|
Server : Apache System : Linux server.mata-lashes.com 3.10.0-1160.90.1.el7.x86_64 #1 SMP Thu May 4 15:21:22 UTC 2023 x86_64 User : matalashes ( 1004) PHP Version : 8.1.29 Disable Function : NONE Directory : /usr/local/lib/python3.6/site-packages/urllib3/contrib/__pycache__/ |
Upload File : |
3
G�Kd�B������������������@���s���d�Z�ddlmZ�ddlZddlZddlmZ�ddlm Z
�yddl
m
Z
�W�n$�e
k
rl���G�dd��de�Z
Y�nX�dd lmZ�dd
lmZ�dd
lmZ�ydd
lmZ�W�n$�e
k
r����dZd
dlmZ�Y�nX�ddlZddlZddlZddlZd
dl
m
Z
�d
dl
m Z �d
dl m!Z!�ej"de#d
d��ddgZ$dZ%e
j&ej'j(e!ej'j(ej)ej'j*iZ+e,ed��rpe,ej'd��rpej'j-e+ej.<�e,ed��r�e,ej'd��r�ej'j/e+ej0<�e,ed��r�e,ej'd
��r�ej'j1e+ej2<�ej3ej'j4ej5ej'j6ej7ej'j6ej'j8�iZ9e:d
d
��e9j;��D���Z<d Z=e
j%Z>e
j?j@ZAejBeC�ZDd d��ZEd!d��ZFd"d#��ZGd$d%��ZHd&d'��ZIG�d(d)��d)eJ�ZKe�rfd2d+d,�ZLneZLeLeK_LG�d-d.��d.eJ�ZMd/d0��ZNdS�)3a���
TLS with SNI_-support for Python 2. Follow these instructions if you would
like to verify TLS certificates in Python 2. Note, the default libraries do
*not* do certificate checking; you need to do additional work to validate
certificates yourself.
This needs the following packages installed:
* `pyOpenSSL`_ (tested with 16.0.0)
* `cryptography`_ (minimum 1.3.4, from pyopenssl)
* `idna`_ (minimum 2.0, from cryptography)
However, pyopenssl depends on cryptography, which depends on idna, so while we
use all three directly here we end up having relatively few packages required.
You can install them with the following command:
.. code-block:: bash
$ python -m pip install pyopenssl cryptography idna
To activate certificate checking, call
:func:`~urllib3.contrib.pyopenssl.inject_into_urllib3` from your Python code
before you begin making HTTP requests. This can be done in a ``sitecustomize``
module, or at any other time before your application begins using ``urllib3``,
like this:
.. code-block:: python
try:
import urllib3.contrib.pyopenssl
urllib3.contrib.pyopenssl.inject_into_urllib3()
except ImportError:
pass
Now you can use :mod:`urllib3` as you normally would, and it will support SNI
when the required modules are installed.
Activating this module also has the positive side effect of disabling SSL/TLS
compression in Python 2 (see `CRIME attack`_).
