??? 123123123123 .....................................................................................................................................??? 123123123123 .....................................................................................................................................U e5dHÆã @s¶ddlZddlZddlmZddlmZmZm Z ddlZddlmZm Z mZddlmZmZmZddlmZmZmZmZmZmZmZddlmZmZddlmZmZmZm Z zdd lm!Z!Wne"k rÐYnXdd lm#Z#m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,ddlm-Z-m.Z.ej/de0d d„ede j/de0dd„edej/de0dd„edej/de0dd„ede j/de0dd„edej/de0dd„ede1j2Z3e1_3dd„e1j4 5¡DƒZ6e7e1ddƒZ8Gdd„deƒZ9Gdd „d eƒZ:Gd!d"„d"eƒZ;Gd#d$„d$eƒZZ>m?Z?dd'l@m@Z@mAZAmBZBmCZCdd(l@mDZDmEZEddl@ZFddlGZGddlHZHddlIZIeJZKd)gZLeMed*ƒZNe-ZOeZPd+d,„ZQd-d.„ZRd/d0„ZSd1d2„ZTed3d4ƒZUd5d6„ZVGd7d8„d8ed8d9ƒƒZWGd:d;„d;eWeƒZXGdœd?d@„Z[e2fe\dAeXjZddddddBœdCdD„Z]e[Z^e]Z_GdEdF„dFƒZ`dGdH„ZaGdIdJ„dJe@ƒZbebeY_ce`eY_ddddAe\e2ddKdKdf dLdM„ZedNdO„ZfdPZgdQZhdRdS„ZidTdU„Zje2dfdVdW„ZkdXdY„ZldS)ZéN)Ú namedtuple)ÚEnumÚIntEnumÚIntFlag)ÚOPENSSL_VERSION_NUMBERÚOPENSSL_VERSION_INFOÚOPENSSL_VERSION)Ú_SSLContextÚ MemoryBIOÚ SSLSession)ÚSSLErrorÚSSLZeroReturnErrorÚSSLWantReadErrorÚSSLWantWriteErrorÚSSLSyscallErrorÚSSLEOFErrorÚSSLCertVerificationError)Útxt2objÚnid2obj)ÚRAND_statusÚRAND_addÚ RAND_bytesÚRAND_pseudo_bytes)ÚRAND_egd) ÚHAS_SNIÚHAS_ECDHÚHAS_NPNÚHAS_ALPNÚ HAS_SSLv2Ú HAS_SSLv3Ú HAS_TLSv1ÚHAS_TLSv1_1ÚHAS_TLSv1_2ÚHAS_TLSv1_3)Ú_DEFAULT_CIPHERSÚ_OPENSSL_API_VERSIONÚ _SSLMethodcCs| d¡o|dkS)NZ PROTOCOL_ÚPROTOCOL_SSLv23©Ú startswith©Úname©r,ú/usr/lib64/python3.8/ssl.pyÚ|ór.)ÚsourceÚOptionscCs | d¡S)NZOP_r(r*r,r,r-r.r/ZAlertDescriptioncCs | d¡S)NZALERT_DESCRIPTION_r(r*r,r,r-r.†r/ZSSLErrorNumbercCs | d¡S)NZ SSL_ERROR_r(r*r,r,r-r.‹r/ÚVerifyFlagscCs | d¡S)NZVERIFY_r(r*r,r,r-r.r/Ú VerifyModecCs | d¡S)NZCERT_r(r*r,r,r-r.