Your IP : 18.219.107.243


Current Path : /opt/alt/python39/lib64/python3.9/__pycache__/
Upload File :
Current File : //opt/alt/python39/lib64/python3.9/__pycache__/ssl.cpython-39.opt-2.pyc

a

R�f2��
@s�ddlZddlZddlmZddlmZmZm	Z
ddlZddlmZm
Z
mZddlmZmZmZddlmZmZmZmZmZmZmZddlmZmZddlmZmZmZm Z zdd	lm!Z!Wne"y�Yn0dd
lm#Z#m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,ddlm-Z-m.Z.ej/de0d
d�ed�e
j/de0dd�ed�ej/de0dd�ed�ej/de0dd�ed�e
j/de0dd�ed�ej/de0dd�ed�e1j2Z3e1_3dd�e1j4�5�D�Z6e7e1dd�Z8Gdd�de�Z9Gdd �d e�Z:Gd!d"�d"e�Z;Gd#d$�d$e�Z<ej=d%k�rdd&lm>Z>m?Z?dd'l@m@Z@mAZAmBZBdd(l@mCZCmDZDddl@ZEddlFZFddlGZGddlHZHeIZJd)gZKeLed*�ZMe-ZNeZOd+d,�ZPd-d.�ZQd/d0�ZRd1d2�ZSed3d4�ZTd5d6�ZUGd7d8�d8ed8d9��ZVGd:d;�d;eVe�ZWGd<d=�d=e�ZXeWjYfdddd>�d?d@�ZZe2fe[dAeWjYddddddB�dCdD�Z\eZZ]e\Z^GdEdF�dF�Z_dGdH�Z`GdIdJ�dJe@�ZaeaeX_be_eX_cdddAe[e2ddKdKdf	dLdM�ZddNdO�ZedPZfdQZgdRdS�ZhdTdU�Zie2dfdVdW�ZjdXdY�ZkdS)Z�N)�
namedtuple)�Enum�IntEnum�IntFlag)�OPENSSL_VERSION_NUMBER�OPENSSL_VERSION_INFO�OPENSSL_VERSION)�_SSLContext�	MemoryBIO�
SSLSession)�SSLError�SSLZeroReturnError�SSLWantReadError�SSLWantWriteError�SSLSyscallError�SSLEOFError�SSLCertVerificationError)�txt2obj�nid2obj)�RAND_status�RAND_add�
RAND_bytes�RAND_pseudo_bytes)�RAND_egd)
�HAS_SNI�HAS_ECDH�HAS_NPN�HAS_ALPN�	HAS_SSLv2�	HAS_SSLv3�	HAS_TLSv1�HAS_TLSv1_1�HAS_TLSv1_2�HAS_TLSv1_3)�_DEFAULT_CIPHERS�_OPENSSL_API_VERSION�
_SSLMethodcCs|�d�o|dkS)NZ	PROTOCOL_�PROTOCOL_SSLv23��
startswith��name�r,�(/opt/alt/python39/lib64/python3.9/ssl.py�<lambda>}�r.)�source�OptionscCs
|�d�S)NZOP_r(r*r,r,r-r.�r/ZAlertDescriptioncCs
|�d�S)NZALERT_DESCRIPTION_r(r*r,r,r-r.�r/ZSSLErrorNumbercCs
|�d�S)NZ
SSL_ERROR_r(r*r,r,r-r.�r/�VerifyFlagscCs
|�d�S)NZVERIFY_r(r*r,r,r-r.�r/�
VerifyModecCs
|�d�S)NZCERT_r(r*r,r,r-r.�r/cCsi|]\}}||�qSr,r,)�.0r+�valuer,r,r-�
<dictcomp>�r/r6ZPROTOCOL_SSLv2c@s6eZdZejZejZejZ	ej
ZejZ
ejZejZdS)�
TLSVersionN)�__name__�
__module__�__qualname__�_sslZPROTO_MINIMUM_SUPPORTEDZMINIMUM_SUPPORTEDZPROTO_SSLv3�SSLv3ZPROTO_TLSv1ZTLSv1Z
PROTO_TLSv1_1ZTLSv1_1Z
PROTO_TLSv1_2ZTLSv1_2Z
PROTO_TLSv1_3ZTLSv1_3ZPROTO_MAXIMUM_SUPPORTEDZMAXIMUM_SUPPORTEDr,r,r,r-r7�sr7c@s$eZdZdZdZdZdZdZdZdS)�_TLSContentType������N)	r8r9r:�CHANGE_CIPHER_SPEC�ALERTZ	HANDSHAKEZAPPLICATION_DATA�HEADERZINNER_CONTENT_TYPEr,r,r,r-r=�sr=c@s�eZdZdZdZdZdZdZdZdZ	dZ
d	Zd
ZdZ
dZd
ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!d Z"d!Z#d"Z$d#S)$�
_TLSAlertTyper�
r>r?r@��(�)�*�+�,�-�.�/�0�1�2�3�<�F�G�P�V�Z�d�m�n�o�p�q�r�s�t�xN)%r8r9r:ZCLOSE_NOTIFYZUNEXPECTED_MESSAGEZBAD_RECORD_MACZDECRYPTION_FAILEDZRECORD_OVERFLOWZDECOMPRESSION_FAILUREZHANDSHAKE_FAILUREZNO_CERTIFICATEZBAD_CERTIFICATEZUNSUPPORTED_CERTIFICATEZCERTIFICATE_REVOKEDZCERTIFICATE_EXPIREDZCERTIFICATE_UNKNOWNZILLEGAL_PARAMETERZ
UNKNOWN_CAZ
ACCESS_DENIEDZDECODE_ERRORZ
DECRYPT_ERRORZEXPORT_RESTRICTIONZPROTOCOL_VERSIONZINSUFFICIENT_SECURITYZINTERNAL_ERRORZINAPPROPRIATE_FALLBACKZ
USER_CANCELEDZNO_RENEGOTIATIONZMISSING_EXTENSIONZUNSUPPORTED_EXTENSIONZCERTIFICATE_UNOBTAINABLEZUNRECOGNIZED_NAMEZBAD_CERTIFICATE_STATUS_RESPONSEZBAD_CERTIFICATE_HASH_VALUEZUNKNOWN_PSK_IDENTITYZCERTIFICATE_REQUIREDZNO_APPLICATION_PROTOCOLr,r,r,r-rG�sDrGc@sdeZdZdZdZdZdZdZdZdZ	dZ
d	Zd
ZdZ
dZd
ZdZdZdZdZdZdZdZdZdZdS)�_TLSMessageTyper����������
���r>r?r@rA��C�rCN)r8r9r:Z
HELLO_REQUESTZCLIENT_HELLOZSERVER_HELLOZHELLO_VERIFY_REQUESTZNEWSESSION_TICKETZEND_OF_EARLY_DATAZHELLO_RETRY_REQUESTZENCRYPTED_EXTENSIONSZCERTIFICATEZSERVER_KEY_EXCHANGEZCERTIFICATE_REQUESTZSERVER_DONEZCERTIFICATE_VERIFYZCLIENT_KEY_EXCHANGEZFINISHEDZCERTIFICATE_URLZCERTIFICATE_STATUSZSUPPLEMENTAL_DATAZ
KEY_UPDATEZ
NEXT_PROTOZMESSAGE_HASHrDr,r,r,r-rf�s,rf�win32)�enum_certificates�	enum_crls)�socket�SOCK_STREAM�create_connection)�
SOL_SOCKET�SO_TYPE�
tls-unique�HOSTFLAG_NEVER_CHECK_SUBJECTcCs�|sdS|�d�}|s&|��|��kS|dkr<td�|���|�d�\}}}d|vrbtd�|���|sttd�|���|dkr�td�|���|�d�\}}}|r�|s�dS|��|��kS)	NF�*rgz1too many wildcards in certificate DNS name: {!r}.�.z9wildcard can only be present in the leftmost label: {!r}.z>sole wildcard without additional labels are not support: {!r}.z<partial wildcards in leftmost label are not supported: {!r}.)�count�lower�CertificateError�format�	partition)Zdn�hostnameZ	wildcardsZdn_leftmost�sepZdn_remainderZhostname_leftmostZhostname_remainderr,r,r-�_dnsname_matchs@

