Your IP : 3.21.46.129


Current Path : /opt/alt/python310/lib64/python3.10/__pycache__/
Upload File :
Current File : //opt/alt/python310/lib64/python3.10/__pycache__/ssl.cpython-310.opt-2.pyc

o

6��f���
@s�	ddlZddlZddlmZddlmZmZm	Z
ddlZddlmZm
Z
mZddlmZmZmZddlmZmZmZmZmZmZmZddlmZmZddlmZmZmZm Z zdd	lm!Z!Wn	e"yhYnwdd
lm#Z#m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,ddlm-Z-m.Z.ej/de0d
d�ed�e
j/de0dd�ed�ej/de0dd�ed�ej/de0dd�ed�e
j/de0dd�ed�ej/de0dd�ed�e1j2Z3e1_3dd�e1j4�5�D�Z6e7e1dd�Z8Gdd�de�Z9Gdd �d e�Z:Gd!d"�d"e�Z;Gd#d$�d$e�Z<ej=d%k�rdd&lm>Z>m?Z?dd'l@m@Z@mAZAmBZBdd(l@mCZCmDZDmEZEddl@ZFddlGZGddlHZHddlIZIeJZKd)gZLeMed*�ZNe-ZOeZPd+d,�ZQd-d.�ZRd/d0�ZSd1d2�ZTed3d4�ZUd5d6�ZVGd7d8�d8ed8d9��ZWGd:d;�d;eWe�ZXGd<d=�d=e�ZYeXjZfdddd>�d?d@�Z[dZe\dAeXjZddddddB�dCdD�Z]e[Z^e]Z_GdEdF�dF�Z`dGdH�ZaGdIdJ�dJe@�ZbebeY_ce`eY_ddddAe\e2ddKdKdf	dLdM�ZedNdO�ZfdPZgdQZhdRdS�ZidTdU�ZjekdeEfdVdW�ZldXdY�ZmdS)[�N)�
namedtuple)�Enum�IntEnum�IntFlag)�OPENSSL_VERSION_NUMBER�OPENSSL_VERSION_INFO�OPENSSL_VERSION)�_SSLContext�	MemoryBIO�
SSLSession)�SSLError�SSLZeroReturnError�SSLWantReadError�SSLWantWriteError�SSLSyscallError�SSLEOFError�SSLCertVerificationError)�txt2obj�nid2obj)�RAND_status�RAND_add�
RAND_bytes�RAND_pseudo_bytes)�RAND_egd)
�HAS_SNI�HAS_ECDH�HAS_NPN�HAS_ALPN�	HAS_SSLv2�	HAS_SSLv3�	HAS_TLSv1�HAS_TLSv1_1�HAS_TLSv1_2�HAS_TLSv1_3)�_DEFAULT_CIPHERS�_OPENSSL_API_VERSION�
_SSLMethodcCs|�d�o|dkS)NZ	PROTOCOL_�PROTOCOL_SSLv23��
startswith��name�r,�*/opt/alt/python310/lib64/python3.10/ssl.py�<lambda>}sr.)�source�OptionscC�
|�d�S)NZOP_r(r*r,r,r-r.��
ZAlertDescriptioncCr1)NZALERT_DESCRIPTION_r(r*r,r,r-r.�r2ZSSLErrorNumbercCr1)NZ
SSL_ERROR_r(r*r,r,r-r.�r2�VerifyFlagscCr1)NZVERIFY_r(r*r,r,r-r.�r2�
VerifyModecCr1)NZCERT_r(r*r,r,r-r.�r2cCsi|]\}}||�qSr,r,)�.0r+�valuer,r,r-�
<dictcomp>�sr7ZPROTOCOL_SSLv2c@s6eZdZejZejZejZ	ej
ZejZ
ejZejZdS)�
TLSVersionN)�__name__�
__module__�__qualname__�_sslZPROTO_MINIMUM_SUPPORTEDZMINIMUM_SUPPORTEDZPROTO_SSLv3�SSLv3ZPROTO_TLSv1ZTLSv1Z
PROTO_TLSv1_1ZTLSv1_1Z
PROTO_TLSv1_2ZTLSv1_2Z
PROTO_TLSv1_3ZTLSv1_3ZPROTO_MAXIMUM_SUPPORTEDZMAXIMUM_SUPPORTEDr,r,r,r-r8�s
r8c@s&eZdZ	dZdZdZdZdZdZdS)�_TLSContentType������N)	r9r:r;�CHANGE_CIPHER_SPEC�ALERTZ	HANDSHAKEZAPPLICATION_DATA�HEADERZINNER_CONTENT_TYPEr,r,r,r-r>�sr>c@s�eZdZ	dZdZdZdZdZdZdZ	dZ
d	Zd
ZdZ
dZd
ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!d Z"d!Z#d"Z$d#S)$�
_TLSAlertTyper�
r?r@rA��(�)�*�+�,�-�.�/�0�1�2�3�<�F�G�P�V�Z�d�m�n�o�p�q�r�s�t�xN)%r9r:r;ZCLOSE_NOTIFYZUNEXPECTED_MESSAGEZBAD_RECORD_MACZDECRYPTION_FAILEDZRECORD_OVERFLOWZDECOMPRESSION_FAILUREZHANDSHAKE_FAILUREZNO_CERTIFICATEZBAD_CERTIFICATEZUNSUPPORTED_CERTIFICATEZCERTIFICATE_REVOKEDZCERTIFICATE_EXPIREDZCERTIFICATE_UNKNOWNZILLEGAL_PARAMETERZ
