=Og!  ddlZddlZddlmZddlmZmZm Z ddlm Z ddl Z ddl m Z mZmZddl mZmZmZddl mZmZmZmZmZmZmZddl mZmZdd l mZmZm Z m!Z! dd l m"Z"n #e#$rYnwxYwdd l m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-dd l m.Z.m/Z/ej0d e1de e j0de1de ej0de1de ej0de1de e j0de1de ej0de1de e2j3xZ4e2_4de2j56DZ7e8e2ddZ9e eGddZ:e eGddZ;e eGd d!Z<e eGd"d#Z=ej>d$krdd%l m?Z?m@Z@dd&lAmAZAmBZBmCZCdd'lAmDZDmEZEmFZFddlAZGddlHZHddlIZIddlJZJeKZLd(gZMeNe d)ZOe.ZPeZQd*ZRd+ZSd,ZTd-ZUed.d/ZVd0ZWGd1d2ed2d3ZXGd4d5eXeZYGd6d7eZZeYj[fdddd8d9Z\dKe]d:eYj[dddddd;d<Z^e\Z_e^Z`Gd=d>Zad?ZbGd@dAeAZceceZ_deaeZ_eddd:e]e3ddBdBdf dCZfdDZgdEZhdFZidGZjdHZkeldeFfdIZmdJZndS)LN) namedtuple)EnumIntEnumIntFlag) _simple_enum)OPENSSL_VERSION_NUMBEROPENSSL_VERSION_INFOOPENSSL_VERSION) _SSLContext MemoryBIO SSLSession)SSLErrorSSLZeroReturnErrorSSLWantReadErrorSSLWantWriteErrorSSLSyscallError SSLEOFErrorSSLCertVerificationError)txt2objnid2obj) RAND_statusRAND_add RAND_bytesRAND_pseudo_bytes)RAND_egd) HAS_SNIHAS_ECDHHAS_NPNHAS_ALPN HAS_SSLv2 HAS_SSLv3 HAS_TLSv1 HAS_TLSv1_1 HAS_TLSv1_2 HAS_TLSv1_3)_DEFAULT_CIPHERS_OPENSSL_API_VERSION _SSLMethodc8|do|dkS)N PROTOCOL_PROTOCOL_SSLv23 startswithnames /usr/lib64/python3.11/ssl.pyr1}s--K$:K2K)sourceOptionsc,|dS)NOP_r,r.s r0r1r1s''r2AlertDescriptionc,|dS)NALERT_DESCRIPTION_r,r.s r0r1r1s!566r2SSLErrorNumberc,|dS)N SSL_ERROR_r,r.s r0r1r1s..r2 VerifyFlagsc,|dS)NVERIFY_r,r.s r0r1r1s++r2 VerifyModec,|dS)NCERT_r,r.s r0r1r1s))r2ci|]\}}|| SrD).0r/values r0 rGsQQQ;45$QQQr2PROTOCOL_SSLv2cpeZdZejZejZejZ ej Z ej Z ejZejZdS) TLSVersionN)__name__ __module__ __qualname___sslPROTO_MINIMUM_SUPPORTEDMINIMUM_SUPPORTED PROTO_SSLv3SSLv3 PROTO_TLSv1TLSv1 PROTO_TLSv1_1TLSv1_1 PROTO_TLSv1_2TLSv1_2 PROTO_TLSv1_3TLSv1_3PROTO_MAXIMUM_SUPPORTEDMAXIMUM_SUPPORTEDrDr2r0rJrJsJ4  E  E G G G4r2rJc(eZdZ dZdZdZdZdZdZdS)_TLSContentTypeN) rKrLrMCHANGE_CIPHER_SPECALERT HANDSHAKEAPPLICATION_DATAHEADERINNER_CONTENT_TYPErDr2r0r^r^s8 EI Fr2r^ceZdZ dZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!d Z"d!Z#d"Z$d#S)$ _TLSAlertTyper r_r`ra()*+,-./0123<FGPVZdmnopqrstxN)%rKrLrM CLOSE_NOTIFYUNEXPECTED_MESSAGEBAD_RECORD_MACDECRYPTION_FAILEDRECORD_OVERFLOWDECOMPRESSION_FAILUREHANDSHAKE_FAILURENO_CERTIFICATEBAD_CERTIFICATEUNSUPPORTED_CERTIFICATECERTIFICATE_REVOKEDCERTIFICATE_EXPIREDCERTIFICATE_UNKNOWNILLEGAL_PARAMETER