•r/cCsi|]\}}||“qSr,r,)Ú.0r+Úvaluer,r,r-Ú ™sr6ZPROTOCOL_SSLv2c@s6eZdZejZejZejZ ej ZejZ ejZejZdS)Ú TLSVersionN)Ú__name__Ú __module__Ú__qualname__Ú_sslZPROTO_MINIMUM_SUPPORTEDZMINIMUM_SUPPORTEDZPROTO_SSLv3ÚSSLv3ZPROTO_TLSv1ZTLSv1Z PROTO_TLSv1_1ZTLSv1_1Z PROTO_TLSv1_2ZTLSv1_2Z PROTO_TLSv1_3ZTLSv1_3ZPROTO_MAXIMUM_SUPPORTEDZMAXIMUM_SUPPORTEDr,r,r,r-r7žsr7c@s$eZdZdZdZdZdZdZdZdS)Ú_TLSContentTypeééééééN) r8r9r:ÚCHANGE_CIPHER_SPECÚALERTZ HANDSHAKEZAPPLICATION_DATAÚHEADERZINNER_CONTENT_TYPEr,r,r,r-r=¨sr=c@s”eZdZdZdZdZdZdZdZdZ dZ d Zd ZdZ dZd ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!d Z"d!Z#d"Z$d#S)$Ú _TLSAlertTyperé r>r?r@éé(é)é*é+é,é-é.é/é0é1é2é3é<éFéGéPéVéZédéménéoépéqérésétéxN)%r8r9r:ZCLOSE_NOTIFYZUNEXPECTED_MESSAGEZBAD_RECORD_MACZDECRYPTION_FAILEDZRECORD_OVERFLOWZDECOMPRESSION_FAILUREZHANDSHAKE_FAILUREZNO_CERTIFICATEZBAD_CERTIFICATEZUNSUPPORTED_CERTIFICATEZCERTIFICATE_REVOKEDZCERTIFICATE_EXPIREDZCERTIFICATE_UNKNOWNZILLEGAL_PARAMETERZ UNKNOWN_CAZ ACCESS_DENIEDZDECODE_ERRORZ DECRYPT_ERRORZEXPORT_RESTRICTIONZPROTOCOL_VERSIONZINSUFFICIENT_SECURITYZINTERNAL_ERRORZINAPPROPRIATE_FALLBACKZ USER_CANCELEDZNO_RENEGOTIATIONZMISSING_EXTENSIONZUNSUPPORTED_EXTENSIONZCERTIFICATE_UNOBTAINABLEZUNRECOGNIZED_NAMEZBAD_CERTIFICATE_STATUS_RESPONSEZBAD_CERTIFICATE_HASH_VALUEZUNKNOWN_PSK_IDENTITYZCERTIFICATE_REQUIREDZNO_APPLICATION_PROTOCOLr,r,r,r-rG¶sDrGc@sdeZdZdZdZdZdZdZdZdZ dZ d Zd ZdZ dZd ZdZdZdZdZdZdZdZdZdZdS)Ú_TLSMessageTyperéééééééééé ééér>r?r@rAééCéþrCN)r8r9r:Z HELLO_REQUESTZCLIENT_HELLOZSERVER_HELLOZHELLO_VERIFY_REQUESTZNEWSESSION_TICKETZEND_OF_EARLY_DATAZHELLO_RETRY_REQUESTZENCRYPTED_EXTENSIONSZCERTIFICATEZSERVER_KEY_EXCHANGEZCERTIFICATE_REQUESTZSERVER_DONEZCERTIFICATE_VERIFYZCLIENT_KEY_EXCHANGEZFINISHEDZCERTIFICATE_URLZCERTIFICATE_STATUSZSUPPLEMENTAL_DATAZ KEY_UPDATEZ NEXT_PROTOZMESSAGE_HASHrDr,r,r,r-rfßs,rfÚwin32)Úenum_certificatesÚ enum_crls)ÚsocketÚAF_INETÚSOCK_STREAMÚcreate_connection)Ú SOL_SOCKETÚSO_TYPEú tls-uniqueÚHOSTFLAG_NEVER_CHECK_SUBJECTcCs¶|sdS| d¡}|s&| ¡| ¡kS|dkrsole wildcard without additional labels are not support: {!r}.ztd||dfƒ‚ntd ƒ‚dS)Nztempty or no certificate, match_hostname needs a SSL socket or SSL context with either CERT_OPTIONAL or CERT_REQUIREDZsubjectAltNamer,ZDNSz