.. _sni: https://en.wikipedia.org/wiki/Server_Name_Indication
.. _crime attack: https://en.wikipedia.org/wiki/CRIME_(security_exploit)
.. _pyopenssl: https://www.pyopenssl.org
.. _cryptography: https://cryptography.io
.. _idna: https://github.com/kjd/idna
�����)�absolute_importN)�x509)�backend)�UnsupportedExtensionc���������������@���s
���e�Zd�ZdS�)r���N)�__name__�
__module__�
__qualname__��r ���r ����</tmp/pip-build-8nxjc3nm/urllib3/urllib3/contrib/pyopenssl.pyr���;���s���r���)�BytesIO)�error)�timeout)�
_fileobject����)�backport_makefile)�util)�six)�PROTOCOL_TLS_CLIENTz�'urllib3.contrib.pyopenssl' module is deprecated and will be removed in a future release of urllib3 2.x. Read more in this issue: https://github.com/urllib3/urllib3/issues/2680)�category�
stacklevel�inject_into_urllib3�extract_from_urllib3T�PROTOCOL_SSLv3�
SSLv3_METHOD�PROTOCOL_TLSv1_1�TLSv1_1_METHOD�PROTOCOL_TLSv1_2�TLSv1_2_METHODc�������������c���s���|�]\}}||fV��qd�S�)Nr ���)�.0�k�vr ���r ���r
���� <genexpr>v���s����r!���i�@��c���������������C���s4���t����tt_ttj_tt_ttj_dt_dtj_dS�)z7Monkey-patch urllib3 with PyOpenSSL-backed SSL-support.TN)�_validate_dependencies_met�PyOpenSSLContextr����
SSLContext�ssl_�HAS_SNI�
IS_PYOPENSSLr ���r ���r ���r
���r�������s����c���������������C���s.���t�t_t�tj_tt_ttj_dt_dtj_dS�)z4Undo monkey-patching by :func:`inject_into_urllib3`.FN)�orig_util_SSLContextr���r$���r%����orig_util_HAS_SNIr&���r'���r ���r ���r ���r
���r�������s
����c��������������C���sR���ddl�m}��t|�dd�dkr$td��ddlm}�|��}t|dd�dkrNtd��dS�) z{
Verifies that PyOpenSSL's package-level dependencies have been met.
Throws `ImportError` if they are not met.
r���)�
Extensions�get_extension_for_classNzX'cryptography' module missing required functionality. Try upgrading to v1.3.4 or newer.)�X509Z_x509zS'pyOpenSSL' module missing required functionality. Try upgrading to v0.14 or newer.)Z
cryptography.x509.extensionsr*����getattr�
ImportError�OpenSSL.cryptor,���)r*���r,���r���r ���r ���r
���r"�������s����
r"���c�������������C���s@���dd��}d|�kr|�S�||��}�|�dkr(dS�t�jdkr<|�jd�}�|�S�) a%��
Converts a dNSName SubjectAlternativeName field to the form used by the
standard library on the given Python version.
Cryptography produces a dNSName as a unicode string that was idna-decoded
from ASCII bytes. We need to idna-encode that string to get it back, and
then on Python 3 we also need to convert to unicode via UTF-8 (the stdlib
uses PyUnicode_FromStringAndSize on it, which decodes via UTF-8).
If the name cannot be idna-encoded then we return None signalling that
the name given should be skipped.
c����������
���S���sl���ddl�}yFx:dD�]2}|�j|�r|�t|�d��}�|jd�|j|���S�qW�|j|��S��|jjk
rf���dS�X�dS�)z�
Borrowed wholesale from the Python Cryptography Project. It turns out
that we can't just safely call `idna.encode`: it can explode for
wildcard names. This avoids that problem.
r���N�*.�.�ascii)r0���r1���)�idna�
startswith�len�encode�core� IDNAError)�namer3����prefixr ���r ���r
����
idna_encode����s����
z'_dnsname_to_stdlib.<locals>.idna_encode�:N����r���zutf-8)r=���r���)�sys�
version_info�decode)r9���r;���r ���r ���r
����_dnsname_to_stdlib����s����
rA���c�������������C���s����t�|�d�r|�j��}n
tjjtjj|��}tj|t�}y|j j
tj
�j
}W�nL�tj
k
r\���g�S��tjttjtfk
r��}�ztjd|��g�S�d}~X�nX�dd��tt|jtj��D��}|jdd��|jtj�D����|S�)zU
Given an PyOpenSSL certificate, provides all the subject alternative names.
