o e{y @s$dZddlmZddlZejZddlZddlmZm Z ddlm Z ddlm Z ddlmZddlmZgd Zeed rDed gZnd gZdd lmZdd lmZdd lmZddlmZddlmZddlmZddlmZddlmZddlmZddlm Z ddlm!Z!ddlm"Z"ddlm#Z#ddlm$Z$ddlm%Z%ddlm&Z&ddlm'Z'eee(edgddZ)ee)eZ*de*vre*+dej,Z-Gd d!d!ej.Z/Gd"d#d#e0Z1Gd$d%d%e-Z,Gd&d'd'eZ2e2e,_3e d(Z4e d)Z5e d*Z6ddd+ee#dd,d,df d-d Z7e#dfd.d/Z8dS)0zSSL wrapper for socket objects on Python 3. For the documentation, refer to :mod:`ssl` module manual. This module implements cooperative SSL socket wrappers. )absolute_importN)sockettimeout_default)error)timeout) copy_globals)ref) SSLContext SSLSocketget_server_certificate wrap_socket)AF_INET) SOCK_STREAM)SO_TYPE) SOL_SOCKET)SSLWantReadError)SSLWantWriteError) SSLEOFError) CERT_NONE)SSLError) SSL_ERROR_EOF)SSL_ERROR_WANT_READ)SSL_ERROR_WANT_WRITE)PROTOCOL_SSLv23)CHANNEL_BINDING_TYPES) CERT_REQUIRED)DER_cert_to_PEM_cert)create_connectionr)Znames_to_ignoreZdunder_names_to_keep namedtuplecs eZdZdZfddZZS)_contextawaresock)_sslsockcst||||||_dSN)super__init__r!)selffamilytypeprotofilenoZsslsocket_wref __class__r:D:\Projects\ConvertPro\env\Lib\site-packages\gevent/ssl.pyr$[s z_contextawaresock.__init__)__name__ __module__ __qualname__ __slots__r$ __classcell__rrr*r,r Xsr c@s eZdZdZddZddZdS) _Callback user_functioncCs ||_dSr"r3)r%r4rrr,r$cs z_Callback.__init__cGs|}|j|g|RSr")r!r4)r%connargsrrr,__call__fsz_Callback.__call__N)r-r.r/r0r$r7rrrr,r2_s r2cseZdZdZdZ     dddZeejdr6ejj fdd Zej j fd d Z ej j fd d Z eedrOej j fddZ ej j fddZ eedreefddZej fddZeedrefddZej fddZZSfddZZS)r rNFTc Cs|j|||||||dS)N)sock server_sidedo_handshake_on_connectsuppress_ragged_eofsserver_hostname_context_session)sslsocket_class)r%r8r9r:r;r<sessionrrr,r qszSSLContext.wrap_socketsetterctttj||dSr")r#orig_SSLContextoptions__set__r%valuer*rr,rDzSSLContext.optionscrBr")r#rC verify_flagsrErFr*rr,rIrHzSSLContext.verify_flagscrBr")r#rC verify_moderErFr*rr,rJrHzSSLContext.verify_modeminimum_versioncrBr")r#rCrKrErFr*rr,rKrHzSSLContext.minimum_versioncrBr")r#rCmaximum_versionrErFr*rr,rLrHzSSLContext.maximum_version _msg_callbackctj}t|tr |j}|Sr")r#rM isinstancer2r4r%resultr*rr,rM zSSLContext._msg_callbackcsD|r t|r t|}tt_ztttj||Wtt_dStt_wr")callabler2rC__ssl__r r#rMrErFr*rr,rMs  sni_callbackcrNr")r#rUrOr2r4rPr*rr,rUrRzSSLContext.sni_callbackcs,|r t|r t|}tttj||dSr")rSr2r#rCrUrErFr*rr,rUs cs$|r t|r t|}t|dSr")rSr2r#set_servername_callback)r%server_name_callbackr*rr,rVs z"SSLContext.set_servername_callback)FTTNN)r-r.r/r0r?r hasattrrCrDrArIrJrKrLpropertyrMrUrVr1rrr*r,r js@    r cseZdZdZddddeeddeeddddddddfddZdd Z d d Z e d d Z e j dd Z e ddZej ddZe ddZddZd\ddZddZd]ddZddZd^dd Zd!d"Zeed#rud$d%Zd&d'Zd(d)Zd*d+Zd,d-Zdefd.d/Zd\d0d1Z d2d3Z!d_d4d5Z"d`d7d8Z#dad9d:Z$d`d;d<Z%dad=d>Z&d?d@Z'dAdBZ(dCdDZ)dEdFZ*dGdHZ+dIdJZ,dKdLZ-dbdMdNZ.dOdPZ/dQdRZ0dSdTZ1fdUdVZ2dcdXdYZ3dZd[Z4Z5S)dr zp gevent `ssl.SSLSocket `_ for Python 3. NFTrc Cs^|r||_nR|r|std|r|std|r|s|}t||_||j_|r-|j||r6|j|||r>|j||rF|j|||_||_ ||_ ||_ ||_ ||_ |tttkrdtd|rt|rltd|durttd|jjr~|s~td||_||_||_||_| |_d}|dur|}tj||j|j|j|d| ||!n| durtj|| d n tj|| | | d d|_"d|_#z|j$%Wnt&y}z|j't'j(kr|)WYd}~nd}~wwd }||_*|r-z!