�������r�cCs�zt�|�}Wnty Yn"0t�|�|kr4|Std�|���zt�tj|�WStyrtd�|���Ynty�Yn0td�|���dS)Nz'{!r} is not a quad-dotted IPv4 address.z+{!r} is neither an IPv4 nor an IP6 address.z{!r} is not an IPv4 address.)	�_socketZ	inet_aton�OSErrorZ	inet_ntoa�
ValueErrorr�Z	inet_ptonZAF_INET6�AttributeError)Zipname�addrr,r,r-�_inet_patonEs$��
r�cCst|���}||kS�N)r��rstrip)Zcert_ipaddress�host_ipZipr,r,r-�_ipaddress_matchhsr�cCsH|std��zt|�}Wnty.d}Yn0g}|�dd�}|D]^\}}|dkrx|durlt||�rldS|�|�qD|dkrD|dur�t||�r�dS|�|�qD|s�|�dd�D]6}|D],\}}|dkr�t||�r�dS|�|�q�q�t|�dk�rtd	|d
�t	t
|��f��n,t|�dk�r<td||df��ntd
��dS)Nztempty or no certificate, match_hostname needs a SSL socket or SSL context with either CERT_OPTIONAL or CERT_REQUIREDZsubjectAltNamer,ZDNSz
IP AddressZsubjectZ
commonNamergz&hostname %r doesn't match either of %sz, zhostname %r doesn't match %rrz=no appropriate commonName or subjectAltName fields were found)r�r��getr��appendr��lenr��join�map�repr)�certr�r�ZdnsnamesZsan�keyr5�subr,r,r-�match_hostnametsB


