Your IP : 3.149.249.84


Current Path : /opt/alt/python38/lib64/python3.8/__pycache__/
Upload File :
Current File : //opt/alt/python38/lib64/python3.8/__pycache__/ssl.cpython-38.opt-2.pyc

U

i�f5��
@s�ddlZddlZddlmZddlmZmZm	Z
ddlZddlmZm
Z
mZddlmZmZmZddlmZmZmZmZmZmZmZddlmZmZddlmZmZmZm Z zdd	lm!Z!Wne"k
r�YnXdd
lm#Z#m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,ddlm-Z-m.Z.ej/de0d
d�ed�e
j/de0dd�ed�ej/de0dd�ed�ej/de0dd�ed�e
j/de0dd�ed�ej/de0dd�ed�e1j2Z3e1_3dd�e1j4�5�D�Z6e7e1dd�Z8Gdd�de�Z9Gdd �d e�Z:Gd!d"�d"e�Z;Gd#d$�d$e�Z<ej=d%k�rdd&lm>Z>m?Z?dd'l@m@Z@mAZAmBZBmCZCdd(l@mDZDmEZEddl@ZFddlGZGddlHZHddlIZIeJZKd)gZLeMed*�ZNe-ZOeZPd+d,�ZQd-d.�ZRd/d0�ZSd1d2�ZTed3d4�ZUd5d6�ZVGd7d8�d8ed8d9��ZWGd:d;�d;eWe�ZXGd<d=�d=e�ZYeXjZfdddd>�d?d@�Z[e2fe\dAeXjZddddddB�dCdD�Z]e[Z^e]Z_GdEdF�dF�Z`dGdH�ZaGdIdJ�dJe@�ZbebeY_ce`eY_ddddAe\e2ddKdKdf	dLdM�ZedNdO�ZfdPZgdQZhdRdS�ZidTdU�Zje2dfdVdW�ZkdXdY�ZldS)Z�N)�
namedtuple)�Enum�IntEnum�IntFlag)�OPENSSL_VERSION_NUMBER�OPENSSL_VERSION_INFO�OPENSSL_VERSION)�_SSLContext�	MemoryBIO�
SSLSession)�SSLError�SSLZeroReturnError�SSLWantReadError�SSLWantWriteError�SSLSyscallError�SSLEOFError�SSLCertVerificationError)�txt2obj�nid2obj)�RAND_status�RAND_add�
RAND_bytes�RAND_pseudo_bytes)�RAND_egd)
�HAS_SNI�HAS_ECDH�HAS_NPN�HAS_ALPN�	HAS_SSLv2�	HAS_SSLv3�	HAS_TLSv1�HAS_TLSv1_1�HAS_TLSv1_2�HAS_TLSv1_3)�_DEFAULT_CIPHERS�_OPENSSL_API_VERSION�
_SSLMethodcCs|�d�o|dkS)NZ	PROTOCOL_�PROTOCOL_SSLv23��
startswith��name�r,�(/opt/alt/python38/lib64/python3.8/ssl.py�<lambda>|�r.)�source�OptionscCs
|�d�S)NZOP_r(r*r,r,r-r.�r/ZAlertDescriptioncCs
|�d�S)NZALERT_DESCRIPTION_r(r*r,r,r-r.�r/ZSSLErrorNumbercCs
|�d�S)NZ
SSL_ERROR_r(r*r,r,r-r.�r/�VerifyFlagscCs
|�d�S)NZVERIFY_r(r*r,r,r-r.�r/�
VerifyModecCs
|�d�S)NZCERT_r(r*r,r,r-r.�r/cCsi|]\}}||�qSr,r,)�.0r+�valuer,r,r-�
<dictcomp>�sr6ZPROTOCOL_SSLv2c@s6eZdZejZejZejZ	ej
ZejZ
ejZejZdS)�
TLSVersionN)�__name__�
__module__�__qualname__�_sslZPROTO_MINIMUM_SUPPORTEDZMINIMUM_SUPPORTEDZPROTO_SSLv3�SSLv3ZPROTO_TLSv1ZTLSv1Z
PROTO_TLSv1_1ZTLSv1_1Z
PROTO_TLSv1_2ZTLSv1_2Z
PROTO_TLSv1_3ZTLSv1_3ZPROTO_MAXIMUM_SUPPORTEDZMAXIMUM_SUPPORTEDr,r,r,r-r7�sr7c@s$eZdZdZdZdZdZdZdZdS)�_TLSContentType������N)	r8r9r:�CHANGE_CIPHER_SPEC�ALERTZ	HANDSHAKEZAPPLICATION_DATA�HEADERZINNER_CONTENT_TYPEr,r,r,r-r=�sr=c@s�eZdZdZdZdZdZdZdZdZ	dZ
d	Zd
ZdZ
dZd
ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!d Z"d!Z#d"Z$d#S)$�
_TLSAlertTyper�
r>r?r@��(�)�*�+�,�-�.�/�0�1�2�3�<�F�G�P�V�Z�d�m�n�o�p�q�r�s�t�xN)%r8r9r:ZCLOSE_NOTIFYZUNEXPECTED_MESSAGEZBAD_RECORD_MACZDECRYPTION_FAILEDZRECORD_OVERFLOWZDECOMPRESSION_FAILUREZHANDSHAKE_FAILUREZNO_CERTIFICATEZBAD_CERTIFICATEZUNSUPPORTED_CERTIFICATEZCERTIFICATE_REVOKEDZCERTIFICATE_EXPIREDZCERTIFICATE_UNKNOWNZILLEGAL_PARAMETERZ
UNKNOWN_CAZ
ACCESS_DENIEDZDECODE_ERRORZ
DECRYPT_ERRORZEXPORT_RESTRICTIONZPROTOCOL_VERSIONZINSUFFICIENT_SECURITYZINTERNAL_ERRORZINAPPROPRIATE_FALLBACKZ
USER_CANCELEDZNO_RENEGOTIATIONZMISSING_EXTENSIONZUNSUPPORTED_EXTENSIONZCERTIFICATE_UNOBTAINABLEZUNRECOGNIZED_NAMEZBAD_CERTIFICATE_STATUS_RESPONSEZBAD_CERTIFICATE_HASH_VALUEZUNKNOWN_PSK_IDENTITYZCERTIFICATE_REQUIREDZNO_APPLICATION_PROTOCOLr,r,r,r-rG�sDrGc@sdeZdZdZdZdZdZdZdZdZ	dZ
d	Zd
ZdZ
dZd
ZdZdZdZdZdZdZdZdZdZdS)�_TLSMessageTyper����������
���r>r?r@rA��C�rCN)r8r9r:Z
HELLO_REQUESTZCLIENT_HELLOZSERVER_HELLOZHELLO_VERIFY_REQUESTZNEWSESSION_TICKETZEND_OF_EARLY_DATAZHELLO_RETRY_REQUESTZENCRYPTED_EXTENSIONSZCERTIFICATEZSERVER_KEY_EXCHANGEZCERTIFICATE_REQUESTZSERVER_DONEZCERTIFICATE_VERIFYZCLIENT_KEY_EXCHANGEZFINISHEDZCERTIFICATE_URLZCERTIFICATE_STATUSZSUPPLEMENTAL_DATAZ
KEY_UPDATEZ
NEXT_PROTOZMESSAGE_HASHrDr,r,r,r-rf�s,rf�win32)�enum_certificates�	enum_crls)�socket�AF_INET�SOCK_STREAM�create_connection)�
SOL_SOCKET�SO_TYPE�
tls-unique�HOSTFLAG_NEVER_CHECK_SUBJECTcCs�|sdS|�d�}|s&|��|��kS|dkr<td�|���|�d�\}}}d|krbtd�|���|sttd�|���|dkr�td�|���|�d�\}}}|r�|s�dS|��|��kS)	NF�*rgz1too many wildcards in certificate DNS name: {!r}.�.z9wildcard can only be present in the leftmost label: {!r}.z>sole wildcard without additional labels are not support: {!r}.z<partial wildcards in leftmost label are not supported: {!r}.)�count�lower�CertificateError�format�	partition)Zdn�hostnameZ	wildcardsZdn_leftmost�sepZdn_remainderZhostname_leftmostZhostname_remainderr,r,r-�_dnsname_matchs@

