AlkantarClanX12

Your IP : 18.191.200.47

Current Path : /opt/alt/python37/lib64/python3.7/__pycache__/
Upload File :
Current File : //opt/alt/python37/lib64/python3.7/__pycache__/ssl.cpython-37.opt-2.pyc

B

YI~d���
@s�ddlZddlZddlmZddlmZmZm	Z
ddlZddlmZm
Z
mZddlmZmZmZddlmZmZmZmZmZmZmZddlmZmZddlmZmZmZm Z ydd	lm!Z!Wne"k
r�YnXdd
lm#Z#m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,ddlm-Z-m.Z.ej/de0d
d�ed�e
j/de0dd�ed�ej/de0dd�ed�ej/de0dd�ed�e
j/de0dd�ed�ej/de0dd�ed�e1j2Z3e1_3dd�e1j4�5�D�Z6e7e1dd�Z8Gdd�de�Z9ej:dk�r�dd lm;Z;m<Z<dd!l=m=Z=m>Z>m?Z?m@Z@dd"l=mAZAmBZBddl=ZCddlDZDddlEZEddlFZFeGZHd#gZIeJed$�ZKe-ZLeZMd%d&�ZNd'd(�ZOd)d*�ZPd+d,�ZQed-d.�ZRd/d0�ZSGd1d2�d2ed2d3��ZTGd4d5�d5eTe�ZUGd6d7�d7e�ZVeUjWfdddd8�d9d:�ZXe2feYd;eUjWdddddd<�d=d>�ZZeXZ[eZZ\Gd?d@�d@�Z]dAdB�Z^GdCdD�dDe=�Z_e_eV_`e]eV_addd;eYe2ddEdEdf	dFdG�ZbdHdI�ZcdJZddKZedLdM�ZfdNdO�Zge2dfdPdQ�ZhdRdS�ZidS)T�N)�
namedtuple)�Enum�IntEnum�IntFlag)�OPENSSL_VERSION_NUMBER�OPENSSL_VERSION_INFO�OPENSSL_VERSION)�_SSLContext�	MemoryBIO�
SSLSession)�SSLError�SSLZeroReturnError�SSLWantReadError�SSLWantWriteError�SSLSyscallError�SSLEOFError�SSLCertVerificationError)�txt2obj�nid2obj)�RAND_status�RAND_add�
RAND_bytes�RAND_pseudo_bytes)�RAND_egd)
�HAS_SNI�HAS_ECDH�HAS_NPN�HAS_ALPN�	HAS_SSLv2�	HAS_SSLv3�	HAS_TLSv1�HAS_TLSv1_1�HAS_TLSv1_2�HAS_TLSv1_3)�_DEFAULT_CIPHERS�_OPENSSL_API_VERSION�
_SSLMethodcCs|�d�o|dkS)NZ	PROTOCOL_�PROTOCOL_SSLv23)�
startswith)�name�r*�(/opt/alt/python37/lib64/python3.7/ssl.py�<lambda>|�r,)�source�OptionscCs
|�d�S)NZOP_)r()r)r*r*r+r,�r-ZAlertDescriptioncCs
|�d�S)NZALERT_DESCRIPTION_)r()r)r*r*r+r,�r-ZSSLErrorNumbercCs
|�d�S)NZ
SSL_ERROR_)r()r)r*r*r+r,�r-�VerifyFlagscCs
|�d�S)NZVERIFY_)r()r)r*r*r+r,�r-�
VerifyModecCs
|�d�S)NZCERT_)r()r)r*r*r+r,�r-cCsi|]\}}||�qSr*r*)�.0r)�valuer*r*r+�
<dictcomp>�sr4ZPROTOCOL_SSLv2c@s6eZdZejZejZejZ	ej
ZejZ
ejZejZdS)�
TLSVersionN)�__name__�
__module__�__qualname__�_sslZPROTO_MINIMUM_SUPPORTEDZMINIMUM_SUPPORTEDZPROTO_SSLv3�SSLv3ZPROTO_TLSv1ZTLSv1Z
PROTO_TLSv1_1ZTLSv1_1Z
PROTO_TLSv1_2ZTLSv1_2Z
PROTO_TLSv1_3ZTLSv1_3ZPROTO_MAXIMUM_SUPPORTEDZMAXIMUM_SUPPORTEDr*r*r*r+r5�sr5�win32)�enum_certificates�	enum_crls)�socket�AF_INET�SOCK_STREAM�create_connection)�
SOL_SOCKET�SO_TYPEz
tls-unique�HOSTFLAG_NEVER_CHECK_SUBJECTcCs�|sdS|�d�}|s&|��|��kS|dkr<td�|���|�d�\}}}d|krbtd�|���|sttd�|���|dkr�td�|���|�d�\}}}|r�|s�dS|��|��kS)	NF�*�z1too many wildcards in certificate DNS name: {!r}.�.z9wildcard can only be present in the leftmost label: {!r}.z>sole wildcard without additional labels are not support: {!r}.z<partial wildcards in leftmost label are not supported: {!r}.)�count�lower�CertificateError�format�	partition)Zdn�hostnameZ	wildcardsZdn_leftmost�sepZdn_remainderZhostname_leftmostZhostname_remainderr*r*r+�_dnsname_match�s2

