a )(b@sUdZddlmZddlmZddlmZddlmZm Z ddl m Z ddl m Z mZmZddlmZdd lmZmZdd lmZmZdd lmZdd lmZdd lmZdZeeed<edredrddl m!Z!ddl"mZm#Z#m$Z$ddl%m&Z&ddl'm(Z(nGdddZ#GdddZ$Gddde$j)Z*Gddde$j)Z+Gddde$j)Z,Gd d!d!e#j-Z.eeGd"d#d#Z/ee Gd$d%d%Z0ee Gd&d'd'Z1ee Gd(d)d)Z2Gd*d+d+ej3Z4Gd,d-d-ej3Z5Gd.d/d/ej3Z6Gd0d1d1ej3Z7dS)2zT Tests for the implementation of the ssh-userauth service. Maintainer: Paul Swartz ) ModuleType)Optional) implementer) ConchErrorValidPublicKey)ICredentialsChecker) IAnonymousISSHPrivateKeyIUsernamePassword)UnauthorizedLogin)IRealmPortal)defertask)loopback) requireModule)unittestNkeysZ cryptographyZpyasn1)SSHProtocolChecker)r transportuserauth)NS)keydatac@seZdZGdddZdS)rc@seZdZdZdS)ztransport.SSHTransportBaseQ A stub class so that later class definitions won't die. N__name__ __module__ __qualname____doc__rr?lib/python3.9/site-packages/twisted/conch/test/test_userauth.pySSHTransportBase"sr!N)rrrr!rrrr r!src@seZdZGdddZdS)rc@seZdZdZdS)zuserauth.SSHUserAuthClientrNrrrrr SSHUserAuthClient(sr"N)rrrr"rrrr r'src@s2eZdZdZddZddZd ddZd d ZdS) ClientUserAuthz" A mock user auth client. cCs,|jrtjtjSttjtjSdS)z If this is the first time we've been called, return a blob for the DSA key. Otherwise, return a blob for the RSA key. N) Z lastPublicKeyrKey fromStringrpublicRSA_opensshrsucceedpublicDSA_opensshselfrrr getPublicKey3szClientUserAuth.getPublicKeycCsttjtjS)z@ Return the private key object for the RSA key. )rr'rr$r%rprivateRSA_opensshr)rrr getPrivateKey>szClientUserAuth.getPrivateKeyNcCs tdS)z/ Return 'foo' as the password. foorr')r*promptrrr getPasswordDszClientUserAuth.getPasswordcCs tdS)z> Return 'foo' as the answer to two questions. )foor2r/)r*nameZ informationZanswersrrr getGenericAnswersJsz ClientUserAuth.getGenericAnswers)N)rrrrr+r-r1r4rrrr r#.s   r#c@s eZdZdZddZddZdS) OldClientAuthz~ The old SSHUserAuthClient returned a cryptography key object from getPrivateKey() and a string from getPublicKey cCsttjtjjSN)rr'rr$r%rr,Z keyObjectr)rrr r-WszOldClientAuth.getPrivateKeycCstjtjSr6)rr$r%rr&blobr)rrr r+ZszOldClientAuth.getPublicKeyNrrrrr-r+rrrr r5Qsr5c@s eZdZdZddZddZdS)ClientAuthWithoutPrivateKeyzP This client doesn't have a private key, but it does have a public key. cCsdSr6rr)rrr r-csz)ClientAuthWithoutPrivateKey.getPrivateKeycCstjtjSr6)rr$r%rr&r)rrr r+fsz(ClientAuthWithoutPrivateKey.getPublicKeyNr8rrrr r9^sr9c@sLeZdZdZGdddZGdddZddZdd Zd d Zd d Z dS) FakeTransporta_ L{userauth.SSHUserAuthServer} expects an SSH transport which has a factory attribute which has a portal attribute. Because the portal is important for testing authentication, we need to be able to provide an interesting portal object to the L{SSHUserAuthServer}. In addition, we want to be able to capture any packets sent over the transport. @ivar packets: a list of 2-tuples: (messageType, data). Each 2-tuple is a sent packet. @type packets: C{list} @param lostConnecion: True if loseConnection has been called on us. @type lostConnection: L{bool} c@seZdZdZdZddZdS)zFakeTransport.ServicezW A mock service, representing the other service offered