�������r�cCs�zt�|�}Wntk
r"Yn"Xt�|�|kr6|Std�|���zt�tj|�WStk
rvtd�|���Yntk
r�YnXtd�|���dS)Nz'{!r} is not a quad-dotted IPv4 address.z+{!r} is neither an IPv4 nor an IP6 address.z{!r} is not an IPv4 address.)	�_socketZ	inet_aton�OSErrorZ	inet_ntoa�
ValueErrorr�Z	inet_ptonZAF_INET6�AttributeError)Zipname�addrr,r,r-�_inet_patonDs$��
r�cCst|���}||kS�N)r��rstrip)Zcert_ipaddress�host_ipZipr,r,r-�_ipaddress_matchgsr�cCsJ|std��zt|�}Wntk
r0d}YnXg}|�dd�}|D]^\}}|dkrz|dkrnt||�rndS|�|�qF|dkrF|dk	r�t||�r�dS|�|�qF|s�|�dd�D]6}|D],\}}|dkr�t||�r�dS|�|�q�q�t|�dk�rtd	|d
�t	t
|��f��n,t|�dk�r>td||df��ntd
��dS)Nztempty or no certificate, match_hostname needs a SSL socket or SSL context with either CERT_OPTIONAL or CERT_REQUIREDZsubjectAltNamer,ZDNSz
IP AddressZsubjectZ
commonNamergz&hostname %r doesn't match either of %sz, zhostname %r doesn't match %rrz=no appropriate commonName or subjectAltName fields were found)r�r��getr��appendr��lenr��join�map�repr)�certr�r�ZdnsnamesZsan�keyr5�subr,r,r-�match_hostnamessB