rOcCs�yt�|�}Wntk
r"Yn"Xt�|�|kr6|Std�|���yt�tj|�Stk
rttd�|���Yntk
r�YnXtd�|���dS)Nz'{!r} is not a quad-dotted IPv4 address.z+{!r} is neither an IPv4 nor an IP6 address.z{!r} is not an IPv4 address.)	�_socketZ	inet_aton�OSErrorZ	inet_ntoa�
ValueErrorrKZ	inet_ptonZAF_INET6�AttributeError)Zipname�addrr*r*r+�_inet_paton�s rUcCst|���}||kS)N)rU�rstrip)Zcert_ipaddress�host_ipZipr*r*r+�_ipaddress_matchsrXcCsN|std��yt|�}Wntk
r0d}YnXg}|�dd�}xb|D]Z\}}|dkrz|dkrnt||�rndS|�|�qH|dkrH|dk	r�t||�r�dS|�|�qHW|s�xF|�dd�D]6}x0|D](\}}|dkr�t||�r�dS|�|�q�Wq�Wt|�dk�rtd	|d
�t	t
|��f��n,t|�dk�rBtd||df��ntd
��dS)Nztempty or no certificate, match_hostname needs a SSL socket or SSL context with either CERT_OPTIONAL or CERT_REQUIREDZsubjectAltNamer*ZDNSz
IP AddressZsubjectZ
commonNamerFz&hostname %r doesn't match either of %sz, zhostname %r doesn't match %rrz=no appropriate commonName or subjectAltName fields were found)rRrU�getrO�appendrX�lenrJ�join�map�repr)�certrMrWZdnsnamesZsan�keyr3�subr*r*r+�match_hostnames>


rb�DefaultVerifyPathszQcafile capath openssl_cafile_env openssl_cafile openssl_capath_env openssl_capathcCsdt��}tj�|d|d�}tj�|d|d�}ttj�|�rF|ndtj�|�rX|ndf|��S)NrrF��)	r9�get_default_verify_paths�os�environrYrc�path�isfile�isdir)�parts�cafile�capathr*r*r+rf\srfcs@eZdZdZ�fdd�Ze�fdd��Ze�fdd��Z�ZS)�_ASN1Objectr*cst�j|ft|dd���S)NF)r))�super�__new__�_txt2obj)�cls�oid)�	__class__r*r+rqosz_ASN1Object.__new__cst�j|ft|���S)N)rprq�_nid2obj)rsZnid)rur*r+�fromnidrsz_ASN1Object.fromnidcst�j|ft|dd���S)NT)r))rprqrr)rsr))rur*r+�fromnamexsz_ASN1Object.fromname)	r6r7r8�	__slots__rq�classmethodrwrx�
__classcell__r*r*)rur+rojsroznid shortname longname oidc@seZdZdZdZdS)�Purposez1.3.6.1.5.5.7.3.1z1.3.6.1.5.5.7.3.2N)r6r7r8�SERVER_AUTHZCLIENT_AUTHr*r*r*r+r|sr|csjeZdZdZdZdZefdd�Zdd�Zd.d	d
�Z	d/dd�Z
d
d�Zdd�Zdd�Z
dd�Zejfdd�Zeed�r�e�fdd��Zej�fdd��Ze�fdd��Zej�fdd��Ze�fdd��Zej�fd d��Zeed!��red"d#��Zejd$d#��Zned%d#��Ze�fd&d'��Ze�fd(d)��Zej�fd*d)��Ze�fd+d,��Zej�fd-d,��Z�ZS)0�
SSLContext)ZCAZROOTNcOst�||�}|S)N)r	rq)rs�protocol�args�kwargs�selfr*r*r+rq�szSSLContext.__new__cCs4|dkrdSt|t�r&|�d��d�S|�d�SdS)NZidna�ascii)�
isinstance�str�encode�decode)r�rMr*r*r+�_encode_hostname�s