IP AddressZsubjectZ commonNamergz&hostname %r doesn't match either of %sz, zhostname %r doesn't match %rrz=no appropriate commonName or subjectAltName fields were found)rŽr‘Úgetr‹Úappendr•Úlenr†ÚjoinÚmapÚrepr)Úcertr‰r”ZdnsnamesZsanÚkeyr5Úsubr,r,r-Úmatch_hostnamessB þ þrŸÚDefaultVerifyPathszQcafile capath openssl_cafile_env openssl_cafile openssl_capath_env openssl_capathcCsdt ¡}tj |d|d¡}tj |d|d¡}ttj |¡rF|ndtj |¡rX|ndf|žŽS)Nrrgrhri) r;Úget_default_verify_pathsÚosÚenvironr–r ÚpathÚisfileÚisdir)ÚpartsÚcafileÚcapathr,r,r-r¡°sÿþr¡cs@eZdZdZ‡fdd„Ze‡fdd„ƒZe‡fdd„ƒZ‡ZS)Ú_ASN1Objectr,cstƒj|ft|ddžŽS)NFr*©ÚsuperÚ__new__Ú_txt2obj)ÚclsÚoid©Ú __class__r,r-rÃsz_ASN1Object.__new__cstƒj|ft|ƒžŽSr’)r¬rÚ_nid2obj)r¯Znidr±r,r-ÚfromnidÆsz_ASN1Object.fromnidcstƒj|ft|ddžŽS)NTr*r«)r¯r+r±r,r-ÚfromnameÌsz_ASN1Object.fromname) r8r9r:Ú __slots__rÚclassmethodr´rµÚ __classcell__r,r,r±r-rª¾srªznid shortname longname oidc@seZdZdZdZdS)ÚPurposez1.3.6.1.5.5.7.3.1z1.3.6.1.5.5.7.3.2N)r8r9r:ÚSERVER_AUTHZCLIENT_AUTHr,r,r,r-r¹Ósr¹csŒeZdZdZdZdZefdd„Zdd„Zd1d d „Z d2dd„Z d d„Zdd„Zdd„Z dd„Zejfdd„Zeedƒr¸e‡fdd„ƒZej‡fdd„ƒZe‡fdd„ƒZej‡fdd„ƒZe‡fdd„ƒZej‡fd d„ƒZeed!ƒred"d#„ƒZejd$d#„ƒZned%d#„ƒZe‡fd&d'„ƒZej‡fd(d'„ƒZe‡fd)d*„ƒZe‡fd+d,„ƒZej‡fd-d,„ƒZe‡fd.d/„ƒZej‡fd0d/„ƒZ‡ZS)3Ú SSLContext)ZCAZROOTNcOst ||¡}|Sr’)r r)r¯ÚprotocolÚargsÚkwargsÚselfr,r,r-râszSSLContext.__new__cCs4|dkrdSt|tƒr&| d¡ d¡S| d¡SdS)NZidnaÚascii)Ú isinstanceÚstrÚencodeÚdecode)r¿r‰r,r,r-Ú_encode_hostnameæs zSSLContext._encode_hostnameFTc Cs|jj|||||||dS)N)ÚsockÚserver_sideÚdo_handshake_on_connectÚsuppress_ragged_eofsÚserver_hostnameÚcontextÚsession)Ússlsocket_classÚ_create)r¿rÆrÇrÈrÉrÊrÌr,r,r-Úwrap_socketîsùzSSLContext.wrap_socketcCs|jj|||| |¡||dS)N)rÇrÊrÌrË)Ússlobject_classrÎrÅ)r¿ÚincomingÚoutgoingrÇrÊrÌr,r,r-Úwrap_bioþsýzSSLContext.wrap_biocCs`tƒ}|D]F}t|dƒ}t|ƒdks0t|ƒdkr8tdƒ‚| t|ƒ¡| |¡q | |¡dS)NrÀréÿz(NPN protocols must be 1 to 255 in length)Ú bytearrayÚbytesr˜rr—ÚextendZ_set_npn_protocols)r¿Z npn_protocolsÚprotosr¼Úbr,r,r-Úset_npn_protocolss