�to_cryptographyz�A problem was encountered with the certificate that prevented urllib3 from finding the SubjectAlternativeName field. This can affect certificate validation. The error was %sNc�������������S���s
���g�|�]}|d�k rd|f�qS�)N�DNSr ���)r
���r9���r ���r ���r
����
<listcomp> ��s���z%get_subj_alt_name.<locals>.<listcomp>c�������������s���s���|�]}d�t�|�fV��qdS�)z
IP AddressN)�str)r
���r9���r ���r ���r
���r!�����s����z$get_subj_alt_name.<locals>.<genexpr>)�hasattrrB����OpenSSL�crypto�dump_certificate�
FILETYPE_ASN1r���Zload_der_x509_certificate�openssl_backend�
extensionsr+���ZSubjectAlternativeName�valueZExtensionNotFoundZDuplicateExtensionr���ZUnsupportedGeneralNameType�
UnicodeError�log�warning�maprA���Zget_values_for_typeZDNSName�extendZ IPAddress)Z peer_cert�certZder�ext�e�namesr ���r ���r
����get_subj_alt_name����s,����
rW���c���������������@���s����e�Zd�ZdZd!dd�Zdd��Zdd��Zd d
��Zd
d
��Zd
d��Z dd��Z
dd��Z
dd��Z
dd��Z
d"dd�Zdd��Zd
d
��Zd
d ��Zd S�)#�
WrappedSocketz�API-compatibility wrapper for Python OpenSSL's Connection-class.
Note: _makefile_refs, _drop() and _reuse() are needed for the garbage
collector of pypy.
Tc�������������C���s"���||�_�||�_||�_d|�_d|�_d�S�)Nr���F)�
connection�socket�suppress_ragged_eofs�_makefile_refs�_closed)�selfrY���rZ���r[���r ���r ���r
����__init__��s
����zWrappedSocket.__init__c�������������C���s
���|�j�j��S�)N)rZ����fileno)r^���r ���r ���r
���r`���"��s����zWrappedSocket.filenoc�������������C���s*���|�j�dkr|��j�d8��_�|�jr&|�j���d�S�)Nr�������)r\���r]����close)r^���r ���r ���r
����_decref_socketios&��s����
z WrappedSocket._decref_socketiosc�������������O���s��y|�j�j||�}W�n��tjjk
rX�}�z&|�jr<|jdkr<dS�tt|���W�Y�d�d�}~X�n��tjj k
r����|�j�j
��tjj
kr�dS���Y�nz�tjj
k
r����t
j|�j|�jj���s�td��n
|�j||�S�Y�n:�tjjk
��r��}�ztjd|���W�Y�d�d�}~X�nX�|S�d�S�)Nra����Unexpected EOF�����z
The read operation timed outzread error: %r���)rf���rd���)rY����recvrG����SSL�
SysCallErrorr[����args�
SocketErrorrE����ZeroReturnError�
get_shutdown�RECEIVED_SHUTDOWN�
WantReadErrorr����
wait_for_readrZ����
gettimeoutr
����Error�ssl�SSLError)r^���rj����kwargs�datarU���r ���r ���r
���rg���,��s"����
zWrappedSocket.recvc�������������O���s����y|�j�j||�S��tjjk
rT�}�z&|�jr8|jdkr8dS�tt|���W�Y�d�d�}~X�n��tjj k
r����|�j�j
��tjj
kr|dS���Y�nv�tjj
k
r����t
j|�j|�jj���s�td��n
|�j||�S�Y�n6�tjjk
��r��}�ztjd|���W�Y�d�d�}~X�nX�d�S�)Nra����Unexpected EOFr���z
The read operation timed outzread error: %rrf���)rf���rw���)rY���� recv_intorG���rh���ri���r[���rj���rk���rE���rl���rm���rn���ro���r���rp���rZ���rq���r
���rr���rs���rt���)r^���rj���ru���rU���r ���r ���r
���rx���E��s ����
zWrappedSocket.recv_intoc�������������C���s
���|�j�j|�S�)N)rZ����
settimeout)r^���r
���r ���r ���r
