݁[c!@@sdZddlmZddlZddlZddlZddlZddlZddl Z ddl Z ddl Z ddl Z ddl mZddlmZmZmZddlmZmZmZmZydd l mZWn'ek r eZdd lmZnXd d gZeZejZ ej!j"Z#e j$Z%e j&Z'd Z(ej)ej*ej+ej,ej-ej.ej/ej0ej1ej2ej3ej4ej5ej6ej7ej8ej9ej:ej;ej<ej=ej>ej?ej@ejAejBejCejDejEejFejGejHejIg!ZJiejKejLfe jM6ZNeOe drfejPejPfeNe jQ Undo monkey-patching by :func:`inject_into_urllib3`. N(torig_util_SSLContextRRRtorig_util_HAS_SNIRtFalseR(((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyR s     c C@sd}ytj|}|dkr+tjS|j}|d}|j}d}d}yx||kr|dks|dkrtj||stj t j dqn||} t j | j||} |j| | } || 7}| s\|stjSPq\q\WWnotj k rz} | j }|dk r{|t j kr{||d<|t jksj|t jkrqtjSq{nX||d<||krtjSdSWn/tk r} |dk r| |_ntjSXdS(ss SecureTransport read callback. This is called by ST to request that data be returned from the socket. is timed outN(tNonet_connection_refstgetRterrSSLInternaltsockett gettimeoutRt wait_for_readterrorterrnotEAGAINtctypestc_chart from_addresst recv_intoterrSSLClosedGracefult ECONNRESETtEPIPEterrSSLClosedAbortterrSSLWouldBlockt Exceptiont _exception( t connection_idt data_buffertdata_length_pointertwrapped_sockett base_sockettrequested_lengthttimeoutR#t read_countt remainingtbuffert chunk_sizete((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt_read_callbacksN                c C@sd}yutj|}|dkr+tjS|j}|d}tj||}|j}d}d} yxx| |kr|dks|dkrt j ||stj t j dqn|j|} | | 7} || }qnWWnotj k rX} | j }|dk rY|t j krY| |d<|t jksH|t jkrOtjSqYnX| |d<| |krvtjSdSWn/tk r} |dk r| |_ntjSXdS(sx SecureTransport write callback. This is called by ST to request that data actually be sent on the network. is timed outN(RRRRRR R&t string_atR!Rtwait_for_writeR#R$R%tsendR+R,R-R.R/R0( R1R2R3R4R5tbytes_to_writetdataR7R#tsentt chunk_sentR<((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt_write_callbacksD            t WrappedSocketcB@seZdZdZejdZdZdZdZ dZ dZ dZ dd Zd Zd Zd Zd ZdZdZedZdZdZRS(s API-compatibility wrapper for Python's OpenSSL wrapped socket object. Note: _makefile_refs, _drop(), and _reuse() are needed for the garbage collector of PyPy. cC@sn||_d|_d|_t|_d|_d|_d|_d|_ |jj |_ |jj ddS(Ni( R Rtcontextt_makefile_refsRt_closedR0t _keychaint _keychain_dirt_client_cert_chainR!t_timeoutt settimeout(tselfR ((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt__init__(s        cc@sGd|_dV|jdk rC|jd}|_|j|ndS(s] A context manager that can be used to wrap calls that do I/O from SecureTransport. If any of the I/O callbacks hit an exception, this context manager will correctly propagate the exception after the fact. This avoids silently swallowing those exceptions. It also correctly forces the socket closed. N(RR0tclose(ROt exception((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt_raise_on_error:s  cC@sEtjttt}tj|j|tt}t|dS(s4 Sets up the allowed ciphers. By default this matches the set in util.ssl_.DEFAULT_CIPHERS, at least as supported by macOS. This is done custom and doesn't allow changing at this time, mostly because parsing OpenSSL cipher strings is going to be a freaking nightmare. N(RtSSLCipherSuitetlent CIPHER_SUITEStSSLSetEnabledCiphersRGR(ROtcipherstresult((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt _set_ciphersOsc C@s|s dStjj|rCt|d}|j}WdQXnd}tj}zt|}tj |j t j |}t ||stjdntj||}t |tj|t}t |tj}tj|t j |}t |Wd|r'tj|n|dk rCtj|nXtjtjf}|j|kr~tjd|jndS(s Called when we have set custom validation. We do this in two cases: first, when cert validation is entirely disabled; and second, when using a custom trust DB. NtrbsFailed to copy trust references)certificate verify failed, error code: %d(tostpathtisfiletopentreadRRt SecTrustRefRtSSLCopyPeerTrustRGR&tbyrefRtssltSSLErrortSecTrustSetAnchorCertificatest!SecTrustSetAnchorCertificatesOnlyRtSecTrustResultTypetSecTrustEvaluateRt CFReleaseRtkSecTrustResultUnspecifiedtkSecTrustResultProceedtvalue( ROtverifyt trust_bundletft cert_arrayttrustRYt trust_resultt successes((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt_custom_validate\s@        c C@s[tjdtjtj|_tj|jtt } t | t @t |d} x| t krw| dd} qZW|t | Rj( ROt binary_formRrtcertdatat der_bytesRYt cert_counttleaft data_lengthR2((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt getpeercert`s6     cC@s|jd7_dS(Ni(RH(RO((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt_reusescC@s/|jdkr|jn|jd8_dS(Ni(RHRQ(RO((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt_drops N(t__name__t __module__t__doc__RPt contextlibtcontextmanagerRSRZRuRRRRRR)RNR!R@RRRQRRRR(((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyRF!s&  > Z    (       > icC@s%|jd7_t|||dtS(NiRQ(RHR R(ROtmodetbufsize((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pytmakefilestrcO@sd}t|||||S(Ni(R (RORt bufferingtargstkwargs((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyRsRcB@seZdZdZedZejdZedZejdZedZejdZdZ d Z d Z dddd Z ddd Zeeedd ZRS(s I am a wrapper class for the SecureTransport library, to translate the interface of the standard library ``SSLContext`` object to calls into SecureTransport. cC@sPt|\|_|_d|_t|_d|_d|_d|_ d|_ dS(Ni( t_protocol_to_min_maxt _min_versiont _max_versiont_optionsRt_verifyRt _trust_bundlet _client_certt _client_keyt_client_key_passphrase(ROtprotocol((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyRPs     cC@stS(s SecureTransport cannot have its hostname checking disabled. For more, see the comment on getpeercert() in this file. (R(RO((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pytcheck_hostnamescC@sdS(s SecureTransport cannot have its hostname checking disabled. For more, see the comment on getpeercert() in this file. N((RORm((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyRscC@s|jS(N(R(RO((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pytoptionsscC@s ||_dS(N(R(RORm((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyRscC@s|jrtjStjS(N(RRdt CERT_REQUIREDt CERT_NONE(RO((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt verify_modescC@s"|tjkrtnt|_dS(N(RdRRRR(RORm((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyRscC@sdS(N((RO((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pytset_default_verify_pathss cC@s |jS(N(R(RO((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pytload_default_certsscC@s%|tjjkr!tdndS(Ns5SecureTransport doesn't support custom cipher strings(RRtDEFAULT_CIPHERSR(RORX((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt set_ciphersscC@s.|dk rtdn|p$||_dS(Ns1SecureTransport does not support cert directories(RRR(ROtcafiletcapathtcadata((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pytload_verify_locationss  cC@s||_||_||_dS(N(RRt_client_cert_passphrase(ROtcertfiletkeyfiletpassword((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pytload_cert_chain s  c C@sl| s t|st|s%tt|}|j||j|j|j|j|j|j|j |S(N( RRFRRRRRRRR(ROtsockt server_sidetdo_handshake_on_connecttsuppress_ragged_eofsRR4((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyt wrap_sockets    N(RRRRPtpropertyRtsetterRRRRRRRRRRR(((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyRs      (eRt __future__RRR&R$tos.pathR\RR Rdt threadingtweakreftRt_securetransport.bindingsRRRt_securetransport.low_levelRRRRR t ImportErrorRtpackages.backports.makefileR t__all__RRRRRRtWeakValueDictionaryRtLockR|RtTLS_AES_256_GCM_SHA384tTLS_CHACHA20_POLY1305_SHA256tTLS_AES_128_GCM_SHA256t'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384t%TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384t'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256t%TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256t#TLS_DHE_DSS_WITH_AES_256_GCM_SHA384t#TLS_DHE_RSA_WITH_AES_256_GCM_SHA384t#TLS_DHE_DSS_WITH_AES_128_GCM_SHA256t#TLS_DHE_RSA_WITH_AES_128_GCM_SHA256t'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384t%TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384t$TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHAt"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAt#TLS_DHE_RSA_WITH_AES_256_CBC_SHA256t#TLS_DHE_DSS_WITH_AES_256_CBC_SHA256t TLS_DHE_RSA_WITH_AES_256_CBC_SHAt TLS_DHE_DSS_WITH_AES_256_CBC_SHAt'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256t%TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256t$TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHAt"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHAt#TLS_DHE_RSA_WITH_AES_128_CBC_SHA256t#TLS_DHE_DSS_WITH_AES_128_CBC_SHA256t TLS_DHE_RSA_WITH_AES_128_CBC_SHAt TLS_DHE_DSS_WITH_AES_128_CBC_SHAtTLS_RSA_WITH_AES_256_GCM_SHA384tTLS_RSA_WITH_AES_128_GCM_SHA256tTLS_RSA_WITH_AES_256_CBC_SHA256tTLS_RSA_WITH_AES_128_CBC_SHA256tTLS_RSA_WITH_AES_256_CBC_SHAtTLS_RSA_WITH_AES_128_CBC_SHARVt kTLSProtocol1tkTLSProtocol12tPROTOCOL_SSLv23Rthasattrt kSSLProtocol2R t kSSLProtocol3RRtkTLSProtocol11RRRR R R=REt SSLReadFuncRzt SSLWriteFuncR{tobjectRFRR(((sv/private/var/folders/71/gccz42bs2nl23mxwq3vp1qmhw5xjlw/T/pip-install-k836tR/urllib3/urllib3/contrib/securetransport.pyts         "        7 6