1
-1
winrm/encryption.py less more
9191 """
9292 Takes in the encrypted response from the server and decrypts it
9393
94 :param response: The response that needs to be decrytped
94 :param response: The response that needs to be decrypted
9595 :return: The unencrypted message from the server
9696 """
9797 content_type = response.headers['Content-Type']
+1
-1
winrm/exceptions.py less more
66
77
88 class WinRMTransportError(Exception):
9 """WinRM errors specific to transport-level problems (unexpcted HTTP error codes, etc)"""
9 """WinRM errors specific to transport-level problems (unexpected HTTP error codes, etc)"""
1010
1111 @property
1212 def protocol(self):
+3
-3
winrm/protocol.py less more
5555 Any other value will be considered the CA trust path to use.
5656 @param string cert_pem: client authentication certificate file path in PEM format # NOQA
5757 @param string cert_key_pem: client authentication certificate key file path in PEM format # NOQA
58 @param string server_cert_validation: whether server certificate should be validated on Python versions that suppport it; one of 'validate' (default), 'ignore' #NOQA
58 @param string server_cert_validation: whether server certificate should be validated on Python versions that support it; one of 'validate' (default), 'ignore' #NOQA
5959 @param bool kerberos_delegation: if True, TGT is sent to target server to allow multiple hops # NOQA
6060 @param int read_timeout_sec: maximum seconds to wait before an HTTP connect/read times out (default 30). This value should be slightly higher than operation_timeout_sec, as the server can block *at least* that long. # NOQA
6161 @param int operation_timeout_sec: maximum allowed time in seconds for any single wsman HTTP operation (default 20). Note that operation timeouts while receiving output (the only wsman operation that should take any significant time, and where these timeouts are expected) will be silently retried indefinitely. # NOQA
435435 @param string command_id: The command id on the remote machine.
436436 See #run_command
437437 #@return [Hash] Returns a Hash with a key :exitcode and :data.
438 Data is an Array of Hashes where the cooresponding key
438 Data is an Array of Hashes where the corresponding key
439439 # is either :stdout or :stderr. The reason it is in an Array so so
440 we can get the output in the order it ocurrs on
440 we can get the output in the order it occurs on
441441 # the console.
442442 """
443443 stdout_buffer, stderr_buffer = [], []
+12
-0
winrm/tests/test_session.py less more
0 import pytest
1
02 from winrm import Session
13
24
7779 expected = msg
7880 actual = s._clean_error_msg(msg)
7981 assert actual == expected
82
83
84 def test_decode_clixml_invalid_xml():
85 s = Session('windows-host.example.com', auth=('john.smith', 'secret'))
86 msg = b'#< CLIXML\r\n<in >dasf<?dsfij>'
87
88 with pytest.warns(UserWarning, match="There was a problem converting the Powershell error message"):
89 actual = s._clean_error_msg(msg)
90
91 assert actual == msg
+9
-42
winrm/transport.py less more
00 from __future__ import unicode_literals
11 import sys
22 import os
3 import inspect
43 import requests
54 import requests.auth
65 import warnings
227226
228227 if self.auth_method == 'kerberos':
229228 if not HAVE_KERBEROS:
230 raise WinRMError("requested auth method is kerberos, but requests_kerberos is not installed")
231
232 man_args = dict(
229 raise WinRMError("requested auth method is kerberos, but pykerberos is not installed")
230
231 session.auth = HTTPKerberosAuth(
233232 mutual_authentication=REQUIRED,
234 )
235 opt_args = dict(
236233 delegate=self.kerberos_delegation,
237234 force_preemptive=True,
238235 principal=self.username,
241238 service=self.service,
242239 send_cbt=self.send_cbt
243240 )
244 kerb_args = self._get_args(man_args, opt_args, HTTPKerberosAuth.__init__)
245 session.auth = HTTPKerberosAuth(**kerb_args)
246241 encryption_available = hasattr(session.auth, 'winrm_encryption_available') and session.auth.winrm_encryption_available
247242 elif self.auth_method in ['certificate', 'ssl']:
248243 if self.auth_method == 'ssl' and not self.cert_pem and not self.cert_key_pem:
256251 elif self.auth_method == 'ntlm':
257252 if not HAVE_NTLM:
258253 raise WinRMError("requested auth method is ntlm, but requests_ntlm is not installed")
259 man_args = dict(
254
255 session.auth = HttpNtlmAuth(
260256 username=self.username,
261 password=self.password
257 password=self.password,
258 send_cbt=self.send_cbt,
262259 )
263 opt_args = dict(
264 send_cbt=self.send_cbt
265 )
266 ntlm_args = self._get_args(man_args, opt_args, HttpNtlmAuth.__init__)
267 session.auth = HttpNtlmAuth(**ntlm_args)
268260 # check if requests_ntlm has the session_security attribute available for encryption
269261 encryption_available = hasattr(session.auth, 'session_security')
270262 # TODO: ssl is not exactly right here- should really be client_cert
274266 if not HAVE_CREDSSP:
275267 raise WinRMError("requests auth method is credssp, but requests-credssp is not installed")
276268
277 man_args = dict(
269 session.auth = HttpCredSSPAuth(
278270 username=self.username,
279 password=self.password
280 )
281 opt_args = dict(
271 password=self.password,
282272 disable_tlsv1_2=self.credssp_disable_tlsv1_2,
283273 auth_mechanism=self.credssp_auth_mechanism,
284274 minimum_version=self.credssp_minimum_version
285275 )
286 credssp_args = self._get_args(man_args, opt_args, HttpCredSSPAuth.__init__)
287 session.auth = HttpCredSSPAuth(**credssp_args)
288276 encryption_available = True
289277 else:
290278 raise WinRMError("unsupported auth method: %s" % self.auth_method)
354342 else:
355343 response_text = response.content
356344 return response_text
357
358 def _get_args(self, mandatory_args, optional_args, function):
359 argspec = set(inspect.getargspec(function).args)
360 function_args = dict()
361 for name, value in mandatory_args.items():
362 if name in argspec:
363 function_args[name] = value
364 else:
365 raise Exception("Function %s does not contain mandatory arg "
366 "%s, check installed version with pip list"
367 % (str(function), name))
368
369 for name, value in optional_args.items():
370 if name in argspec:
371 function_args[name] = value
372 else:
373 warnings.warn("Function %s does not contain optional arg %s, "
374 "check installed version with pip list"
375 % (str(function), name))
376
377 return function_args
+1
-1
winrm/vendor/requests_kerberos/kerberos_.py less more
9797 else:
9898 # There's no need to re-compile this EVERY time it is called. Compile
9999 # it once and you won't have the performance hit of the compilation.
100 regex = re.compile('(?:.*,)*\s*Negotiate\s*([^,]*),?', re.I)
100 regex = re.compile(r'(?:.*,)*\s*Negotiate\s*([^,]*),?', re.I)
101101 _negotiate_value.regex = regex
102102
103103 authreq = response.headers.get('www-authenticate', None)