o ?cG@sbddlZddlZddlZddlZddlZddlZddlmZddlm Z m Z m Z ddl m Zddl mZmZmZmZddl mZddl mZddlmZdd lmZmZmZmZmZmZm Z dd l!m"Z"z dd lm#Z#m$Z$Wne%ydd l m#Z#m$Z$Ynwz#e&ej'd e(d ddl)m*Z+Wdn1swYWne%yddlm+Z+Ynwddl,Z-ddl.m/Z/m0Z0m1Z1m2Z2ddl3m4Z4m Z m5Z5m6Z6m7Z7m8Z8mZmZddl9m:Z:e1e;e<Z=dZ>dZ?ej@Aej@BeCdZDzddlEmFZFWne%y ddZFYnwddZG d'ddZHddZIdd ZJd!d"ZKGd#d$d$ZLGd%d&d&ZMdS)(N) b64encode) PoolManagerTimeoutproxy_from_url)ConnectTimeoutError)LocationParseErrorNewConnectionError ProtocolError ProxyError)ReadTimeoutError)SSLError)Retry)DEFAULT_CIPHERSOP_NO_COMPRESSION PROTOCOL_TLS OP_NO_SSLv2 OP_NO_SSLv3 is_ipaddressssl) parse_url) OP_NO_TICKETPROTOCOL_TLS_CLIENTignore)category)orig_util_SSLContext) SSLContext) IPV6_ADDRZ_RE ensure_bytesfilter_ssl_warningsurlparse)ConnectionClosedErrorrEndpointConnectionErrorHTTPClientErrorInvalidProxiesConfigErrorProxyConnectionErrorr r )unquote< z cacert.pem)wherecCstSN)DEFAULT_CA_BUNDLEr+r+o/private/var/folders/cw/wlscbxl13mj6wd668h7l9g9sllkg5j/T/pip-target-b31awkwq/lib/python/botocore/httpsession.pyr(Qsr(cCs&|dur|St}td||S)NTzCertificate path: )r(loggerdebug)verifyZ cert_pathr+r+r, get_cert_pathUs r0cs|r|tkrt}t||pt|durtjn|}|dur2d}|tO}|tO}|t O}|t O}j |O_ |tjksCt j dkrNtdddurNd_fdd}|tjkr`|_|n||_tdrztjd }|rzt jjsz|_S) zThis function is a vendored version of the same function in urllib3 We vendor this function to ensure that the SSL contexts we construct always use the std lib SSLContext instead of pyopenssl. Nr)post_handshake_authTcstdddur d_dSdS)Ncheck_hostnameF)getattrr5r+contextr+r,disable_check_hostnames z6create_urllib3_context..disable_check_hostnamekeylog_filename SSLKEYLOGFILE)rrr set_ciphersrr CERT_REQUIREDrrrroptionssys version_infor6r4 verify_modehasattrosenvirongetflagsignore_environmentr:) ssl_version cert_reqsr>ciphersr9 sslkeylogfiler+r7r,create_urllib3_context_s<       rLcCst|tr|S|dkS)z~Ensures a boolean value if a string or boolean is provided For strings, the value for True/False is case insensitive true) isinstanceboollower)valr+r+r,ensure_booleans  rRcCs<d}t|}|jr||j|d}|jr||j|d}|S)z Mask proxy url credentials. :type proxy_url: str :param proxy_url: The proxy url, i.e. https://username:password@proxy.com :return: Masked proxy url, i.e. https://***:***@proxy.com z***)rusernamereplacepassword) proxy_urlmask parsed_urlr+r+r,mask_proxy_urls rZcCst|p tt|S)z@Wrap urllib3's is_ipaddress to support bracketed IPv6 addresses.)rrOrmatch)hostr+r+r, _is_ipaddresssr]c@sNeZdZdZdddZddZddZed d Zd d Z d dZ ddZ dS)ProxyConfigurationaRepresents a proxy configuration dictionary and additional settings. This class represents a proxy configuration dictionary and provides utility functions to retreive well structured proxy urls and proxy headers from the proxy configuration dictionary. NcCs(|duri}|dur i}||_||_dSr))_proxies_proxies_settings)selfproxiesproxies_settingsr+r+r,__init__s  zProxyConfiguration.