zSSLContext.set_npn_protocolscs8ˆdkrdˆ_n$tˆƒs tdƒ‚‡‡fdd„}|ˆ_dS)Nznot a callable objectcsˆ |¡}ˆ|||ƒSr’)rÅ)ÚsslobjZ servernameZsslctx©r¿Úserver_name_callbackr,r-Úshim_cbs z3SSLContext.set_servername_callback..shim_cb)Zsni_callbackÚcallableÚ TypeError)r¿rÝrÞr,rÜr-Úset_servername_callbacksz"SSLContext.set_servername_callbackcCs`tƒ}|D]F}t|dƒ}t|ƒdks0t|ƒdkr8tdƒ‚| t|ƒ¡| |¡q | |¡dS)NrÀrrÔz)ALPN protocols must be 1 to 255 in length)rÕrÖr˜rr—r×Z_set_alpn_protocols)r¿Zalpn_protocolsrØr¼rÙr,r,r-Úset_alpn_protocols s zSSLContext.set_alpn_protocolscCsvtƒ}z.inner)r¬r»rùróÚhasattrràrú)r¿rrûr±rr-rù”s csttƒjƒSr’)r&r¬r¼rñr±r,r-r¼ºszSSLContext.protocolcsttƒjƒSr’)r2r¬Úverify_flagsrñr±r,r-r¾szSSLContext.verify_flagscstttƒj ||¡dSr’)r¬r»rrórôr±r,r-rÂscs0tƒj}z t|ƒWStk r*|YSXdSr’)r¬Úverify_moder3rŽrôr±r,r-rÆs zSSLContext.verify_modecstttƒj ||¡dSr’)r¬r»rrórôr±r,r-rÎs)FTTNN)FNN) r8r9r:rîrÍrÐÚPROTOCOL_TLSrrÅrÏrÓrÚrárârër¹rºrïrr ÚpropertyrðÚsetterrõròr;r÷rùr¼rrr¸r,r,r±r-r»Úslý ÿ &%r»)r¨r©rãcCsŒt|tƒst|ƒ‚ttƒ}|tjkr0t|_d|_ |s<|s<|rL| |||¡n|jtkr`| |¡t |dƒrˆtj d¡}|rˆtjjsˆ||_|S)NTÚkeylog_filenameÚ SSLKEYLOGFILE)rÁrªràr»rr¹rºÚ CERT_REQUIREDrÚcheck_hostnamerçÚ CERT_NONErïrr¢r£r–rìÚflagsÚignore_environmentr)rér¨r©rãrËÚ keylogfiler,r,r-Úcreate_default_contextÓs rF)Ú cert_reqsrréÚcertfileÚkeyfiler¨r©rãcCs¼t|tƒst|ƒ‚t|ƒ} |s$d| _|dk r2|| _|rd?„ƒZ"‡fd@dA„Z#edBdC„ƒZ$edDdE„ƒZ%‡fdFdG„Z&edcdHdI„ƒZ'‡fdJdK„Z(dLdM„Z)dNdO„Z*‡fdPdQ„Z+edddSdT„ƒZ,edUdV„ƒZ-‡Z.S)eÚ SSLSocketcOst|jj›dƒ‚dS)NzX does not have a public constructor. Instances are returned by SSLContext.wrap_socket().rrr,r,r-rÐsÿzSSLSocket.__init__FTNc s–| tt¡tkrtdƒ‚|r8|r(tdƒ‚|dk r8tdƒ‚|jrJ|sJtdƒ‚t|j|j |j | ¡d}|j|f|Ž} t t| ƒjf|Ž| | ¡¡| ¡|| _|| _d| _d| _|| _| |¡| _|| _|| _z| ¡Wn6tk r} z| jtjkrþ‚d}W5d} ~ XYnXd}|| _ |r’zH| jj!