dissect.target 3.13.dev26__py3-none-any.whl → 3.14__py3-none-any.whl

dissect/target/helpers/configutil.py

@@ -6,7 +6,19 @@ from collections import deque
 from configparser import ConfigParser, MissingSectionHeaderError
 from dataclasses import dataclass
 from fnmatch import fnmatch
-from typing import Any, ItemsView, Iterator, KeysView, Optional, TextIO, Union
+from types import TracebackType
+from typing import (
+    Any,
+    Callable,
+    ItemsView,
+    Iterable,
+    Iterator,
+    KeysView,
+    Literal,
+    Optional,
+    TextIO,
+    Union,
+)
 
 from dissect.target.exceptions import ConfigurationParsingError, FileNotFoundError
 from dissect.target.filesystem import FilesystemEntry
@@ -58,18 +70,32 @@ class PeekableIterator:
 
 
 class ConfigurationParser:
+    """A configuration parser where you can configure certain aspects of the parsing mechanism.
+
+    Attributes:
+        parsed_data: The resulting dictionary after parsing.
+
+    Args:
+        collapse: A ``bool`` or an ``Iterator``:
+          If ``True``: it will collapse all the resulting dictionary values.
+          If an ``Iterable`` it will collapse on the keys defined in ``collapse``.
+        collapse_inverse: Inverses the collapsing mechanism. Collapse on everything that is not inside ``collapse``.
+        separator: Contains what values it should look for as a separator.
+        comment_prefixes: Contains what constitutes as a comment.
+    """
+
     def __init__(
         self,
-        collapse: Union[bool, set] = False,
+        collapse: Union[bool, Iterable[str]] = False,
         collapse_inverse: bool = False,
-        seperator: tuple[str] = ("=",),
+        separator: tuple[str] = ("=",),
         comment_prefixes: tuple[str] = (";", "#"),
     ) -> None:
         self.collapse_all = collapse is True
-        self.collapse = collapse if isinstance(collapse, set) else set()
+        self.collapse = set(collapse) if isinstance(collapse, Iterable) else set()
         self._collapse_check = self._key_not_in_collapse if collapse_inverse else self._key_in_collapse
 
-        self.seperator = seperator
+        self.separator = separator
         self.comment_prefixes = comment_prefixes
         self.parsed_data = {}
 
@@ -101,6 +127,13 @@ class ConfigurationParser:
         return key not in self.collapse
 
     def parse_file(self, fh: TextIO) -> None:
+        """Parse the contents of ``fh`` into key/value pairs.
+
+        This function should **set** :attr:`parsed_data` as a side_effect.
+
+        Args:
+            fh: The text to parse.
+        """
         raise NotImplementedError()
 
     def get(self, item: str, default: Optional[Any] = None) -> Any:
@@ -110,7 +143,7 @@ class ConfigurationParser:
         """Parse a configuration file.
 
         Raises:
-            ConfigurationParsingError: If any exception occurs during during the parsing process
+            ConfigurationParsingError: If any exception occurs during during the parsing process.
         """
 
         try:
@@ -121,6 +154,9 @@ class ConfigurationParser:
         if self.collapse_all or self.collapse:
             self.parsed_data = self._collapse_dict(self.parsed_data)
 
+        if not isinstance(self.parsed_data, dict):
+            self.parsed_data = self._collapse_dict(self.parsed_data, False)
+
     def keys(self) -> KeysView:
         return self.parsed_data.keys()
 
@@ -129,19 +165,19 @@ class ConfigurationParser:
 
 
 class Default(ConfigurationParser):
-    """Parse a configuration file specified by ``seperator`` and ``comment_prefixes``.
+    """Parse a configuration file specified by ``separator`` and ``comment_prefixes``.
 