UNKNOWN_CA ACCESS_DENIED DECODE_ERROR DECRYPT_ERROREXPORT_RESTRICTIONPROTOCOL_VERSIONINSUFFICIENT_SECURITYINTERNAL_ERRORINAPPROPRIATE_FALLBACK USER_CANCELEDNO_RENEGOTIATIONMISSING_EXTENSIONUNSUPPORTED_EXTENSIONCERTIFICATE_UNOBTAINABLEUNRECOGNIZED_NAMEBAD_CERTIFICATE_STATUS_RESPONSEBAD_CERTIFICATE_HASH_VALUEUNKNOWN_PSK_IDENTITYCERTIFICATE_REQUIREDNO_APPLICATION_PROTOCOLrDr2r0rlrlsLNONO JMLMNM"&)#!$!r2rlcheZdZ dZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZdZdZdZdS)_TLSMessageTyper r_r`rarbCrdN)rKrLrM HELLO_REQUEST CLIENT_HELLO SERVER_HELLOHELLO_VERIFY_REQUESTNEWSESSION_TICKETEND_OF_EARLY_DATAHELLO_RETRY_REQUESTENCRYPTED_EXTENSIONS CERTIFICATESERVER_KEY_EXCHANGECERTIFICATE_REQUEST SERVER_DONECERTIFICATE_VERIFYCLIENT_KEY_EXCHANGEFINISHEDCERTIFICATE_URLCERTIFICATE_STATUSSUPPLEMENTAL_DATA KEY_UPDATE NEXT_PROTO MESSAGE_HASHrerDr2r0rrsMLLKKHOJJLr2rwin32)enum_certificates enum_crls)socket SOCK_STREAMcreate_connection) SOL_SOCKETSO_TYPE_GLOBAL_DEFAULT_TIMEOUT tls-uniqueHOSTFLAG_NEVER_CHECK_SUBJECTc |sdS|d}|s*||kS|dkr"td||d\}}}d|vr"td||s"td||dkr"td||d\}}}|r|sdS||kS) NF*rz1too many wildcards in certificate DNS name: {!r}..z9wildcard can only be present in the leftmost label: {!r}.z>sole wildcard without additional labels are not support: {!r}.z%#B#B OOE " " " " L "'7w'G'G" OOE " " "  +88Ir** + +C! + + U,&&%eX66OOE***  + 8}}qxx3tX#6#6777 9:: : X!  xx! &'' ' /00 0sA AADefaultVerifyPathszQcafile capath openssl_cafile_env openssl_cafile openssl_capath_env openssl_capathcz tj}tj|d|d}tj|d|d}t tj|r|ndtj|r|ndg|RS)Nrrrr) rNget_default_verify_pathsosenvironrrpathisfileisdir)partscafilecapaths r0rrs  ) + +EZ^^E!HeAh / /F Z^^E!HeAh / /F v(>(>HffD(* f(=(=Gff4 &$ & & &&r2cXeZdZ dZfdZefdZefdZxZS) _ASN1ObjectrDcVtj|gt|dRS)NFr.super__new___txt2obj)clsoid __class__s r0r*z_ASN1Object.__new__s.uwws?Xc%>%>%>????r2cT tj|gt|RSr)r)r*_nid2obj)r,nidr.s r0fromnidz_ASN1Object.fromnids, uwws3Xc]]3333r2cX tj|gt|dRS)NTr.r()r,r/r.s r0fromnamez_ASN1Object.fromnames3 uwws?Xd%>%>%>????r2) rKrLrM __slots__r* classmethodr2r4 __classcell__r.s@r0r&r&sI@@@@@4444[4 @@@@[@@@@@r2r&znid shortname longname oidceZdZ dZdZdS)Purposez1.3.6.1.5.5.7.3.1z1.3.6.1.5.5.7.3.2N)rKrLrM SERVER_AUTH CLIENT_AUTHrDr2r0r:r:s%K%KKKr2r:ceZdZ dZdZdZd dZdZ d!dZ d"dZ d Z d Z d Z d Z ejfd Zeedr>efdZejfdZefdZejfdZefdZejfdZeedredZejdZn edZefdZejfdZefdZefdZejfdZefdZejfdZxZS)# SSLContext)CAROOTNcz|#tjdtdt}t j||}|S)Nz9ssl.SSLContext() without protocol argument is deprecated.rr)r r r  PROTOCOL_TLSr r*)r,protocolargskwargsselfs r0r*zSSLContext.