| || j| | jd| _|rj| ¡}|d krbtd ƒ‚| "¡Wn$ttfk r| #¡‚YnX| S)Nz!only stream sockets are supportedz4server_hostname can only be specified in client modez,session can only be specified in client modez'check_hostname requires server_hostname)ÚfamilyÚtypeÚprotoÚfilenoFT©rrÌçzHdo_handshake_on_connect should not be specified for non-blocking sockets)$Z getsockoptr~rr|ÚNotImplementedErrorrŽrÚdictr=r>r?r@rr¬r<rÚ settimeoutÚ gettimeoutÚdetachÚ_contextÚ_sessionZ_closedrrÇrÅrÊrÈrÉÚgetpeernamerÚerrnoZENOTCONNÚ _connectedÚ_wrap_socketr1Úclose) r¯rÆrÇrÈrÉrÊrËrÌr¾r¿ÚeZ connectedÚtimeoutr±r,r-rÎ×sj þþ zSSLSocket._createcCs|jSr’)rHrñr,r,r-rËszSSLSocket.contextcCs||_||j_dSr’)rHrrËrr,r,r-rËscCs|jdk r|jjSdSr’rrñr,r,r-rÌ s zSSLSocket.sessioncCs||_|jdk r||j_dSr’)rIrrÌr r,r,r-rÌ&s cCs|jdk r|jjSdSr’r!rñr,r,r-r",s zSSLSocket.session_reusedcCstd|jjƒ‚dS)NzCan't dup() %s instances)rCr²r8rñr,r,r-Údup2sÿz SSLSocket.dupcCsdSr’r,)r¿Úmsgr,r,r-Ú_checkClosed6szSSLSocket._checkClosedcCs|js| ¡dSr’)rLrJrñr,r,r-Ú_check_connected:szSSLSocket._check_connectedr#c Cs | ¡|jdkrtdƒ‚z*|dk r4|j ||¡WS|j |¡WSWnVtk rš}z8|jdtkrˆ|jrˆ|dk r|WY¢dSWY¢dSn‚W5d}~XYnXdS)Nz'Read on closed or unwrapped SSL socket.rr/)rSrrŽr$rr½Z SSL_ERROR_EOFrÉ)r¿r˜r%Úxr,r,r-r$Bs zSSLSocket.readcCs&| ¡|jdkrtdƒ‚|j |¡S)Nz(Write on closed or unwrapped SSL socket.)rSrrŽr'r(r,r,r-r'Ws zSSLSocket.writecCs| ¡| ¡|j |¡Sr’)rSrTrr)r*r,r,r-r)`szSSLSocket.getpeercertcCs*| ¡|jdkstjsdS|j ¡SdSr’)rSrr;rr+rñr,r,r-r+fszSSLSocket.selected_npn_protocolcCs*| ¡|jdkstjsdS|j ¡SdSr’)rSrr;rr,rñr,r,r-r,nsz SSLSocket.selected_alpn_protocolcCs$| ¡|jdkrdS|j ¡SdSr’)rSrr-rñr,r,r-r-vs zSSLSocket.ciphercCs$| ¡|jdkrdS|j ¡SdSr’)rSrr.rñr,r,r-r.~s zSSLSocket.shared_cipherscCs$| ¡|jdkrdS|j ¡SdSr’)rSrr/rñr,r,r-r/†s zSSLSocket.compressionrcsF| ¡|jdk r4|dkr(td|jƒ‚|j |¡Stƒ ||¡SdS)Nrz3non-zero flags not allowed in calls to send() on %s)rSrrŽr²r'r¬Úsend)r¿rÿr r±r,r-rVŽs ÿÿzSSLSocket.sendcsL| ¡|jdk r"td|jƒ‚n&|dkr8tƒ ||¡Stƒ |||¡SdS)Nz%sendto not allowed on instances of %s)rSrrŽr²r¬Úsendto)r¿rÿZ flags_or_addrrr±r,r-rW™s ÿzSSLSocket.sendtocOstd|jƒ‚dS)Nz&sendmsg not allowed on instances of %s©rCr²rr,r,r-Úsendmsg£sÿzSSLSocket.sendmsgc s–| ¡|jdk r„|dkr(td|jƒ‚d}t|ƒH}| d¡2}t|ƒ}||krn| ||d…¡}||7}qJW5QRXW5QRXntƒ ||¡SdS)Nrz6non-zero flags not allowed in calls to sendall() on %sÚB) rSrrŽr²Ú memoryviewÚcastr˜rVr¬Úsendall)r¿rÿr r„ZviewZ byte_viewZamountr&r±r,r-r]©s ÿÿ zSSLSocket.sendallcs,|jdk r| |||¡Stƒ |||¡SdSr’)rZ_sendfile_use_sendr¬Úsendfile)r¿ÚfileÚoffsetr„r±r,r-r^¹s zSSLSocket.sendfilecsD| ¡|jdk r2|dkr(td|jƒ‚| |¡Stƒ ||¡SdS)Nrz3non-zero flags not allowed in calls to recv() on %s)rSrrŽr²r$r¬Úrecv©r¿Zbuflenr r±r,r-raÃs ÿÿ zSSLSocket.recvcsj| ¡|r|dkrt|ƒ}n|dkr*d}|jdk rV|dkrJtd|jƒ‚| ||¡Stƒ |||¡SdS)Nr#rz8non-zero flags not allowed in calls to recv_into() on %s)rSr˜rrŽr²r$r¬Ú recv_into©r¿r%Únbytesr r±r,r-rcÎs ÿÿzSSLSocket.recv_intocs4| ¡|jdk r"td|jƒ‚ntƒ ||¡SdS)Nz'recvfrom not allowed on instances of %s)rSrrŽr²r¬Úrecvfromrbr±r,r-rfÝs ÿzSSLSocket.recvfromcs6| ¡|jdk r"td|jƒ‚ntƒ |||¡SdS)Nz,recvfrom_into not allowed on instances of %s)rSrrŽr²r¬Ú recvfrom_intordr±r,r-rgås ÿzSSLSocket.recvfrom_intocOstd|jƒ‚dS)Nz&recvmsg not allowed on instances of %srXrr,r,r-ÚrecvmsgísÿzSSLSocket.recvmsgcOstd|jƒ‚dS)Nz+recvmsg_into not allowed on instances of %srXrr,r,r-Úrecvmsg_intoñsÿzSSLSocket.recvmsg_intocCs$| ¡|jdk r|j ¡SdSdS)Nr)rSrr0rñr,r,r-r0õs zSSLSocket.pendingcs| ¡d|_tƒ |¡dSr’)rSrr¬r2)r¿Zhowr±r,r-r2ýszSSLSocket.shutdowncCs.|jr|j ¡}d|_|Stdt|ƒƒ‚dS©NzNo SSL wrapper around )rr2rŽrÂ)r¿Úsr,r,r-r3s zSSLSocket.unwrapcCs$|jr|j ¡Stdt|ƒƒ‚dSrj)rr7rŽrÂrñr,r,r-r7s z&SSLSocket.verify_client_post_handshakecsd|_tƒ ¡dSr’)rr¬Ú_real_closerñr±r,r-rlszSSLSocket._real_closec CsF| ¡| ¡}z$|dkr(|r(| d¡|j ¡W5| |¡XdS)NrB)rTrFrErr1)r¿ÚblockrPr,r,r-r1s zSSLSocket.do_handshakec s¨|jrtdƒ‚|js|jdk r&tdƒ‚|jj|d|j||jd|_z@|rVtƒ |¡}nd}tƒ |¡|s~d|_|jr~| ¡|WSt tfk r¢d|_‚YnXdS)Nz!can't connect in server-side modez/attempt to connect already-connected SSLSocket!FrAT)rÇrŽrLrrËrMrÊrIr¬Ú connect_exÚconnectrÈr1r)r¿rrnZrcr±r,r-Ú _real_connect!s0þzSSLSocket._real_connectcCs| |d¡dS)NF©rp©r¿rr,r,r-ro;szSSLSocket.connectcCs| |d¡Srørqrrr,r,r-rn@szSSLSocket.connect_excs.tƒ ¡\}}|jj||j|jdd}||fS)NT)rÈrÉrÇ)r¬ÚacceptrËrÏrÈrÉ)r¿Znewsockrr±r,r-rsEsýzSSLSocket.acceptr€cCs4|jdk r|j |¡S|tkr,td |¡ƒ‚dSdS)Nz({0} channel