�
�r��DefaultVerifyPathszQcafile capath openssl_cafile_env openssl_cafile openssl_capath_env openssl_capathcCsdt��}tj�|d|d�}tj�|d|d�}ttj�|�rF|ndtj�|�rX|ndf|��S)Nrrgrhri)	r;�get_default_verify_paths�os�environr�r��path�isfile�isdir)�parts�cafile�capathr,r,r-r��s��r�cs@eZdZdZ�fdd�Ze�fdd��Ze�fdd��Z�ZS)�_ASN1Objectr,cst�j|ft|dd���S)NFr*��super�__new__�_txt2obj)�cls�oid��	__class__r,r-r��sz_ASN1Object.__new__cst�j|ft|���Sr�)r�r��_nid2obj)r�Znidr�r,r-�fromnid�sz_ASN1Object.fromnidcst�j|ft|dd���S)NTr*r�)r�r+r�r,r-�fromname�sz_ASN1Object.fromname)	r8r9r:�	__slots__r��classmethodr�r��
__classcell__r,r,r�r-r��sr�znid shortname longname oidc@seZdZdZdZdS)�Purposez1.3.6.1.5.5.7.3.1z1.3.6.1.5.5.7.3.2N)r8r9r:�SERVER_AUTHZCLIENT_AUTHr,r,r,r-r��sr�cs�eZdZdZdZdZefdd�Zdd�Zd1d	d
�Z	d2dd�Z
d
d�Zdd�Zdd�Z
dd�Zejfdd�Zeed�r�e�fdd��Zej�fdd��Ze�fdd��Zej�fdd��Ze�fdd��Zej�fd d��Zeed!��red"d#��Zejd$d#��Zned%d#��Ze�fd&d'��Zej�fd(d'��Ze�fd)d*��Ze�fd+d,��Zej�fd-d,��Ze�fd.d/��Zej�fd0d/��Z�ZS)3�
SSLContext)ZCAZROOTNcOst�||�}|Sr�)r	r�)r��protocol�args�kwargs�selfr,r,r-r��szSSLContext.__new__cCs4|dkrdSt|t�r&|�d��d�S|�d�SdS)NZidna�ascii)�
isinstance�str�encode�decode)r�r�r,r,r-�_encode_hostname�s