-    This parser splits only on the first ``seperator`` it finds:
+    This parser splits only on the first ``separator`` it finds:
 
-        key<seperator>value     -> {"key": "value"}
+        key<separator>value     -> {"key": "value"}
 
-        key<seperator>value\n
+        key<separator>value\n
           continuation
                                 -> {"key": "value continuation"}
 
         # Unless we collapse values, we add them to a list to not overwrite any values.
-        key<seperator>value1
-        key<seperator>value2
+        key<separator>value1
+        key<separator>value2
                                 -> {key: [value1, value2]}
 
         <empty_space><comment>  -> skip
@@ -149,17 +185,18 @@ class Default(ConfigurationParser):
 
     def __init__(self, *args, **kwargs) -> None:
         super().__init__(*args, **kwargs)
-        self.SEPERATOR = re.compile(rf"\s*[{''.join(self.seperator)}]\s*")
+        self.SEPARATOR = re.compile(rf"\s*[{''.join(self.separator)}]\s*")
         self.COMMENTS = re.compile(rf"\s*[{''.join(self.comment_prefixes)}]")
         self.skip_lines = self.comment_prefixes + ("\n",)
 
-    def line_reader(self, fh: TextIO) -> Iterator[str]:
+    def line_reader(self, fh: TextIO, strip_comments: bool = True) -> Iterator[str]:
         for line in fh:
             if line.strip().startswith(self.skip_lines) or not line.strip():
                 continue
 
-            # Strip the comments first
-            line, *_ = self.COMMENTS.split(line, 1)
+            if strip_comments:
+                line, *_ = self.COMMENTS.split(line, 1)
+
             yield line
 
     def parse_file(self, fh: TextIO) -> None:
@@ -173,7 +210,7 @@ class Default(ConfigurationParser):
                 information_dict[prev_key] = " ".join([prev_value, line.strip()])
                 continue
 
-            prev_key, *value = self.SEPERATOR.split(line, 1)
+            prev_key, *value = self.SEPARATOR.split(line, 1)
             value = value[0].strip() if value else ""
 
             _update_dictionary(information_dict, prev_key, value)
@@ -189,7 +226,7 @@ class Ini(ConfigurationParser):
 
         self.parsed_data = ConfigParser(
             strict=False,
-            delimiters=self.seperator,
+            delimiters=self.separator,
             comment_prefixes=self.comment_prefixes,
             allow_no_value=True,
             interpolation=None,
@@ -217,11 +254,86 @@ class Txt(ConfigurationParser):
         self.parsed_data = {"content": fh.read(), "size": str(fh.tell())}
 
 
+class ScopeManager:
+    """A (context)manager for dictionary scoping.
+
+    This class provides utility functions to keep track of scopes inside a dictionary.
+
+    Attributes:
+        _parents: A dictionary accounting what child belongs to which parent dictionary.
+        _root: The initial dictionary.
+        _current: The current dictionary.
+        _previous: The node before the current (changed) node.
+    """
+
+    def __init__(self) -> None:
+        self._parents = {}
+        self._root = {}
+        self._current = self._root
+        self._previous = None
+
+    def __enter__(self) -> ScopeManager:
+        return self
+
+    def __exit__(
+        self,
+        type: Optional[type[BaseException]],
+        value: Optional[BaseException],
+        traceback: Optional[TracebackType],
+    ) -> None:
+        self.clean()
+
+    def _set_prev(self, keep_prev: bool) -> None:
+        """Set :attr:`_previous` before :attr:`_current` changes."""
+        if not keep_prev:
+            self._previous = self._current
+
+    def push(self, name: str, keep_prev: bool = False) -> Literal[True]:
+        """Push a new key to the :attr:`_current` dictionary and return that we did."""
+        child = self._current.get(name, {})
+
+        parent = self._current
+        self._parents[id(child)] = parent
+        parent[name] = child
+        self._set_prev(keep_prev)
+        self._current = child
+        return True
+
+    def pop(self, keep_prev: bool = False) -> bool:
+        """Pop :attr:`_current` and return whether we changed the :attr:`_parents` dictionary."""
+        if new_current := self._parents.pop(id(self._current), None):
+            self._set_prev(keep_prev)
+            self._current = new_current
+            return True
+        return False
+
+    def update(self, key: str, value: str) -> None:
+        """Update the :attr:`_current` dictionary with ``key`` and ``value``."""
+        _update_dictionary(self._current, key, value)
+
+    def update_prev(self, key: str, value: str) -> None:
+        """Update the :attr:`_previous` dictionary with ``key`` and ``value``."""
+        _update_dictionary(self._previous, key, value)
+
+    def is_root(self) -> bool:
+        """Utility function to check whether the current dictionary is a root dictionary."""
+        return id(self._current) == id(self._root)
+
+    def clean(self) -> None:
+        """Clean up the internal state.
+        This is called automatically when :class:`ScopeManager` is used as a contextmanager.
+        """
+        self._parents = {}
+        self._root = {}
+        self._current = self._root
+        self._previous = None
+
+
 class Indentation(Default):
-    """This parser is used for the files that use a single level of indentation to specify a different scope.
+    """This parser is used for files that use a single level of indentation to specify a different scope.
 