by the server. nancycCsdSr6rr)rrr serviceStartedsz$FakeTransport.Service.serviceStartedN)rrrrr3r<rrrr Service{sr=c@seZdZdZddZdS)zFakeTransport.Factoryzg A mock factory, representing the factory that spawned this user auth service. cCs|dkrtjSdS)z2 Return our fake service. noneN)r:r=)r*rservicerrr getServicesz FakeTransport.Factory.getServiceN)rrrrr@rrrr FactorysrAcCs(||_||j_d|_||_g|_dSNF)rAfactoryportallostConnectionrpackets)r*rDrrr __init__s  zFakeTransport.__init__cCs|j||fdS)z8 Record the packet sent by the service. N)rFappend)r*Z messageTypemessagerrr sendPacketszFakeTransport.sendPacketcCsdS)z Pretend that this transport encrypts traffic in both directions. The SSHUserAuthServer disables password authentication if the transport isn't encrypted. Tr)r* directionrrr isEncryptedszFakeTransport.isEncryptedcCs d|_dSNT)rEr)rrr loseConnectionszFakeTransport.loseConnectionN) rrrrr=rArGrJrLrNrrrr r:js  r:c@seZdZdZddZdS)Realmz A mock realm for testing L{userauth.SSHUserAuthServer}. This realm is not actually used in the course of testing, so it returns the simplest thing that could possibly work. cGst|ddddfS)NrcSsdSr6rrrrr z%Realm.requestAvatar..r/)r*ZavatarIdZmindZ interfacesrrr requestAvatarszRealm.requestAvatarN)rrrrrRrrrr rOsrOc@seZdZdZefZddZdS)PasswordCheckerz A very simple username/password checker which authenticates anyone whose password matches their username and rejects all others. cCs&|j|jkrt|jSttdS)NzInvalid username/password pair)usernameZpasswordrr'failr )r*credsrrr requestAvatarIds  zPasswordChecker.requestAvatarIdN)rrrrr credentialInterfacesrWrrrr rSsrSc@seZdZdZefZddZdS)PrivateKeyCheckerz A very simple public key checker which authenticates anyone whose public/private keypair is the same keydata.public/privateRSA_openssh. cCsX|jtjtjkrN|jdurHtj|j}||j|jrN|j Snt t dSr6) r7rr$r%rr& signatureZverifysigDatarTrr )r*rVobjrrr rWs z!PrivateKeyChecker.requestAvatarIdN)rrrrr rXrWrrrr rYsrYc@seZdZdZefZddZdS)AnonymousCheckerzI A simple checker which isn't supported by L{SSHUserAuthServer}. cCsdSr6r)r*Z credentialsrrr rWsz AnonymousChecker.requestAvatarIdN)rrrrrrXrWrrrr r]sr]c@seZdZdZedurdZddZddZdd Zd d Z d d Z ddZ ddZ ddZ ddZddZddZddZddZddZd d!Zd"d#Zd$d%Zd&d'Zd(d)Zd*d+ZdS),SSHUserAuthServerTestsz& Tests for SSHUserAuthServer. Ncannot run without cryptographycCsbt|_t|j|_|jt|jtt|_ t |j|j _ |j |j j dSr6)rOrealmr rDregisterCheckerrSrYrSSHUserAuthServer authServerr:rr<supportedAuthenticationssortr)rrr setUps   zSSHUserAuthServerTests.setUpcCs|jd|_dSr6)rcserviceStoppedr)rrr tearDowns zSSHUserAuthServerTests.tearDowncCs(||jjjdtjtddfdS)z; Check that the authentication has failed. spassword,publickeyN) assertEqualrcrrFrZMSG_USERAUTH_FAILURErr*ignoredrrr _checkFaileds z#SSHUserAuthServerTests._checkFailedcCs,|jtdtdtd}||jS)z A client may request a list of authentication 'method name' values that may continue by using the "none" authentication 'method name'. See RFC 4252 Section 5.2. r.sservicer>)rcssh_USERAUTH_REQUESTr addCallbackrn)r*drrr test_noneAuthenticationsz.SSHUserAuthServerTests.test_noneAuthenticationcsFdtdtdtddtdg}j|}fdd}||S)z