�
�r��DefaultVerifyPathszQcafile capath openssl_cafile_env openssl_cafile openssl_capath_env openssl_capathcCsft��}tj�|d|d�}tj�|d|d�}ttj�|�rF|ndtj�|�rX|ndg|�R�S)Nrrgrhri)	r;�get_default_verify_paths�os�environr�r��path�isfile�isdir)�parts�cafile�capathr,r,r-r��s��r�cs@eZdZdZ�fdd�Ze�fdd��Ze�fdd��Z�ZS)�_ASN1Objectr,cst�j|gt|dd��R�S)NFr*��super�__new__�_txt2obj)�cls�oid��	__class__r,r-r��sz_ASN1Object.__new__cst�j|gt|��R�Sr�)r�r��_nid2obj)r�Znidr�r,r-�fromnid�sz_ASN1Object.fromnidcst�j|gt|dd��R�S)NTr*r�)r�r+r�r,r-�fromname�sz_ASN1Object.fromname)	r8r9r:�	__slots__r��classmethodr�r��
__classcell__r,r,r�r-r��sr�znid shortname longname oidc@seZdZdZdZdS)�Purposez1.3.6.1.5.5.7.3.1z1.3.6.1.5.5.7.3.2N)r8r9r:�SERVER_AUTHZCLIENT_AUTHr,r,r,r-r��sr�cs�eZdZdZdZdZefdd�Zdd�Zd1d	d
�Z	d2dd�Z
d
d�Zdd�Zdd�Z
dd�Zejfdd�Zeed�r�e�fdd��Zej�fdd��Ze�fdd��Zej�fdd��Ze�fdd��Zej�fd d��Zeed!��red"d#��Zejd$d#��Zned%d#��Ze�fd&d'��Zej�fd(d'��Ze�fd)d*��Ze�fd+d,��Zej�fd-d,��Ze�fd.d/��Zej�fd0d/��Z�ZS)3�
SSLContext)ZCAZROOTNcOst�||�}|Sr�)r	r�)r��protocol�args�kwargs�selfr,r,r-r��szSSLContext.__new__cCs4|durdSt|t�r&|�d��d�S|�d�SdS)NZidna�ascii)�
isinstance�str�encode�decode)r�r�r,r,r-�_encode_hostname�s