-    Examples of these files are for example the sshd_config file.
-    Where "Match" statments use a single layer of indentaiton to specify a scope for the key value pairs.
+    Examples of these files are the ``sshd_config`` file.
+    Where "Match" statements use a single layer of indentation to specify a scope for the key value pairs.
 
     The parser parses this as the following:
 
@@ -230,80 +342,166 @@ class Indentation(Default):
                        -> {"key value": {"key2": "value2"}}
     """
 
-    def __init__(self, *args, **kwargs) -> None:
-        super().__init__(*args, **kwargs)
-        self._parents = {}
-        self._indentation = 0
-
     def _parse_line(self, line: str) -> tuple[str, str]:
-        key, *value = self.SEPERATOR.split(line.strip(), 1)
+        key, *value = self.SEPARATOR.split(line.strip(), 1)
         value = value[0].strip() if value else ""
         return key, value
 
-    def _push_scope(self, name: str, current: dict[str, Union[str, dict]]) -> dict[str, Union[str, dict]]:
-        child = current.get(name, {})
-
-        parent = current
-        self._parents[id(child)] = parent
-        parent[name] = child
-        return child
-
-    def _pop_scope(self, current: dict[str, Union[str, dict]]) -> dict[str, Union[str, dict]]:
-        self._indentation = 0
-        return self._parents.pop(id(current), current)
-
     def _change_scope(
         self,
+        manager: ScopeManager,
         line: str,
-        next_line: Optional[str],
-        key: Optional[str],
-        current: dict[str, Union[str, dict]],
-    ) -> dict[str, Union[str, dict]]:
+        key: str,
+        next_line: Optional[str] = None,
+    ) -> bool:
+        """A function to check whether to create a new scope, or go back to a previous one.
+
+        Args:
+            manager: A :class:`ScopeManager` that contains the logic to ``push`` and ``pop`` scopes. And keeps state.
+            line: The line to be parsed.
+            key: The key that should be updated during a :method:`ScopeManager.push``.
+            next_line: The next line to be parsed.
+
+        Returns:
+            Whether the scope changed or not.
+        """
         empty_space = (" ", "\t")
+        changed = False
 
         if next_line is None:
-            return current
+            return False
 
         if not line.startswith(empty_space):
-            current = self._pop_scope(current)
+            changed = manager.pop()
 
         if not line.startswith(empty_space) and next_line.startswith(empty_space):
-            self._indentation = len(next_line) - len(next_line.lstrip())
-            return self._push_scope(key, current)
-        return current
+            return manager.push(key)
+        return changed
 
     def parse_file(self, fh: TextIO) -> None:
-        root = {}
-        current = root
-
         iterator = PeekableIterator(self.line_reader(fh))
         prev_key = None
-        for line in iterator:
-            key, value = self._parse_line(line)
-            prev_dict = current
-            current = self._change_scope(line, iterator.peek(), line.strip(), current)
 