���ry���\��s����zWrappedSocket.settimeoutc�������������C���s|���xvy
|�j�j|�S��tjjk
rB���tj|�j|�jj���s<t ���wY�q�tjj
k
rr�}�zt
t
|���W�Y�d�d�}~X�qX�qW�d�S�)N)
rY����sendrG���rh���ZWantWriteErrorr����wait_for_writerZ���rq���r
���ri���rk���rE���)r^���rv���rU���r ���r ���r
����_send_until_done_��s����
z
WrappedSocket._send_until_donec�������������C���s8���d}x.|t�|�k�r2|�j|||t����}||7�}qW�d�S�)Nr���)r5���r|����SSL_WRITE_BLOCKSIZE)r^���rv����
total_sent�sentr ���r ���r
����sendallj��s
����zWrappedSocket.sendallc�������������C���s���|�j�j���d�S�)N)rY����shutdown)r^���r ���r ���r
���r����r��s����zWrappedSocket.shutdownc����������
���C���sH���|�j�dk�r6yd|�_|�jj��S��tjjk
r2���d�S�X�n|��j�d8��_�d�S�)Nra���T)r\���r]���rY���rb���rG���rh���rr���)r^���r ���r ���r
���rb���v��s����
zWrappedSocket.closeFc�������������C���sD���|�j�j��}|s|S�|r(tjjtjj|�S�d|j��jffft|�d�S�)N�
commonName)�subject�subjectAltName) rY���Zget_peer_certificaterG���rH���rI���rJ���Z
get_subjectZCNrW���)r^����
binary_formr���r ���r ���r
����
getpeercert���s����
zWrappedSocket.getpeercertc�������������C���s
���|�j�j��S�)N)rY���Zget_protocol_version_name)r^���r ���r ���r
����version���s����zWrappedSocket.versionc�������������C���s���|��j�d7��_�d�S�)Nra���)r\���)r^���r ���r ���r
����_reuse���s����zWrappedSocket._reusec�������������C���s&���|�j�dk�r|�j���n|��j�d8��_�d�S�)Nra���)r\���rb���)r^���r ���r ���r
����_drop���s����
zWrappedSocket._dropN)T)F)r���r���r����__doc__r_���r`���rc���rg���rx���ry���r|���r����r����rb���r����r����r����r����r ���r ���r ���r
���rX�����s
���
rX���ra���c�������������C���s
���|��j�d7��_�t|�||dd�S�)Nra���T)rb���)r\���r���)r^����mode�bufsizer ���r ���r
����makefile���s����r����c���������������@���s����e�Zd�ZdZdd��Zedd���Zejdd���Zedd���Zejd d���Zd
d
��Z d
d
��Z
ddd�Z
ddd�Z
dd��Z
ddd�ZdS�)
r#���z�
I am a wrapper class for the PyOpenSSL ``Context`` object. I am responsible
for translating the interface of the standard library ``SSLContext`` object
to calls into PyOpenSSL.
c�������������C���s*���t�|�|�_tjj|�j�|�_d|�_d|�_d�S�)Nr���F)�_openssl_versions�protocolrG���rh����Context�_ctx�_options�check_hostname)r^���r����r ���r ���r
���r_������s����
zPyOpenSSLContext.__init__c�������������C���s���|�j�S�)N)r����)r^���r ���r ���r
����options���s����zPyOpenSSLContext.optionsc�������������C���s���||�_�|�jj|��d�S�)N)r����r����Z
set_options)r^���rM���r ���r ���r
���r�������s����c�������������C���s���t�|�jj���S�)N)�_openssl_to_stdlib_verifyr����Zget_verify_mode)r^���r ���r ���r
����
verify_mode���s����z
PyOpenSSLContext.verify_modec�������������C���s���|�j�jt|�t��d�S�)N)r����Z
set_verify�_stdlib_to_openssl_verify�_verify_callback)r^���rM���r ���r ���r
���r�������s����c�������������C���s���|�j�j���d�S�)N)r�����set_default_verify_paths)r^���r ���r ���r