zSSLContext._encode_hostnameFTc	Cs|jj|||||||d�S)N)�sock�server_side�do_handshake_on_connect�suppress_ragged_eofs�server_hostname�context�session)�sslsocket_class�_create)r�r�r�r�r�r�r�r*r*r+�wrap_socket�szSSLContext.wrap_socketcCs|jj||||�|�||d�S)N)r�r�r�r�)�sslobject_classr�r�)r��incoming�outgoingr�r�r�r*r*r+�wrap_bio�szSSLContext.wrap_biocCsdt�}xN|D]F}t|d�}t|�dks2t|�dkr:td��|�t|��|�|�qW|�|�dS)Nr�r�z(NPN protocols must be 1 to 255 in length)�	bytearray�bytesr[rrZ�extendZ_set_npn_protocols)r�Z
npn_protocols�protosr�br*r*r+�set_npn_protocols�s

zSSLContext.set_npn_protocolscs8�dkrd�_n$t��s td����fdd�}|�_dS)Nznot a callable objectcs��|�}�|||�S)N)r�)�sslobjZ
servernameZsslctx)r��server_name_callbackr*r+�shim_cb�s
z3SSLContext.set_servername_callback.<locals>.shim_cb)Zsni_callback�callable�	TypeError)r�r�r�r*)r�r�r+�set_servername_callback�sz"SSLContext.set_servername_callbackcCsdt�}xN|D]F}t|d�}t|�dks2t|�dkr:td��|�t|��|�|�qW|�|�dS)Nr�rr�z)ALPN protocols must be 1 to 255 in length)r�r�r[rrZr�Z_set_alpn_protocols)r�Zalpn_protocolsr�rr�r*r*r+�set_alpn_protocols�s

zSSLContext.set_alpn_protocolscCszt�}y@x:t|�D].\}}}|dkr|dks6|j|kr|�|�qWWntk
rdt�d�YnX|rv|j|d�|S)NZx509_asnTz-unable to enumerate Windows certificate store)�cadata)r�r<rtr��PermissionError�warnings�warn�load_verify_locations)r��	storename�purposeZcertsr_�encodingZtrustr*r*r+�_load_windows_store_certs�sz$SSLContext._load_windows_store_certscCsDt|t�st|��tjdkr8x|jD]}|�||�q$W|��dS)Nr;)r�ror��sys�platform�_windows_cert_storesr�Zset_default_verify_paths)r�r�r�r*r*r+�load_default_certs�s

zSSLContext.load_default_certs�minimum_versioncstt�j�S)N)r5rpr�)r�)rur*r+r��szSSLContext.minimum_versioncs4|tjkr|jtjM_ttt�j�||�dS)N)	r5r:�optionsr/ZOP_NO_SSLv3rpr~r��__set__)r�r3)rur*r+r��s
cstt�j�S)N)r5rp�maximum_version)r�)rur*r+r��szSSLContext.maximum_versioncsttt�j�||�dS)N)rpr~r�r�)r�r3)rur*r+r��scstt�j�S)N)r/rpr�)r�)rur*r+r�szSSLContext.optionscsttt�j�||�dS)N)rpr~r�r�)r�r3)rur*r+r�srDcCs|jtj@}|tjkS)N)�_host_flagsr9rD)r�Zncsr*r*r+�hostname_checks_common_name	sz&SSLContext.hostname_checks_common_namecCs,|r|jtjM_n|jtjO_dS)N)r�r9rD)r�r3r*r*r+r�scCsdS)NTr*)r�r*r*r+r�scstt�j�S)N)r&rpr)r�)rur*r+rszSSLContext.protocolcstt�j�S)N)r0rp�verify_flags)r�)rur*r+r�szSSLContext.verify_flagscsttt�j�||�dS)N)rpr~r�r�)r�r3)rur*r+r�!scs*t�j}yt|�Stk
r$|SXdS)N)rp�verify_moder1rR)r�r3)rur*r+r�%s
zSSLContext.verify_modecsttt�j�||�dS)N)rpr~r�r�)r�r3)rur*r+r�-s)FTTNN)FNN)r6r7r8r�r�r��PROTOCOL_TLSrqr�r�r�r�r�r�r�r|r}r��hasattrr	�propertyr��setterr�r�r9r�rr�r�r{r*r*)rur+r~�s@


