commit 89fe1f8d95f98875b4726fa69b058d957793ba49 Author: Ezri Brimhall Date: Thu May 8 09:48:39 2025 -0600 initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1b100fe --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +dist/ +*.pyc diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/poetry.lock b/poetry.lock new file mode 100644 index 0000000..d2b4e71 --- /dev/null +++ b/poetry.lock @@ -0,0 +1,574 @@ +# This file is automatically @generated by Poetry 2.1.2 and should not be changed by hand. + +[[package]] +name = "aenum" +version = "3.1.16" +description = "Advanced Enumerations (compatible with Python's stdlib Enum), NamedTuples, and NamedConstants" +optional = false +python-versions = "*" +groups = ["main"] +files = [ + {file = "aenum-3.1.16-py2-none-any.whl", hash = "sha256:7810cbb6b4054b7654e5a7bafbe16e9ee1d25ef8e397be699f63f2f3a5800433"}, + {file = "aenum-3.1.16-py3-none-any.whl", hash = "sha256:9035092855a98e41b66e3d0998bd7b96280e85ceb3a04cc035636138a1943eaf"}, +] + +[[package]] +name = "asttokens" +version = "3.0.0" +description = "Annotate AST trees with source code positions" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "asttokens-3.0.0-py3-none-any.whl", hash = "sha256:e3078351a059199dd5138cb1c706e6430c05eff2ff136af5eb4790f9d28932e2"}, + {file = "asttokens-3.0.0.tar.gz", hash = "sha256:0dcd8baa8d62b0c1d118b399b2ddba3c4aff271d0d7a9e0d4c1681c79035bbc7"}, +] + +[package.extras] +astroid = ["astroid (>=2,<4)"] +test = ["astroid (>=2,<4)", "pytest", "pytest-cov", "pytest-xdist"] + +[[package]] +name = "certifi" +version = "2025.4.26" +description = "Python package for providing Mozilla's CA Bundle." +optional = false +python-versions = ">=3.6" +groups = ["main"] +files = [ + {file = "certifi-2025.4.26-py3-none-any.whl", hash = "sha256:30350364dfe371162649852c63336a15c70c6510c2ad5015b21c2345311805f3"}, + {file = "certifi-2025.4.26.tar.gz", hash = "sha256:0a816057ea3cdefcef70270d2c515e4506bbc954f417fa5ade2021213bb8f0c6"}, +] + +[[package]] +name = "charset-normalizer" +version = "3.4.2" +description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet." +optional = false +python-versions = ">=3.7" +groups = ["main"] +files = [ + {file = "charset_normalizer-3.4.2-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:7c48ed483eb946e6c04ccbe02c6b4d1d48e51944b6db70f697e089c193404941"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:b2d318c11350e10662026ad0eb71bb51c7812fc8590825304ae0bdd4ac283acd"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:9cbfacf36cb0ec2897ce0ebc5d08ca44213af24265bd56eca54bee7923c48fd6"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:18dd2e350387c87dabe711b86f83c9c78af772c748904d372ade190b5c7c9d4d"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8075c35cd58273fee266c58c0c9b670947c19df5fb98e7b66710e04ad4e9ff86"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:5bf4545e3b962767e5c06fe1738f951f77d27967cb2caa64c28be7c4563e162c"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:7a6ab32f7210554a96cd9e33abe3ddd86732beeafc7a28e9955cdf22ffadbab0"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:b33de11b92e9f75a2b545d6e9b6f37e398d86c3e9e9653c4864eb7e89c5773ef"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:8755483f3c00d6c9a77f490c17e6ab0c8729e39e6390328e42521ef175380ae6"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-musllinux_1_2_s390x.whl", hash = "sha256:68a328e5f55ec37c57f19ebb1fdc56a248db2e3e9ad769919a58672958e8f366"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:21b2899062867b0e1fde9b724f8aecb1af14f2778d69aacd1a5a1853a597a5db"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-win32.whl", hash = "sha256:e8082b26888e2f8b36a042a58307d5b917ef2b1cacab921ad3323ef91901c71a"}, + {file = "charset_normalizer-3.4.2-cp310-cp310-win_amd64.whl", hash = "sha256:f69a27e45c43520f5487f27627059b64aaf160415589230992cec34c5e18a509"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:be1e352acbe3c78727a16a455126d9ff83ea2dfdcbc83148d2982305a04714c2"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:aa88ca0b1932e93f2d961bf3addbb2db902198dca337d88c89e1559e066e7645"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:d524ba3f1581b35c03cb42beebab4a13e6cdad7b36246bd22541fa585a56cccd"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:28a1005facc94196e1fb3e82a3d442a9d9110b8434fc1ded7a24a2983c9888d8"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fdb20a30fe1175ecabed17cbf7812f7b804b8a315a25f24678bcdf120a90077f"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0f5d9ed7f254402c9e7d35d2f5972c9bbea9040e99cd2861bd77dc68263277c7"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:efd387a49825780ff861998cd959767800d54f8308936b21025326de4b5a42b9"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:f0aa37f3c979cf2546b73e8222bbfa3dc07a641585340179d768068e3455e544"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:e70e990b2137b29dc5564715de1e12701815dacc1d056308e2b17e9095372a82"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-musllinux_1_2_s390x.whl", hash = "sha256:0c8c57f84ccfc871a48a47321cfa49ae1df56cd1d965a09abe84066f6853b9c0"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:6b66f92b17849b85cad91259efc341dce9c1af48e2173bf38a85c6329f1033e5"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-win32.whl", hash = "sha256:daac4765328a919a805fa5e2720f3e94767abd632ae410a9062dff5412bae65a"}, + {file = "charset_normalizer-3.4.2-cp311-cp311-win_amd64.whl", hash = "sha256:e53efc7c7cee4c1e70661e2e112ca46a575f90ed9ae3fef200f2a25e954f4b28"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:0c29de6a1a95f24b9a1aa7aefd27d2487263f00dfd55a77719b530788f75cff7"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:cddf7bd982eaa998934a91f69d182aec997c6c468898efe6679af88283b498d3"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:fcbe676a55d7445b22c10967bceaaf0ee69407fbe0ece4d032b6eb8d4565982a"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d41c4d287cfc69060fa91cae9683eacffad989f1a10811995fa309df656ec214"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4e594135de17ab3866138f496755f302b72157d115086d100c3f19370839dd3a"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:cf713fe9a71ef6fd5adf7a79670135081cd4431c2943864757f0fa3a65b1fafd"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:a370b3e078e418187da8c3674eddb9d983ec09445c99a3a263c2011993522981"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:a955b438e62efdf7e0b7b52a64dc5c3396e2634baa62471768a64bc2adb73d5c"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:7222ffd5e4de8e57e03ce2cef95a4c43c98fcb72ad86909abdfc2c17d227fc1b"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:bee093bf902e1d8fc0ac143c88902c3dfc8941f7ea1d6a8dd2bcb786d33db03d"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:dedb8adb91d11846ee08bec4c8236c8549ac721c245678282dcb06b221aab59f"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-win32.whl", hash = "sha256:db4c7bf0e07fc3b7d89ac2a5880a6a8062056801b83ff56d8464b70f65482b6c"}, + {file = "charset_normalizer-3.4.2-cp312-cp312-win_amd64.whl", hash = "sha256:5a9979887252a82fefd3d3ed2a8e3b937a7a809f65dcb1e068b090e165bbe99e"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:926ca93accd5d36ccdabd803392ddc3e03e6d4cd1cf17deff3b989ab8e9dbcf0"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:eba9904b0f38a143592d9fc0e19e2df0fa2e41c3c3745554761c5f6447eedabf"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:3fddb7e2c84ac87ac3a947cb4e66d143ca5863ef48e4a5ecb83bd48619e4634e"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:98f862da73774290f251b9df8d11161b6cf25b599a66baf087c1ffe340e9bfd1"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c9379d65defcab82d07b2a9dfbfc2e95bc8fe0ebb1b176a3190230a3ef0e07c"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e635b87f01ebc977342e2697d05b56632f5f879a4f15955dfe8cef2448b51691"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:1c95a1e2902a8b722868587c0e1184ad5c55631de5afc0eb96bc4b0d738092c0"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:ef8de666d6179b009dce7bcb2ad4c4a779f113f12caf8dc77f0162c29d20490b"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:32fc0341d72e0f73f80acb0a2c94216bd704f4f0bce10aedea38f30502b271ff"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:289200a18fa698949d2b39c671c2cc7a24d44096784e76614899a7ccf2574b7b"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:4a476b06fbcf359ad25d34a057b7219281286ae2477cc5ff5e3f70a246971148"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-win32.whl", hash = "sha256:aaeeb6a479c7667fbe1099af9617c83aaca22182d6cf8c53966491a0f1b7ffb7"}, + {file = "charset_normalizer-3.4.2-cp313-cp313-win_amd64.whl", hash = "sha256:aa6af9e7d59f9c12b33ae4e9450619cf2488e2bbe9b44030905877f0b2324980"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1cad5f45b3146325bb38d6855642f6fd609c3f7cad4dbaf75549bf3b904d3184"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b2680962a4848b3c4f155dc2ee64505a9c57186d0d56b43123b17ca3de18f0fa"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:36b31da18b8890a76ec181c3cf44326bf2c48e36d393ca1b72b3f484113ea344"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f4074c5a429281bf056ddd4c5d3b740ebca4d43ffffe2ef4bf4d2d05114299da"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c9e36a97bee9b86ef9a1cf7bb96747eb7a15c2f22bdb5b516434b00f2a599f02"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-musllinux_1_2_aarch64.whl", hash = "sha256:1b1bde144d98e446b056ef98e59c256e9294f6b74d7af6846bf5ffdafd687a7d"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-musllinux_1_2_i686.whl", hash = "sha256:915f3849a011c1f593ab99092f3cecfcb4d65d8feb4a64cf1bf2d22074dc0ec4"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-musllinux_1_2_ppc64le.whl", hash = "sha256:fb707f3e15060adf5b7ada797624a6c6e0138e2a26baa089df64c68ee98e040f"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-musllinux_1_2_s390x.whl", hash = "sha256:25a23ea5c7edc53e0f29bae2c44fcb5a1aa10591aae107f2a2b2583a9c5cbc64"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-musllinux_1_2_x86_64.whl", hash = "sha256:770cab594ecf99ae64c236bc9ee3439c3f46be49796e265ce0cc8bc17b10294f"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-win32.whl", hash = "sha256:6a0289e4589e8bdfef02a80478f1dfcb14f0ab696b5a00e1f4b8a14a307a3c58"}, + {file = "charset_normalizer-3.4.2-cp37-cp37m-win_amd64.whl", hash = "sha256:6fc1f5b51fa4cecaa18f2bd7a003f3dd039dd615cd69a2afd6d3b19aed6775f2"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:76af085e67e56c8816c3ccf256ebd136def2ed9654525348cfa744b6802b69eb"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e45ba65510e2647721e35323d6ef54c7974959f6081b58d4ef5d87c60c84919a"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:046595208aae0120559a67693ecc65dd75d46f7bf687f159127046628178dc45"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:75d10d37a47afee94919c4fab4c22b9bc2a8bf7d4f46f87363bcf0573f3ff4f5"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6333b3aa5a12c26b2a4d4e7335a28f1475e0e5e17d69d55141ee3cab736f66d1"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e8323a9b031aa0393768b87f04b4164a40037fb2a3c11ac06a03ffecd3618027"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:24498ba8ed6c2e0b56d4acbf83f2d989720a93b41d712ebd4f4979660db4417b"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:844da2b5728b5ce0e32d863af26f32b5ce61bc4273a9c720a9f3aa9df73b1455"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-musllinux_1_2_ppc64le.whl", hash = "sha256:65c981bdbd3f57670af8b59777cbfae75364b483fa8a9f420f08094531d54a01"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-musllinux_1_2_s390x.whl", hash = "sha256:3c21d4fca343c805a52c0c78edc01e3477f6dd1ad7c47653241cf2a206d4fc58"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:dc7039885fa1baf9be153a0626e337aa7ec8bf96b0128605fb0d77788ddc1681"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-win32.whl", hash = "sha256:8272b73e1c5603666618805fe821edba66892e2870058c94c53147602eab29c7"}, + {file = "charset_normalizer-3.4.2-cp38-cp38-win_amd64.whl", hash = "sha256:70f7172939fdf8790425ba31915bfbe8335030f05b9913d7ae00a87d4395620a"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:005fa3432484527f9732ebd315da8da8001593e2cf46a3d817669f062c3d9ed4"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e92fca20c46e9f5e1bb485887d074918b13543b1c2a1185e69bb8d17ab6236a7"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:50bf98d5e563b83cc29471fa114366e6806bc06bc7a25fd59641e41445327836"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:721c76e84fe669be19c5791da68232ca2e05ba5185575086e384352e2c309597"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:82d8fd25b7f4675d0c47cf95b594d4e7b158aca33b76aa63d07186e13c0e0ab7"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:b3daeac64d5b371dea99714f08ffc2c208522ec6b06fbc7866a450dd446f5c0f"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:dccab8d5fa1ef9bfba0590ecf4d46df048d18ffe3eec01eeb73a42e0d9e7a8ba"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:aaf27faa992bfee0264dc1f03f4c75e9fcdda66a519db6b957a3f826e285cf12"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-musllinux_1_2_ppc64le.whl", hash = "sha256:eb30abc20df9ab0814b5a2524f23d75dcf83cde762c161917a2b4b7b55b1e518"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-musllinux_1_2_s390x.whl", hash = "sha256:c72fbbe68c6f32f251bdc08b8611c7b3060612236e960ef848e0a517ddbe76c5"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:982bb1e8b4ffda883b3d0a521e23abcd6fd17418f6d2c4118d257a10199c0ce3"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-win32.whl", hash = "sha256:43e0933a0eff183ee85833f341ec567c0980dae57c464d8a508e1b2ceb336471"}, + {file = "charset_normalizer-3.4.2-cp39-cp39-win_amd64.whl", hash = "sha256:d11b54acf878eef558599658b0ffca78138c8c3655cf4f3a4a673c437e67732e"}, + {file = "charset_normalizer-3.4.2-py3-none-any.whl", hash = "sha256:7f56930ab0abd1c45cd15be65cc741c28b1c9a34876ce8c17a2fa107810c0af0"}, + {file = "charset_normalizer-3.4.2.tar.gz", hash = "sha256:5baececa9ecba31eff645232d59845c07aa030f0c81ee70184a90d35099a0e63"}, +] + +[[package]] +name = "colorama" +version = "0.4.6" +description = "Cross-platform colored terminal text." +optional = false +python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" +groups = ["dev"] +markers = "sys_platform == \"win32\"" +files = [ + {file = "colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"}, + {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"}, +] + +[[package]] +name = "dbus-fast" +version = "2.44.1" +description = "A faster version of dbus-next" +optional = false +python-versions = ">=3.9" +groups = ["main"] +files = [ + {file = "dbus_fast-2.44.1-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:c78a004ba43aeaf203a19169d2b4be238375905645999da30cb0da730df80cf2"}, + {file = "dbus_fast-2.44.