zSSLContext._encode_hostnameFTc	Cs|jj|||||||d�S)N)�sock�server_side�do_handshake_on_connect�suppress_ragged_eofs�server_hostname�context�session)�sslsocket_class�_create)r�r�r�r�r�r�r�r,r,r-�wrap_socket�s�zSSLContext.wrap_socketcCs|jj||||�|�||d�S)N)r�r�r�r�)�sslobject_classr�r�)r��incoming�outgoingr�r�r�r,r,r-�wrap_bio�s�zSSLContext.wrap_biocCs`t�}|D]F}t|d�}t|�dks0t|�dkr8td��|�t|��|�|�q
|�|�dS)Nr�r�z(NPN protocols must be 1 to 255 in length)�	bytearray�bytesr�rr��extendZ_set_npn_protocols)r�Z
npn_protocols�protosr��br,r,r-�set_npn_protocolss
zSSLContext.set_npn_protocolscs8�dkrd�_n$t��s td����fdd�}|�_dS)Nznot a callable objectcs��|�}�|||�Sr�)r�)�sslobjZ
servernameZsslctx�r��server_name_callbackr,r-�shim_cbs
z3SSLContext.set_servername_callback.<locals>.shim_cb)Zsni_callback�callable�	TypeError)r�r�r�r,r�r-�set_servername_callbacksz"SSLContext.set_servername_callbackcCs`t�}|D]F}t|d�}t|�dks0t|�dkr8td��|�t|��|�|�q
|�|�dS)Nr�rr�z)ALPN protocols must be 1 to 255 in length)r�r�r�rr�r�Z_set_alpn_protocols)r�Zalpn_protocolsr�r�r�r,r,r-�set_alpn_protocols s
zSSLContext.set_alpn_protocolscCsvt�}z<t|�D].\}}}|dkr|dks4|j|kr|�|�qWntk
r`t�d�YnX|rr|j|d�|S)NZx509_asnTz-unable to enumerate Windows certificate store)�cadata)r�rxr�r��PermissionError�warnings�warn�load_verify_locations)r��	storename�purposeZcertsr��encodingZtrustr,r,r-�_load_windows_store_certs+sz$SSLContext._load_windows_store_certscCs@t|t�st|��tjdkr4|jD]}|�||�q"|��dS)Nrw)r�r�r��sys�platform�_windows_cert_storesr�Zset_default_verify_paths)r�r�r�r,r,r-�load_default_certs9s


zSSLContext.load_default_certs�minimum_versioncstt�j�Sr�)r7r�r��r�r�r,r-r�BszSSLContext.minimum_versioncs4|tjkr|jtjM_ttt�j�||�dSr�)	r7r<�optionsr1ZOP_NO_SSLv3r�r�r��__set__�r�r5r�r,r-r�Fs
cstt�j�Sr�)r7r��maximum_versionr�r�r,r-r�LszSSLContext.maximum_versioncsttt�j�||�dSr�)r�r�r�r�r�r�r,r-r�Pscstt�j�Sr�)r1r�r�r�r�r,r-r�TszSSLContext.optionscsttt�j�||�dSr�)r�r�r�r�r�r�r,r-r�Xsr�cCs|jtj@}|tjkSr��Z_host_flagsr;r�)r�Zncsr,r,r-�hostname_checks_common_name]sz&SSLContext.hostname_checks_common_namecCs,|r|jtjM_n|jtjO_dSr�r�r�r,r,r-r�bscCsdS�NTr,r�r,r,r-r�iscst�j}|dk	r|jSdSdSr�)r��
_msg_callback�
user_function)r��innerr�r,r-r�ms!zSSLContext._msg_callbackcsb�dkr ttt�j�|d�dSt�d�s8t��d����fdd�}�|_ttt�j�||�dS)N�__call__z is not callable.cs�zt|�}Wntk
r YnXzt|�}Wntk
rBYnX|tjkrTt}n|tjkrdt}nt}z||�}Wntk
r�YnX�||||||�Sr�)r7r�r=rFrErGrf)Zconn�	direction�versionZcontent_typeZmsg_type�dataZmsg_enum��callbackr,r-r��s,

�z'SSLContext._msg_callback.<locals>.inner)r�r�r�r��hasattrr�r�)r�rr�r�rr-r��s
cstt�j�Sr�)r&r�r�r�r�r,r-r��szSSLContext.protocolcstt�j�Sr�)r2r��verify_flagsr�r�r,r-r�szSSLContext.verify_flagscsttt�j�||�dSr�)r�r�rr�r�r�r,r-r�scs0t�j}z
t|�WStk
r*|YSXdSr�)r��verify_moder3r�r�r�r,r-r�s

zSSLContext.verify_modecsttt�j�||�dSr�)r�r�rr�r�r�r,r-r�s)FTTNN)FNN) r8r9r:r�r�r��PROTOCOL_TLSr�r�r�r�r�r�r�r�r�r�r�rr	�propertyr��setterr�r�r;r�r�r�rrr�r,r,r�r-r��sl�
�





&%r�)r�r�r�cCs�t|t�st|��tt�}|tjkr0t|_d|_	|s<|s<|rL|�
|||�n|jtkr`|�|�t
|d�r�tj�d�}|r�tjjs�||_|S)NT�keylog_filename�
SSLKEYLOGFILE)r�r�r�r�rr�r��
CERT_REQUIREDr�check_hostnamer��	CERT_NONEr�rr�r�r�r��flags�ignore_environmentr)r�r�r�r�r��
keylogfiler,r,r-�create_default_context�s




rF)�	cert_reqsrr��certfile�keyfiler�r�r�cCs�t|t�st|��t|�}	|s$d|	_|dk	r2||	_|r<d|	_|rL|sLtd��|sT|r`|	�||�|sl|sl|r||	�|||�n|	jt	kr�|	�
|�t|	d�r�tj
�d�}
|
r�tjjs�|
|	_|	S)NFT�certfile must be specifiedrr	)r�r�r�r�rrr��load_cert_chainr�rr�rr�r�r�r�r
rr)r�rrr�rrr�r�r�r�rr,r,r-�_create_unverified_context�s,



rc@s�eZdZdd�Zed1dd��Zedd��Zejd	d��Zed
d��Z	e	jdd��Z	ed
d��Z
edd��Zedd��Zd2dd�Z
dd�Zd3dd�Zdd�Zdd�Zdd�Zd d!�Zd"d#�Zd$d%�Zd&d'�Zd(d)�Zd4d+d,�Zd-d.�Zd/d0�ZdS)5�	SSLObjectcOst|jj�d���dS)NzU does not have a public constructor. Instances are returned by SSLContext.wrap_bio().�r�r�r8�r�r�r�r,r,r-�__init__;s�zSSLObject.__init__FNc	Cs*|�|�}|j||||||d�}||_|S)N)r�r��ownerr�)r�Z	_wrap_bio�_sslobj)	r�r�r�r�r�r�r�r�r�r,r,r-r�As
�zSSLObject._createcCs|jjSr��rr�r�r,r,r-r�MszSSLObject.contextcCs||j_dSr�r�r�Zctxr,r,r-r�RscCs|jjSr��rr�r�r,r,r-r�VszSSLObject.sessioncCs||j_dSr�r�r�r�r,r,r-r�[scCs|jjSr��r�session_reusedr�r,r,r-r"_szSSLObject.session_reusedcCs|jjSr�)rr�r�r,r,r-r�dszSSLObject.server_sidecCs|jjSr�)rr�r�r,r,r-r�iszSSLObject.server_hostname�cCs(|dk	r|j�||�}n|j�|�}|Sr�)r�read)r�r��buffer�vr,r,r-r$oszSSLObject.readcCs|j�|�Sr�)r�write�r�r�r,r,r-r'{szSSLObject.writecCs|j�|�Sr�)r�getpeercert�r�Zbinary_formr,r,r-r)�szSSLObject.getpeercertcCstjr|j��SdSr�)r;rr�selected_npn_protocolr�r,r,r-r+�szSSLObject.selected_npn_protocolcCstjr|j��SdSr�)r;rr�selected_alpn_protocolr�r,r,r-r,�sz SSLObject.selected_alpn_protocolcCs
|j��Sr�)r�cipherr�r,r,r-r-�szSSLObject.ciphercCs
|j��Sr�)r�shared_ciphersr�r,r,r-r.�szSSLObject.shared_cipherscCs
|j��Sr�)r�compressionr�r,r,r-r/�szSSLObject.compressioncCs
|j��Sr�)r�pendingr�r,r,r-r0�szSSLObject.pendingcCs|j��dSr�)r�do_handshaker�r,r,r-r1�szSSLObject.do_handshakecCs
|j��Sr�)r�shutdownr�r,r,r-�unwrap�szSSLObject.unwrapr�cCs|j�|�Sr�)r�get_channel_binding�r�Zcb_typer,r,r-r4�szSSLObject.get_channel_bindingcCs
|j��Sr��rr�r�r,r,r-r��szSSLObject.versioncCs
|j��Sr�)r�verify_client_post_handshaker�r,r,r-r7�sz&SSLObject.verify_client_post_handshake)FNNN)r#N)F)r�)r8r9r:rr�r�rr�rr�r"r�r�r$r'r)r+r,r-r.r/r0r1r3r4r�r7r,r,r,r-r,sF�








	
rcCstt|j�j|_|Sr�)�getattrrr8�__doc__)�funcr,r,r-�_sslcopydoc�sr;cseZdZdd�ZedW�fdd�	�Zeedd	���Zej	d
d	��Zeedd���Z
e
j	d
d��Z
eedd���Zdd�ZdXdd�Z
dd�ZdYdd�Zdd�ZedZdd��Zedd��Zedd ��Zed!d"��Zed#d$��Zed%d&��Zd[�fd(d)�	Zd\�fd*d+�	Zd,d-�Zd]�fd.d/�	Zd^�fd0d1�	Zd_�fd2d3�	Zd`�fd4d5�	Zda�fd6d7�	Zdb�fd8d9�	Zd:d;�Z d<d=�Z!ed>d?��Z"�fd@dA�Z#edBdC��Z$edDdE��Z%�fdFdG�Z&edcdHdI��Z'�fdJdK�Z(dLdM�Z)dNdO�Z*�fdPdQ�Z+edddSdT��Z,edUdV��Z-�Z.S)e�	SSLSocketcOst|jj�d���dS)NzX does not have a public constructor. Instances are returned by SSLContext.wrap_socket().rrr,r,r-r�s�zSSLSocket.__init__FTNc
sZ|�tt�tkrtd��|r8|r(td��|dk	r8td��|jrJ|sJtd��t|j|j	|j
|��d�}|j|f|�}	t
t|	�jf|�|��}
|��||	_||	_d|	_d|	_||	_|�|�|	_||	_||	_z|	��Wn�tk
�r�}z�|jtjkr��d}|	��}
|	� d�z|	�!d�}Wn>tk
�rZ}z|jtjtj"fk�rF�d}W5d}~XYnX|	� |
�|�r�d	}t#|j|�}||_$d|_%z|	�&�Wntk
�r�YnXz|�W5d}XW5d}~XYnXd
}|	�'|
�||	_(|�rVzH|	jj)|	||	j|	|	jd�|	_|�r.|	��}|dk�r&td
��|	�*�Wn$ttfk
�rT|	�&��YnX|	S)Nz!only stream sockets are supportedz4server_hostname can only be specified in client modez,session can only be specified in client modez'check_hostname requires server_hostname)�family�type�proto�filenoFrgr/z5Closed before TLS handshake with data in recv buffer.T�rr��zHdo_handshake_on_connect should not be specified for non-blocking sockets)+Z
getsockoptr~rr|�NotImplementedErrorr�r�dictr=r>r?r@r�r�r<r�
gettimeout�detach�_context�_sessionZ_closedrr�r�r�r�r��getpeernamer��errnoZENOTCONNZgetblockingZsetblocking�recvZEINVALr�reasonZlibrary�close�
settimeout�
_connected�_wrap_socketr1)r�r�r�r�r�r�r�r�r�r�Zsock_timeout�eZ	connectedZblockingZnotconn_pre_handshake_datarLZ notconn_pre_handshake_data_error�timeoutr�r,r-r��s�
�


�
zSSLSocket._createcCs|jSr�)rGr�r,r,r-r�7szSSLSocket.contextcCs||_||j_dSr�)rGrr�rr,r,r-r�<scCs|jdk	r|jjSdSr�rr�r,r,r-r�As
zSSLSocket.sessioncCs||_|jdk	r||j_dSr�)rHrr�r r,r,r-r�Gs
cCs|jdk	r|jjSdSr�r!r�r,r,r-r"Ms
zSSLSocket.session_reusedcCstd|jj��dS)NzCan't dup() %s instances)rCr�r8r�r,r,r-�dupSs�z
SSLSocket.dupcCsdSr�r,)r��msgr,r,r-�_checkClosedWszSSLSocket._checkClosedcCs|js|��dSr�)rOrIr�r,r,r-�_check_connected[szSSLSocket._check_connectedr#c
Cs�|��|jdkrtd��z*|dk	r4|j�||�WS|j�|�WSWnVtk
r�}z8|jdtkr�|jr�|dk	r|WY�dSWY�dSn�W5d}~XYnXdS)Nz'Read on closed or unwrapped SSL socket.rr/)rUrr�r$rr�Z
SSL_ERROR_EOFr�)r�r�r%�xr,r,r-r$cs