UNKNOWN_CAZ
ACCESS_DENIEDZDECODE_ERRORZ
DECRYPT_ERRORZEXPORT_RESTRICTIONZPROTOCOL_VERSIONZINSUFFICIENT_SECURITYZINTERNAL_ERRORZINAPPROPRIATE_FALLBACKZ
USER_CANCELEDZNO_RENEGOTIATIONZMISSING_EXTENSIONZUNSUPPORTED_EXTENSIONZCERTIFICATE_UNOBTAINABLEZUNRECOGNIZED_NAMEZBAD_CERTIFICATE_STATUS_RESPONSEZBAD_CERTIFICATE_HASH_VALUEZUNKNOWN_PSK_IDENTITYZCERTIFICATE_REQUIREDZNO_APPLICATION_PROTOCOLr,r,r,r-rH�sHrHc@sfeZdZ	dZdZdZdZdZdZdZ	dZ
d	Zd
ZdZ
dZd
ZdZdZdZdZdZdZdZdZdZdS)�_TLSMessageTyper����������
���r?r@rArB��C�rDN)r9r:r;Z
HELLO_REQUESTZCLIENT_HELLOZSERVER_HELLOZHELLO_VERIFY_REQUESTZNEWSESSION_TICKETZEND_OF_EARLY_DATAZHELLO_RETRY_REQUESTZENCRYPTED_EXTENSIONSZCERTIFICATEZSERVER_KEY_EXCHANGEZCERTIFICATE_REQUESTZSERVER_DONEZCERTIFICATE_VERIFYZCLIENT_KEY_EXCHANGEZFINISHEDZCERTIFICATE_URLZCERTIFICATE_STATUSZSUPPLEMENTAL_DATAZ
KEY_UPDATEZ
NEXT_PROTOZMESSAGE_HASHrEr,r,r,r-rg�s0rg�win32)�enum_certificates�	enum_crls)�socket�SOCK_STREAM�create_connection)�
SOL_SOCKET�SO_TYPE�_GLOBAL_DEFAULT_TIMEOUT�
tls-unique�HOSTFLAG_NEVER_CHECK_SUBJECTcCs�	|sdS|�d�}|s|��|��kS|dkrtd�|���|�d�\}}}d|vr2td�|���|s;td�|���|dkrFtd�|���|�d�\}}}|rR|sTdS|��|��kS)	NF�*rhz1too many wildcards in certificate DNS name: {!r}.�.z9wildcard can only be present in the leftmost label: {!r}.z>sole wildcard without additional labels are not support: {!r}.z<partial wildcards in leftmost label are not supported: {!r}.)�count�lower�CertificateError�format�	partition)Zdn�hostnameZ	wildcardsZdn_leftmost�sepZdn_remainderZhostname_leftmostZhostname_remainderr,r,r-�_dnsname_matchs<	
����r�cCs�	zt�|�}Wn	tyYnwt�|�|kr|Std�|���zt�tj|�WSty8td�|���ty@Ynwtd�|���)Nz'{!r} is not a quad-dotted IPv4 address.z+{!r} is neither an IPv4 nor an IP6 address.z{!r} is not an IPv4 address.)	�_socketZ	inet_aton�OSErrorZ	inet_ntoa�
ValueErrorr�Z	inet_ptonZAF_INET6�AttributeError)Zipname�addrr,r,r-�_inet_patonEs*����r�cCs	t|���}||kS�N)r��rstrip)Zcert_ipaddress�host_ipZipr,r,r-�_ipaddress_matchhsr�cCsN	tjdtdd�|std��zt|�}Wnty d}Ynwg}|�dd�}|D]/\}}|dkrE|dur?t||�r?dS|�|�q+|dkrZ|durUt||�rUdS|�|�q+|s|�d	d�D]}|D]\}}|d
kr}t||�rxdS|�|�qgqct	|�dkr�t
d|d
�tt
|��f��t	|�dkr�t
d||df��t
d��)Nz"ssl.match_hostname() is deprecatedri��category�
stacklevelztempty or no certificate, match_hostname needs a SSL socket or SSL context with either CERT_OPTIONAL or CERT_REQUIREDZsubjectAltNamer,ZDNSz
IP Address�subjectZ
commonNamerhz&hostname %r doesn't match either of %sz, zhostname %r doesn't match %rrz=no appropriate commonName or subjectAltName fields were found)�warnings�warn�DeprecationWarningr�r��getr��appendr��lenr��join�map�repr)�certr�r�ZdnsnamesZsan�keyr6�subr,r,r-�match_hostnametsV��
�

���
�r��DefaultVerifyPathszQcafile capath openssl_cafile_env openssl_cafile openssl_capath_env openssl_capathcCsh	t��}tj�|d|d�}tj�|d|d�}ttj�|�r$|ndtj�|�r-|ndg|�R�S)Nrrhrirj)	r<�get_default_verify_paths�os�environr�r��path�isfile�isdir)�parts�cafile�capathr,r,r-r��s��r�csBeZdZ	dZ�fdd�Ze�fdd��Ze�fdd��Z�ZS)�_ASN1Objectr,cst�j|gt|dd��R�S)NFr*��super�__new__�_txt2obj)�cls�oid��	__class__r,r-r��sz_ASN1Object.__new__cs	t�j|gt|��R�Sr�)r�r��_nid2obj)r�Znidr�r,r-�fromnid�sz_ASN1Object.fromnidcs	t�j|gt|dd��R�S)NTr*r�)r�r+r�r,r-�fromname�sz_ASN1Object.fromname)	r9r:r;�	__slots__r��classmethodr�r��
__classcell__r,r,r�r-r��sr�znid shortname longname oidc@seZdZ	dZdZdS)�Purposez1.3.6.1.5.5.7.3.1z1.3.6.1.5.5.7.3.2N)r9r:r;�SERVER_AUTH�CLIENT_AUTHr,r,r,r-r��sr�cs�eZdZ	dZdZdZd1dd�Zdd�Z				d2d	d
�Z		d3dd�Z	d
d�Z
dd�Zdd�Zdd�Z
ejfdd�Zeed�rbe�fdd��Zej�fdd��Ze�fdd��Zej�fdd��Ze�fdd��Zej�fd d��Zeed!�r�ed"d#��Zejd$d#��Zned%d#��Ze�fd&d'��Zej�fd(d'��Ze�fd)d*��Ze�fd+d,��Zej�fd-d,��Ze�fd.d/��Zej�fd0d/��Z�ZS)4�
SSLContext)ZCAZROOTNcOs,|durtjdtdd�t}t�||�}|S)Nz9ssl.SSLContext() without protocol argument is deprecated.rir�)r�r�r��PROTOCOL_TLSr	r�)r��protocol�args�kwargs�selfr,r,r-r��s�zSSLContext.__new__cCs0|durdSt|t�r|�d��d�S|�d�S)NZidna�ascii)�
isinstance�str�encode�decode)r�r�r,r,r-�_encode_hostname�s


zSSLContext._encode_hostnameFTc	Cs|jj|||||||d�S)N)�sock�server_side�do_handshake_on_connect�suppress_ragged_eofs�server_hostname�context�session)�sslsocket_class�_create)r�r�r�r�r�r�r�r,r,r-�wrap_socket�s�zSSLContext.wrap_socketcCs|jj||||�|�||d�S)N)r�r�r�r�)�sslobject_classr�r�)r��incoming�outgoingr�r�r�r,r,r-�wrap_bios
�zSSLContext.wrap_biocCsptjdtdd�t�}|D]#}t|d�}t|�dks t|�dkr$td��|�t|��|�|�q
|�	|�dS)N�'ssl NPN is deprecated, use ALPN insteadri�r�r�r�z(NPN protocols must be 1 to 255 in length)
r�r�r��	bytearray�bytesr�rr��extendZ_set_npn_protocols)r�Z
npn_protocols�protosr��br,r,r-�set_npn_protocolss�
zSSLContext.set_npn_protocolscs:�dur	d�_dSt��std����fdd�}|�_dS)Nznot a callable objectcs��|�}�|||�Sr�)r�)�sslobjZ
servernameZsslctx�r��server_name_callbackr,r-�shim_cb,s
z3SSLContext.set_servername_callback.<locals>.shim_cb)Zsni_callback�callable�	TypeError)r�r�r�r,r�r-�set_servername_callback%s