__new__sH   MK+     $H"311 r2c|dSt|tr(|ddS|dS)Nidnaascii) isinstancestrencodedecode)rFrs r0_encode_hostnamezSSLContext._encode_hostnamesQ  4 # & & ,??6**11':: :??7++ +r2FTc D|j|||||||S)N)sock server_sidedo_handshake_on_connectsuppress_ragged_eofsserver_hostnamecontextsession)sslsocket_class_create)rFrPrQrRrSrTrVs r0 wrap_socketzSSLContext.wrap_sockets9 #++#$;!5+,   r2ch|j|||||||S)N)rQrTrVrU)sslobject_classrXrN)rFincomingoutgoingrQrTrVs r0wrap_biozSSLContext.wrap_biosA#++ hK 11/BBT,   r2ctjdtdt}|D]~}t |d}t |dkst |dkrt d|t |||| |dS)N'ssl NPN is deprecated, use ALPN insteadrrrIrz(NPN protocols must be 1 to 255 in length) r r r  bytearraybytesrrrextend_set_npn_protocols)rF npn_protocolsprotosrCbs r0set_npn_protocolszSSLContext.set_npn_protocolss 5     %  Hh((A1vv{{c!ffsllIJJJ MM#a&& ! ! ! MM!     '''''r2cv d_dStstdfd}|_dS)Nznot a callable objectcH|}|||Sr)rN)sslobj servernamesslctxrFserver_name_callbacks r0shim_cbz3SSLContext.set_servername_callback..shim_cb0s+!22:>> ++FJGGGr2) sni_callbackcallable TypeError)rFrprqs`` r0set_servername_callbackz"SSLContext.set_servername_callback)sl  ' $D   011 9 7888 H H H H H H!(D   r2cNt}|D]~}t|d}t|dkst|dkrtd|t|||||dS)NrIrrbz)ALPN protocols must be 1 to 255 in length)rcrdrrrre_set_alpn_protocols)rFalpn_protocolsrhrCris r0set_alpn_protocolszSSLContext.set_alpn_protocols6s&  Hh((A1vv{{c!ffsllJKKK MM#a&& ! ! ! MM!       (((((r2ct} t|D].\}}}|dkr"|dus |j|vr||/n$#t$rt jdYnwxYw|r|||S)Nx509_asnTz-unable to enumerate Windows certificate store)cadata)rcrr-rePermissionErrorr r load_verify_locations)rF storenamepurposecertsrencodingtrusts r0_load_windows_store_certsz$SSLContext._load_windows_store_certsAs  K):9)E)E + +%hz))}} u(<(< T***  +  K K K MI J J J J J K  5  & &e & 4 4 4 s>AA0/A0ct|tst|tjdkr |jD]}||||dS)Nr)rJr&rtsysplatform_windows_cert_storesrset_default_verify_paths)rFrrs r0load_default_certszSSLContext.load_default_certsOst';// %G$$ $ <7 " "!6 C C ..y'BBBB %%'''''r2minimum_versioncDttjSr)rJr)rrFr.s r0rzSSLContext.minimum_versionXegg566 