|+|||_#|r|}|d krtd |,WdSWdSt&y,}z|)|d}~wwdS)Nz5certfile must be specified for server-side operationszcertfile must be specifiedz!only stream sockets are supportedz4server_hostname can only be specified in client modez,session can only be specified in client modez'check_hostname requires server_hostnameF)r&r'r(r))r))r&r'r(TzHdo_handshake_on_connect should not be specified for non-blocking sockets)-r= ValueErrorr rJload_verify_locationsload_cert_chainset_npn_protocols set_cipherskeyfilecertfile cert_reqs ssl_versionca_certsciphers getsockoptrrrNotImplementedErrorcheck_hostnamer>r9r<r:r; gettimeoutrr$r&r'r(r) settimeoutdetach_closed_sslobj_sock getpeername socket_errorerrnoENOTCONNclose _connected_SSLSocket__create_sslobj do_handshake)r%r8r`rar9rbrcrdr:r&r'r(r)r; npn_protocolsrer<r>r= connectedrexrrr,r$s          zSSLSocket.__init__cCst||||t|Sr")r _wref)r%r&r'r(r)rrr,_gevent_sock_classAszSSLSocket._gevent_sock_classcCs&d|j|jdur|jfSdfS)Nz server=%s, cipher=%r)r9rmcipherr%rrr, _extra_reprDs zSSLSocket._extra_reprcCs|jSr")r=rrrr,contextKszSSLSocket.contextcCs||_||j_dSr")r=rmr)r%ctxrrr,rOs cC|jdur |jjSdS)z!The SSLSession for client socket.N)rmr@rrrr,r@T zSSLSocket.sessioncCs ||_|jdur||j_dSdSr")r>rmr@)r%r@rrr,r@Zs  cCr)z.Was the client session reused during handshakeN)rmsession_reusedrrrr,r`rzSSLSocket.session_reusedcCstd|jj)NzCan't dup() %s instances)rgr+r-rrrr,dupfsz SSLSocket.dupcCsdSr"r)r%msgrrr, _checkClosedjszSSLSocket._checkClosedcCs|js |dSdSr")rtrorrrr,_check_connectedns zSSLSocket._check_connectedc Cs||dur t|nd} |jstd|dkr"|dur dSdSz|dur/|j||WS|j|p5dWStyN|jdkrD|j|jt dYn?t yd|jdkrZ|j|j t dYn)t y}z|j dtkr|jr|dur{dnt||WYd}~Sd}~wwq) zORead up to LEN bytes and return them. Return zero-length string on EOF.NTz'Read on closed or unwrapped SSL socket.rrZZ timeout_exc)rlenrmr[readrr_wait _read_event_SSLErrorReadTimeoutr _write_eventrr6rr;)r%nbytesbufferZinitial_buf_lenexrrr,rvs4    $zSSLSocket.readc Cs| |js tdz|j|WStyR}z3|jdtkr1|jdkr(|j|j t dn|jdt krG|jdkr>|j|j t dnWYd}~nd}~wwq)zhWrite DATA to the underlying SSL channel. Returns number of bytes of DATA actually transmitted.Tz(Write on closed or unwrapped SSL socket.rrZrN) rrmr[writerr6rrrr_SSLErrorWriteTimeoutrr)r%datarrrr,rs&  zSSLSocket.writecCsD||z |jj}W||Sty!|jj}Y||Sw)zReturns a formatted version of the data in the certificate provided by the other end of the SSL channel. Return None if no certificate was provided, {} if a certificate was provided, but not validated.)rrrmZpeer_certificateAttributeError getpeercert)r% binary_formcrrr,rs  zSSLSocket.getpeercertcC"||jr tjs dS|jSr")rrm_sslHAS_NPNselected_npn_protocolrrrr,r  zSSLSocket.selected_npn_protocolHAS_ALPNcCrr")rrmrrselected_alpn_protocolrrrr,rrz SSLSocket.selected_alpn_protocolcCs |jS)zReturn a list of ciphers shared by the client during the handshake or None if this is not a valid server connection. )rmshared_ciphersrrrr,rs zSSLSocket.shared_cipherscCs|jsdS|jS)z^Return