When provided with correct password authentication information, the server should respond by sending a MSG_USERAUTH_SUCCESS message with no other data. See RFC 4252, Section 5.1. rQr.r>passwordrjcsjjjtjdfgdSNrQrkrcrrFrZMSG_USERAUTH_SUCCESSrmr)rr checks zKSSHUserAuthServerTests.test_successfulPasswordAuthentication..check)joinrrcrorpr*packetrqrwrr)r %test_successfulPasswordAuthentications$  zrsrjbar) rxrrClockrcclockrorkrrFadvancerprnr*rzrqrrr !test_failedPasswordAuthentication's $  z8SSHUserAuthServerTests.test_failedPasswordAuthenticationcstjtj}tjtj}tdtdtddt|t|}dj j _ | tdt tjf|}|t|7}j |}fdd}||S)zN Test that private key authentication completes successfully, r.r> publickeytestcsjjjtjdfgdSrtrurvr)rr rwMs zMSSHUserAuthServerTests.test_successfulPrivateKeyAuthentication..check)rr$r%rr&r7r,rZsshTypercr sessionIDsignbytesrMSG_USERAUTH_REQUESTrorp)r*r7r\rzrZrqrwrr)r 'test_successfulPrivateKeyAuthentication8s,     z>SSHUserAuthServerTests.test_successfulPrivateKeyAuthenticationcstdd}dd}fdd}||jd|||jd|||jd |td td td td }|j||tS)z ssh_USERAUTH_REQUEST should raise a ConchError if tryAuth returns None. Added to catch a bug noticed by pyflakes. cSs|ddS)Nz&request should have raised ConochError)rUrlrrr mockCbFinishedAuth\szOSSHUserAuthServerTests.test_requestRaisesConchError..mockCbFinishedAuthcSsdSr6r)kinduserdatarrr mockTryAuth_szHSSHUserAuthServerTests.test_requestRaisesConchError..mockTryAuthcs|jdSr6)Zerrbackvalue)reasonrqrr mockEbBadAuthbszJSSHUserAuthServerTests.test_requestRaisesConchError..mockEbBadAuthtryAuthZ_cbFinishedAuthZ _ebBadAuthsuserr>s public-keysdata)rZDeferredpatchrcrro assertFailurer)r*rrrrzrrr test_requestRaisesConchErrorUs   z3SSHUserAuthServerTests.test_requestRaisesConchErrorcsbtjtjtdtdtddtdt}j|}fdd}| |S)z@ Test that verifying a valid private key works. r.r>rrjssh-rsacs*jjjtjtdtfgdS)Nr)rkrcrrFrMSG_USERAUTH_PK_OKrrvr7r*rr rw~sz@SSHUserAuthServerTests.test_verifyValidPrivateKey..check) rr$r%rr&r7rrcrorpryrrr test_verifyValidPrivateKeyos  z1SSHUserAuthServerTests.test_verifyValidPrivateKeycCsVtjtj}tdtdtddtdt|}|j|}| |j S)d Test that private key authentication fails when the public key is invalid. r.r>rrjsssh-dsa rr$r%rr(r7rrcrorprnr*r7rzrqrrr 3test_failedPrivateKeyAuthenticationWithoutSignatures zJSSHUserAuthServerTests.test_failedPrivateKeyAuthenticationWithoutSignaturecCs|tjtj}tjtj}tdtdtddtdt|t||}d|j j _ |j |}| |jS)rr.r>rrrr)rr$r%rr&r7r,rrrcrrrorprn)r*r7r\rzrqrrr 0test_failedPrivateKeyAuthenticationWithSignatures&   zGSSHUserAuthServerTests.test_failedPrivateKeyAuthenticationWithSignaturecCsjtjtj}td|dd}tdtdtddtdt|}|j|}| |j S) z Private key authentication fails when the public key type is unsupported or the public key is corrupt. s ssh-bad-type Nr.r>rrjrrrrrr test_unsupported_publickeys  z1SSHUserAuthServerTests.test_unsupported_publickeycCsRt}t|j|_|jt|||j | |j ddgdS)ah L{SSHUserAuthServer} sets up C{SSHUserAuthServer.supportedAuthentications} by checking the portal's credentials interfaces and mapping them to SSH authentication method strings. If