binding type not implemented)rr4ÚCHANNEL_BINDING_TYPESrŽr‡r5r,r,r-r4Qs ÿzSSLSocket.get_channel_bindingcCs|jdk r|j ¡SdSdSr’r6rñr,r,r-rþ\s zSSLSocket.version)FTTNNN)N)r#N)F)r)N)r)rN)r#r)Nr)r#r)Nr)F)r€)/r8r9r:rr·rÎrr;rËrrÌr"rQrSrTr$r'r)r+r,r-r.r/rVrWrYr]r^rarcrfrgrhrir0r2r3r7rlr1rprornrsr4rþr¸r,r,r±r-r<Ës†þ> r<Tc Csl|r|stdƒ‚|r |s tdƒ‚t|ƒ} || _|r<| |¡|rL| ||¡| rZ| | ¡| j||||dS)Nz5certfile must be specified for server-side operationsr)rÆrÇrÈrÉ)rŽr»rrçrZset_ciphersrÏ)rÆrrrÇrÚssl_versionÚca_certsrÈrÉZciphersrËr,r,r-rÏis$ ýrÏcCs–ddlm}ddlm}d}d}z| |dd… ¡¡d}Wn$tk rbtd||fƒ‚Yn0X||dd…|ƒ}||d|f|d d …ƒSdS)Nr)Ústrptime)Útimegm)ZJanZFebZMarZAprZMayZJunZJulZAugZSepZOctZNovZDecz %d %H:%M:%S %Y GMTrirgz*time data %r does not match format "%%b%s"rhrl)ÚtimerwZcalendarrxÚindexÚtitlerŽ)Z cert_timerwrxZmonthsZtime_formatZmonth_numberZttr,r,r-Úcert_time_to_seconds…s ÿr|z-----BEGIN CERTIFICATE-----z-----END CERTIFICATE-----csRtt |¡ddƒ‰tg}|‡fdd„tdtˆƒdƒDƒ7}| td¡d |¡S)NÚASCIIÚstrictcsg|]}ˆ||d…‘qS)é@r,)r4Úi©Úfr,r-Ú ¬sz(DER_cert_to_PEM_cert..rrÚ ) rÂÚbase64Zstandard_b64encodeÚ PEM_HEADERÚranger˜r—Ú PEM_FOOTERr™)Zder_cert_bytesZssr,rr-ÚDER_cert_to_PEM_cert¦s "r‰cCs\| t¡stdtƒ‚| ¡ t¡s0tdtƒ‚| ¡ttƒttƒ…}t | dd¡¡S)Nz(Invalid PEM encoding; must start with %sz&Invalid PEM encoding; must end with %sr}r~) r)r†rŽÚstripÚendswithrˆr˜r…ZdecodebytesrÃ)Zpem_cert_stringÚdr,r,r-ÚPEM_cert_to_DER_cert°s ÿÿrc Csd|\}}|dk rt}nt}t|||d}t|ƒ&}| |¡}| d¡} W5QRXW5QRXt| ƒS)N)rr¨T)r rÚ_create_stdlib_contextr}rÏr)r‰) rrurvZhostZportrrËrÆZsslsockZdercertr,r,r-Úget_server_certificate½sþ rcCst |d¡S)Nz )Ú_PROTOCOL_NAMESr–)Z protocol_coder,r,r-Úget_protocol_nameÐsr‘)mrìr¢ÚcollectionsrÚenumrZ_EnumrZ_IntEnumrZ_IntFlagr;rrrr r rrr rrrrrrr®rr³rrrrrÚImportErrorrrrrrrr r!r"r#r$r%Ú _convert_r8r&rr'Ú__members__Úitemsrr8Z_SSLv2_IF_EXISTSr7r=rGrfrírxryrzr{r|r}r~rrŒr…rKrårZsocket_errorrtrZHAS_NEVER_CHECK_COMMON_NAMEZ_RESTRICTED_SERVER_CIPHERSr†r‹r‘r•rŸr r¡rªr¹r»rºrrrZ_create_default_https_contextrŽrr;r<rÍrÐrÏr|r†rˆr‰rrr‘r,r,r,r-Ú]sö$0ýýýýýý ) 1#9ÿzÿ#ý/û