ó V!¶\c!@@s×dZddlmZddlZddlZddlZddlZddlZddl Z ddl Z ddl Z ddl Z ddl mZddlmZmZmZddlmZmZmZmZydd l mZWn'ek r eZdd lmZnXd d gZeZejZ ej!j"Z#e j$ƒZ%e j&ƒZ'd Z(ej)ej*ej+ej,ej-ej.ej/ej0ej1ej2ej3ej4ej5ej6ej7ej8ej9ej:ej;ej<ej=ej>ej?ej@ejAejBejCejDejEejFejGejHejIg!ZJiejKejLfe jM6ZNeOe dƒrfejPejPfeNe jQ Undo monkey-patching by :func:`inject_into_urllib3`. N(torig_util_SSLContextRRRtorig_util_HAS_SNIRtFalseR(((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyR ¥s     c C@sÓd}y—tj|ƒ}|dkr+tjS|j}|d}|jƒ}d}d}y³x¬||kr|dks€|dkr­tj||ƒs­tj t j dƒ‚q­n||} t j | j||ƒ} |j| | ƒ} || 7}| s\|stjSPq\q\WWnotj k rz} | j }|dk r{|t j kr{||d<|t jksj|t jkrqtjS‚q{nX||d<||kr˜tjSdSWn/tk rÎ} |dk rÇ| |_ntjSXdS(ss SecureTransport read callback. This is called by ST to request that data be returned from the socket. is timed outN(tNonet_connection_refstgetRterrSSLInternaltsockett gettimeoutRt wait_for_readterrorterrnotEAGAINtctypestc_chart from_addresst recv_intoterrSSLClosedGracefult ECONNRESETtEPIPEterrSSLClosedAbortterrSSLWouldBlockt Exceptiont _exception( t connection_idt data_buffertdata_length_pointertwrapped_sockett base_sockettrequested_lengthttimeoutR#t read_countt remainingtbuffert chunk_sizete((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt_read_callback°sN                c C@s±d}yutj|ƒ}|dkr+tjS|j}|d}tj||ƒ}|jƒ}d}d} yxx| |krå|dks’|dkr¿t j ||ƒs¿tj t j dƒ‚q¿n|j|ƒ} | | 7} || }qnWWnotj k rX} | j }|dk rY|t j krY| |d<|t jksH|t jkrOtjS‚qYnX| |d<| |krvtjSdSWn/tk r¬} |dk r¥| |_ntjSXdS(sx SecureTransport write callback. This is called by ST to request that data actually be sent on the network. is timed outN(RRRRRR R&t string_atR!Rtwait_for_writeR#R$R%tsendR+R,R-R.R/R0( R1R2R3R4R5tbytes_to_writetdataR7R#tsentt chunk_sentR<((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt_write_callbackçsD            t WrappedSocketcB@s¿eZdZd„Zejd„ƒZd„Zd„Zd„Z d„Z d„Z d„Z dd „Zd „Zd „Zd „Zd „Zd„Zd„Zed„Zd„Zd„ZRS(s² API-compatibility wrapper for Python's OpenSSL wrapped socket object. Note: _makefile_refs, _drop(), and _reuse() are needed for the garbage collector of PyPy. cC@sn||_d|_d|_t|_d|_d|_d|_d|_ |jj ƒ|_ |jj dƒdS(Ni( R Rtcontextt_makefile_refsRt_closedR0t _keychaint _keychain_dirt_client_cert_chainR!t_timeoutt settimeout(tselfR ((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt__init__(s        cc@sGd|_dV|jdk rC|jd}|_|jƒ|‚ndS(s] A context manager that can be used to wrap calls that do I/O from SecureTransport. If any of the I/O callbacks hit an exception, this context manager will correctly propagate the exception after the fact. This avoids silently swallowing those exceptions. It also correctly forces the socket closed. N(RR0tclose(ROt exception((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt_raise_on_error:s  cC@sEtjttƒtŒ}tj|j|ttƒƒ}t|ƒdS(s4 Sets up the allowed ciphers. By default this matches the set in util.ssl_.DEFAULT_CIPHERS, at least as supported by macOS. This is done custom and doesn't allow changing at this time, mostly because parsing OpenSSL cipher strings is going to be a freaking nightmare. N(RtSSLCipherSuitetlent CIPHER_SUITEStSSLSetEnabledCiphersRGR(ROtcipherstresult((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt _set_ciphersOsc C@s‚|s dStjj|ƒrCt|dƒ}|jƒ}WdQXnd}tjƒ}z¹t|ƒ}tj |j t j |ƒƒ}t |ƒ|s¤tjdƒ‚ntj||ƒ}t |ƒtj|tƒ}t |ƒtjƒ}tj|t j |ƒƒ}t |ƒWd|r'tj|ƒn|dk rCtj|ƒnXtjtjf}|j|kr~tjd|jƒ‚ndS(sÁ Called when we have set custom validation. We do this in two cases: first, when cert validation is entirely disabled; and second, when using a custom trust DB. NtrbsFailed to copy trust references)certificate verify failed, error code: %d(tostpathtisfiletopentreadRRt SecTrustRefRtSSLCopyPeerTrustRGR&tbyrefRtssltSSLErrortSecTrustSetAnchorCertificatest!SecTrustSetAnchorCertificatesOnlyRtSecTrustResultTypetSecTrustEvaluateRt CFReleaseRtkSecTrustResultUnspecifiedtkSecTrustResultProceedtvalue( ROtverifyt trust_bundletft cert_arrayttrustRYt trust_resultt successes((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt_custom_validate\s@        c C@s[tjdtjtjƒ|_tj|jtt ƒ} t | ƒt @t |ƒd} x| t krw| dd} qZW|t | Rj( ROt binary_formRrtcertdatat der_bytesRYt cert_counttleaft data_lengthR2((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt getpeercert`s6     cC@s|jd7_dS(Ni(RH(RO((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt_reusežscC@s/|jdkr|jƒn|jd8_dS(Ni(RHRQ(RO((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt_drop¡s N(t__name__t __module__t__doc__RPt