	

r~)rmrnr�cCsdt|t�st|��tt�}|tjkr0t|_d|_	|s<|s<|rL|�
|||�n|jtkr`|�|�|S)NT)
r�ror�r~r�r|r}�
CERT_REQUIREDr��check_hostnamer��	CERT_NONEr�)r�rmrnr�r�r*r*r+�create_default_context2s



r�F)�	cert_reqsr�r��certfile�keyfilermrnr�c
Cs�t|t�st|��t|�}	|s$d|	_|dk	r2||	_|r<d|	_|rL|sLtd��|sT|r`|	�||�|sl|sl|r||	�|||�n|	jt	kr�|	�
|�|	S)NFTzcertfile must be specified)r�ror�r~r�r�rR�load_cert_chainr�r�r�)
rr�r�r�r�r�rmrnr�r�r*r*r+�_create_unverified_contextPs$


r�c@s�eZdZdd�Zed1dd��Zedd��Zejd	d��Zed
d��Z	e	jdd��Z	ed
d��Z
edd��Zedd��Zd2dd�Z
dd�Zd3dd�Zdd�Zdd�Zdd�Zd d!�Zd"d#�Zd$d%�Zd&d'�Zd(d)�Zd4d+d,�Zd-d.�Zd/d0�ZdS)5�	SSLObjectcOst|jj�d���dS)NzU does not have a public constructor. Instances are returned by SSLContext.wrap_bio().)r�rur6)r�r�r�r*r*r+�__init__�szSSLObject.__init__FNc	Cs*|�|�}|j||||||d�}||_|S)N)r�r��ownerr�)rqZ	_wrap_bio�_sslobj)	rsr�r�r�r�r�r�r�r�r*r*r+r��s

zSSLObject._createcCs|jjS)N)r�r�)r�r*r*r+r��szSSLObject.contextcCs||j_dS)N)r�r�)r��ctxr*r*r+r��scCs|jjS)N)r�r�)r�r*r*r+r��szSSLObject.sessioncCs||j_dS)N)r�r�)r�r�r*r*r+r��scCs|jjS)N)r��session_reused)r�r*r*r+r��szSSLObject.session_reusedcCs|jjS)N)r�r�)r�r*r*r+r��szSSLObject.server_sidecCs|jjS)N)r�r�)r�r*r*r+r��szSSLObject.server_hostname�cCs(|dk	r|j�||�}n|j�|�}|S)N)r��read)r�r[�buffer�vr*r*r+r��szSSLObject.readcCs|j�|�S)N)r��write)r��datar*r*r+r��szSSLObject.writecCs|j�|�S)N)r��getpeercert)r��binary_formr*r*r+r��szSSLObject.getpeercertcCstjr|j��SdS)N)r9rr��selected_npn_protocol)r�r*r*r+r��szSSLObject.selected_npn_protocolcCstjr|j��SdS)N)r9rr��selected_alpn_protocol)r�r*r*r+r��sz SSLObject.selected_alpn_protocolcCs
|j��S)N)r��cipher)r�r*r*r+r��szSSLObject.ciphercCs
|j��S)N)r��shared_ciphers)r�r*r*r+r��szSSLObject.shared_cipherscCs
|j��S)N)r��compression)r�r*r*r+r��szSSLObject.compressioncCs
|j��S)N)r��pending)r�r*r*r+r�szSSLObject.pendingcCs|j��dS)N)r��do_handshake)r�r*r*r+r�szSSLObject.do_handshakecCs
|j��S)N)r��shutdown)r�r*r*r+�unwrapszSSLObject.unwrap�
tls-uniquecCs|j�|�S)N)r��get_channel_binding)r��cb_typer*r*r+r�szSSLObject.get_channel_bindingcCs
|j��S)N)r��version)r�r*r*r+r�szSSLObject.versioncCs
|j��S)N)r��verify_client_post_handshake)r�r*r*r+r�sz&SSLObject.verify_client_post_handshake)FNNN)r�N)F)r�)r6r7r8r�rzr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r*r*r*r+r��s2