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:65a634286651398f3f1326e8200fc54289d52c2c00249d29cacfc691660a5da1"}, + {file = "dbus_fast-2.44.1-cp310-cp310-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:0c4a128f8b29941307fc5722f37a1bb87ddcf733188d917ab374d9da0c6e1ce7"}, + {file = "dbus_fast-2.44.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:adaf459fbce22a63d3578f3ec782c6978edf975eb06d71fb5b7a690496cf6bbe"}, + {file = "dbus_fast-2.44.1-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:de871cf722c436bdcceb96b2a3af7084e1fa468f7916ae278ec8ec49a6fa7eef"}, + {file = "dbus_fast-2.44.1-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:b40863de172031bcc02f54c6f05cccb0b882dc2e1b09e11314a8ccf38c558760"}, + {file = "dbus_fast-2.44.1-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:8b7ae16555df6b56d3befcc51e036779ef47c0e954fdb9fb0821ac25212aefe9"}, + {file = "dbus_fast-2.44.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:a220a28e88062a2548f0c6da9eb15fb7e3af70eae56729fc3795ce3e3fba057d"}, + {file = "dbus_fast-2.44.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4ec5db912bd4cfeadf7134163d6dde684271cd44cf26e3b4720107f3de406623"}, + {file = "dbus_fast-2.44.1-cp311-cp311-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:6ad99f626837753b39a39e09facd2091ee4851ee1eb6ebec5fa9a9a231734254"}, + {file = "dbus_fast-2.44.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f7aa157f689a114bfb5367c55884d35e25d57cf25202a6590ce05010f929e7df"}, + {file = "dbus_fast-2.44.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:f961d8bcad80359f24c0156b3094f58a87d583d56139ee50922fe5894b6797cf"}, + {file = "dbus_fast-2.44.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:1f38fb5c31846c3ada8fc2b693d8d19953d376a9ea21079e3686e93faa1f8a0f"}, + {file = "dbus_fast-2.44.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:35e3cde53cc9180ce95c6c84a1e8d1ded429031e4a0a182606e8d22cf57d3294"}, + {file = "dbus_fast-2.44.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:f3f30fb09f1ea13658fb4316511e27d6b94f8363b16f2d093efe73e6e289b740"}, + {file = "dbus_fast-2.44.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3dd0f8d41f6ab9d4a782c116470bc319d690f9b50c97b6debc6d1fef08e4615a"}, + {file = "dbus_fast-2.44.1-cp312-cp312-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:9d6e386658343db380b9e4e81b3bf4e3c17135dbb5889173b1f2582b675b9a8c"}, + {file = "dbus_fast-2.44.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3bd27563c11219b6fde7a5458141d860d8445c2defb036bab360d1f9bf1dfae0"}, + {file = "dbus_fast-2.44.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:0272784aceac821dd63c8187a8860179061a850269617ff5c5bd25ca37bf9307"}, + {file = "dbus_fast-2.44.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:eed613a909a45f0e0a415c88b373024f007a9be56b1316812ed616d69a3b9161"}, + {file = "dbus_fast-2.44.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:0d4288f2cba4f8309dcfd9f4392e0f4f2b5be6c796dfdb0c5e03228b1ab649b1"}, + {file = "dbus_fast-2.44.1-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:50a9a4c6921f4b7446717fb4869750f54b561ce486b25b36550cb2a910c988d9"}, + {file = "dbus_fast-2.44.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:89dc5db158bf9838979f732acc39e0e1ecd7e3295a09fa8adb93b09c097615a4"}, + {file = "dbus_fast-2.44.1-cp313-cp313-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:f11878c0c089d278861e48c02db8002496c2233b0f605b5630ef61f0b7fb0ea3"}, + {file = "dbus_fast-2.44.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:afd81f483b3ffb71e88478cfabccc1fab8d7154fccb1c661bfafcff9b0cfd996"}, + {file = "dbus_fast-2.44.1-cp313-cp313-manylinux_2_36_x86_64.whl", hash = "sha256:ad499de96a991287232749c98a59f2436ed260f6fd9ad4cb3b04a4b1bbbef148"}, + {file = "dbus_fast-2.44.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:36c44286b11e83977cd29f9551b66b446bb6890dff04585852d975aa3a038ca2"}, + {file = "dbus_fast-2.44.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:89f2f6eccbb0e464b90e5a8741deb9d6a91873eeb41a8c7b963962b39eb1e0cd"}, + {file = "dbus_fast-2.44.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:bb74a227b071e1a7c517bf3a3e4a5a0a2660620084162e74f15010075534c9d5"}, + {file = "dbus_fast-2.44.1-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:5e3719399e687359b0ef66af1b720661dd4f12059db1c4f506e678569a2256b4"}, + {file = "dbus_fast-2.44.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:806450623ef3f8df846524da7e448edc8174261a01cfd5dfda92e3df89c0de10"}, + {file = "dbus_fast-2.44.1-cp39-cp39-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:55ad499b7ef08cb76fce9c9fdcdd6589d2ebfc7e53b3d261d8f40c6d97a8d901"}, + {file = "dbus_fast-2.44.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:55d717865219ec2ae9977b6d067c05261cdc3ef6205c687c8bb92b3437886e58"}, + {file = "dbus_fast-2.44.1-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:39d4cc61e491e11912f76d70cc1c47387ab4f2e5b71f34bfa13eb11aa6026268"}, + {file = "dbus_fast-2.44.1-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:9b3b10151f1140f7b6dd47a89fc37edd05d6213be0a1748eadba82fc144c05c2"}, + {file = "dbus_fast-2.44.1-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:33772c223f5cef1bacc298e83dc04b27b3a47065b245fde766fcc126e761dca7"}, + {file = "dbus_fast-2.44.1-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:80e3f42f982af45bcfa0ff23e808f3aa54a45fe4bf43aadd3beb5ace816fba76"}, + {file = "dbus_fast-2.44.1-pp310-pypy310_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f29a81d86c9ce3020a5df8c1e5557edaa00e1e00c9804ec874d46c99d967a686"}, + {file = "dbus_fast-2.44.1-pp310-pypy310_pp73-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:5dec134715457601c0fa8df3040a56d319de1a152464ae4d4bfc53bbb5c02e04"}, + {file = "dbus_fast-2.44.1-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux_2_5_x86_64.manylinux1_x86_64.manylinux2014_x86_64.whl", hash = "sha256:893509b516f2f24b4e3f09a6b1f3a30f856cf237cd773cdc505ea7ab4fa3c863"}, + {file = "dbus_fast-2.44.1-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:db81275d708774f6a17c89f2e063398c0deb358c4d22b663a3dd99861f6683a4"}, + {file = "dbus_fast-2.44.1-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:161a3e6fc8783c30c9feb072e09604d96ec0c465b06bd35b6acc1a0316bd2a27"}, + {file = "dbus_fast-2.44.1-pp39-pypy39_pp73-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:67febe6454e714d85a532bd84969001ed948bbaf1699a7e1e4c6abb5508c9522"}, + {file = "dbus_fast-2.44.1-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux_2_5_x86_64.manylinux1_x86_64.manylinux2014_x86_64.whl", hash = "sha256:890f0fc046d5db66524ddedeca8c14b65739fbbf32d6488175c07428362bf250"}, + {file = "dbus_fast-2.44.1.tar.gz", hash = "sha256:b027e96c39ed5622bb54d811dcdbbe9d9d6edec3454808a85a1ceb1867d9e25c"}, +] + +[[package]] +name = "decorator" +version = "5.2.1" +description = "Decorators for Humans" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "decorator-5.2.1-py3-none-any.whl", hash = "sha256:d316bb415a2d9e2d2b3abcc4084c6502fc09240e292cd76a76afc106a1c8e04a"}, + {file = "decorator-5.2.1.tar.gz", hash = "sha256:65f266143752f734b0a7cc83c46f4618af75b8c5911b00ccb61d0ac9b6da0360"}, +] + +[[package]] +name = "executing" +version = "2.2.0" +description = "Get the currently executing AST node of a frame, and other information" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "executing-2.2.0-py2.py3-none-any.whl", hash = "sha256:11387150cad388d62750327a53d3339fad4888b39a6fe233c3afbb54ecffd3aa"}, + {file = "executing-2.2.0.tar.gz", hash = "sha256:5d108c028108fe2551d1a7b2e8b713341e2cb4fc0aa7dcf966fa4327a5226755"}, +] + +[package.extras] +tests = ["asttokens (>=2.1.0)", "coverage", "coverage-enable-subprocess", "ipython", "littleutils", "pytest", "rich ; python_version >= \"3.11\""] + +[[package]] +name = "idna" +version = "3.10" +description = "Internationalized Domain Names in Applications (IDNA)" +optional = false +python-versions = ">=3.6" +groups = ["main"] +files = [ + {file = "idna-3.10-py3-none-any.whl", hash = "sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3"}, + {file = "idna-3.10.tar.gz", hash = "sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9"}, +] + +[package.extras] +all = ["flake8 (>=7.1.1)", "mypy (>=1.11.2)", "pytest (>=8.3.2)", "ruff (>=0.6.2)"] + +[[package]] +name = "ipython" +version = "9.2.0" +description = "IPython: Productive Interactive Computing" +optional = false +python-versions = ">=3.11" +groups = ["dev"] +files = [ + {file = "ipython-9.2.0-py3-none-any.whl", hash = "sha256:fef5e33c4a1ae0759e0bba5917c9db4eb8c53fee917b6a526bd973e1ca5159f6"}, + {file = "ipython-9.2.0.tar.gz", hash = "sha256:62a9373dbc12f28f9feaf4700d052195bf89806279fc8ca11f3f54017d04751b"}, +] + +[package.dependencies] +colorama = {version = "*", markers = "sys_platform == \"win32\""} +decorator = "*" +ipython-pygments-lexers = "*" +jedi = ">=0.16" +matplotlib-inline = "*" +pexpect = {version = ">4.3", markers = "sys_platform != \"win32\" and sys_platform != \"emscripten\""} +prompt_toolkit = ">=3.0.41,<3.1.0" +pygments = ">=2.4.0" +stack_data = "*" +traitlets = ">=5.13.0" +typing_extensions = {version = ">=4.6", markers = "python_version < \"3.12\""} + +[package.extras] +all = ["ipython[doc,matplotlib,test,test-extra]"] +black = ["black"] +doc = ["docrepr", "exceptiongroup", "intersphinx_registry", "ipykernel", "ipython[test]", "matplotlib", "setuptools (>=18.5)", "sphinx (>=1.3)", "sphinx-rtd-theme", "sphinx_toml (==0.0.4)", "typing_extensions"] +matplotlib = ["matplotlib"] +test = ["packaging", "pytest", "pytest-asyncio (<0.22)", "testpath"] +test-extra = ["curio", "ipykernel", "ipython[test]", "jupyter_ai", "matplotlib (!=3.2.0)", "nbclient", "nbformat", "numpy (>=1.23)", "pandas", "trio"] + +[[package]] +name = "ipython-pygments-lexers" +version = "1.1.1" +description = "Defines a variety of Pygments lexers for highlighting IPython code." +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "ipython_pygments_lexers-1.1.1-py3-none-any.whl", hash = "sha256:a9462224a505ade19a605f71f8fa63c2048833ce50abc86768a0d81d876dc81c"}, + {file = "ipython_pygments_lexers-1.1.1.tar.gz", hash = "sha256:09c0138009e56b6854f9535736f4171d855c8c08a563a0dcd8022f78355c7e81"}, +] + +[package.dependencies] +pygments = "*" + +[[package]] +name = "jedi" +version = "0.19.2" +description = "An autocompletion tool for Python that can be used for text editors." +optional = false +python-versions = ">=3.6" +groups = ["dev"] +files = [ + {file = "jedi-0.19.2-py2.py3-none-any.whl", hash = "sha256:a8ef22bde8490f57fe5c7681a3c83cb58874daf72b4784de3cce5b6ef6edb5b9"}, + {file = "jedi-0.19.2.tar.gz", hash = "sha256:4770dc3de41bde3966b02eb84fbcf557fb33cce26ad23da12c742fb50ecb11f0"}, +] + +[package.dependencies] +parso = ">=0.8.4,<0.9.0" + +[package.extras] +docs = ["Jinja2 (==2.11.3)", "MarkupSafe (==1.1.1)", "Pygments (==2.8.1)", "alabaster (==0.7.12)", "babel (==2.9.1)", "chardet (==4.0.0)", "commonmark (==0.8.1)", "docutils (==0.17.1)", "future (==0.18.2)", "idna (==2.10)", "imagesize (==1.2.0)", "mock (==1.0.1)", "packaging (==20.9)", "pyparsing (==2.4.7)", "pytz (==2021.1)", "readthedocs-sphinx-ext (==2.1.4)", "recommonmark (==0.5.0)", "requests (==2.25.1)", "six (==1.15.0)", "snowballstemmer (==2.1.0)", "sphinx (==1.8.5)", "sphinx-rtd-theme (==0.4.3)", "sphinxcontrib-serializinghtml (==1.1.4)", "sphinxcontrib-websupport (==1.2.4)", "urllib3 (==1.26.4)"] +qa = ["flake8 (==5.0.4)", "mypy (==0.971)", "types-setuptools (==67.2.0.1)"] +testing = ["Django", "attrs", "colorama", "docopt", "pytest (<9.0.0)"] + +[[package]] +name = "matplotlib-inline" +version = "0.1.7" +description = "Inline Matplotlib backend for Jupyter" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "matplotlib_inline-0.1.7-py3-none-any.whl", hash = "sha256:df192d39a4ff8f21b1895d72e6a13f5fcc5099f00fa84384e0ea28c2cc0653ca"}, + {file = "matplotlib_inline-0.1.7.tar.gz", hash = "sha256:8423b23ec666be3d16e16b60bdd8ac4e86e840ebd1dd11a30b9f117f2fa0ab90"}, +] + +[package.dependencies] +traitlets = "*" + +[[package]] +name = "parso" +version = "0.8.4" +description = "A Python Parser" +optional = false +python-versions = ">=3.6" +groups = ["dev"] +files = [ + {file = "parso-0.8.4-py2.py3-none-any.whl", hash = "sha256:a418670a20291dacd2dddc80c377c5c3791378ee1e8d12bffc35420643d43f18"}, + {file = "parso-0.8.4.tar.gz", hash = "sha256:eb3a7b58240fb99099a345571deecc0f9540ea5f4dd2fe14c2a99d6b281ab92d"}, +] + +[package.extras] +qa = ["flake8 (==5.0.4)", "mypy (==0.971)", "types-setuptools (==67.2.0.1)"] +testing = ["docopt", "pytest"] + +[[package]] +name = "pexpect" +version = "4.9.0" +description = "Pexpect allows easy control of interactive console applications." +optional = false +python-versions = "*" +groups = ["dev"] +markers = "sys_platform != \"win32\" and sys_platform != \"emscripten\"" +files = [ + {file = "pexpect-4.9.0-py2.py3-none-any.whl", hash = "sha256:7236d1e080e4936be2dc3e326cec0af72acf9212a7e1d060210e70a47e253523"}, + {file = "pexpect-4.9.0.tar.gz", hash = "sha256:ee7d41123f3c9911050ea2c2dac107568dc43b2d3b0c7557a33212c398ead30f"}, +] + +[package.dependencies] +ptyprocess = ">=0.5" + +[[package]] +name = "prompt-toolkit" +version = "3.0.51" +description = "Library for building powerful interactive command lines in Python" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "prompt_toolkit-3.0.51-py3-none-any.whl", hash = "sha256:52742911fde84e2d423e2f9a4cf1de7d7ac4e51958f648d9540e0fb8db077b07"}, + {file = "prompt_toolkit-3.0.51.tar.gz", hash = "sha256:931a162e3b27fc90c86f1b48bb1fb2c528c2761475e57c9c06de13311c7b54ed"}, +] + +[package.dependencies] +wcwidth = "*" + +[[package]] +name = "psutil" +version = "7.0.0" +description = "Cross-platform lib for process and system monitoring in Python. NOTE: the syntax of this script MUST be kept compatible with Python 2.7." +optional = false +python-versions = ">=3.6" +groups = ["main"] +files = [ + {file = "psutil-7.0.0-cp36-abi3-macosx_10_9_x86_64.whl", hash = "sha256:101d71dc322e3cffd7cea0650b09b3d08b8e7c4109dd6809fe452dfd00e58b25"}, + {file = "psutil-7.0.0-cp36-abi3-macosx_11_0_arm64.whl", hash = "sha256:39db632f6bb862eeccf56660871433e111b6ea58f2caea825571951d4b6aa3da"}, + {file = "psutil-7.0.0-cp36-abi3-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1fcee592b4c6f146991ca55919ea3d1f8926497a713ed7faaf8225e174581e91"}, + {file = "psutil-7.0.0-cp36-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4b1388a4f6875d7e2aff5c4ca1cc16c545ed41dd8bb596cefea80111db353a34"}, + {file = "psutil-7.0.0-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a5f098451abc2828f7dc6b58d44b532b22f2088f4999a937557b603ce72b1993"}, + {file = "psutil-7.0.0-cp36-cp36m-win32.whl", hash = "sha256:84df4eb63e16849689f76b1ffcb36db7b8de703d1bc1fe41773db487621b6c17"}, + {file = "psutil-7.0.0-cp36-cp36m-win_amd64.whl", hash = "sha256:1e744154a6580bc968a0195fd25e80432d3afec619daf145b9e5ba16cc1d688e"}, + {file = "psutil-7.0.0-cp37-abi3-win32.whl", hash = "sha256:ba3fcef7523064a6c9da440fc4d6bd07da93ac726b5733c29027d7dc95b39d99"}, + {file = "psutil-7.0.0-cp37-abi3-win_amd64.whl", hash = "sha256:4cf3d4eb1aa9b348dec30105c55cd9b7d4629285735a102beb4441e38db90553"}, + {file = "psutil-7.0.0.tar.gz", hash = "sha256:7be9c3eba38beccb6495ea33afd982a44074b78f28c434a1f51cc07fd315c456"}, +] + +[package.extras] +dev = ["abi3audit", "black (==24.10.0)", "check-manifest", "coverage", "packaging", "pylint", "pyperf", "pypinfo", "pytest", "pytest-cov", "pytest-xdist", "requests", "rstcheck", "ruff", "setuptools", "sphinx", "sphinx_rtd_theme", "toml-sort", "twine", "virtualenv", "vulture", "wheel"] +test = ["pytest", "pytest-xdist", "setuptools"] + +[[package]] +name = "ptyprocess" +version = "0.7.0" +description = "Run a subprocess in a pseudo terminal" +optional = false +python-versions = "*" +groups = ["dev"] +markers = "sys_platform != \"win32\" and sys_platform != \"emscripten\"" +files = [ + {file = "ptyprocess-0.7.0-py2.py3-none-any.whl", hash = "sha256:4b41f3967fce3af57cc7e94b888626c18bf37a083e3651ca8feeb66d492fef35"}, + {file = "ptyprocess-0.7.0.tar.gz", hash = "sha256:5c5d0a3b48ceee0b48485e0c26037c0acd7d29765ca3fbb5cb3831d347423220"}, +] + +[[package]] +name = "pure-eval" +version = "0.2.3" +description = "Safely evaluate AST nodes without side effects" +optional = false +python-versions = "*" +groups = ["dev"] +files = [ + {file = "pure_eval-0.2.3-py3-none-any.whl", hash = "sha256:1db8e35b67b3d218d818ae653e27f06c3aa420901fa7b081ca98cbedc874e0d0"}, + {file = "pure_eval-0.2.3.tar.gz", hash = "sha256:5f4e983f40564c576c7c8635ae88db5956bb2229d7e9237d03b3c0b0190eaf42"}, +] + +[package.extras] +tests = ["pytest"] + +[[package]] +name = "pygments" +version = "2.19.1" +description = "Pygments is a syntax highlighting package written in Python." +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "pygments-2.19.1-py3-none-any.whl", hash = "sha256:9ea1544ad55cecf4b8242fab6dd35a93bbce657034b0611ee383099054ab6d8c"}, + {file = "pygments-2.19.1.tar.gz", hash = "sha256:61c16d2a8576dc0649d9f39e089b5f02bcd27fba10d8fb4dcc28173f7a45151f"}, +] + +[package.extras] +windows-terminal = ["colorama (>=0.4.6)"] + +[[package]] +name = "requests" +version = "2.32.3" +description = "Python HTTP for Humans." +optional = false +python-versions = ">=3.8" +groups = ["main"] +files = [ + {file = "requests-2.32.3-py3-none-any.whl", hash = "sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6"}, + {file = "requests-2.32.3.tar.gz", hash = "sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760"}, +] + +[package.dependencies] +certifi = ">=2017.4.17" +charset-normalizer = ">=2,<4" +idna = ">=2.5,<4" +urllib3 = ">=1.21.1,<3" + +[package.extras] +socks = ["PySocks (>=1.5.6,!=1.5.7)"] +use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"] + +[[package]] +name = "stack-data" +version = "0.6.3" +description = "Extract data from python stack frames and tracebacks for informative displays" +optional = false +python-versions = "*" +groups = ["dev"] +files = [ + {file = "stack_data-0.6.3-py3-none-any.whl", hash = "sha256:d5558e0c25a4cb0853cddad3d77da9891a08cb85dd9f9f91b9f8cd66e511e695"}, + {file = "stack_data-0.6.3.tar.gz", hash = "sha256:836a778de4fec4dcd1dcd89ed8abff8a221f58308462e1c4aa2a3cf30148f0b9"}, +] + +[package.dependencies] +asttokens = ">=2.1.0" +executing = ">=1.2.0" +pure-eval = "*" + +[package.extras] +tests = ["cython", "littleutils", "pygments", "pytest", "typeguard"] + +[[package]] +name = "traitlets" +version = "5.14.3" +description = "Traitlets Python configuration system" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "traitlets-5.14.3-py3-none-any.whl", hash = "sha256:b74e89e397b1ed28cc831db7aea759ba6640cb3de13090ca145426688ff1ac4f"}, + {file = "traitlets-5.14.3.tar.gz", hash = "sha256:9ed0579d3502c94b4b3732ac120375cda96f923114522847de4b3bb98b96b6b7"}, +] + +[package.extras] +docs = ["myst-parser", "pydata-sphinx-theme", "sphinx"] +test = ["argcomplete (>=3.0.3)", "mypy (>=1.7.0)", "pre-commit", "pytest (>=7.0,<8.2)", "pytest-mock", "pytest-mypy-testing"] + +[[package]] +name = "typing-extensions" +version = "4.13.2" +description = "Backported and Experimental Type Hints for Python 3.8+" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +markers = "python_version == \"3.11\"" +files = [ + {file = "typing_extensions-4.13.2-py3-none-any.whl", hash = "sha256:a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c"}, + {file = "typing_extensions-4.13.2.tar.gz", hash = "sha256:e6c81219bd689f51865d9e372991c540bda33a0379d5573cddb9a3a23f7caaef"}, +] + +[[package]] +name = "urllib3" +version = "2.4.0" +description = "HTTP library with thread-safe connection pooling, file post, and more." +optional = false +python-versions = ">=3.9" +groups = ["main"] +files = [ + {file = "urllib3-2.4.0-py3-none-any.whl", hash = "sha256:4e16665048960a0900c702d4a66415956a584919c03361cac9f1df5c5dd7e813"}, + {file = "urllib3-2.4.0.tar.gz", hash = "sha256:414bc6535b787febd7567804cc015fee39daab8ad86268f1310a9250697de466"}, +] + +[package.extras] +brotli = ["brotli (>=1.0.9) ; platform_python_implementation == \"CPython\"", "brotlicffi (>=0.8.0) ; platform_python_implementation != \"CPython\""] +h2 = ["h2 (>=4,<5)"] +socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"] +zstd = ["zstandard (>=0.18.0)"] + +[[package]] +name = "vpn-manager" +version = "0.1.0" +description = "Extensible VPN management solution for the Linux desktop" +optional = false +python-versions = ">=3.11" +groups = ["main"] +files = [] +develop = false + +[package.dependencies] +dbus-fast = ">=2.44.1,<3.0.0" +requests = ">=2.32.3,<3.0.0" + +[package.source] +type = "directory" +url = "../vpn-manager" + +[[package]] +name = "wcwidth" +version = "0.2.13" +description = "Measures the displayed width of unicode strings in a terminal" +optional = false +python-versions = "*" +groups = ["dev"] +files = [ + {file = "wcwidth-0.2.13-py2.py3-none-any.whl", hash = "sha256:3da69048e4540d84af32131829ff948f1e022c1c6bdb8d6102117aac784f6859"}, + {file = "wcwidth-0.2.13.tar.gz", hash = "sha256:72ea0c06399eb286d978fdedb6923a9eb47e1c486ce63e9b4e64fc18303972b5"}, +] + +[metadata] +lock-version = "2.1" +python-versions = ">=3.11" +content-hash = "addd24c698bf3770d9da834c9f3f585c2028dc49fabd4129eaec4c6df22745f5" diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 0000000..7506ede --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,31 @@ +[project] +name = "vpn-manager-globalprotect" +version = "0.1.0" +description = "GlobalProtect backend for vpn-manager" +authors = [ + {name = "Ezri Brimhall",email = "ezri.brimhall@usu.edu"} +] +readme = "README.md" +requires-python = ">=3.11" +dependencies = [ + "vpn-manager @ file:///home/ezri/src/vpn-manager", + "requests (>=2.32.3,<3.0.0)", + "aenum (>=3.1.16,<4.0.0)", + "psutil (>=7.0.0,<8.0.0)", + "dbus-fast (>=2.44.1,<3.0.0)" +] + +[project.scripts] +gp-saml-auth-response = 'vpn_manager_globalprotect.handlers:handle_auth_response' + +[tool.pydocstyle] +add_ignore = "D105" + +[tool.poetry] + +[tool.poetry.group.dev.dependencies] +ipython = "^9.2.0" + +[build-system] +requires = ["poetry-core>=2.0.0,<3.0.0"] +build-backend = "poetry.core.masonry.api" diff --git a/src/vpn_manager_globalprotect/__init__.py b/src/vpn_manager_globalprotect/__init__.py new file mode 100644 index 