6r2c|tjkr|xjtjzc_t t t j||dSr) rJrRoptionsr4 OP_NO_SSLv3r)r>r__set__rFrFr.s r0rzSSLContext.minimum_version\sP ((( !4 44 *j ) ) 9 A A$ N N N N Nr2cDttjSr)rJr)maximum_versionrs r0rzSSLContext.maximum_versionbrr2cntttj||dSr)r)r>rrrs r0rzSSLContext.maximum_versionfs, *j ) ) 9 A A$ N N N N Nr2cDttjSr)r4r)rrs r0rzSSLContext.optionsjsuww'''r2cntttj||dSr)r)r>rrrs r0rzSSLContext.optionsns, j*%%-55dEBBBBBr2rcJ|jtjz}|tjkSr _host_flagsrNr)rFncss r0hostname_checks_common_namez&SSLContext.hostname_checks_common_namess "T%FFC$;; ;r2cx|r|xjtjzc_dS|xjtjzc_dSrr)rFrFs r0rz&SSLContext.hostname_checks_common_namexsH F  T%F$FF      D$EE    r2cdSNTrDrFs r0rz&SSLContext.hostname_checks_common_names4r2cB tj}||jSdSr)r) _msg_callback user_function)rFinnerr.s r0rzSSLContext._msg_callbacks* >%  & &4r2c:5tttj|ddSt dst dfd}|_tttj||dS)N__call__z is not callable.cP t|}n#t$rYnwxYw t|}n#t$rYnwxYw|tjkrt}n|tjkrt }nt } ||}n#t$rYnwxYw||||||Sr)rJrr^rirfrlr)conn directionversion content_typemsg_typedatamsg_enumcallbacks r0rz'SSLContext._msg_callback..inners $W--     .|<<     555*!666(* #8H--    8D)W((D:: :s-  4 AA< B BB)r)r>rrhasattrrtr)rFrrr.s ` r0rzSSLContext._msg_callbacks   *j ) ) 7 ? ?d K K K Fx,, <x:::;; ; : : : : :2' j*%%3;;D%HHHHHr2cDttjSr)r(r)rCrs r0rCzSSLContext.protocols%''*+++r2cDttjSr)r=r) verify_flagsrs r0rzSSLContext.verify_flagss577/000r2cntttj||dSr)r)r>rrrs r0rzSSLContext.verify_flagss, j*%%2::4GGGGGr2cntj} t|S#t$r|cYSwxYwr)r) verify_moder@rrs r0rzSSLContext.verify_modesF# e$$ $   LLL s % 44cntttj||dSr)r)r>rrrs r0rzSSLContext.verify_modes, j*%%199$FFFFFr2r)FTTNN)FNN)rKrLrMrrWr[r*rNrYr^rjruryrr:r;rrr propertyrsetterrrrNrrrCrrr7r8s@r0r>r>s>)OO    ,,,-2,0)-26    8=/3    ((( ( ( ( ) ) )   *1)<((((w{-..O  7 7 7 7  7   O O O O  O  7 7 7 7  7   O O O O  O((((X( ^CCCC^Cwt344  < <  < % + F F , + F F     $$$$X$L#I#I#I#I#IJ,,,,X,1111X1HHHHHXGGGGGGGGGr2r>)r#r$r|c@ t|tst||tjkr(t t }t|_d|_ n4|tj krt t}nt||s|s|r| |||n%|jtkr||t!|dr9t"jd}|rt(jjs||_|S)NTkeylog_filename SSLKEYLOGFILE)rJr&rtr:r;r>PROTOCOL_TLS_CLIENT CERT_REQUIREDrcheck_hostnamer<PROTOCOL_TLS_SERVERrr~ CERT_NONErrrrrrflagsignore_environmentr)rr#r$r|rU keylogfiles r0create_default_contextrs" g{ + +!   '%%%011+!