zSSLSocket.readcCs&|��|jdkrtd��|j�|�S)Nz(Write on closed or unwrapped SSL socket.)rUrr�r'r(r,r,r-r'xs
zSSLSocket.writecCs|��|��|j�|�Sr�)rUrVrr)r*r,r,r-r)�szSSLSocket.getpeercertcCs*|��|jdkstjsdS|j��SdSr�)rUrr;rr+r�r,r,r-r+�szSSLSocket.selected_npn_protocolcCs*|��|jdkstjsdS|j��SdSr�)rUrr;rr,r�r,r,r-r,�sz SSLSocket.selected_alpn_protocolcCs$|��|jdkrdS|j��SdSr�)rUrr-r�r,r,r-r-�s
zSSLSocket.ciphercCs$|��|jdkrdS|j��SdSr�)rUrr.r�r,r,r-r.�s
zSSLSocket.shared_cipherscCs$|��|jdkrdS|j��SdSr�)rUrr/r�r,r,r-r/�s
zSSLSocket.compressionrcsF|��|jdk	r4|dkr(td|j��|j�|�St��||�SdS)Nrz3non-zero flags not allowed in calls to send() on %s)rUrr�r�r'r��send)r�r�r
r�r,r-rX�s
��zSSLSocket.sendcsL|��|jdk	r"td|j��n&|dkr8t��||�St��|||�SdS)Nz%sendto not allowed on instances of %s)rUrr�r�r��sendto)r�r�Z
flags_or_addrr�r�r,r-rY�s
�zSSLSocket.sendtocOstd|j��dS)Nz&sendmsg not allowed on instances of %s�rCr�rr,r,r-�sendmsg�s�zSSLSocket.sendmsgc
s�|��|jdk	r�|dkr(td|j��d}t|��H}|�d��2}t|�}||krn|�||d��}||7}qJW5QRXW5QRXnt��	||�SdS)Nrz6non-zero flags not allowed in calls to sendall() on %s�B)
rUrr�r��
memoryview�castr�rXr��sendall)r�r�r
r�ZviewZ	byte_viewZamountr&r�r,r-r_�s
�� zSSLSocket.sendallcs,|jdk	r|�|||�St��|||�SdSr�)rZ_sendfile_use_sendr��sendfile)r��file�offsetr�r�r,r-r`�s
zSSLSocket.sendfilecsD|��|jdk	r2|dkr(td|j��|�|�St��||�SdS)Nrz3non-zero flags not allowed in calls to recv() on %s)rUrr�r�r$r�rK�r�Zbuflenr
r�r,r-rK�s
��
zSSLSocket.recvcsj|��|r|dkrt|�}n|dkr*d}|jdk	rV|dkrJtd|j��|�||�St��|||�SdS)Nr#rz8non-zero flags not allowed in calls to recv_into() on %s)rUr�rr�r�r$r��	recv_into�r�r%�nbytesr
r�r,r-rd�s

��zSSLSocket.recv_intocs4|��|jdk	r"td|j��nt��||�SdS)Nz'recvfrom not allowed on instances of %s)rUrr�r�r��recvfromrcr�r,r-rg�s
�zSSLSocket.recvfromcs6|��|jdk	r"td|j��nt��|||�SdS)Nz,recvfrom_into not allowed on instances of %s)rUrr�r�r��
recvfrom_intorer�r,r-rhs
�zSSLSocket.recvfrom_intocOstd|j��dS)Nz&recvmsg not allowed on instances of %srZrr,r,r-�recvmsgs�zSSLSocket.recvmsgcOstd|j��dS)Nz+recvmsg_into not allowed on instances of %srZrr,r,r-�recvmsg_intos�zSSLSocket.recvmsg_intocCs$|��|jdk	r|j��SdSdS)Nr)rUrr0r�r,r,r-r0s

zSSLSocket.pendingcs|��d|_t��|�dSr�)rUrr�r2)r�Zhowr�r,r-r2szSSLSocket.shutdowncCs.|jr|j��}d|_|Stdt|���dS�NzNo SSL wrapper around )rr2r�r�)r��sr,r,r-r3#s

zSSLSocket.unwrapcCs$|jr|j��Stdt|���dSrk)rr7r�r�r�r,r,r-r7,s
z&SSLSocket.verify_client_post_handshakecsd|_t���dSr�)rr��_real_closer�r�r,r-rm3szSSLSocket._real_closec	CsF|��|��}z$|dkr(|r(|�d�|j��W5|�|�XdS)NrB)rVrErNrr1)r��blockrRr,r,r-r17s
zSSLSocket.do_handshakec	s�|jrtd��|js|jdk	r&td��|jj|d|j||jd�|_z@|rVt��	|�}nd}t��
|�|s~d|_|jr~|��|WSt
tfk
r�d|_�YnXdS)Nz!can't connect in server-side modez/attempt to connect already-connected SSLSocket!FrAT)r�r�rOrr�rPr�rHr��
connect_ex�connectr�r1r�)r�r�roZrcr�r,r-�
_real_connectBs0�zSSLSocket._real_connectcCs|�|d�dS)NF�rq�r�r�r,r,r-rp\szSSLSocket.connectcCs|�|d�Sr�rrrsr,r,r-roaszSSLSocket.connect_excs.t���\}}|jj||j|jdd�}||fS)NT)r�r�r�)r��acceptr�r�r�r�)r�Znewsockr�r�r,r-rtfs�zSSLSocket.acceptr�cCs4|jdk	r|j�|�S|tkr,td�|���dSdS)Nz({0} channel binding type not implemented)rr4�CHANNEL_BINDING_TYPESr�r�r5r,r,r-r4rs
�zSSLSocket.get_channel_bindingcCs|jdk	r|j��SdSdSr�r6r�r,r,r-r�}s