	
r�cCstt|j�j|_|S)N)�getattrr�r6�__doc__)�funcr*r*r+�_sslcopydocsr�cseZdZdd�ZedW�fdd�	�Zeedd	���Zej	d
d	��Zeedd���Z
e
j	d
d��Z
eedd���Zdd�ZdXdd�Z
dd�ZdYdd�Zdd�ZedZdd��Zedd��Zedd ��Zed!d"��Zed#d$��Zed%d&��Zd[�fd(d)�	Zd\�fd*d+�	Zd,d-�Zd]�fd.d/�	Zd^�fd0d1�	Zd_�fd2d3�	Zd`�fd4d5�	Zda�fd6d7�	Zdb�fd8d9�	Zd:d;�Z d<d=�Z!ed>d?��Z"�fd@dA�Z#edBdC��Z$edDdE��Z%�fdFdG�Z&edcdHdI��Z'�fdJdK�Z(dLdM�Z)dNdO�Z*�fdPdQ�Z+edddSdT��Z,edUdV��Z-�Z.S)e�	SSLSocketcOst|jj�d���dS)NzX does not have a public constructor. Instances are returned by SSLContext.wrap_socket().)r�rur6)r�r�r�r*r*r+r�&szSSLSocket.__init__FTNc

s�|�tt�tkrtd��|r8|r(td��|dk	r8td��|jrJ|sJtd��t|j|j	|j
|��d�}|j|f|�}	t
t|	�jf|�|	�|���|��||	_||	_d|	_d|	_||	_|�|�|	_||	_||	_y|	��Wn6tk
�r}
z|
jtjkr��d}Wdd}
~
XYnXd}||	_ |�r�yH|	jj!|	||	j|	|	jd�|	_|�rj|	��}|d	k�rbtd
��|	�"�Wn$ttfk
�r�|	�#��YnX|	S)Nz!only stream sockets are supportedz4server_hostname can only be specified in client modez,session can only be specified in client modez'check_hostname requires server_hostname)�family�type�proto�filenoFT)r�r�gzHdo_handshake_on_connect should not be specified for non-blocking sockets)$Z
getsockoptrBrCr@�NotImplementedErrorrRr��dictr�r�r�r�rqrpr�r��
settimeout�
gettimeout�detach�_context�_sessionZ_closedr�r�r�r�r�r��getpeernamerQ�errnoZENOTCONN�
_connected�_wrap_socketr��close)
rsr�r�r�r�r�r�r�r�r��eZ	connected�timeout)rur*r+r�-s\

zSSLSocket._createcCs|jS)N)r�)r�r*r*r+r�lszSSLSocket.contextcCs||_||j_dS)N)r�r�r�)r�r�r*r*r+r�qscCs|jdk	r|jjSdS)N)r�r�)r�r*r*r+r�vs
zSSLSocket.sessioncCs||_|jdk	r||j_dS)N)r�r�r�)r�r�r*r*r+r�|s
cCs|jdk	r|jjSdS)N)r�r�)r�r*r*r+r��s
zSSLSocket.session_reusedcCstd|jj��dS)NzCan't dup() %s instances)r�rur6)r�r*r*r+�dup�sz
SSLSocket.dupcCsdS)Nr*)r��msgr*r*r+�_checkClosed�szSSLSocket._checkClosedcCs|js|��dS)N)r�r�)r�r*r*r+�_check_connected�szSSLSocket._check_connected�c
Cs�|��|jdkrtd��y&|dk	r2|j�||�S|j�|�SWnJtk
r�}z,|jdtkrx|jrx|dk	rrdSdSn�Wdd}~XYnXdS)Nz'Read on closed or unwrapped SSL socket.rr-)r�r�rRr�rr�Z
SSL_ERROR_EOFr�)r�r[r��xr*r*r+r��s
zSSLSocket.readcCs&|��|jdkrtd��|j�|�S)Nz(Write on closed or unwrapped SSL socket.)r�r�rRr�)r�r�r*r*r+r��s
zSSLSocket.writecCs|��|��|j�|�S)N)r�r�r�r�)r�r�r*r*r+r��szSSLSocket.getpeercertcCs*|��|jdkstjsdS|j��SdS)N)r�r�r9rr�)r�r*r*r+r��szSSLSocket.selected_npn_protocolcCs*|��|jdkstjsdS|j��SdS)N)r�r�r9rr�)r�r*r*r+r��sz SSLSocket.selected_alpn_protocolcCs$|��|jdkrdS|j��SdS)N)r�r�r�)r�r*r*r+r��s
zSSLSocket.ciphercCs$|��|jdkrdS|j��SdS)N)r�r�r�)r�r*r*r+r��s
zSSLSocket.shared_cipherscCs$|��|jdkrdS|j��SdS)N)r�r�r�)r�r*r*r+r��s
zSSLSocket.compressionrcsF|��|jdk	r4|dkr(td|j��|j�|�St��||�SdS)Nrz3non-zero flags not allowed in calls to send() on %s)r�r�rRrur�rp�send)r�r��flags)rur*r+r�s