contextlibtcontextmanagerRSRZRuR‘R’R“R—RR)RNR!R@R¡R£RQRR´RµR¶(((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyRF!s&  > Z    (       > iÿÿÿÿcC@s%|jd7_t|||dtƒS(NiRQ(RHR R(ROtmodetbufsize((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pytmakefile©strcO@sd}t|||||ŽS(Ni(R (ROR¼t bufferingtargstkwargs((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyR¾­sRcB@sËeZdZd„Zed„ƒZejd„ƒZed„ƒZejd„ƒZed„ƒZejd„ƒZd„Z d „Z d „Z dddd „Z ddd „Zeeedd „ZRS(s¯ I am a wrapper class for the SecureTransport library, to translate the interface of the standard library ``SSLContext`` object to calls into SecureTransport. cC@sPt|\|_|_d|_t|_d|_d|_d|_ d|_ dS(Ni( t_protocol_to_min_maxt _min_versiont _max_versiont_optionsRt_verifyRt _trust_bundlet _client_certt _client_keyt_client_key_passphrase(ROtprotocol((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyRP¼s     cC@stS(sŽ SecureTransport cannot have its hostname checking disabled. For more, see the comment on getpeercert() in this file. (R(RO((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pytcheck_hostnameÅscC@sdS(sŽ SecureTransport cannot have its hostname checking disabled. For more, see the comment on getpeercert() in this file. N((RORm((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyRÍÍscC@s|jS(N(RÆ(RO((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pytoptionsÕscC@s ||_dS(N(RÆ(RORm((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyRÎßscC@s|jrtjStjS(N(RÇRdt CERT_REQUIREDt CERT_NONE(RO((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt verify_modeäscC@s"|tjkrtnt|_dS(N(RdRÏRRRÇ(RORm((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyRÑèscC@sdS(N((RO((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pytset_default_verify_pathsìs cC@s |jƒS(N(RÒ(RO((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pytload_default_certsøscC@s%|tjjkr!tdƒ‚ndS(Ns5SecureTransport doesn't support custom cipher strings(RRtDEFAULT_CIPHERSR§(RORX((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt set_ciphersûscC@s.|dk rtdƒ‚n|p$||_dS(Ns1SecureTransport does not support cert directories(RR§RÈ(ROtcafiletcapathtcadata((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pytload_verify_locationss  cC@s||_||_||_dS(N(RÉRÊt_client_cert_passphrase(ROtcertfiletkeyfiletpassword((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pytload_cert_chain s  c C@sl| s t‚|st‚|s%t‚t|ƒ}|j||j|j|j|j|j|j|j ƒ|S(N( RªRFR‘RÇRÈRÄRÅRÉRÊRË(ROtsockt server_sidetdo_handshake_on_connecttsuppress_ragged_eofsRŠR4((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyt wrap_sockets    N(R·R¸R¹RPtpropertyRÍtsetterRÎRÑRÒRÓRÕRRÙRÞRRRã(((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pyR¶s      (eR¹t __future__RRºR&R$tos.pathR\R¥R Rdt threadingtweakreftRt_securetransport.bindingsRRRt_securetransport.low_levelRRRRR t ImportErrorRtpackages.backports.makefileR t__all__RRRRRRtWeakValueDictionaryRtLockR|RŸtTLS_AES_256_GCM_SHA384tTLS_CHACHA20_POLY1305_SHA256tTLS_AES_128_GCM_SHA256t'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384t%TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384t'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256t%TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256t#TLS_DHE_DSS_WITH_AES_256_GCM_SHA384t#TLS_DHE_RSA_WITH_AES_256_GCM_SHA384t#TLS_DHE_DSS_WITH_AES_128_GCM_SHA256t#TLS_DHE_RSA_WITH_AES_128_GCM_SHA256t'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384t%TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384t$TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHAt"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAt#TLS_DHE_RSA_WITH_AES_256_CBC_SHA256t#TLS_DHE_DSS_WITH_AES_256_CBC_SHA256t TLS_DHE_RSA_WITH_AES_256_CBC_SHAt TLS_DHE_DSS_WITH_AES_256_CBC_SHAt'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256t%TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256t$TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHAt"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHAt#TLS_DHE_RSA_WITH_AES_128_CBC_SHA256t#TLS_DHE_DSS_WITH_AES_128_CBC_SHA256t TLS_DHE_RSA_WITH_AES_128_CBC_SHAt TLS_DHE_DSS_WITH_AES_128_CBC_SHAtTLS_RSA_WITH_AES_256_GCM_SHA384tTLS_RSA_WITH_AES_128_GCM_SHA256tTLS_RSA_WITH_AES_256_CBC_SHA256tTLS_RSA_WITH_AES_128_CBC_SHA256tTLS_RSA_WITH_AES_256_CBC_SHAtTLS_RSA_WITH_AES_128_CBC_SHARVt kTLSProtocol1tkTLSProtocol12tPROTOCOL_SSLv23RÃthasattrt kSSLProtocol2R t kSSLProtocol3RRtkTLSProtocol11RRRR R R=REt SSLReadFuncRzt SSLWriteFuncR{tobjectRFR¾R(((sB/tmp/pip-install-usGedi/urllib3/urllib3/contrib/securetransport.pytsª         "        7 6ÿˆ