-            if id(current) != id(prev_dict):
-                prev_key = line.strip()
-                continue
+        with ScopeManager() as manager:
+            for line in iterator:
+                key, value = self._parse_line(line)
+                changed = self._change_scope(
+                    manager=manager,
+                    line=line,
+                    key=line.strip(),
+                    next_line=iterator.peek(),
+                )
+
+                if changed:
+                    prev_key = line.strip()
+                    continue
+
+                if not value:
+                    key, value = prev_key, key
+                    manager.pop()
+
+                manager.update(key, value)
+
+            self.parsed_data = manager._root
+
+
+class SystemD(Indentation):
+    """A :class:`ConfigurationParser` that specifically parses systemd configuration files.
+
+    Examples:
+        >>> systemd_data = textwrap.dedent(
+                '''
+                [Section1]
+                Key=Value
+                [Section2]
+                Key2=Value 2\\
+                    Value 2 continued
+                '''
+            )
+        >>> parser = SystemD(io.StringIO(systemd_data))
+        >>> parser.parser_items
+        {
+            "Section1": {
+                "Key": "Value
+            },
+            "Section2": {
+                "Key2": "Value2 Value 2 continued
+            }
+        }
+
+    """
 
-            if not value:
-                key, value = prev_key, key
-                current = self._pop_scope(current)
+    def _change_scope(
+        self,
+        manager: ScopeManager,
+        line: str,
+        key: str,
+        next_line: Optional[str] = None,
+    ) -> bool:
+        scope_char = ("[", "]")
+        changed = False
+        if line.startswith(scope_char):
+            if not manager.is_root():
+                changed = manager.pop()
+            stripped_characters = "".join(scope_char)
+            changed = manager.push(key.strip(stripped_characters), changed)
+
+        return changed
 
-            _update_dictionary(current, key, value)
+    def parse_file(self, fh: TextIO) -> None:
+        prev_values = []
+        prev_key = None
 
-        self.parsed_data = root
-        # Cleanup of internal state
-        self._parents = {}
-        self._indentation = 0
+        with ScopeManager() as manager:
+            for line in self.line_reader(fh, strip_comments=False):
+                changed = self._change_scope(
+                    manager=manager,
+                    line=line,
+                    key=line.strip(),
+                )
+
+                if changed:
+                    # Current part is a section header.
+                    if prev_values:
+                        # Update previous key/value... someone configured it wrong
+                        prev_values, prev_key = self._update_continued_values(
+                            func=manager.update_prev,
+                            key=prev_key,
+                            values=prev_values,
+                        )
+                    continue
+
+                key, value = self._parse_line(line)
+
+                continued_value = value or key
+                if continued_value.endswith("\\"):
+                    prev_key = prev_key or key
+                    prev_values.append(continued_value.strip("\\ "))
+                    continue
+
+                if prev_values:
+                    prev_values, prev_key = self._update_continued_values(
+                        func=manager.update,
+                        key=prev_key,
+                        values=prev_values + [continued_value],
+                    )
+                    continue
+
+                manager.update(key, value)
+
+            self.parsed_data = manager._root
+
+    def _update_continued_values(self, func: Callable, key, values: list[str]) -> tuple[list, None]:
+        value = " ".join(values)
+        func(key, value)
+        return [], None
 
 
 @dataclass(frozen=True)
 class ParserOptions:
     collapse: Optional[Union[bool, set]] = None
     collapse_inverse: Optional[bool] = None
-    seperator: Optional[tuple[str]] = None
+    separator: Optional[tuple[str]] = None
     comment_prefixes: Optional[tuple[str]] = None
 
 
@@ -312,13 +510,13 @@ class ParserConfig:
     parser: type[ConfigurationParser] = Default
     collapse: Optional[Union[bool, set]] = None
     collapse_inverse: Optional[bool] = None
-    seperator: Optional[tuple[str]] = None
+    separator: Optional[tuple[str]] = None
     comment_prefixes: Optional[tuple[str]] = None
 
     def create_parser(self, options: Optional[ParserOptions] = None) -> ConfigurationParser:
         kwargs = {}
 
-        for field_name in ["collapse", "collapse_inverse", "seperator", "comment_prefixes"]:
+        for field_name in ["collapse", "collapse_inverse", "separator", "comment_prefixes"]:
             value = getattr(options, field_name, None) or getattr(self, field_name)
             if value:
                 kwargs.update({field_name: value})
@@ -327,28 +525,29 @@ class ParserConfig:
 