0000000..1d3bb2a --- /dev/null +++ b/src/vpn_manager_globalprotect/__init__.py @@ -0,0 +1,20 @@ +"""GlobalProtect VPN client implementation for vpn-manager.""" + +from .backend import GlobalProtectConnection +from .auth_flows import AuthFlows +from .listener_targets import ListenerTargets +from .agent import GlobalProtectSamlAuthenticator + +CONNECTION_TYPE = GlobalProtectConnection.CONNECTION_TYPE +CONNECTION_CLASS = GlobalProtectConnection + +authenticator = GlobalProtectSamlAuthenticator() + +AGENT_LISTENERS = { + ListenerTargets.GLOBALPROTECT_SAML_RESPONSE: authenticator.saml_accept_response +} + +AUTH_HANDLERS = { + AuthFlows.GLOBALPROTECT_PARSE_PRELOGIN: authenticator.parse_prelogin_xml, + AuthFlows.GLOBALPROTECT_SAML_DEFAULT_BROWSER: authenticator.saml_authenticate_in_browser, +} diff --git a/src/vpn_manager_globalprotect/agent.py b/src/vpn_manager_globalprotect/agent.py new file mode 100644 index 0000000..108f75e --- /dev/null +++ b/src/vpn_manager_globalprotect/agent.py @@ -0,0 +1,89 @@ +"""Agent functions for GlobalProtect.""" + +from dbus_fast import Variant +from .errors import ( + InvalidArguments, + AuthFlowUnsupported, + AuthenticationInProgress, + UnknownTarget, + AuthenticationTimeout, + NoAuthenticationInProgress, +) +from .auth_flows import AuthFlows +from .listener_targets import ListenerTargets +from .agent_tools import parse_prelogin +import webbrowser +from asyncio import Future, wait_for, TimeoutError, get_running_loop + + +class GlobalProtectSamlAuthenticator: + """Encapsulates SAML authentication flow.""" + + def __init__(self): + self._future: Future = None + + async def saml_authenticate_in_browser( + self, auth_flow: str, options: Variant + ) -> Variant: + """Perform a SAML authentication using the user's default browser.""" + if auth_flow != AuthFlows.GLOBALPROTECT_SAML_DEFAULT_BROWSER: + raise AuthFlowUnsupported( + f"This auth handler is for {AuthFlows.GLOBALPROTECT_SAML_DEFAULT_BROWSER} and does not support {auth_flow}" + ) + + # Options should contain a single string that is the URL to visit. + if options.signature != "s": + raise InvalidArguments( + f"Option signature for SAML auth must be string (s), got {options.signature}" + ) + + if self._future is not None: + raise AuthenticationInProgress() + + webbrowser.open(options.value) + self._future = get_running_loop().create_future() + try: + return await wait_for(self._future, timeout=300) + except TimeoutError: + raise AuthenticationTimeout() + finally: + self._future = None + + async def saml_accept_response(self, listener_target: str, data: Variant): + """Accept SAML response from browser.""" + if listener_target != ListenerTargets.GLOBALPROTECT_SAML_RESPONSE: + raise UnknownTarget( + f"This listener is for {ListenerTargets.GLOBALPROTECT_SAML_RESPONSE} and does not support {listener_target}" + ) + + # Check if we are actually waiting on a response + if self._future is None: + raise NoAuthenticationInProgress() + + # Data should contain a dictionary of strings (parsed from the XML response) + if data.signature != "a{ss}": + raise InvalidArguments( + "Data signature for SAML response must be strdict (a{ss}), got " + f"{data.signature}" + ) + + self._future.set_result(data) + + async def parse_prelogin_xml(self, auth_flow: str, options: Variant) -> Variant: + """Parse the prelogin request XML in an unprivileged context.""" + if auth_flow != AuthFlows.GLOBALPROTECT_PARSE_PRELOGIN: + raise AuthFlowUnsupported( + f"This auth handler is for {AuthFlows.GLOBALPROTECT_PARSE_PRELOGIN} and does not support {auth_flow}" + ) + + # Options should contain a single string that is the XML preauth response + if options.signature != "s": + raise InvalidArguments( + f"Option signature for prelogin parsing must be string (s), got {options.signature}" + ) + + result = parse_prelogin(options.value) + + print(result) + + return Variant("a{ss}", result) diff --git a/src/vpn_manager_globalprotect/agent_tools.py b/src/vpn_manager_globalprotect/agent_tools.py new file mode 100644 index 0000000..3e4d1c1 --- /dev/null +++ b/src/vpn_manager_globalprotect/agent_tools.py @@ -0,0 +1,48 @@ +"""Agent tools for GlobalProtect VPNs.""" + +import xml.etree.ElementTree as ET +from .errors import PreloginFailure, AuthenticationFailure +from base64 import b64decode + + +def parse_prelogin(response: str) -> dict[str, str]: + """ + Parse a prelogin XML response into a dictionary. + + This is offloaded to the agent for security reasons, as + parsing untrusted XML is a security risk, so we shouldn't + do it as root. + """ + xml = ET.fromstring(response) + + if xml.tag != "prelogin-response": + raise PreloginFailure("This does not appear to be a GlobalProtect server.") + status = xml.find("status") + if status is not None and status.text != "Success": + msg = xml.find("msg") + raise PreloginFailure(f"Error in prelogin response: {msg.text}") + return { + item.tag: item.text + for item in xml.iter() + if item != xml and item.text is not None + } + + +def parse_auth_response(response: str) -> dict[str, str]: + """Parse an auth response into a dictionary.""" + try: + htmlText = b64decode(response).decode("utf-8") + parser = ET.XMLParser(target=ET.TreeBuilder(insert_comments=True)) + html = ET.fromstring(htmlText, parser) + + for node in html: + if "function Comment" in str(node.tag): + # GlobalProtect is silly and returns its response as an XML comment. Probably to make this harder. + xmlText = node.text + xml = ET.fromstring(f"{xmlText}") + return { + child.tag: child.text if child.text is not None else "" + for child in xml + } + except Exception as e: + raise AuthenticationFailure(f"An unexpected error occurred: {e}") diff --git a/src/vpn_manager_globalprotect/auth_flows.py b/src/vpn_manager_globalprotect/auth_flows.py new file mode 100644 index 0000000..d381bd1 --- /dev/null +++ b/src/vpn_manager_globalprotect/auth_flows.py @@ -0,0 +1,15 @@ +"""Module for authentication flows enum.""" + +from aenum import StrEnum + + +class AuthFlows(StrEnum): + """Unique authentication flows used by GlobalProtect.""" + + GLOBALPROTECT_PARSE_PRELOGIN = "dev.ezri.vpn1.AuthFlow.GlobalProtect.Prelogin" + GLOBALPROTECT_SAML_DEFAULT_BROWSER = ( + "dev.ezri.vpn1.AuthFlow.GlobalProtect.SAML.DefaultBrowser" + ) + GLOBALPROTECT_SAML_INTEGRATED = ( + "dev.ezri.vpn1.AuthFlow.GlobalProtect.SAML.Integrated" + ) diff --git a/src/vpn_manager_globalprotect/backend.py b/src/vpn_manager_globalprotect/backend.py new file mode 100644 index 0000000..9c263b8 --- /dev/null +++ b/src/vpn_manager_globalprotect/backend.py @@ -0,0 +1,313 @@ +"""Connection backend implementation file.""" + +from vpn_manager.service.connections.base import ConnectionBase +from typing import TypedDict, Required +from enum import IntEnum, StrEnum +from asyncio import ( + create_subprocess_exec, + get_running_loop, + sleep, + timeout, + CancelledError, +) +from asyncio.subprocess import Process, PIPE, DEVNULL +from dbus_fast import Variant +from sys import platform +import requests +from vpn_manager.common import errors +from vpn_manager.utils import unwrap_variant +from .insecure_tls import TLSAdapter +import logging +import ssl +from . import errors +from .auth_flows import AuthFlows +import base64 +import re +import psutil + + +class LoginTarget(IntEnum): + """Login target enum.""" + + GATEWAY = 0 + PORTAL = 1 + + +class Options(TypedDict, total=False): + """Options type definition for