the Portal advertises an interface that L{SSHUserAuthServer} can't map, it should be ignored. This is a white box test. rsrN) rrbr:rDrrar]r<rgrdrerkr*serverrrr test_ignoreUnknownCredInterfacess   z7SSHUserAuthServerTests.test_ignoreUnknownCredInterfacescCs|d|jjt}t|j|_dd|j_| | | d|jt}t|j|_dd|j_| | |d|jdS)z Test that the userauth service does not advertise password authentication if the password would be send in cleartext. rscSsdSrBrxrrr rPrQzISSHUserAuthServerTests.test_removePasswordIfUnencrypted..cSs|dkSNinrrrrr rPrQN) ZassertInrcrdrrbr:rDrrLr<rgZ assertNotIn)r*clearAuthServerhalfAuthServerrrr test_removePasswordIfUnencrypteds    z7SSHUserAuthServerTests.test_removePasswordIfUnencryptedcCst|j}|tt}t||_dd|j_| | | |j dgt}t||_dd|j_| | | |j dgdS)z If the L{SSHUserAuthServer} is not advertising passwords, then an unencrypted connection should not cause any warnings or exceptions. This is a white box test. cSsdSrBrrrrr rPrQzSSSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswords..rcSs|dkSrrrrrr rPrQN) r r`rarYrrbr:rrLr<rgrkrd)r*rDrrrrr *test_unencryptedConnectionWithoutPasswordss      zASSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswordscCst}t|_t|j|_||j d| | |jj tj dttjftdtdfg||jjdS)z0 Test that the login times out. 鰚syou took too longrQN)rrbrr~rr:rDrr<rrgrkrFMSG_DISCONNECTr)DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLErZ assertTruerEr*ZtimeoutAuthServerrrr test_loginTimeouts(     z(SSHUserAuthServerTests.test_loginTimeoutcCs\t}t|_t|j|_|| |j d| |jj g| |jjdS)zN Test that stopping the service also stops the login timeout. rN)rrbrr~rr:rDrr<rgrrkrF assertFalserErrrr test_cancelLoginTimeouts   z.SSHUserAuthServerTests.test_cancelLoginTimeoutcsndtdtdtddtdg}tj_tdD]}j|}jjdq8fd d }| |S) zm Test that the server disconnects if the client fails authentication too many times. rQr.r>rsrjr|r}cs<jjjdtjdttjftdtdfdS)Nrirstoo many bad authsrQ)rkrcrrFrrrrrvr)rr rw1s  z:SSHUserAuthServerTests.test_tooManyAttempts..check) rxrrr~rcrrangerorrp)r*rzirqrwrr)r test_tooManyAttempts&s$    z+SSHUserAuthServerTests.test_tooManyAttemptscCsHtdtdtddtd}t|j_|j|}||jS)zo If the user requests a service that we don't support, the authentication should fail. r.rQrsrj)rrr~rcrrorprnrrrr test_failIfUnknownService?s$  z0SSHUserAuthServerTests.test_failIfUnknownServicecsVdd}jd|jddfdd}jddd}|t|S) aZ tryAuth() has two edge cases that are difficult to reach. 1) an authentication method auth_* returns None instead of a Deferred. 2) an authentication type that is defined does not have a matching auth_* method. Both these cases should return a Deferred which fails with a ConchError. cSsdSr6r)rzrrr mockAuthUsz>SSHUserAuthServerTests.test_tryAuthEdgeCases..mockAuthZauth_publickeyZ auth_passwordNcsjddd}|tS)Nrs)rcrrr)rmZd2r)rr secondTest[sz@SSHUserAuthServerTests.test_tryAuthEdgeCases..secondTestr)rrcrrrrp)r*rrZd1rr)r test_tryAuthEdgeCasesIs  z,SSHUserAuthServerTests.test_tryAuthEdgeCases)rrrrrskiprfrhrnrrr{rrrrrrrrrrrrrrrrrrr r^s.     r^c@seZdZdZedurdZddZddZdd Zd d Z d d Z ddZ ddZ ddZ ddZddZddZddZddZddZd