zSSLContext._encode_hostnameFTc	Cs|jj|||||||d�S)N)�sock�server_side�do_handshake_on_connect�suppress_ragged_eofs�server_hostname�context�session)�sslsocket_class�_create)r�r�r�r�r�r�r�r,r,r-�wrap_socket�s�zSSLContext.wrap_socketcCs|jj||||�|�||d�S)N)r�r�r�r�)�sslobject_classr�r�)r��incoming�outgoingr�r�r�r,r,r-�wrap_bio�s
�zSSLContext.wrap_biocCs`t�}|D]F}t|d�}t|�dks0t|�dkr8td��|�t|��|�|�q
|�|�dS)Nr�r�z(NPN protocols must be 1 to 255 in length)�	bytearray�bytesr�rr��extendZ_set_npn_protocols)r�Z
npn_protocols�protosr��br,r,r-�set_npn_protocols	s
zSSLContext.set_npn_protocolscs8�durd�_n$t��s td����fdd�}|�_dS)Nznot a callable objectcs��|�}�|||�Sr�)r�)�sslobjZ
servernameZsslctx�r��server_name_callbackr,r-�shim_cbs
z3SSLContext.set_servername_callback.<locals>.shim_cb)Zsni_callback�callable�	TypeError)r�r�r�r,r�r-�set_servername_callbacksz"SSLContext.set_servername_callbackcCs`t�}|D]F}t|d�}t|�dks0t|�dkr8td��|�t|��|�|�q
|�|�dS)Nr�rr�z)ALPN protocols must be 1 to 255 in length)r�r�r�rr�r�Z_set_alpn_protocols)r�Zalpn_protocolsr�r�r�r,r,r-�set_alpn_protocols!s
zSSLContext.set_alpn_protocolscCstt�}z<t|�D].\}}}|dkr|dus4|j|vr|�|�qWnty^t�d�Yn0|rp|j|d�|S)NZx509_asnTz-unable to enumerate Windows certificate store)�cadata)r�rxr�r��PermissionError�warnings�warn�load_verify_locations)r��	storename�purposeZcertsr��encodingZtrustr,r,r-�_load_windows_store_certs,sz$SSLContext._load_windows_store_certscCs@t|t�st|��tjdkr4|jD]}|�||�q"|��dS)Nrw)r�r�r��sys�platform�_windows_cert_storesr�Zset_default_verify_paths)r�r�r�r,r,r-�load_default_certs:s


zSSLContext.load_default_certs�minimum_versioncstt�j�Sr�)r7r�r��r�r�r,r-r�CszSSLContext.minimum_versioncs4|tjkr|jtjM_ttt�j�||�dSr�)	r7r<�optionsr1ZOP_NO_SSLv3r�r�r��__set__�r�r5r�r,r-r�Gs
cstt�j�Sr�)r7r��maximum_versionr�r�r,r-r�MszSSLContext.maximum_versioncsttt�j�||�dSr�)r�r�r�r�r�r�r,r-r�Qscstt�j�Sr�)r1r�r�r�r�r,r-r�UszSSLContext.optionscsttt�j�||�dSr�)r�r�r�r�r�r�r,r-r�Ysr�cCs|jtj@}|tjkSr��Z_host_flagsr;r�)r�Zncsr,r,r-�hostname_checks_common_name^sz&SSLContext.hostname_checks_common_namecCs,|r|jtjM_n|jtjO_dSr�r�r�r,r,r-r�cscCsdS�NTr,r�r,r,r-r�jscst�j}|dur|jSdSdSr�)r��
_msg_callback�
user_function)r��innerr�r,r-r�ns!zSSLContext._msg_callbackcsb�dur ttt�j�|d�dSt�d�s8t��d����fdd�}�|_ttt�j�||�dS)N�__call__z is not callable.cs�zt|�}WntyYn0zt|�}Wnty>Yn0|tjkrPt}n|tjkr`t}nt}z||�}Wnty�Yn0�||||||�Sr�)r7r�r=rFrErGrf)Zconn�	direction�versionZcontent_typeZmsg_type�dataZmsg_enum��callbackr,r-r��s(

�z'SSLContext._msg_callback.<locals>.inner)r�r�r�r��hasattrr�r�)r�rr�r�r�r-r��s
cstt�j�Sr�)r&r�r�r�r�r,r-r��szSSLContext.protocolcstt�j�Sr�)r2r��verify_flagsr�r�r,r-r�szSSLContext.verify_flagscsttt�j�||�dSr�)r�r�rr�r�r�r,r-r�scs.t�j}z
t|�WSty(|YS0dSr�)r��verify_moder3r�r�r�r,r-r�s

zSSLContext.verify_modecsttt�j�||�dSr�)r�r�rr�r�r�r,r-r�s)FTTNN)FNN) r8r9r:r�r�r��PROTOCOL_TLSr�r�r�r�r�r�r�r�r�r�r�rr	�propertyr��setterr�r�r;r�r�r�rrr�r,r,r�r-r��sh�
�





&%r�)r�r�r�cCs�t|t�st|��tt�}|tjkr0t|_d|_	|s<|s<|rL|�
|||�n|jtkr`|�|�t
|d�r�tj�d�}|r�tjjs�||_|S)NT�keylog_filename�
SSLKEYLOGFILE)r�r�r�r�rr�r��
CERT_REQUIREDr�check_hostnamer��	CERT_NONEr�rr�r�r�r��flags�ignore_environmentr)r�r�r�r�r��
keylogfiler,r,r-�create_default_context�s




rF)�	cert_reqsr
r��certfile�keyfiler�r�r�cCs�t|t�st|��t|�}	|s$d|	_|dur2||	_|r<d|	_|rL|sLtd��|sT|r`|	�||�|sl|sl|r||	�|||�n|	jt	kr�|	�
|�t|	d�r�tj
�d�}
|
r�tjjs�|
|	_|	S)NFT�certfile must be specifiedrr)r�r�r�r�r
rr��load_cert_chainr�rr�rr�r�r�r�rr
r)r�rr
r�rrr�r�r�r�rr,r,r-�_create_unverified_context�s,



rc@s�eZdZdd�Zed1dd��Zedd��Zejd	d��Zed
d��Z	e	jdd��Z	ed
d��Z
edd��Zedd��Zd2dd�Z
dd�Zd3dd�Zdd�Zdd�Zdd�Zd d!�Zd"d#�Zd$d%�Zd&d'�Zd(d)�Zd4d+d,�Zd-d.�Zd/d0�ZdS)5�	SSLObjectcOst|jj�d���dS)NzU does not have a public constructor. Instances are returned by SSLContext.wrap_bio().�r�r�r8�r�r�r�r,r,r-�__init__<s�zSSLObject.__init__FNc	Cs*|�|�}|j||||||d�}||_|S)N)r�r��ownerr�)r�Z	_wrap_bio�_sslobj)	r�r�r�r�r�r�r�r�r�r,r,r-r�Bs
�zSSLObject._createcCs|jjSr��rr�r�r,r,r-r�NszSSLObject.contextcCs||j_dSr�r�r��ctxr,r,r-r�SscCs|jjSr��rr�r�r,r,r-r�WszSSLObject.sessioncCs||j_dSr�r�r�r�r,r,r-r�\scCs|jjSr��r�session_reusedr�r,r,r-r"`szSSLObject.session_reusedcCs|jjSr�)rr�r�r,r,r-r�eszSSLObject.server_sidecCs|jjSr�)rr�r�r,r,r-r�jszSSLObject.server_hostname�cCs(|dur|j�||�}n|j�|�}|Sr�)r�read)r�r��buffer�vr,r,r-r$pszSSLObject.readcCs|j�|�Sr�)r�write�r�r�r,r,r-r'|szSSLObject.writecCs|j�|�Sr�)r�getpeercert�r�Zbinary_formr,r,r-r)�szSSLObject.getpeercertcCstjr|j��SdSr�)r;rr�selected_npn_protocolr�r,r,r-r+�szSSLObject.selected_npn_protocolcCstjr|j��SdSr�)r;rr�selected_alpn_protocolr�r,r,r-r,�sz SSLObject.selected_alpn_protocolcCs
|j��Sr�)r�cipherr�r,r,r-r-�szSSLObject.ciphercCs
|j��Sr�)r�shared_ciphersr�r,r,r-r.�szSSLObject.shared_cipherscCs
|j��Sr�)r�compressionr�r,r,r-r/�szSSLObject.compressioncCs
|j��Sr�)r�pendingr�r,r,r-r0�szSSLObject.pendingcCs|j��dSr�)r�do_handshaker�r,r,r-r1�szSSLObject.do_handshakecCs
|j��Sr�)r�shutdownr�r,r,r-�unwrap�szSSLObject.unwraprcCs|j�|�Sr�)r�get_channel_binding�r�Zcb_typer,r,r-r4�szSSLObject.get_channel_bindingcCs
|j��Sr��rr�r�r,r,r-r��szSSLObject.versioncCs
|j��Sr�)r�verify_client_post_handshaker�r,r,r-r7�sz&SSLObject.verify_client_post_handshake)FNNN)r#N)F)r)r8r9r:rr�r�rr�rr�r"r�r�r$r'r)r+r,r-r.r/r0r1r3r4r�r7r,r,r,r-r-sB�








	
rcCstt|j�j|_|Sr�)�getattrrr8�__doc__)�funcr,r,r-�_sslcopydoc�sr;cseZdZdd�ZedW�fdd�	�Zeedd	���Zej	d
d	��Zeedd���Z
e
j	d
d��Z
eedd���Zdd�ZdXdd�Z
dd�ZdYdd�Zdd�ZedZdd��Zedd��Zedd ��Zed!d"��Zed#d$��Zed%d&��Zd[�fd(d)�	Zd\�fd*d+�	Zd,d-�Zd]�fd.d/�	Zd^�fd0d1�	Zd_�fd2d3�	Zd`�fd4d5�	Zda�fd6d7�	Zdb�fd8d9�	Zd:d;�Z d<d=�Z!ed>d?��Z"�fd@dA�Z#edBdC��Z$edDdE��Z%�fdFdG�Z&edcdHdI��Z'�fdJdK�Z(dLdM�Z)dNdO�Z*�fdPdQ�Z+edddSdT��Z,edUdV��Z-�Z.S)e�	SSLSocketcOst|jj�d���dS)NzX does not have a public constructor. Instances are returned by SSLContext.wrap_socket().rrr,r,r-r�s�zSSLSocket.__init__FTNc
sf|�tt�tkrtd��|r8|r(td��|dur8td��|jrJ|sJtd��t|j|j	|j
|��d�}|j|fi|��}	t
t|	�jfi|��|��}
|��||	_||	_d|	_d|	_||	_|�|�|	_||	_||	_z|	��Wn�t�y�}z�|jtjkr��d}|	��}
|	� d�z|	�!d�}Wn@t�yb}z&|jtjtj"fv�rJ�d}WYd}~n
d}~00|	� |
�|�r�d	}t#|j|�}||_$d|_%z|	�&�Wnt�y�Yn0z|�Wd}nd}0WYd}~nd}~00d
}|	�'|
�||	_(|�rbzH|	jj)|	||	j|	|	jd�|	_|�r<|	��}|dk�r4td
��|	�*�Wn"ttf�y`|	�&��Yn0|	S)Nz!only stream sockets are supportedz4server_hostname can only be specified in client modez,session can only be specified in client modez'check_hostname requires server_hostname)�family�type�proto�filenoFrgr/z5Closed before TLS handshake with data in recv buffer.T�rr��zHdo_handshake_on_connect should not be specified for non-blocking sockets)+Z
getsockoptr}r~r{�NotImplementedErrorr�r
�dictr=r>r?r@r�r�r<r�
gettimeout�detach�_context�_sessionZ_closedrr�r�r�r�r��getpeernamer��errnoZENOTCONNZgetblockingZsetblocking�recvZEINVALr�reasonZlibrary�close�
settimeout�
_connected�_wrap_socketr1)r�r�r�r�r�r�r�r�r�r�Zsock_timeout�eZ	connectedZblockingZnotconn_pre_handshake_datarLZ notconn_pre_handshake_data_error�timeoutr�r,r-r��s�
�

"
�
zSSLSocket._createcCs|jSr�)rGr�r,r,r-r�8szSSLSocket.contextcCs||_||j_dSr�)rGrr�rr,r,r-r�=scCs|jdur|jjSdSr�rr�r,r,r-r�Bs
zSSLSocket.sessioncCs||_|jdur||j_dSr�)rHrr�r r,r,r-r�Hs
cCs|jdur|jjSdSr�r!r�r,r,r-r"Ns
zSSLSocket.session_reusedcCstd|jj��dS)NzCan't dup() %s instances)rCr�r8r�r,r,r-�dupTs�z
SSLSocket.dupcCsdSr�r,)r��msgr,r,r-�_checkClosedXszSSLSocket._checkClosedcCs|js|��dSr�)rOrIr�r,r,r-�_check_connected\szSSLSocket._check_connectedr#c
Cs�|��|jdurtd��z*|dur4|j�||�WS|j�|�WSWn`ty�}zH|jdtkr�|jr�|dur~WYd}~dSWYd}~dSn�WYd}~n
d}~00dS)Nz'Read on closed or unwrapped SSL socket.rr/)rUrr�r$rr�Z
SSL_ERROR_EOFr�)r�r�r%�xr,r,r-r$ds
zSSLSocket.readcCs&|��|jdurtd��|j�|�S)Nz(Write on closed or unwrapped SSL socket.)rUrr�r'r(r,r,r-r'ys
zSSLSocket.writecCs|��|��|j�|�Sr�)rUrVrr)r*r,r,r-r)�szSSLSocket.getpeercertcCs*|��|jdustjsdS|j��SdSr�)rUrr;rr+r�r,r,r-r+�szSSLSocket.selected_npn_protocolcCs*|��|jdustjsdS|j��SdSr�)rUrr;rr,r�r,r,r-r,�sz SSLSocket.selected_alpn_protocolcCs$|��|jdurdS|j��SdSr�)rUrr-r�r,r,r-r-�s
zSSLSocket.ciphercCs$|��|jdurdS|j��SdSr�)rUrr.r�r,r,r-r.�s
zSSLSocket.shared_cipherscCs$|��|jdurdS|j��SdSr�)rUrr/r�r,r,r-r/�s
zSSLSocket.compressionrcsF|��|jdur4|dkr(td|j��|j�|�St��||�SdS)Nrz3non-zero flags not allowed in calls to send() on %s)rUrr�r�r'r��send)r�r�rr�r,r-rX�s
��zSSLSocket.sendcsL|��|jdur"td|j��n&|dur8t��||�St��|||�SdS)Nz%sendto not allowed on instances of %s)rUrr�r�r��sendto)r�r�Z
flags_or_addrr�r�r,r-rY�s
�zSSLSocket.sendtocOstd|j��dS)Nz&sendmsg not allowed on instances of %s�rCr�rr,r,r-�sendmsg�s�zSSLSocket.sendmsgc	s�|��|jdur�|dkr(td|j��d}t|��f}|�d��<}t|�}||krn|�||d��}||7}qJWd�n1s�0YWd�q�1s�0Ynt��	||�SdS)Nrz6non-zero flags not allowed in calls to sendall() on %s�B)
rUrr�r��
memoryview�castr�rXr��sendall)r�r�rr�ZviewZ	byte_viewZamountr&r�r,r-r_�s
��HzSSLSocket.sendallcs,|jdur|�|||�St��|||�SdSr�)rZ_sendfile_use_sendr��sendfile)r��file�offsetr�r�r,r-r`�s
zSSLSocket.sendfilecsD|��|jdur2|dkr(td|j��|�|�St��||�SdS)Nrz3non-zero flags not allowed in calls to recv() on %s)rUrr�r�r$r�rK�r�Zbuflenrr�r,r-rK�s
��
zSSLSocket.recvcsj|��|r|durt|�}n|dur*d}|jdurV|dkrJtd|j��|�||�St��|||�SdS)Nr#rz8non-zero flags not allowed in calls to recv_into() on %s)rUr�rr�r�r$r��	recv_into�r�r%�nbytesrr�r,r-rd�s

��zSSLSocket.recv_intocs4|��|jdur"td|j��nt��||�SdS)Nz'recvfrom not allowed on instances of %s)rUrr�r�r��recvfromrcr�r,r-rg�s
�zSSLSocket.recvfromcs6|��|jdur"td|j��nt��|||�SdS)Nz,recvfrom_into not allowed on instances of %s)rUrr�r�r��
recvfrom_intorer�r,r-rhs
�zSSLSocket.recvfrom_intocOstd|j��dS)Nz&recvmsg not allowed on instances of %srZrr,r,r-�recvmsgs�zSSLSocket.recvmsgcOstd|j��dS)Nz+recvmsg_into not allowed on instances of %srZrr,r,r-�recvmsg_intos�zSSLSocket.recvmsg_intocCs$|��|jdur|j��SdSdS)Nr)rUrr0r�r,r,r-r0s

zSSLSocket.pendingcs|��d|_t��|�dSr�)rUrr�r2)r�Zhowr�r,r-r2szSSLSocket.shutdowncCs.|jr|j��}d|_|Stdt|���dS�NzNo SSL wrapper around )rr2r�r�)r��sr,r,r-r3$s

zSSLSocket.unwrapcCs$|jr|j��Stdt|���dSrk)rr7r�r�r�r,r,r-r7-s
z&SSLSocket.verify_client_post_handshakecsd|_t���dSr�)rr��_real_closer�r�r,r-rm4szSSLSocket._real_closec	CsP|��|��}z.|dkr(|r(|�d�|j��W|�|�n|�|�0dS)NrB)rVrErNrr1)r��blockrRr,r,r-r18s
zSSLSocket.do_handshakec	s�|jrtd��|js|jdur&td��|jj|d|j||jd�|_z@|rVt��	|�}nd}t��
|�|s~d|_|jr~|��|WSt
tfy�d|_�Yn0dS)Nz!can't connect in server-side modez/attempt to connect already-connected SSLSocket!FrAT)r�r�rOrr�rPr�rHr��
connect_ex�connectr�r1r�)r�r�roZrcr�r,r-�
_real_connectCs*�zSSLSocket._real_connectcCs|�|d�dS)NF�rq�r�r�r,r,r-rp]szSSLSocket.connectcCs|�|d�Sr�rrrsr,r,r-robszSSLSocket.connect_excs.t���\}}|jj||j|jdd�}||fS)NT)r�r�r�)r��acceptr�r�r�r�)r�Znewsockr�r�r,r-rtgs�zSSLSocket.acceptrcCs4|jdur|j�|�S|tvr,td�|���dSdS)Nz({0} channel binding type not implemented)rr4�CHANNEL_BINDING_TYPESr�r�r5r,r,r-r4ss
�zSSLSocket.get_channel_bindingcCs|jdur|j��SdSdSr�r6r�r,r,r-r�~s