z"SSLContext.set_servername_callbackcCs`t�}|D]#}t|d�}t|�dkst|�dkrtd��|�t|��|�|�q|�|�dS)Nr�rr�z)ALPN protocols must be 1 to 255 in length)r�r�r�rr�r�Z_set_alpn_protocols)r�Zalpn_protocolsr�r�r�r,r,r-�set_alpn_protocols2s
zSSLContext.set_alpn_protocolscCstt�}zt|�D]\}}}|dkr|dus|j|vr|�|�qWnty/t�d�Ynw|r8|j|d�|S)NZx509_asnTz-unable to enumerate Windows certificate store)�cadata)r�ryr�r��PermissionErrorr�r��load_verify_locations)r��	storename�purposeZcertsr��encodingZtrustr,r,r-�_load_windows_store_certs=s
���z$SSLContext._load_windows_store_certscCs@t|t�s	t|��tjdkr|jD]}|�||�q|��dS)Nrx)r�r�r��sys�platform�_windows_cert_storesr�Zset_default_verify_paths)r�r�r�r,r,r-�load_default_certsKs


zSSLContext.load_default_certs�minimum_versionc�tt�j�Sr�)r8r�r��r�r�r,r-r�T�zSSLContext.minimum_versioncs4|tjkr|jtjM_ttt�j�||�dSr�)	r8r=�optionsr0ZOP_NO_SSLv3r�r�r��__set__�r�r6r�r,r-r�Xs
cr�r�)r8r��maximum_versionr�r�r,r-r^r�zSSLContext.maximum_versionc�ttt�j�||�dSr�)r�r�rr�rr�r,r-rb�cr�r�)r0r�r�r�r�r,r-r�fr�zSSLContext.optionscrr�)r�r�r�r�rr�r,r-r�jrr�cCs|jtj@}|tjkSr��Z_host_flagsr<r�)r�Zncsr,r,r-�hostname_checks_common_nameos
z&SSLContext.hostname_checks_common_namecCs.|r
|jtjM_dS|jtjO_dSr�rrr,r,r-rtscCsdS�NTr,r�r,r,r-r{�cs	t�j}|dur|jSdSr�)r��
_msg_callback�
user_function)r��innerr�r,r-rs
zSSLContext._msg_callbackcsb�durttt�j�|d�dSt�d�st��d����fdd�}�|_ttt�j�||�dS)N�__call__z is not callable.cs�zt|�}Wn	tyYnwzt|�}Wn	tyYnw|tjkr(t}n
|tjkr0t}nt}z||�}Wn	tyAYnw�||||||�Sr�)r8r�r>rGrFrHrg)ZconnZ	direction�versionZcontent_typeZmsg_type�dataZmsg_enum��callbackr,r-r
�s.��

��z'SSLContext._msg_callback.<locals>.inner)r�r�rr��hasattrr�r	)r�rr
r�rr-r�s
cr�r�)r&r�r�r�r�r,r-r��r�zSSLContext.protocolcr�r�)r3r��verify_flagsr�r�r,r-r�r�zSSLContext.verify_flagscrr�)r�r�rr�rr�r,r-r�rcs*t�j}zt|�WSty|YSwr�)r��verify_moder4r�rr�r,r-r�s
�zSSLContext.verify_modecrr�)r�r�rr�rr�r,r-r�rr�)FTTNN)FNN)r9r:r;r�r�r�r�r�r�r�r�r�r�r�r�r�r�rr	�propertyr��setterrr�r<rrr�rrr�r,r,r�r-r��sl