d!ZdS)"SSHUserAuthClientTestsz& Tests for SSHUserAuthClient. Nr_cCs4tdt|_td|j_d|jj_|jdS)Nr.r)r#r:r= authClientrrr<r)rrr rfks  zSSHUserAuthClientTests.setUpcCs|jd|_dSr6)rrgr)rrr rhqs zSSHUserAuthClientTests.tearDowncCsT||jjd||jjjd||jjjtjt dt dt dfgdS)z; Test that client is initialized properly. r.r;r>N) rkrrinstancer3rrFrrrr)rrr test_initus z SSHUserAuthClientTests.test_initcs@dgfdd}||jj_|jd|d|jjdS)z9 Test that the client succeeds properly. Ncs |d<dS)Nrr)r?rrr stubSetServiceszDSSHUserAuthClientTests.test_USERAUTH_SUCCESS..stubSetServicerQr)rrZ setServiceZssh_USERAUTH_SUCCESSrkr)r*rrrr test_USERAUTH_SUCCESSs    z,SSHUserAuthClientTests.test_USERAUTH_SUCCESSc Cs|jtdd||jjjdtjtdtdtddtdttj t j  f|jtddttj t j }||jjjdtjtdtdtddtd|f|jtdttj t j t|jjjttjftdtdtddtd|}tj t j}||jjjdtjtdtdtddtd|t||fd S) zJ Test that the client can authenticate with a public key. rrjrir.r;sssh-dssrN)rssh_USERAUTH_FAILURErrkrrFrrrr$r%rr(r7r&ssh_USERAUTH_PK_OKrrr,r)r*r7r[r\rrr test_publickeys        z%SSHUserAuthClientTests.test_publickeycCsztdt}td|_d|j_||dg|j_|| d| |jjt j t dt dt dfgdS)z If the SSHUserAuthClient doesn't return anything from signData, the client should start the authentication over again by requesting 'none' authentication. r.NrrrQr;r>)r9r:r=rrr<rrF assertIsNonerrkrrr)r*rrrr !test_publickey_without_privatekeys  z8SSHUserAuthClientTests.test_publickey_without_privatekeycs.ddj_jd}fdd}||S)z{ If there's no public key, auth_publickey should return a Deferred called back with a False value. cSsdSr6rrrrr rPrQz:SSHUserAuthClientTests.test_no_publickey..rcs|dSr6)rresultr)rr rwsz7SSHUserAuthClientTests.test_no_publickey..check)rr+rrp)r*rqrwrr)r test_no_publickeys   z(SSHUserAuthClientTests.test_no_publickeycCs|jtdd||jjjdtjtdtdtddtdf|jtdtd||jjjdtjtdtdtddtddfd S) zx Test that the client can authentication with a password. This includes changing the password. rsrjrir.r;rQrr}N) rrrrkrrFrrrr)rrr test_passwords " &z$SSHUserAuthClientTests.test_passwordcCs"dd|j_||jddS)zK If getPassword returns None, tryAuth should return False. cSsdSr6rrrrr rPrQz9SSHUserAuthClientTests.test_no_password..rsN)rr1rrr)rrr test_no_passwords z'SSHUserAuthClientTests.test_no_passwordcCs`|jtdtdtddtdd||jjjdtjdtdtdfdS) zj Make sure that the client can authenticate with the keyboard interactive method. rQss Password: rjrisr.N)rZ'ssh_USERAUTH_PK_OK_keyboard_interactiverrkrrFrZMSG_USERAUTH_INFO_RESPONSEr)rrr test_keyboardInteractives& z/SSHUserAuthClientTests.test_keyboardInteractivecCsPd|j_g|jj_|jd||jjjtjtdtdtdfgdS)z If C{SSHUserAuthClient} gets a MSG_USERAUTH_PK_OK packet when it's not expecting it, it should fail the current authentication and move on to the next type. sunknownrQr.r;r>N) rZlastAuthrrFrrkrrrr)rrr "test_USERAUTH_PK_OK_unknown_methods  z9SSHUserAuthClientTests.test_USERAUTH_PK_OK_unknown_methodcsfdd}fdd}|j_|j_jtddjjjdtj tdtd td dtdfjtd d jjjd dddgdS)z ssh_USERAUTH_FAILURE should sort the methods by their position in SSHUserAuthClient.preferredOrder. Methods that are not in preferredOrder should be sorted at the end of that list. csjjdddS)N here