GlobalProtect VPNs.""" + + hostname: Required[str] + verify_certificate: bool + login_target: Required[LoginTarget] + allow_insecure_crypto: bool + spoof_clientos: str + use_default_browser: bool + + +class Auth(TypedDict): + """Auth type definition for GlobalProtect VPNs.""" + + username: str + cookie: str + + +class GlobalProtectConnection( + ConnectionBase, connection_type="dev.ezri.vpn1.Connection.GlobalProtect" +): + """GlobalProtect VPN connection backend.""" + + _proc: Process | None = None + _pid: int | None = None + + _disconnecting: bool = False + + PLATFORM_TO_CLIENTOS = { + "linux": "Linux", + "darwin": "Mac", + "win32": "Windows", + "cygwin": "Windows", + } + + logger = logging.getLogger(f"{__name__}.GlobalProtectConnection") + + async def _prelogin(self, options: dict[str, Variant]): + """Perform prelogin request.""" + + ## Extract options from vardict + if "spoof_clientos" in options: + clientos = options["spoof_clientos"].value + else: + clientos = self.PLATFORM_TO_CLIENTOS.get(platform) + if clientos is None: + raise errors.PlatformError( + f"Platform {platform} is not supported. Specify a client OS to spoof in the connection options." + ) + verify = unwrap_variant(options.get("verify_certificate", True)) + if not verify: + # Disabling certificate verification is extremely dangerous and should only be done if you KNOW WHAT YOU ARE DOING + self.logger.warn("Certificate verification disabled! This is dangerous!") + if options.get("login_target").value == LoginTarget.GATEWAY: + url = f"{options.get('hostname').value}/ssl-vpn/prelogin.esp" + else: + url = f"{options.get('hostname').value}/global-protect/prelogin.esp" + allow_insecure_crypto = unwrap_variant( + options.get("allow_insecure_crypto", False) + ) + use_default_browser = unwrap_variant(options.get("use_default_browser", True)) + + ## Configure session + session = requests.Session() + # User-agent must be set to 'PAN GlobalProtect' or the subsequent SAML request will fail. + session.headers["User-Agent"] = "PAN GlobalProtect" + if allow_insecure_crypto: + # Insecure crypto is dangerous, log a warning + self.logger.warn( + "Using insecure crypto for prelogin request! This is dangerous!" + ) + session.mount("https://", TLSAdapter(verify=verify)) + data = { + "ipv6-support": "yes", + "clientos": clientos, + "clientVer": 4100, # This needs to be hardcoded apparently. + "tmp": "tmp", # No idea what this is for, but other GP OpenConnect wrappers set it so we do too + "cas-support": "yes", + "default-browser": ( + 1 if use_default_browser else 0 + ), # This will influence which auth flow we ultimately use, but the server may reject our request to use the default browser. + } + try: + res = session.post(url, verify=verify, data=data) + except Exception as ex: + # Get the root exception + rootex = ex + while True: + if isinstance(rootex, ssl.SSLError): + break + elif not rootex.__cause__ and not rootex.__context__: + break + rootex = rootex.__cause__ or rootex.__context__ + if isinstance(rootex, ssl.CertificateError): + # Raise a D-Bus certificate error + self.logger.error(f"SSL certificate error: {rootex}") + raise errors.CertificateError(str(rootex)) + elif isinstance(rootex, ssl.SSLError): + # Raise a D-Bus SSL error + self.logger.error(f"Generic SSL error: {rootex}") + raise errors.SSLError(str(rootex)) + else: + # Raise a D-Bus generic prelogin failure + raise errors.PreloginFailure(f"An unexpected error occurred: {rootex}") + + # Pass XML parsing off to agent for security reasons + result = await self._manager.request_credentials( + AuthFlows.GLOBALPROTECT_PARSE_PRELOGIN, Variant("s", res.text) + ) + + if result.signature != "a{ss}": + # Make sure that the agent is well-behaved and is returning a valid response for this request. + raise errors.PreloginFailure( + "Received unexpected response from agent. Expected strdict (a{ss}), got " + f"{result.signature}" + ) + return result.value + + async def authenticate(self, options: dict[str, Variant]) -> Variant: + f"""{super().authenticate.__doc__}""" + + preauth: dict[str, str] = await self._prelogin(options) + + if "saml-auth-method" not in preauth or "saml-request" not in preauth: + raise errors.AuthFlowUnsupported( + "Server requested unsupported authentication flow. We currently only support SAML auth for GlobalProtect." + ) + + auth_flow = ( + AuthFlows.GLOBALPROTECT_SAML_DEFAULT_BROWSER + if preauth.get("saml-default-browser") == "yes" + and preauth.get("saml-auth-method") == "REDIRECT" + else AuthFlows.GLOBALPROTECT_SAML_INTEGRATED + ) + + auth_result = await self._manager.request_credentials( + auth_flow, + Variant("s", base64.b64decode(preauth.get("saml-request")).decode("utf-8")), + ) + + if auth_result.signature != "a{ss}": + # Make sure the agent is well-behaved and is returning a valid response for this request. + raise errors.AuthenticationFailure( + "Received unexpected auth data. Expected strdict (a{ss}), got " + f"{auth_result.signature}" + ) + + if auth_result.value.get("saml-auth-status") != "1": + raise errors.AuthenticationFailure( + "Server indicates authentication failure" + ) + + # Guard to make sure the attributes we use to authenticate to the VPN are actually available. + if "prelogin-cookie" not in auth_result.value: + raise errors.InvalidResponse("Did not receive cookie from server") + if "saml-username" not in auth_result.value: + raise errors.InvalidResponse("Did not receive SAML username from server") + + return auth_result + + async def connect(self, options: dict[str, Variant], auth: Variant): + f"""{super().connect.__doc__}""" + + if self._proc and self._proc.is_running(): + self.logger.error( + "Cowardly refusing to connect to VPN while already connected." + ) + raise errors.ConnectionFailure( + "Cowardly refusing to connect to VPN while already connected." + ) + + proc = await create_subprocess_exec( + "/usr/bin/openconnect", + "--protocol=gp", + f"--user={auth.value.get('saml-username')}", + "--useragent=PAN GlobalProtect", + f"--usergroup={options.get('login_target', Variant('x', LoginTarget.PORTAL)).value == LoginTarget.PORTAL and 'portal' or 'gateway'}:prelogin-cookie", + "--passwd-on-stdin", + options.get("hostname").value, + "-b", + stdin=PIPE, + stdout=PIPE, + stderr=PIPE, + ) + + self.logger.debug(f"Initial process PID: {proc.pid}") + + # Send prelogin cookie + proc.stdin.write(auth.value.get("prelogin-cookie").encode()) + proc.stdin.close() + + # Create logger for openconnect + openconnect_logger = logging.getLogger( + f"{__name__}.GlobalProtectConnection.openconnect" + ) + + # Spawn task to bridge stderr to log + self._stderr_task = get_running_loop().create_task( + self._bridge_output(proc.stderr, openconnect_logger.warning) + ) + + # Bridge stdout to log and also search for PID of forked process, with a timeout of 10 seconds after which we assume a connection failure and terminate the process. + self._pid = None + try: + async with timeout(10): + async for line in proc.stdout: + decoded = line.decode("utf-8").strip() + if decoded == "": + continue + openconnect_logger.debug(decoded) + if match_ := re.match( + r"Continuing in background; pid ([0-9]+)", decoded + ): + self._pid = int(match_.group(1)) + break + except TimeoutError: + self.logger.error("Connection timed out") + proc.kill() + await proc.wait() + raise errors.ConnectionFailure("Connection timed out") + if self._pid is None: + # Never received