__init__cCs(t|}|j|j}|r||}|S)z6Retrieves the corresponding proxy url for a given url.)rr_rEscheme_fix_proxy_url)raurlrYproxyr+r+r, proxy_url_fors  z ProxyConfiguration.proxy_url_forcCs2i}||\}}|r|r|||}||d<|S)z@Retrieves the corresponding proxy headers for a given proxy url.zProxy-Authorization)_get_auth_from_url_construct_basic_auth)rarWheadersrTrV basic_authr+r+r,proxy_headers_fors  z$ProxyConfiguration.proxy_headers_forcCs|jSr))r`rar+r+r,settingsszProxyConfiguration.settingscCs2|ds |dr |S|drd|Sd|S)Nhttp:zhttps:z//zhttp://) startswith)rarWr+r+r,rfs  z!ProxyConfiguration._fix_proxy_urlcCs.|d|}t|d}d|S)N:asciizBasic )rencodestripdecode)rarTrVauth_strZ encoded_strr+r+r,rks z(ProxyConfiguration._construct_basic_authc Cs8t|}z t|jt|jfWSttfyYdSw)NNN)rr%rTrVAttributeError TypeError)rargrYr+r+r,rjs z%ProxyConfiguration._get_auth_from_urlry) __name__ __module__ __qualname____doc__rdrirnpropertyrprfrkrjr+r+r+r,r^s    r^c@seZdZdZdddedddfddZddZdd Zd d Zd d Z ddZ ddZ ddZ dddZ ddZddZddZddZdS)URLLib3Sessiona_A basic HTTP client that supports connection pooling and proxies. This class is inspired by requests.adapters.HTTPAdapter, but has been boiled down to meet the use cases needed by botocore. For the most part this classes matches the functionality of HTTPAdapter in requests v2.7.0 (the same as our vendored version). The only major difference of note is that we currently do not support sending chunked requests. While requests v2.7.0 implemented this themselves, later version urllib3 support this directly via a flag to urlopen so enabling it if needed should be trivial. TNcCs||_t||d|_tjjtjjd|_|durt}t |t t fs+t |d|dd}d|_ d|_t |tr:||_ n t |trE|\|_ |_||_||_||_|durUg|_i|_tdi||_|j|j_dS)N)rbrc)httphttpsrrS)connectreadr+)_verifyr^ _proxy_configbotocore awsrequestZAWSHTTPConnectionPoolZAWSHTTPSConnectionPool_pool_classes_by_schemeDEFAULT_TIMEOUTrNintfloatr _cert_file _key_filestrtuple_timeout_max_pool_connections_socket_options_proxy_managersr_get_pool_manager_kwargs_managerpool_classes_by_scheme)rar/rbtimeoutZmax_pool_connectionssocket_options client_certZproxies_configr+r+r,rds2    zURLLib3Session.