�
�





&%r�)r�r�r�cCs�	t|t�s
t|��|tjkrtt�}t|_d|_	n|tj
kr$tt�}nt|��|s.|s.|r6|�
|||�n
|jtkr@|�|�t|d�rTtj�d�}|rTtjjsT||_|S)NT�keylog_filename�
SSLKEYLOGFILE)r�r�r�r�r�r��PROTOCOL_TLS_CLIENT�
CERT_REQUIREDr�check_hostnamer��PROTOCOL_TLS_SERVERr�r��	CERT_NONEr�rr�r�r�r��flags�ignore_environmentr)r�r�r�r�r��
keylogfiler,r,r-�create_default_context�s&






rF)�	cert_reqsrr��certfile�keyfiler�r�r�cCs�	t|t�s
t|��|tjkr|durt}n|tjkr"|dur!t}nt|��t	|�}	||	_
|dur4||	_|r9d|	_
|rA|sAtd��|sE|rK|	�||�|sQ|sQ|rY|	�
|||�n
|	jtkrc|	�|�t|	d�rwtj�d�}
|
rwtjjsw|
|	_|	S)NT�certfile must be specifiedrr)r�r�r�r�r�rr�rr�r�rr�load_cert_chainr�rr�rr�r�r�r�rrr)r�r rr�r!r"r�r�r�r�rr,r,r-�_create_unverified_contexts>

�
�


r%c@s�eZdZ	dd�Ze		d1dd��Zedd��Zejd	d��Zed
d��Z	e	jdd��Z	ed
d��Z
edd��Zedd��Zd2dd�Z
dd�Zd3dd�Zdd�Zdd�Zdd�Zd d!�Zd"d#�Zd$d%�Zd&d'�Zd(d)�Zd4d+d,�Zd-d.�Zd/d0�ZdS)5�	SSLObjectcO�t|jj�d���)NzU does not have a public constructor. Instances are returned by SSLContext.wrap_bio().�r�r�r9�r�r�r�r,r,r-�__init__X��zSSLObject.__init__FNc	Cs*|�|�}|j||||||d�}||_|S)N)r�r��ownerr�)r�Z	_wrap_bio�_sslobj)	r�r�r�r�r�r�r�r�r�r,r,r-r�^s
�zSSLObject._createcC�
	|jjSr��r-r�r�r,r,r-r�j�zSSLObject.contextcC�||j_dSr�r/�r��ctxr,r,r-r�or�cCr.r��r-r�r�r,r,r-r�sr0zSSLObject.sessioncCr1r�r4�r�r�r,r,r-r�xr�cCr.r��r-�session_reusedr�r,r,r-r7|r0zSSLObject.session_reusedcCr.r�)r-r�r�r,r,r-r��r0zSSLObject.server_sidecCr.r�)r-r�r�r,r,r-r��szSSLObject.server_hostname�cCs,	|dur|j�||�}|S|j�|�}|Sr�)r-�read)r�r��buffer�vr,r,r-r9�s�zSSLObject.readcC�	|j�|�Sr�)r-�write�r�r
r,r,r-r=�szSSLObject.writecCr<r�)r-�getpeercert�r�Zbinary_formr,r,r-r?�szSSLObject.getpeercertcCs	tjdtdd�dS�Nr�rir�)r�r�r�r�r,r,r-�selected_npn_protocol�s
�zSSLObject.selected_npn_protocolcC�	|j��Sr�)r-�selected_alpn_protocolr�r,r,r-rD��
z SSLObject.selected_alpn_protocolcCrCr�)r-�cipherr�r,r,r-rF��
zSSLObject.ciphercCrCr�)r-�shared_ciphersr�r,r,r-rH�rEzSSLObject.shared_cipherscCrCr�)r-�compressionr�r,r,r-rI�rGzSSLObject.compressioncCrCr�)r-�pendingr�r,r,r-rJ��
zSSLObject.pendingcCs	|j��dSr�)r-�do_handshaker�r,r,r-rL�szSSLObject.do_handshakecCrCr�)r-�shutdownr�r,r,r-�unwrap�rKzSSLObject.unwrapr�cCr<r�)r-�get_channel_binding�r�Zcb_typer,r,r-rO�szSSLObject.get_channel_bindingcCrCr��r-rr�r,r,r-r�rGzSSLObject.versioncCs
|j��Sr�)r-�verify_client_post_handshaker�r,r,r-rR�s
z&SSLObject.verify_client_post_handshake)FNNN�r8N�F�r�)r9r:r;r*r�r�rr�rr�r7r�r�r9r=r?rBrDrFrHrIrJrLrNrOrrRr,r,r,r-r&IsF�








	

r&cCs	tt|j�j|_|Sr�)�getattrr&r9�__doc__)�funcr,r,r-�_sslcopydoc�srYcseZdZ	dd�Ze			dW�fdd�	�Zeedd	���Zej	d
d	��Zeedd���Z
e
j	d
d��Z
eedd���Zdd�ZdXdd�Z
dd�ZdYdd�Zdd�ZedZdd��Zedd��Zedd ��Zed!d"��Zed#d$��Zed%d&��Zd[�fd(d)�	ZdX�fd*d+�	Zd,d-�Zd[�fd.d/�	Zd\�fd0d1�	Zd]�fd2d3�	Zd^�fd4d5�	Zd]�fd6d7�	Zd^�fd8d9�	Zd:d;�Z d<d=�Z!ed>d?��Z"�fd@dA�Z#edBdC��Z$edDdE��Z%�fdFdG�Z&edZdHdI��Z'�fdJdK�Z(dLdM�Z)dNdO�Z*�fdPdQ�Z+ed_dSdT��Z,edUdV��Z-�Z.S)`�	SSLSocketcOr')NzX does not have a public constructor. Instances are returned by SSLContext.wrap_socket().r(r)r,r,r-r*�r+zSSLSocket.__init__FTNc
sX|�tt�tkrtd��|r|rtd��|durtd��|jr%|s%td��t|j|j	|j
|��d�}|j|fi|��}	t
t|	�jdi|��|��}
|��||	_||	_d|	_d|	_||	_|�|�|	_||	_||	_z|	��Wnuty�}zi|jtjkr~�d}|	��}
|	� d�z|	�!d�}Wnty�}z|jtjtj"fvr��d}WYd}~nd}~ww|	� |
�|r�d	}t#|j|�}||_$d|_%z|	�&�Wn	ty�Ynwz|�d}wWYd}~nd}~wwd
}|	�'|
�||	_(|�r*z(|	jj)|	||	j|	|	jd�|	_|�r|	��}|dk�rtd
��|	�*�W|	SW|	Sttf�y)|	�&��w|	S)Nz!only stream sockets are supportedz4server_hostname can only be specified in client modez,session can only be specified in client modez'check_hostname requires server_hostname)�family�type�proto�filenoFrh�z5Closed before TLS handshake with data in recv buffer.T�r,r��zHdo_handshake_on_connect should not be specified for non-blocking socketsr,)+Z
getsockoptr~rr|�NotImplementedErrorr�r�dictr[r\r]r^r�r�rZr*�
gettimeout�detach�_context�_sessionZ_closedr-r�r�r�r�r��getpeernamer��errnoZENOTCONNZgetblockingZsetblocking�recvZEINVALr�reasonZlibrary�close�
settimeout�
_connected�_wrap_socketrL)r�r�r�r�r�r�r�r�r�r�Zsock_timeout�eZ	connectedZblockingZnotconn_pre_handshake_datarkZ notconn_pre_handshake_data_error�timeoutr�r,r-r��s�
�
��
����%
�

�	��zSSLSocket._createcCs|jSr�)rfr�r,r,r-r�VszSSLSocket.contextcCs||_||j_dSr�)rfr-r�r2r,r,r-r�[scC�|jdur	|jjSdSr�r4r�r,r,r-r�`�
�zSSLSocket.sessioncCs ||_|jdur||j_dSdSr�)rgr-r�r5r,r,r-r�fs
�cCrrr�r6r�r,r,r-r7lrszSSLSocket.session_reusedcCstd|jj��)NzCan't dup() %s instances)rbr�r9r�r,r,r-�duprs�z
SSLSocket.dupcCsdSr�r,)r��msgr,r,r-�_checkClosedvrzSSLSocket._checkClosedcCs|js	|��dSdSr�)rnrhr�r,r,r-�_check_connectedzs�zSSLSocket._check_connectedr8c
Cs�	|��|jdurtd��z|dur|j�||�WS|j�|�WStyJ}z|jdtkrE|jrE|dur>WYd}~dSWYd}~dS�d}~ww)Nz'Read on closed or unwrapped SSL socket.rr_)rvr-r�r9rr�Z
SSL_ERROR_EOFr�)r�r�r:�xr,r,r-r9�s 
��zSSLSocket.readcCs(	|��|jdurtd��|j�|�S)Nz(Write on closed or unwrapped SSL socket.)rvr-r�r=r>r,r,r-r=�s

zSSLSocket.writecCs|��|��|j�|�Sr�)rvrwr-r?r@r,r,r-r?�szSSLSocket.getpeercertcCs|��tjdtdd�dSrA)rvr�r�r�r�r,r,r-rB�s�zSSLSocket.selected_npn_protocolcCs&|��|jdustjsdS|j��Sr�)rvr-r<rrDr�r,r,r-rD�s
z SSLSocket.selected_alpn_protocolcC� |��|jdurdS|j��Sr�)rvr-rFr�r,r,r-rF��

zSSLSocket.ciphercCryr�)rvr-rHr�r,r,r-rH�rzzSSLSocket.shared_cipherscCryr�)rvr-rIr�r,r,r-rI�rzzSSLSocket.compressionrcsB|��|jdur|dkrtd|j��|j�|�St��||�S)Nrz3non-zero flags not allowed in calls to send() on %s)rvr-r�r�r=r��send)r�r
rr�r,r-r{�s
��zSSLSocket.sendcsF|��|jdurtd|j��|durt��||�St��|||�S)Nz%sendto not allowed on instances of %s)rvr-r�r�r��sendto)r�r
Z
flags_or_addrr�r�r,r-r|�s
�zSSLSocket.sendtocO�td|j��)Nz&sendmsg not allowed on instances of %s�rbr�r)r,r,r-�sendmsg�s�zSSLSocket.sendmsgc	s�|��|jdurc|dkrtd|j��d}t|��?}|�d��!}t|�}||kr:|�||d��}||7}||ks)Wd�n1sDwYWd�dSWd�dS1s\wYdSt��	||�S)Nrz6non-zero flags not allowed in calls to sendall() on %s�B)
rvr-r�r��
memoryview�castr�r{r��sendall)r�r
rr�ZviewZ	byte_viewZamountr;r�r,r-r��s$
����P�zSSLSocket.sendallcs*	|jdur
|�|||�St��|||�Sr�)r-Z_sendfile_use_sendr��sendfile)r��file�offsetr�r�r,r-r��s
zSSLSocket.sendfilecs@|��|jdur|dkrtd|j��|�|�St��||�S)Nrz3non-zero flags not allowed in calls to recv() on %s)rvr-r�r�r9r�rj�r�Zbuflenrr�r,r-rjs
��
zSSLSocket.recvcsf|��|r|durt|�}n|durd}|jdur+|dkr%td|j��|�||�St��|||�S)Nr8rz8non-zero flags not allowed in calls to recv_into() on %s)rvr�r-r�r�r9r��	recv_into�r�r:�nbytesrr�r,r-r�s

��zSSLSocket.recv_intocs.|��|jdurtd|j��t��||�S)Nz'recvfrom not allowed on instances of %s)rvr-r�r�r��recvfromr�r�r,r-r�s
�zSSLSocket.recvfromcs0|��|jdurtd|j��t��|||�S)Nz,recvfrom_into not allowed on instances of %s)rvr-r�r�r��
recvfrom_intor�r�r,r-r�'s
�zSSLSocket.recvfrom_intocOr})Nz&recvmsg not allowed on instances of %sr~r)r,r,r-�recvmsg/��zSSLSocket.recvmsgcOr})Nz+recvmsg_into not allowed on instances of %sr~r)r,r,r-�recvmsg_into3r�zSSLSocket.recvmsg_intocCs |��|jdur|j��SdS�Nr)rvr-rJr�r,r,r-rJ7s

zSSLSocket.pendingcs|��d|_t��|�dSr�)rvr-r�rM)r�Zhowr�r,r-rM?szSSLSocket.shutdowncCs*|jr
|j��}d|_|Stdt|����NzNo SSL wrapper around )r-rMr�r�)r��sr,r,r-rNDs

zSSLSocket.unwrapcCs |jr|j��Stdt|���r�)r-rRr�r�r�r,r,r-rRMs
z&SSLSocket.verify_client_post_handshakecsd|_t���dSr�)r-r��_real_closer�r�r,r-r�TszSSLSocket._real_closec	CsN|��|��}z|dkr|r|�d�|j��W|�|�dS|�|�w)Nra)rwrdrmr-rL)r��blockrqr,r,r-rLXs
zSSLSocket.do_handshakec	s�|jrtd��|js|jdurtd��|jj|d|j||jd�|_z |r+t��	|�}nd}t��
|�|s?d|_|jr?|��|WSt
tfyNd|_�w)Nz!can't connect in server-side modez/attempt to connect already-connected SSLSocket!Fr`T)r�r�rnr-r�ror�rgr��
connect_ex�connectr�rLr�)r�r�r�Zrcr�r,r-�
_real_connectcs,��zSSLSocket._real_connectcCs	|�|d�dS)NF�r��r�r�r,r,r-r�}szSSLSocket.connectcCs	|�|d�Srr�r�r,r,r-r��szSSLSocket.connect_excs0	t���\}}|jj||j|jdd�}||fS)NT)r�r�r�)r��acceptr�r�r�r�)r�Znewsockr�r�r,r-r��s�zSSLSocket.acceptr�cCs0|jdur|j�|�S|tvrtd�|���dS)Nz({0} channel binding type not implemented)r-rO�CHANNEL_BINDING_TYPESr�r�rPr,r,r-rO�s
�zSSLSocket.get_channel_bindingcCs|jdur
|j��SdSr�rQr�r,r,r-r�s