% G' ' '011!!! ,,6,%%fff====   ) ) ""7+++w)**1Z^^O44  1ci: 1&0G # Nr2F) cert_reqsrrcertfilekeyfiler#r$r|c t|tst||tjkr |t }n)|tjkr |t}nt|t|} || _ ||| _ |rd| _ |r|std|s|r| |||s|s|r| |||n%| j tkr| |t!| dr9t"jd} | rt(jjs| | _| S)NTcertfile must be specifiedrr)rJr&rtr:r;rr<rrr>rrload_cert_chainr~rrrrrrrrrr) rCrrrrrr#r$r|rUrs r0_create_unverified_contextrs g{ + +!   '%%%  *H G' ' '  *H!!!""G+G'&!%7x75666373'222,,6,%%fff====   ) ) ""7+++w)**1Z^^O44  1ci: 1&0G # Nr2c:eZdZ dZe ddZedZejdZedZ e jdZ ed Z ed Z ed Z dd Z dZddZdZdZdZdZdZdZdZdZddZdZdZdS) SSLObjectc:t|jjd)NzU does not have a public constructor. Instances are returned by SSLContext.wrap_bio().rtr.rKrFrDrEs r0__init__zSSLObject.__init__\s.~& M M M   r2FNct||}|||||||}||_|S)N)rQrTownerrV)r* _wrap_bio_sslobj) r,r\r]rQrTrVrUrFrms r0rXzSSLObject._createbsL{{3"" hK+#     r2c |jjSrrrUrs r0rUzSSLObject.contextns6|##r2c||j_dSrrrFctxs r0rUzSSLObject.contextss" r2c |jjSrrrVrs r0rVzSSLObject.sessionws/|##r2c||j_dSrrrFrVs r0rVzSSLObject.session|s& r2c |jjSrrsession_reusedrs r0rzSSLObject.session_reuseds<|**r2c |jjSr)rrQrs r0rQzSSLObject.server_sides3|''r2c |jjSr)rrTrs r0rTzSSLObject.server_hostnames #|++r2cx ||j||}n|j|}|Sr)rread)rFrbuffervs r0rzSSLObject.readsB   !!#v..AA !!#&&Ar2c8 |j|Sr)rwriterFrs r0rzSSLObject.writes |!!$'''r2c8 |j|Sr)r getpeercertrF binary_forms r0rzSSLObject.getpeercerts |'' 444r2c@ tjdtddSNr`rra)r r r rs r0selected_npn_protocolzSSLObject.selected_npn_protocols5   5       r2c6 |jSr)rselected_alpn_protocolrs r0rz SSLObject.selected_alpn_protocols |22444r2c6 |jSr)rcipherrs r0rzSSLObject.ciphers (|""$$$r2c6 |jSr)rshared_ciphersrs r0rzSSLObject.shared_cipherss |**,,,r2c6 |jSr)r compressionrs r0rzSSLObject.compressions P|'')))r2c6 |jSr)rpendingrs r0rzSSLObject.pendingsF|##%%%r2c: |jdSr)r do_handshakers r0rzSSLObject.do_handshakes* !!#####r2c6 |jSr)rshutdownrs r0unwrapzSSLObject.unwraps/|$$&&&r2rc8 |j|Sr)rget_channel_bindingrFcb_types r0rzSSLObject.get_channel_bindings  M|//888r2c6 |jSrrrrs r0rzSSLObject.versions !