 
 MATCH_MAP: dict[str, ParserConfig] = {
-    "*/systemd/*": ParserConfig(Ini),
+    "*/systemd/*": ParserConfig(SystemD),
     "*/sysconfig/network-scripts/ifcfg-*": ParserConfig(Default),
     "*/sysctl.d/*.conf": ParserConfig(Default),
 }
 
-
 CONFIG_MAP: dict[tuple[str, ...], ParserConfig] = {
     "ini": ParserConfig(Ini),
     "xml": ParserConfig(Txt),
     "json": ParserConfig(Txt),
     "cnf": ParserConfig(Default),
-    "conf": ParserConfig(Default, seperator=(r"\s")),
+    "conf": ParserConfig(Default, separator=(r"\s",)),
     "sample": ParserConfig(Txt),
+    "systemd": ParserConfig(SystemD),
     "template": ParserConfig(Txt),
 }
+
 KNOWN_FILES: dict[str, type[ConfigurationParser]] = {
     "ulogd.conf": ParserConfig(Ini),
-    "sshd_config": ParserConfig(Indentation, seperator=(r"\s",)),
-    "hosts.allow": ParserConfig(Default, seperator=(":",), comment_prefixes=("#",)),
-    "hosts.deny": ParserConfig(Default, seperator=(":",), comment_prefixes=("#",)),
-    "hosts": ParserConfig(Default, seperator=(r"\s")),
-    "nsswitch.conf": ParserConfig(Default, seperator=(":",)),
+    "sshd_config": ParserConfig(Indentation, separator=(r"\s",)),
+    "hosts.allow": ParserConfig(Default, separator=(":",), comment_prefixes=("#",)),
+    "hosts.deny": ParserConfig(Default, separator=(":",), comment_prefixes=("#",)),
+    "hosts": ParserConfig(Default, separator=(r"\s",)),
+    "nsswitch.conf": ParserConfig(Default, separator=(":",)),
     "lsb-release": ParserConfig(Default),
 }
 
@@ -357,17 +556,18 @@ def parse(path: Union[FilesystemEntry, TargetPath], hint: Optional[str] = None,
     """Parses the content of an ``path`` or ``entry`` to a dictionary.
 
     Args:
-        file_path: An entry or targetpath that with contents to parse
-        hint: A hint to what parser should be used.
-        collapse:
-        seperator: What seperator to use for key value mapping
-        comment_prefixes: The characters that determine a comment.
+        path: The path to either a directory or file.
+        hint: What kind of parser should be used.
+        collapse: Whether it should collapse everything or just a certain set of keys.
+        collapse_inverse: Invert the collapse function to collapse everything but the keys inside ``collapse``.
+        separator: The separator that should be used for parsing.
+        comment_prefixes: What is specified as a comment.
 
     Raises:
         FileNotFoundError: If the ``path`` is not a file.
     """
 
-    if not path.is_file():
+    if not path.is_file(follow_symlinks=True):
         raise FileNotFoundError(f"Could not parse {path} as a dictionary.")
 
     entry = path

dissect/target/helpers/fsutil.py

@@ -725,12 +725,15 @@ class TargetPath(Path, PureDissectPath):
 
     def open(self, mode='rb', buffering=0, encoding=None,
              errors=None, newline=None):
-        # CPython >= 3.10
-        if "b" not in mode and hasattr(io, "text_encoding"):
-            # Vermin linting needs to be skipped for this line as this is
-            # guarded by an explicit check for availability.
-            # novermin
-            encoding = io.text_encoding(encoding)
+
+        if "b" not in mode:
+            encoding = encoding or "UTF-8"
+            # CPython >= 3.10
+            if hasattr(io, "text_encoding"):
+                # Vermin linting needs to be skipped for this line as this is
+                # guarded by an explicit check for availability.
+                # novermin
+                encoding = io.text_encoding(encoding)
         return self._accessor.open(self, mode, buffering, encoding, errors,
                                    newline)
 

dissect/target/helpers/hashutil.py

@@ -15,13 +15,9 @@ if TYPE_CHECKING:
 