zSSLSocket.version)FTTNNN)N)r#N)F)r)N)r)rN)r#r)Nr)r#r)Nr)F)r�)/r8r9r:rr�r�rr;r�rr�r"rSrUrVr$r'r)r+r,r-r.r/rXrYr[r_r`rKrdrgrhrirjr0r2r3r7rmr1rqrprortr4r�r�r,r,r�r-r<�s��_



	











r<Tc
Csl|r|std��|r |s td��t|�}
||
_|r<|
�|�|rL|
�||�|	rZ|
�|	�|
j||||d�S)Nz5certfile must be specified for server-side operationsr)r�r�r�r�)r�r�rr�rZset_ciphersr�)r�rrr�r�ssl_version�ca_certsr�r�Zciphersr�r,r,r-r��s$

�r�cCs�ddlm}ddlm}d}d}z|�|dd����d}Wn$tk
rbtd||f��Yn0X||dd�|�}||d|f|d	d
��SdS)Nr)�strptime)�timegm)ZJanZFebZMarZAprZMayZJunZJulZAugZSepZOctZNovZDecz %d %H:%M:%S %Y GMTrirgz*time data %r does not match format "%%b%s"rhrl)�timerxZcalendarry�index�titler�)Z	cert_timerxryZmonthsZtime_formatZmonth_numberZttr,r,r-�cert_time_to_seconds�s
�r}z-----BEGIN CERTIFICATE-----z-----END CERTIFICATE-----csRtt�|�dd��tg}|�fdd�tdt��d�D�7}|�td�d�|�S)N�ASCII�strictcsg|]}�||d��qS)�@r,)r4�i��fr,r-�
<listcomp>�sz(DER_cert_to_PEM_cert.<locals>.<listcomp>rr��
)	r��base64Zstandard_b64encode�
PEM_HEADER�ranger�r��
PEM_FOOTERr�)Zder_cert_bytesZssr,r�r-�DER_cert_to_PEM_cert�s
"r�cCs\|�t�stdt��|���t�s0tdt��|��tt�tt��}t�|�	dd��S)Nz(Invalid PEM encoding; must start with %sz&Invalid PEM encoding; must end with %sr~r)
r)r�r��strip�endswithr�r�r�Zdecodebytesr�)Zpem_cert_string�dr,r,r-�PEM_cert_to_DER_cert�s
��r�c

Csd|\}}|dk	rt}nt}t|||d�}t|��&}|�|��}|�d�}	W5QRXW5QRXt|	�S)N)rr�T)r
r�_create_stdlib_contextr}r�r)r�)
r�rvrwZhostZportrr�r�ZsslsockZdercertr,r,r-�get_server_certificate�s�
r�cCst�|d�S)Nz	<unknown>)�_PROTOCOL_NAMESr�)Z
protocol_coder,r,r-�get_protocol_name�sr�)mr�r��collectionsr�enumrZ_EnumrZ_IntEnumrZ_IntFlagr;rrrr	r
rrr
rrrrrrr�rr�rrrrr�ImportErrorrrrrrrr r!r"r#r$r%�	_convert_r8r&rr'�__members__�itemsr�r8Z_SSLv2_IF_EXISTSr7r=rGrfr�rxryrzr{r|r}r~rr�r�rJr�r�Zsocket_errorrurZHAS_NEVER_CHECK_COMMON_NAMEZ_RESTRICTED_SERVER_CIPHERSr�r�r�r�r�r�r�r�r�r�r�rrrZ_create_default_https_contextr�rr;r<r�r�r�r}r�r�r�r�r�r�r,r,r,r-�<module>]s�$0������
)
1#9�z�#�/>�




?>