|##%%%r2c4|jSr)rverify_client_post_handshakers r0r z&SSLObject.verify_client_post_handshakes|88:::r2)FNNNrNFr)rKrLrMrr6rXrrUrrVrrQrTrrrrrrrrrrrrrr rDr2r0rrMs    5:=A   [ $$X$ ^##^#$$X$ ^''^'++X+((X(,,X,    (((5555   555 %%% --- *** &&&$$$'''9999 &&& ;;;;;r2rcP tt|jj|_|Sr)getattrrrK__doc__)funcs r0 _sslcopydocrs 49dm44 >%&IJJ J  0 3 "2333" "/000  ! H/ HFGG G(( ;TYdj;;==   s{3))&))'i'11&111 C #DM#DM DLDL*D #*#;#;O#L#LD +BD ((D4;?C4<@>><@8???? @ @ @ @ @% @F OOL ) ) )'DO (#}99+t';  :   +("oo//G#~~()sttt%%'''         sA K E$!K$ I.AI 0GI  G<"G72I 7G<>II K IBKL!K65L6 LLLLc|jSr)r#rs r0rUzSSLSocket.contextYs }r2c,||_||j_dSr)r#rrUrs r0rUzSSLSocket.context^s " r2c,|j |jjSdSrrrs r0rVzSSLSocket.sessioncs < #<' ' $ #r2c>||_|j||j_dSdSr)r$rrVrs r0rVzSSLSocket.sessionis) < ##*DL  $ #r2c,|j |jjSdSrrrs r0rzSSLSocket.session_reusedos < #<. . $ #r2c:td|jjz)NzCan't dup() %s instances)rr.rKrs r0dupz SSLSocket.dupus$!"<"&."9#:;; ;r2cdSrrD)rFmsgs r0 _checkClosedzSSLSocket._checkClosedys r2c@|js|dSdSr)r0r&rs r0_check_connectedzSSLSocket._check_connected}s0            r2rcD ||jtd ||j||S|j|S#t$r1}|jdt kr|jr|Yd}~dSYd}~dSd}~wwxYw)Nz'Read on closed or unwrapped SSL socket.rr2)rCrrrrrD SSL_ERROR_EOFrS)rFrrxs r0rzSSLSocket.reads -  < FGG G !|((f555|((---   vayM))d.G)%1111133333 s#A$ A$$ B.BBBc ||jtd|j|S)Nz(Write on closed or unwrapped SSL socket.)rCrrrrs r0rzSSLSocket.writesH 9  < GHH H|!!$'''r2c|||j|Sr)rCrErrrs r0rzSSLSocket.getpeercerts<  |'' 444r2cf|tjdtddSr)rCr r r rs r0rzSSLSocket.selected_npn_protocols=  5     tr2c||j tjsdS|jSr)rCrrNrrrs r0rz SSLSocket.selected_alpn_protocols<  < t} 4<6688 8r2cn||jdS|jSr)rCrrrs r0rzSSLSocket.ciphers5  < 4<&&(( (r2cn||jdS|jSr)rCrrrs r0rzSSLSocket.shared_cipherss5  < 4<..00 0r2cn||jdS|jSr)rCrrrs r0rzSSLSocket.compressions5  < 4<++-- -r2rc||j7|dkrtd|jz|j|St ||S)Nrz3non-zero flags not allowed in calls to send() on %s)rCrrr.rr)send)rFrrr.s r0rQzSSLSocket.sendsu  < #zz IN#$$$<%%d++ +77<<e,, ,r2c||jtd|jz|"t ||St |||S)Nz%sendto not allowed on instances of %s)rCrrr.r)sendto)rFr flags_or_addrrr.s r0rSzSSLSocket.sendtoss  < #D!^,-- - \77>>$ 66 677>>$ t<< > YYfnn )EFF"344AQJEfnn                                  77??4// /s6 C!>B+ C+B/ /C2B/ 3CC Cc |j||||St|||Sr)r_sendfile_use_sendr)sendfile)rFfileoffsetrr.s r0rbzSSLSocket.sendfilesH  < #**4?? ?77##D&%88 8r2c||j2|dkrtd|jz||St ||S)Nrz3non-zero flags not allowed in calls to recv() on %s)rCrrr.rr)r+rFbuflenrr.s r0r+zSSLSocket.recvsq  < #zz IN#$$$99V$$ $77<<.. .r2cX||7|3t|5}|j}dddn #1swxYwY|sd}nd}|j3|dkrt d|jz|||St|||S)Nrrz8non-zero flags not allowed in calls to recv_into() on %s) rCrZnbytesrrr.rr) recv_into)rFrrirr]r.s r0rjzSSLSocket.recv_intos  >!'')4![F)))))))))))))))"!F < #zz L.!"""99VV,, ,77$$VVU;; ;s=AAc||jtd|jzt ||S)Nz'recvfrom not allowed on instances of %s)rCrrr.r)recvfromrfs r0rlzSSLSocket.recvfrom&sX  < #F!