zSSLSocket.version)FTTNNNr�rSrT)r)rN)r8rr�rU)/r9r:r;r*r�r�rrYr�rr�r7rtrvrwr9r=r?rBrDrFrHrIr{r|rr�r�rjr�r�r�r�r�rJrMrNrRr�rLr�r�r�r�rOrr�r,r,r�r-rZ�s��_



	
	










rZTc
Cs|tjdtdd�|r|std��|r|std��t|�}
||
_|r&|
�|�|r.|
�||�|	r5|
�|	�|
j	||||d�S)Nz=ssl.wrap_socket() is deprecated, use SSLContext.wrap_socket()rir�z5certfile must be specified for server-side operationsr#)r�r�r�r�)
r�r�r�r�r�rr�r$Zset_ciphersr�)r�r"r!r�r �ssl_version�ca_certsr�r�Zciphersr�r,r,r-r��s,�

�r�cCs�	ddlm}ddlm}d}d}z|�|dd����d}Wnty/td||f��w||dd�|�}||d|f|d	d
��S)Nr)�strptime)�timegm)ZJanZFebZMarZAprZMayZJunZJulZAugZSepZOctZNovZDecz %d %H:%M:%S %Y GMTrjrhz*time data %r does not match format "%%b%s"rirm)�timer�Zcalendarr��index�titler�)Z	cert_timer�r�ZmonthsZtime_formatZmonth_numberZttr,r,r-�cert_time_to_seconds�s	��r�z-----BEGIN CERTIFICATE-----z-----END CERTIFICATE-----csT	tt�|�dd��tg}|�fdd�tdt��d�D�7}|�td�d�|�S)N�ASCII�strictcsg|]
}�||d��qS)�@r,)r5�i��fr,r-�
<listcomp>�sz(DER_cert_to_PEM_cert.<locals>.<listcomp>rr��
)	r��base64Zstandard_b64encode�
PEM_HEADER�ranger�r��
PEM_FOOTERr�)Zder_cert_bytesZssr,r�r-�DER_cert_to_PEM_cert�s"
r�cCs^	|�t�stdt��|���t�stdt��|��tt�tt��}t�|�	dd��S)Nz(Invalid PEM encoding; must start with %sz&Invalid PEM encoding; must end with %sr�r�)
r)r�r��strip�endswithr�r�r�Zdecodebytesr�)Zpem_cert_string�dr,r,r-�PEM_cert_to_DER_cert�s
��r�c	Cs�	|\}}|durt}nt}t|||d�}t||d��1}|j||d��
}	|	�d�}
Wd�n1s3wYWd�t|
�SWd�t|
�S1sOwYt|
�S)N)r r�)rq)r�T)rr�_create_stdlib_contextr}r�r?r�)r�r�r�rqZhostZportr r�r�ZsslsockZdercertr,r,r-�get_server_certificates(��
��
��r�cCst�|d�S)Nz	<unknown>)�_PROTOCOL_NAMESr�)Z
protocol_coder,r,r-�get_protocol_namesr�r�)nr�r��collectionsr�enumrZ_EnumrZ_IntEnumrZ_IntFlagr<rrrr	r
rrr
rrrrrrr�rr�rrrrr�ImportErrorrrrrrrr r!r"r#r$r%�	_convert_r9r&r�r'�__members__�itemsr�rVZ_SSLv2_IF_EXISTSr8r>rHrgr�ryrzr{r|r}r~rr�r�r�rir�r�Zsocket_errorr�rZHAS_NEVER_CHECK_COMMON_NAMEZ_RESTRICTED_SERVER_CIPHERSr�r�r�r�r�r�r�r�r�r�r�rrr%Z_create_default_https_contextr�r&rYrZr�r�r�r�r�r�r�r�rr�r�r,r,r,r-�<module>s�Z$�0������
)
1#>��&�7@
� 


�

?>