zSSLSocket.version)FTTNNN)N)r#N)F)r)N)r)rN)r#r)Nr)r#r)Nr)F)r)/r8r9r:rr�r�rr;r�rr�r"rSrUrVr$r'r)r+r,r-r.r/rXrYr[r_r`rKrdrgrhrirjr0r2r3r7rmr1rqrprortr4r�r�r,r,r�r-r<�s��_



	











r<Tc
Csl|r|std��|r |s td��t|�}
||
_|r<|
�|�|rL|
�||�|	rZ|
�|	�|
j||||d�S)Nz5certfile must be specified for server-side operationsr)r�r�r�r�)r�r�rr�rZset_ciphersr�)r�rrr�r�ssl_version�ca_certsr�r�Zciphersr�r,r,r-r��s"

�r�cCs�ddlm}ddlm}d}d}z|�|dd����d}Wn"ty`td||f��Yn00||dd�|�}||d|f|d	d
��SdS)Nr)�strptime)�timegm)ZJanZFebZMarZAprZMayZJunZJulZAugZSepZOctZNovZDecz %d %H:%M:%S %Y GMTrirgz*time data %r does not match format "%%b%s"rhrl)�timerxZcalendarry�index�titler�)Z	cert_timerxryZmonthsZtime_formatZmonth_numberZttr,r,r-�cert_time_to_seconds�s
�r}z-----BEGIN CERTIFICATE-----z-----END CERTIFICATE-----csRtt�|�dd��tg}|�fdd�tdt��d�D�7}|�td�d�|�S)N�ASCII�strictcsg|]}�||d��qS)�@r,)r4�i��fr,r-�
<listcomp>�r/z(DER_cert_to_PEM_cert.<locals>.<listcomp>rr��
)	r��base64Zstandard_b64encode�
PEM_HEADER�ranger�r��
PEM_FOOTERr�)Zder_cert_bytesZssr,r�r-�DER_cert_to_PEM_cert�s
"r�cCs\|�t�stdt��|���t�s0tdt��|��tt�tt��}t�|�	dd��S)Nz(Invalid PEM encoding; must start with %sz&Invalid PEM encoding; must end with %sr~r)
r)r�r��strip�endswithr�r�r�Zdecodebytesr�)Zpem_cert_string�dr,r,r-�PEM_cert_to_DER_cert�s
��r�c
	Cs�|\}}|durt}nt}t|||d�}t|��D}|�|��}|�d�}	Wd�n1s\0YWd�n1sz0Yt|	�S)N)rr�T)r	r�_create_stdlib_contextr|r�r)r�)
r�rvrwZhostZportrr�r�ZsslsockZdercertr,r,r-�get_server_certificate�s�
Fr�cCst�|d�S)Nz	<unknown>)�_PROTOCOL_NAMESr�)Z
protocol_coder,r,r-�get_protocol_name�sr�)lr�r��collectionsr�enumrZ_EnumrZ_IntEnumrZ_IntFlagr;rrrr	r
rrr
rrrrrrr�rr�rrrrr�ImportErrorrrrrrrr r!r"r#r$r%�	_convert_r8r&rr'�__members__�itemsr�r8Z_SSLv2_IF_EXISTSr7r=rGrfr�rxryrzr{r|r}r~r�r�rJr�r�Zsocket_errorrurZHAS_NEVER_CHECK_COMMON_NAMEZ_RESTRICTED_SERVER_CIPHERSr�r�r�r�r�r�r�r�r�r�r�rrrZ_create_default_https_contextr�rr;r<r�r�r�r}r�r�r�r�r�r�r,r,r,r-�<module>^s�$0������
)
1#9�z�#�/>�




?>