zSSLSocket.sendcsL|��|jdk	r"td|j��n&|dkr8t��||�St��|||�SdS)Nz%sendto not allowed on instances of %s)r�r�rRrurp�sendto)r�r�Z
flags_or_addrrT)rur*r+r�s
zSSLSocket.sendtocOstd|j��dS)Nz&sendmsg not allowed on instances of %s)r�ru)r�r�r�r*r*r+�sendmsg�szSSLSocket.sendmsgc
s�|��|jdk	r�|dkr(td|j��d}t|��L}|�d��6}t|�}x&||krp|�||d��}||7}qLWWdQRXWdQRXnt��	||�SdS)Nrz6non-zero flags not allowed in calls to sendall() on %s�B)
r�r�rRru�
memoryview�castr[rrp�sendall)r�r�rrHZviewZ	byte_view�amountr�)rur*r+r�s


"zSSLSocket.sendallcs,|jdk	r|�|||�St��|||�SdS)N)r�Z_sendfile_use_sendrp�sendfile)r��file�offsetrH)rur*r+r	s
zSSLSocket.sendfilecsD|��|jdk	r2|dkr(td|j��|�|�St��||�SdS)Nrz3non-zero flags not allowed in calls to recv() on %s)r�r�rRrur�rp�recv)r��buflenr)rur*r+rs


zSSLSocket.recvcsj|��|r|dkrt|�}n|dkr*d}|jdk	rV|dkrJtd|j��|�||�St��|||�SdS)Nirz8non-zero flags not allowed in calls to recv_into() on %s)r�r[r�rRrur�rp�	recv_into)r�r��nbytesr)rur*r+r$s


zSSLSocket.recv_intocs4|��|jdk	r"td|j��nt��||�SdS)Nz'recvfrom not allowed on instances of %s)r�r�rRrurp�recvfrom)r�r
r)rur*r+r3s

zSSLSocket.recvfromcs6|��|jdk	r"td|j��nt��|||�SdS)Nz,recvfrom_into not allowed on instances of %s)r�r�rRrurp�
recvfrom_into)r�r�rr)rur*r+r;s

zSSLSocket.recvfrom_intocOstd|j��dS)Nz&recvmsg not allowed on instances of %s)r�ru)r�r�r�r*r*r+�recvmsgCszSSLSocket.recvmsgcOstd|j��dS)Nz+recvmsg_into not allowed on instances of %s)r�ru)r�r�r�r*r*r+�recvmsg_intoGszSSLSocket.recvmsg_intocCs$|��|jdk	r|j��SdSdS)Nr)r�r�r�)r�r*r*r+r�Ks

zSSLSocket.pendingcs|��d|_t��|�dS)N)r�r�rpr�)r�Zhow)rur*r+r�SszSSLSocket.shutdowncCs.|jr|j��}d|_|Stdt|���dS)NzNo SSL wrapper around )r�r�rRr�)r��sr*r*r+r�Xs

zSSLSocket.unwrapcCs$|jr|j��Stdt|���dS)NzNo SSL wrapper around )r�r�rRr�)r�r*r*r+r�as
z&SSLSocket.verify_client_post_handshakecsd|_t���dS)N)r�rp�_real_close)r�)rur*r+rhszSSLSocket._real_closec	CsF|��|��}z$|dkr(|r(|�d�|j��Wd|�|�XdS)Ng)r�r�r�r�r�)r��blockr�r*r*r+r�ls
zSSLSocket.do_handshakec	s�|jrtd��|js|jdk	r&td��|jj|d|j||jd�|_y>|rVt��	|�}nd}t��
|�|s~d|_|jr~|��|St
tfk
r�d|_�YnXdS)Nz!can't connect in server-side modez/attempt to connect already-connected SSLSocket!F)r�r�T)r�rRr�r�r�r�r�r�rp�
connect_ex�connectr�r�rQ)r�rTrZrc)rur*r+�
_real_connectws(zSSLSocket._real_connectcCs|�|d�dS)NF)r)r�rTr*r*r+r�szSSLSocket.connectcCs|�|d�S)NT)r)r�rTr*r*r+r�szSSLSocket.connect_excs.t���\}}|jj||j|jdd�}||fS)NT)r�r�r�)rp�acceptr�r�r�r�)r�ZnewsockrT)rur*r+r�szSSLSocket.accept�
tls-uniquecCs4|jdk	r|j�|�S|tkr,td�|���dSdS)Nz({0} channel binding type not implemented)r�r��CHANNEL_BINDING_TYPESrRrK)r�r�r*r*r+r��s
zSSLSocket.get_channel_bindingcCs|jdk	r|j��SdSdS)N)r�r�)r�r*r*r+r��s