^,-- -77##FE22 2r2c||jtd|jzt |||S)Nz,recvfrom_into not allowed on instances of %s)rCrrr.r) recvfrom_into)rFrrirr.s r0rnzSSLSocket.recvfrom_into.sZ  < #K!^,-- -77((?? ?r2c0td|jz)Nz&recvmsg not allowed on instances of %srVrs r0recvmsgzSSLSocket.recvmsg6s!!"J"&.#122 2r2c0td|jz)Nz+recvmsg_into not allowed on instances of %srVrs r0 recvmsg_intozSSLSocket.recvmsg_into:s#!#')-#899 9r2cn||j|jSdSNr)rCrrrs r0rzSSLSocket.pending>s5  < #<'')) )1r2c|d|_t|dSr)rCrr)r)rFhowr.s r0rzSSLSocket.shutdownFs:   r2c|jr"|j}d|_|Stdt|zNzNo SSL wrapper around )rrrrK)rFss r0rzSSLSocket.unwrapKsF < C %%''ADLH5D ABB Br2c|jr|jStdt|zrx)rr rrKrs r0r z&SSLSocket.verify_client_post_handshakeTs; < C<<<>> >5D ABB Br2cVd|_tdSr)rr) _real_closers r0r|zSSLSocket._real_close[s&  r2c"||} |dkr|r|d|j||dS#||wxYw)Nr)rEr r/rr)rFblockr9s r0rzSSLSocket.do_handshake_s //## %#~~%~%%% L % % ' ' ' OOG $ $ $ $ $DOOG $ $ $ $s 6A77Bc|jrtd|js|jtd|j|d|j||j|_ |r"t |}n#d}t ||s"d|_|j r| |S#ttf$r d|_wxYw)Nz!can't connect in server-side modez/attempt to connect already-connected SSLSocket!FrT)rQrr0rrUr1rTr$r) connect_exconnectrRrr)rFrrrcr.s r0 _real_connectzSSLSocket._real_connectjs    B@AA A ? Pdl6NOO O|00 %- 1     &WW''--%%% ("&/(%%'''I$   DL  s $A,CC+c4 ||ddS)NFrrFrs r0rzSSLSocket.connects#  4'''''r2c0 ||dSrrrs r0rzSSLSocket.connect_exs !!$---r2c t\}}|j||j|jd}||fS)NT)rRrSrQ)r)acceptrUrYrRrS)rFnewsockrr.s r0rzSSLSocket.acceptsZ >(( ,**7,0,H)-)B $+&&}r2rc|j|j|S|tvr"td|dS)Nz({0} channel binding type not implemented)rrCHANNEL_BINDING_TYPESrrrs r0rzSSLSocket.get_channel_bindingsV < #<33G<< <333 >EEgNN4r2cF|j|jSdSrr rs r0rzSSLSocket.versions# < #<'')) )4r2)FTTNNNrr r )r)rN)rrrtr)/rKrLrMrr6rXrrrUrrVrr@rCrErrrrrrrrrQrSrWr\rbr+rjrlrnrprrrrrr r|rrrrrrrr7r8s@r0rrsi;   FJ;?&*\\\\\[\|[X ^##^#(([X( ^++^+ //[X/;;;    *(((555[5 [99[9))[)11[1..[. - - - - - -======222 000000 999999 / / / / / /<<<<<<&333333@@@@@@222999[ CC[CCC[C %%%[%4((( ...     [[r2rTc ptjdtd|r|std|r|stdt |} || _|r| ||r| ||| r| | | ||||S)Nz=ssl.wrap_socket() is deprecated, use SSLContext.wrap_socket()rrz5certfile must be specified for server-side operationsr)rPrQrRrS) r r r rr>rr~r set_ciphersrY) rPrrrQr ssl_versionca_certsrRrSciphersrUs r0rYrYs  MG# '8'&'' '7x75666%%G#G0%%h///3'222%G$$$    { 71   r2c6 ddlm}ddlm}d}d} ||dddz}||dd|}||d|f|dd zS#t $rt d |d |d wxYw) Nr)strptime)timegm) JanFebMarAprMayJunJulAugSepOctNovDecz %d %H:%M:%S %Y GMTrrrrz time data z does not match format "%b")timercalendarrindextitler) cert_timerrmonths time_format month_numbertts r0cert_time_to_secondsrsF(K 7||IbqbM$7$7$9$9::Q> Xim[ 1 1vr!ul+b1g5666 FFFj-6YY EFF FFs 2A77!Bz-----BEGIN CERTIFICATE-----z-----END CERTIFICATE-----c ttj|ddtg}|fdt dt dDz }|tdzd|S)NASCIIstrictc*g|]}||dzS)@rD)rEifs r0 z(DER_cert_to_PEM_cert..s% 3 3 31QqtV9 3 3 3r2rr ) rKbase64standard_b64encode PEM_HEADERrangerr PEM_FOOTERr)der_cert_bytesssrs @r0DER_cert_to_PEM_certrs& F %n 5 5wIIA B 3 3 3 3eAs1vvr22 3 3 33BIIj4   99R==r2c |tstdtz|t stdt z|t tt t  }tj| ddS)Nz(Invalid PEM encoding; must start with %sz&Invalid PEM encoding; must end with %srr) r-rrstripendswithrrr decodebytesrL)pem_cert_stringds r0PEM_cert_to_DER_certrs4  % %j 1 1'C%&'' '  " " + +J 7 7'A%&'' 'JZ0@ @AA  ahhw99 : ::r2cL |\}}|t}nt}t|||}t||5}|||5} | d} dddn #1swxYwYdddn #1swxYwYt | S)N)rr#)r9)rTT)rr_create_stdlib_contextrrYrr) rrrr9hostportrrUrPsslsockdercerts r0get_server_certificater s5JD$!  $[/8,4666G 4 1 1 10T  t < < 0))$//G 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0000000000000000  ( ((s5B A5) B 5A9 9B <A9 =B  BBc8t|dS)Nz )_PROTOCOL_NAMESr) protocol_codes r0get_protocol_namer s   }k : ::r2r)orr collectionsrenumr_Enumr_IntEnumr_IntFlagrrNrr r r r r rrrrrrrrr+rr0rrrrr ImportErrorrrrrr r!r"r#r$r%r&r' _convert_rKr(rBr+ __members__itemsrr_SSLv2_IF_EXISTSrJr^rlrrrrrrrrrrrrr'r r socket_errorrrHAS_NEVER_CHECK_COMMON_NAME_RESTRICTED_SERVER_CIPHERSrrrrrrrr&r:r>r;rrr_create_default_https_contextrrrrrWr[rYrrrrrrrrrDr2r0rsXt """"""HHHHHHHHHH NNNNNNNNNN3333333333:9999999EEEEEEEEEEEE    D 87777777(KK   x''  66  h..  8++  ())  0:/FF*,QQ*2H2N2N2P2PQQQ7:'7>>h55555555h        h&"&"&"&"&"&"&"&"Rh        :<7111111119999999999??????????  %%gd,JKK.+.>.>.>b D D DF   ;0;0;0| Z 4 & & &@@@@@**],HII@@@*&&&&&k5&&&BGBGBGBGBGBGBGBGJ$+#6$$"&t$$$$$L49*/9L$($"&tD44444n!74X;X;X;X;X;X;X;X;v ||||||||@' & #T!Y(4(,%) @777<+ (  ; ; ;.A$(2I)))),;;;;;sA&&A.-A.