PID of child, if we get here then openconnect exited without reporting a PID, indicating a failure to connect. + self.logger.error("VPN failed to connect") + raise errors.ConnectionFailure() + + self.logger.debug(f"Got PID for openconnect: {self._pid}") + + # Spawn task to bridge remainder of stdout to log + self._stdout_task = get_running_loop().create_task( + self._bridge_output(proc.stdout, openconnect_logger.debug) + ) + + self.logger.info("Connection established") + self.logger.debug(f"openconnect PID: {self._pid}") + + self._proc = psutil.Process(self._pid) + self._wait_task = get_running_loop().create_task(self._wait_for_exit()) + # Create a task that will wait for the process to exit so we don't leave zombies around + # (for some reason, proc.wait() waits until the streams are all closed as well :/) + self._proc_wait_task = get_running_loop().create_task(proc.wait()) + + async def _bridge_output(self, stream, processor): + async for line in stream: + decoded = line.decode("utf-8").strip() + if decoded == "": + # Don't log a blank line + continue + processor(line.decode("utf-8").strip()) + self.logger.debug(f"Stream {stream} closed") + + async def _wait_for_exit(self): + """Wait for self._proc to exit.""" + try: + while self._proc.is_running(): + # Check process every 5 seconds + # I'd prefer a proper-async way to do this, but i guess this will work. + self.logger.debug("openconnect process is running") + await sleep(5) + self.logger.debug("openconnect has exited") + if not self._disconnecting: + # Only call on_disconnected if the disconnect was asynchronous + self._connection.on_disconnected() + self._disconnecting = False + except CancelledError: + self.logger.debug("exit wait canceled.") + + async def disconnect(self): + f"""{super().disconnect.__doc__}""" + if self._proc is None: + self.logger.warn( + "Cowardly refusing to disconnect from a VPN that is not connected" + ) + return + if self._wait_task is not None: + self._wait_task.cancel() + self._disconnecting = True + self._proc.terminate() + await self._proc_wait_task diff --git a/src/vpn_manager_globalprotect/errors.py b/src/vpn_manager_globalprotect/errors.py new file mode 100644 index 0000000..bde3b30 --- /dev/null +++ b/src/vpn_manager_globalprotect/errors.py @@ -0,0 +1,35 @@ +"""GlobalProtect-specific errors.""" + +from vpn_manager.common.errors import ( + VPNBaseException, + AuthenticationFailure, + AuthFlowUnsupported, + ConnectionFailure, + InvalidArguments, + AuthenticationInProgress, + UnknownTarget, + AuthenticationTimeout, + NoAuthenticationInProgress, +) + + +class CertificateError( + VPNBaseException, error_type="dev.ezri.vpn1.GlobalProtect.CertificateError" +): + """Certificate error.""" + + +class SSLError(VPNBaseException, error_type="dev.ezri.vpn1.GlobalProtect.SSLError"): + """SSL error.""" + + +class PreloginFailure( + VPNBaseException, error_type="dev.ezri.vpn1.GlobalProtect.PreloginFailure" +): + """Prelogin failure.""" + + +class InvalidResponse( + VPNBaseException, error_type="dev.ezri.vpn1.GlobalProtect.InvalidResponse" +): + """Invalid response.""" diff --git a/src/vpn_manager_globalprotect/handlers.py b/src/vpn_manager_globalprotect/handlers.py new file mode 100644 index 0000000..d03d962 --- /dev/null +++ b/src/vpn_manager_globalprotect/handlers.py @@ -0,0 +1,54 @@ +"""Externally-called handler scripts.""" + +from dbus_fast.aio import MessageBus +from dbus_fast import Variant, BusType, DBusError +from vpn_manager.utils import load_introspection +from vpn_manager.common import log +from .agent_tools import parse_auth_response +from .listener_targets import ListenerTargets +import asyncio +import sys +import argparse +import logging + +agent_listener_introspection_data = load_introspection("dev.ezri.vpn1.AgentListener") +logger = logging.getLogger(__name__) + + +async def send_auth_response(data: dict[str, str]): + """Send the auth response to the agent.""" + bus = await MessageBus(bus_type=BusType.SESSION).connect() + logger.debug(f"Connected to D-Bus with name {bus.unique_name}") + proxy = bus.get_proxy_object( + "dev.ezri.vpn1.Agent", "/dev/ezri/vpn1", agent_listener_introspection_data + ) + interface = proxy.get_interface("dev.ezri.vpn1.AgentListener") + logger.debug(f"Provided data has the following keys: {list(data.keys())}") + logger.info("Sending provided data") + try: + await interface.call_provide_data( + ListenerTargets.GLOBALPROTECT_SAML_RESPONSE, Variant("a{ss}", data) + ) + except DBusError as e: + logger.critical(f"Failed to send response data: {e}") + bus.disconnect() + + +def handle_auth_response(): + """Entrypoint for auth response handling.""" + parser = argparse.ArgumentParser( + description="Internal response handler to return SAML auth data to the VPN agent" + ) + parser.add_argument("response", help="Base64-encoded auth response") + log.add_loglevel_arg(parser) + args = parser.parse_args(sys.argv[1:]) + + log.configure_logging(log.get_log_level(args.log_level)) + + try: + data = parse_auth_response(args.response.split(":")[1]) + except IndexError: + logger.fatal("Response is not a GlobalProtect URI, cannot operate.") + return 1 + + return asyncio.run(send_auth_response(data)) diff --git a/src/vpn_manager_globalprotect/insecure_tls.py b/src/vpn_manager_globalprotect/insecure_tls.py new file mode 100644 index 0000000..ae0d67e --- /dev/null +++ b/src/vpn_manager_globalprotect/insecure_tls.py @@ -0,0 +1,50 @@ +"""Insecure TLS wrapper for ancient tech.""" + +import urllib3 +import ssl +from os import environ +import requests + + +class TLSAdapter(requests.adapters.HTTPAdapter): + """Adapt to older TLS stacks that would raise errors otherwise. + + We try to work around different issues: + * Enable weak ciphers such as 3DES or RC4, that have been disabled by default + in OpenSSL 3.0 or recent Linux distributions. + * Enable weak Diffie-Hellman key exchange sizes. + * Enable unsafe legacy renegotiation for servers without RFC 5746 support. + + See Also + -------- + https://github.com/psf/requests/issues/4775#issuecomment-478198879 + + Notes + ----- + Python is missing an ssl.OP_LEGACY_SERVER_CONNECT constant. + We have extracted the relevant value from . + + """ + + def __init__(self, verify=True): + self.verify = verify + super().__init__() + + def init_poolmanager(self, connections, maxsize, block=False): + """Do an initialization thing.""" + ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + ssl_context.set_ciphers("DEFAULT:@SECLEVEL=1") + ssl_context.options |= 1 << 2 # OP_LEGACY_SERVER_CONNECT + + if not self.verify: + ssl_context.check_hostname = False + ssl_context.verify_mode = ssl.CERT_NONE + + if hasattr(ssl_context, "keylog_filename"): + sslkeylogfile = environ.get("SSLKEYLOGFILE") + if sslkeylogfile: + ssl_context.keylog_filename = sslkeylogfile + + self.poolmanager = urllib3.PoolManager( + num_pools=connections, maxsize=maxsize, block=block, ssl_context=ssl_context + ) diff --git a/src/vpn_manager_globalprotect/listener_targets.py b/src/vpn_manager_globalprotect/listener_targets.py new file mode 100644 index 0000000..83bf30e --- /dev/null +++ b/src/vpn_manager_globalprotect/listener_targets.py @@ -0,0 +1,9 @@ +"""Agent listener targets.""" + +from aenum import StrEnum + + +class ListenerTargets(StrEnum): + """Unique listener targets used by GlobalProtect.""" + + GLOBALPROTECT_SAML_RESPONSE = "dev.ezri.vpn1.AuthFlow.GlobalProtect.SAML.Response"