zSSLSocket.version)FTTNNN)N)r�N)F)r)N)r)rN)r�r)Nr)r�r)Nr)F)r)/r6r7r8r�rzr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�rrrrr	rrrrrrr�r�r�r�rr�rrrrr�r�r{r*r*)rur+r�!sd<

	

	

r�Tc
Csl|r|std��|r |s td��t|�}
||
_|r<|
�|�|rL|
�||�|	rZ|
�|	�|
j||||d�S)Nz5certfile must be specified for server-side operationszcertfile must be specified)r�r�r�r�)rRr~r�r�r�Zset_ciphersr�)r�r�r�r�r��ssl_version�ca_certsr�r�Zciphersr�r*r*r+r��s 

r�cCs�ddlm}ddlm}d}d}y|�|dd����d}Wn$tk
rbtd||f��Yn0X||dd�|�}||d|f|d	d
��SdS)Nr)�strptime)�timegm)ZJanZFebZMarZAprZMayZJunZJulZAugZSepZOctZNovZDecz %d %H:%M:%S %Y GMTrerFz*time data %r does not match format "%%b%s"rd�)ZtimerZcalendarr �index�titlerR)Z	cert_timerr ZmonthsZtime_formatZmonth_number�ttr*r*r+�cert_time_to_seconds�s
r%z-----BEGIN CERTIFICATE-----z-----END CERTIFICATE-----csRtt�|�dd��tg}|�fdd�tdt��d�D�7}|�td�d�|�S)N�ASCII�strictcsg|]}�||d��qS)�@r*)r2�i)�fr*r+�
<listcomp>sz(DER_cert_to_PEM_cert.<locals>.<listcomp>rr(�
)	r��base64Zstandard_b64encode�
PEM_HEADER�ranger[rZ�
PEM_FOOTERr\)Zder_cert_bytes�ssr*)r*r+�DER_cert_to_PEM_cert�s
"r2cCs\|�t�stdt��|���t�s0tdt��|��tt�tt��}t�|�	dd��S)Nz(Invalid PEM encoding; must start with %sz&Invalid PEM encoding; must end with %sr&r')
r(r.rR�strip�endswithr0r[r-Zdecodebytesr�)Zpem_cert_string�dr*r*r+�PEM_cert_to_DER_certs
r6c

Csd|\}}|dk	rt}nt}t|||d�}t|��&}|�|��}|�d�}	WdQRXWdQRXt|	�S)N)r�rmT)r�r��_create_stdlib_contextrAr�r�r2)
rTrrZhostZportr�r�r�ZsslsockZdercertr*r*r+�get_server_certificates
r8cCst�|d�S)Nz	<unknown>)�_PROTOCOL_NAMESrY)Z
protocol_coder*r*r+�get_protocol_name&sr:)jr�rg�collectionsr�enumrZ_EnumrZ_IntEnumrZ_IntFlagr9rrrr	r
rrr
rrrrrrrrrrvrrrrr�ImportErrorrrrrrrr r!r"r#r$r%�_convertr6r&r�r'�__members__�itemsr9r�Z_SSLv2_IF_EXISTSr5r�r<r=r>r?r@rArBrCrPr-r�r�rQZsocket_errorrr�ZHAS_NEVER_CHECK_COMMON_NAMEZ_RESTRICTED_SERVER_CIPHERSrJrOrUrXrbrcrfror|r~r}r�r�r�Z_create_default_https_contextr7r�r�r�r�r�r�r%r.r0r2r6r8r:r*r*r*r+�<module>]s�$0

1#9-(