 BUFFER_SIZE = 32768
 
-HashRecord = RecordDescriptor(
-    "filesystem/file/digest",
-    [
-        ("path[]", "paths"),
-        ("digest[]", "digests"),
-    ],
-)
+RECORD_NAME = "filesystem/file/digest"
+NAME_SUFFIXES = ["_resolved", "_digest"]
+RECORD_TYPES = ["path", "digest"]
 
 
 def _hash(fh: BinaryIO, ctx: Union[HASH, list[HASH]]) -> tuple[str]:
@@ -76,12 +72,8 @@ def hash_uri_records(target: Target, record: Record) -> Record:
 
 def hash_path_records(target: Target, record: Record) -> Record:
     """Hash files from path fields inside the record."""
-    hashed_paths = []
 
-    if target.os == "windows":
-        path_type = fieldtypes.windows_path
-    else:
-        path_type = fieldtypes.posix_path
+    hash_records = []
 
     for field_name, field_type in record._field_types.items():
         if not issubclass(field_type, fieldtypes.path):
@@ -97,16 +89,25 @@ def hash_path_records(target: Target, record: Record) -> Record:
         except (FileNotFoundError, IsADirectoryError):
             pass
         else:
-            resolved_path = path_type(resolved_path)
-            hashed_paths.append((resolved_path, path_hash))
+            resolved_path = target.fs.path(resolved_path)
+            record_kwargs = dict()
+            record_def = list()
 
-    if not hashed_paths:
-        return record
+            fields = [resolved_path, path_hash]
+
+            for type, name, field in zip(RECORD_TYPES, NAME_SUFFIXES, fields):
+                hashed_field_name = f"{field_name}{name}"
+                record_kwargs.update({hashed_field_name: field})
+                record_def.append((type, hashed_field_name))
 
-    paths, digests = zip(*hashed_paths)
-    hash_record = HashRecord(paths=paths, digests=digests)
+            _record = RecordDescriptor(RECORD_NAME, record_def)
+
+            hash_records.append(_record(**record_kwargs))
+
+    if not hash_records:
+        return record
 
-    return GroupedRecord(record._desc.name, [record, hash_record])
+    return GroupedRecord(record._desc.name, [record] + hash_records)
 
 
 def hash_uri(target: Target, path: str) -> tuple[str, str]:

dissect/target/helpers/utils.py

@@ -4,7 +4,7 @@ import urllib.parse
 from datetime import datetime, timezone, tzinfo
 from enum import Enum
 from pathlib import Path
-from typing import BinaryIO, Iterator, Union
+from typing import BinaryIO, Callable, Iterator, Optional, Union
 
 from dissect.util.ts import from_unix
 
@@ -17,7 +17,7 @@ class StrEnum(str, Enum):
     """Sortable and serializible string-based enum"""
 
 
-def list_to_frozen_set(function):
+def list_to_frozen_set(function: Callable) -> Callable:
     def wrapper(*args):
         args = [frozenset(x) if isinstance(x, list) else x for x in args]
         return function(*args)
@@ -25,7 +25,7 @@ def list_to_frozen_set(function):
     return wrapper
 
 
-def parse_path_uri(path):
+def parse_path_uri(path: Path) -> tuple[Optional[str], Optional[str], Optional[str]]:
     if path is None:
         return None, None, None
     parsed_path = urllib.parse.urlparse(str(path))
@@ -33,6 +33,17 @@ def parse_path_uri(path):
     return parsed_path.scheme, parsed_path.path, parsed_query
 
 
+def parse_options_string(options: str) -> dict[str, Union[str, bool]]:
+    result = {}
+    for opt in options.split(","):
+        if "=" in opt:
+            key, _, value = opt.partition("=")
+            result[key] = value
+        else:
+            result[opt] = True
+    return result
+
+
 SLUG_RE = re.compile(r"[/\\ ]")
 
 

dissect/target/loaders/ad1.py

@@ -11,7 +11,7 @@ class AD1Loader(Loader):
         path = path.resolve()
 
         super().__init__(path)
-        self.ad1 = ad1.AD1(open(path, "rb"))
+        self.ad1 = ad1.AD1(path.open("rb"))
 
     @staticmethod
     def detect(path):