���r�������s����z)PyOpenSSLContext.set_default_verify_pathsc�������������C���s&���t�|tj�r|jd�}|�jj|��d�S�)Nzutf-8)�
isinstancer���� text_typer6���r����Zset_cipher_list)r^����ciphersr ���r ���r
����
set_ciphers���s����
z
PyOpenSSLContext.set_ciphersNc�������������C���s����|d�k r|j�d�}|d�k r$|j�d�}y*|�jj||��|d�k rL|�jjt|���W�n4�tjjk
r��}�ztjd|���W�Y�d�d�}~X�nX�d�S�)Nzutf-8z'unable to load trusted certificates: %r) r6���r�����load_verify_locationsr
���rG���rh���rr���rs���rt���)r^����cafile�capath�cadatarU���r ���r ���r
���r�������s����
z&PyOpenSSLContext.load_verify_locationsc����������������sR���|�j�j|����d�k r>t��tj�s*��jd���|�j�j��fdd���|�j�j|pJ|��d�S�)Nzutf-8c�����������������s�����S�)Nr ���)�_)�passwordr ���r
����<lambda>���s����z2PyOpenSSLContext.load_cert_chain.<locals>.<lambda>)r����Zuse_certificate_chain_filer����r����
binary_typer6���Z
set_passwd_cbZuse_privatekey_file)r^����certfile�keyfiler����r ���)r����r
����load_cert_chain���s
����
z PyOpenSSLContext.load_cert_chainc�������������C���s���dd��|D��}|�j�j|�S�)Nc�������������S���s���g�|�]}t�j|��qS�r ���)r���Z
ensure_binary)r
����pr ���r ���r
���rD������s����z7PyOpenSSLContext.set_alpn_protocols.<locals>.<listcomp>)r����Zset_alpn_protos)r^���Z protocolsr ���r ���r
����set_alpn_protocols���s����z#PyOpenSSLContext.set_alpn_protocolsFTc�������������C���s����t�jj|�j|�}t|tj�r&|jd�}|d�k r8|j|��|j ���xxy
|j
���W�nd�t�jj
k
r����t
j
||j���sztd��wBY�n4�t�jjk
r��}�ztjd|���W�Y�d�d�}~X�nX�P�qBW�t||�S�)Nzutf-8zselect timed outzbad handshake: %r)rG���rh����
Connectionr����r����r���r����r6���Zset_tlsext_host_nameZset_connect_state�
do_handshakero���r���rp���rq���r
���rr���rs���rt���rX���)r^����sock�
server_side�do_handshake_on_connectr[����server_hostname�cnxrU���r ���r ���r
����
wrap_socket���s"����
z
PyOpenSSLContext.wrap_socket)NNN)NN)FTTN)r���r���r���r����r_����propertyr�����setterr����r����r����r����r����r����r����r ���r ���r ���r
���r#������s
���
���r#���c�������������C���s���|dkS�)Nr���r ���)r����r���Zerr_noZ err_depthZ
return_coder ���r ���r
���r������s����r����rf���)rf���)Or�����
__future__r���r/���rG���Z
OpenSSL.SSLZ
cryptographyr���Z$cryptography.hazmat.backends.opensslr���rK���Zcryptography.x509r���r.���� Exception�ior
���rZ���r
���rk���r
���r���Zpackages.backports.makefiler����loggingrs���r>����warnings��r����packagesr���Z util.ssl_r����warn�DeprecationWarning�__all__r&����
PROTOCOL_TLSrh���Z
SSLv23_METHOD�PROTOCOL_TLSv1Z
TLSv1_METHODr����rF���r���r���r���r���r
���r
���� CERT_NONEZ
VERIFY_NONE�
CERT_OPTIONALZ
VERIFY_PEER�
CERT_REQUIREDZVERIFY_FAIL_IF_NO_PEER_CERTr�����dict�itemsr����r}���r)���r%���r$���r(���� getLoggerr���rO���r���r���r"���rA���rW����objectrX���r����r#���r����r ���r ���r ���r
����<module>/���sz���
+5�
^