__init__cKs,|jj}d|di|}dd|DS)Nuse_forwarding_for_httpsZproxy_use_forwarding_for_httpscSsi|] \}}|dur||qSr)r+).0kvr+r+r, Dsz2URLLib3Session._proxies_kwargs..)rrprEitems)rakwargsrcZproxies_kwargsr+r+r,_proxies_kwargs<szURLLib3Session._proxies_kwargscKs6d|j|j||j|j|jd}|jdi||S)NT)strictrmaxsize ssl_contextr cert_filekey_filer+)rr_get_ssl_contextrrrupdate)ra extra_kwargsZpool_manager_kwargsr+r+r,rFs z'URLLib3Session._get_pool_manager_kwargscCstSr))rLror+r+r,rSszURLLib3Session._get_ssl_contextcCsj||jvr0|j|}||}|j|d}||j|dt|fi|}|j|_ ||j|<|j|S)N) proxy_headers)proxy_ssl_context) rrrn_setup_proxy_ssl_contextrrrrrr)rarWrrZproxy_manager_kwargs proxy_managerr+r+r,_get_proxy_managerVs      z!URLLib3Session._get_proxy_managercCs.t|}|j}|s d}|jr|d|j}|S)N/?)rpathquery)rargrYrr+r+r, _path_urlfszURLLib3Session._path_urlcCs6|dr|rd|_t||_dSd|_d|_dS)Nrr= CERT_NONE)rPrrrIr0ca_certs)raconnrgr/r+r+r,_setup_ssl_certos  zURLLib3Session._setup_ssl_certc Cs|jj}|d}|d}|dur|durdS|}z6t|}t|js)d|_|dur3|j|dt |t rF|j |d|dd|WSt |t rP| ||WSt ttfyf}zt|dd}~ww) Nproxy_ca_bundleZproxy_client_certT)cafilerrS)keyfileerror)rrprErrr]r\r5load_verify_locationsrNrload_cert_chainrOSErrorURLLib3SSLErrorrr#)rarWrcrZ proxy_certr8rger+r+r,rws,       z'URLLib3Session._setup_proxy_ssl_contextcCs|r ||}|S|j}|Sr))rr)rargrWmanagerr+r+r,_get_connection_managers  z&URLLib3Session._get_connection_managercCsT|du}|s ||St|j}|dko|dd}|s#|dr%|S||S)NrrFrq)rrrerrErr)rargrW has_proxy proxy_schemeZusing_https_forwarding_proxyr+r+r,_get_request_targets   z"URLLib3Session._get_request_targetcCs |dd}t|}|dkS)NzTransfer-Encodingschunked)rErrP)rarlZtransfer_encodingr+r+r,_chunkeds  zURLLib3Session._chunkedcCs&|j|jD]}|q dSr))rclearrvalues)rarr+r+r,closes  zURLLib3Session.closec Cszd|j|j}||j|}||j}|||j|jttj ddr2t |jj }||j d<||j|}|j|j||j|jtdddd||jd }tj|j|j|j|}|jsb|j|WStyw} zt|j| dd} ~ wttjfy} zt |j| dd} ~ wt!y} zt"t#|| dd} ~ wt$y} zt%|j| dd} ~ wt&y} zt'|j| dd} ~ wt(y} zt)| ||jdd} ~ wt*y} zd } t+j,| d d t-| d d} ~ ww) NZ(BOTO_EXPERIMENTAL__ADD_PROXY_HOST_HEADERr\F) methodrgbodyrlretriesassert_same_hostpreload_contentdecode_contentchunked) endpoint_urlr)rWr)rrequestrz4Exception received when sending urllib3 HTTP requestT)exc_infor).rrirgrconnection_from_urlrrrRrCrDrErhostnamerrurlopenrrrlr rrrZ AWSResponsestatusZ stream_outputcontentrr rsocketgaierrorr!r r$rZURLLib3ConnectTimeoutErrorrURLLib3ReadTimeoutErrorr r r Exceptionr-r.r") rarrWrrr\Zrequest_targetZurllib_response http_responsermessager+r+r,sendsv       zURLLib3Session.sendr))r|r}r~rMAX_POOL_CONNECTIONSrdrrrrrrrrrrrrr+r+r+r,r s,  '     r)NNNN)NloggingrCZos.pathrr?warningsbase64rurllib3rrrZurllib3.exceptionsrrrrr r r rr rZurllib3.util.retryr Zurllib3.util.ssl_rrrrrrrZurllib3.util.urlrrr ImportErrorcatch_warnings simplefilterDeprecationWarningZurllib3.contrib.pyopensslrrZbotocore.awsrequestrZbotocore.compatrrrrZbotocore.exceptionsr r!r"r#r$Z(botocore.vendored.six.moves.urllib_parser% getLoggerr|r-rrrjoindirname__file__r*certifir(r0rLrRrZr]r^rr+r+r+r,sf     $    (    M ;