is datarrrJrr)rr auth_firstmethod2szNSSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting..auth_firstmethodcsjjdddS)N other dataTrrr)rr auth_anothermethod5szPSSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting..auth_anothermethodsanothermethod,passwordrjrir.r;rss"firstmethod,anothermethod,passwordrN)rr)rr) rrrrrrkrrFrr)r*rrrr)r test_USERAUTH_FAILURE_sorting+s$   " z4SSHUserAuthClientTests.test_USERAUTH_FAILURE_sortingcCsT|jtdd|jtdd||jjjdtjdtddfdS) z If there are no more available user authentication messages, the SSHUserAuthClient should disconnect with code DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE. rsrjrriss(no more authentication methods availablesN)rrrrkrrFrr)rrr %test_disconnectIfNoMoreAuthenticationOs z)rrrFZ_ebAuthrkrrrr)rrr test_ebAuthas   z"SSHUserAuthClientTests.test_ebAuthcs`tdtfdd}fdddd}|j |S)z getPublicKey() should return None. getPrivateKey() should return a failed Deferred. getPassword() should return a failed Deferred. getGenericAnswers() should return a failed Deferred. r.cs$|t}|jSr6)trapNotImplementedErrorr1rprU addErrbackrrq)rcheck2r*rr rwvs z3SSHUserAuthClientTests.test_defaults..checkcs*|tddd}|jSr6)rrr4rprUrr)rcheck3r*rr r{s z4SSHUserAuthClientTests.test_defaults..check2cSs|tdSr6)rrrrrr rsz4SSHUserAuthClientTests.test_defaults..check3) rr"r:r=rr+r-rprUr)r*rwrqr)rrrr*r test_defaultsmsz$SSHUserAuthClientTests.test_defaults)rrrrrrrfrhrrrrrrrrrrrrrrrrr rcs$  > $ rc@s.eZdZedurdZGdddZddZdS) LoopbackTestsN)cannot run without cryptography or PyASN1c@s"eZdZGdddZddZdS)zLoopbackTests.Factoryc@s eZdZdZddZddZdS)zLoopbackTests.Factory.Service TestServicecCs|jdSr6)rrNr)rrr r<sz,LoopbackTests.Factory.Service.serviceStartedcCsdSr6rr)rrr rgsz,LoopbackTests.Factory.Service.serviceStoppedN)rrrr3r<rgrrrr r=sr=cCs|jSr6)r=)r*Zavatarr3rrr r@sz LoopbackTests.Factory.getServiceN)rrrr=r@rrrr rAs rAcs ttdj}t_j_ddj_t|_||j_dj_ |j_ ddj_ |j_ j_ d_ t }t|}tttfdd_||jj _tj|j}ddjj_d d|jj_|fd d }||S) zW Test that the userauth server and client play nicely with each other. r.cSsdSrMrrrrr rPrQz-LoopbackTests.test_loopback..rQcSsdSr6rrrrr rPrQrcstj|dkS)Nr})lenZsuccessfulCredentials)ZaId)checkerrr rPrQcSsdS)NZ_ServerLoopbackrrrrr rPrQcSsdS)NZ_ClientLoopbackrrrrr rPrQcsjjjddS)Nr)rkrr?r3rvrrr rwsz*LoopbackTests.test_loopback..check)rrbr#rAr=rr!r?rLrZ sendKexInitrCZ passwordDelayrOr rrarSrYZareDonerDrZ loopbackAsyncZ logPrefixr<rp)r*Zclientr`rDrqrwr)rr*rr test_loopbacks4        zLoopbackTests.test_loopback)rrrrrrArrrrr rs rc@s eZdZedurdZddZdS)ModuleInitializationTestsNrcCs,|tjjdd|tjjdddS)N<r)rkrrbZprotocolMessagesr"r)rrr test_messagess   z'ModuleInitializationTests.test_messages)rrrrrrrrrr rsr)8rtypesrtypingrZzope.interfacerZtwisted.conch.errorrrZtwisted.cred.checkersrZtwisted.cred.credentialsrr r Ztwisted.cred.errorr Ztwisted.cred.portalr r Ztwisted.internetrrZtwisted.protocolsrZtwisted.python.reflectrZ twisted.trialrr__annotations__Ztwisted.conch.checkersrZtwisted.conch.sshrrZtwisted.conch.ssh.commonrZtwisted.conch.testrr"r#r5r9r!r:rOrSrYr]ZTestCaser^rrrrrrr sP          #  A  }&<