a string identifying the protocol version used by the current SSL channel. N)rmversionrrrr,rs zSSLSocket.versioncC||js dS|jSr")rrmr~rrrr,r~ zSSLSocket.ciphercCrr")rrm compressionrrrr,rrzSSLSocket.compressioncCs||tur |j}|jrP|dkrtd|j z|j|WSty8|jdkr0YdS||j Ynt yN|jdkrFYdS||j Ynwqt ||||S)Nrz3non-zero flags not allowed in calls to send() on %sTrZ)rrrrmr[r+rrrrrrrsend)r%rflagsrrrr,rs0     zSSLSocket.sendcCsB||jrtd|j|durt|||St||||S)Nz%sendto not allowed on instances of %s)rrmr[r+rsendto)r%r flags_or_addraddrrrr,rszSSLSocket.sendtocOtd|j)Nz&sendmsg not allowed on instances of %srgr+r%r6kwargsrrr,sendmsgszSSLSocket.sendmsgcCsX||jr|dkrtd|jzt|||WSty+|jdkr*tdw)Nrz6non-zero flags not allowed in calls to sendall() on %srZz&The operation did not complete (write)) rrmr[r+rsendall_socket_timeoutrr)r%rrrrr,rs  zSSLSocket.sendallrcCsH||jr|dkrtd|j|dkrdS||St|||S)Nrz3non-zero flags not allowed in calls to recv() on %sr)rrmr[r+rrrecvr%buflenrrrr,r's zSSLSocket.recvcCsb||r|durt|}n|durd}|jr)|dkr#td|j|||St||||S)Nrrz8non-zero flags not allowed in calls to recv_into() on %s)rrrmr[r+rr recv_intor%rrrrrr,r5s   zSSLSocket.recv_intocCs*||jrtd|jt|||S)Nz'recvfrom not allowed on instances of %s)rrmr[r+rrecvfromrrrr,rAs zSSLSocket.recvfromcCs,||jrtd|jt||||S)Nz,recvfrom_into not allowed on instances of %s)rrmr[r+r recvfrom_intorrrr,rHs zSSLSocket.recvfrom_intocOr)Nz&recvmsg not allowed on instances of %srrrrr,recvmsgOzSSLSocket.recvmsgcOr)Nz+recvmsg_into not allowed on instances of %srrrrr, recvmsg_intoSrzSSLSocket.recvmsg_intocCs||jr |jSdSNr)rrmpendingrrrr,rWs zSSLSocket.pendingcCs|d|_t||dSr")rrmrshutdown)r%howrrr,r]szSSLSocket.shutdownc Cs|js tdt|z|jj}Wn ty|jj}Ynw|j} z|}WnIty=|jdkr5| |j Yn4t yQ|jdkrI| |j Yn t yYYntyp}z |jdkrkWYd}~nd}~wwq#d|_||jus|J|S)NNo SSL wrapper around TrZr)rmr[strrrunwraprnrrrrrrrOSErrorrq)r%rsryrrr,rbs@          zSSLSocket.unwrapcCsd|_t|dSr")rmr _real_closerrrr,rszSSLSocket._real_closecCsx| z|jWdSty$|jdkr|j|jtdYnty:|jdkr0|j|j tdYnwq)zPerform a TLS/SSL handshake.TrZrN) rrmrvrrrr_SSLErrorHandshakeTimeoutrrrrrr,rvs     zSSLSocket.do_handshakecCs|jj|j||j|j|dS)N)ownerr@)r _wrap_socketrnr<)r%r9r@rrr,Z__create_sslobjs zSSLSocket.__create_sslobjcCs|jrtd|jrtd|d|j|_z |r t||}nd}t|||s4|j r1| d|_|WSt yAd|_w)Nz!can't connect in server-side modez/attempt to connect already-connected SSLSocket!FT) r9r[rtrur>rmr connect_exconnectr:rvrp)r%rrrcrrr, _real_connects&  zSSLSocket._real_connectcCs||ddS)QConnects to remote ADDR, and then wraps the connection in an SSL channel.FNrr%rrrr,rszSSLSocket.connectcCs ||dS)rTrrrrr,rs zSSLSocket.connect_excsBt\}}z|jj||j|jdd}||fWS|)z Accepts a new connection from a remote client, and returns a tuple containing that new connection wrapped with a server-side SSL channel, and the address of the remote client. T)r:r;r9)r#acceptr=r r:r;rs)r%newsockrr*rr,rs zSSLSocket.accept tls-uniquecCsVt|jdr |j|S|tvrtd|dkrtd||jdur&dS|jS)zGet channel binding data for current connection. Raise ValueError if the requested `cb_type` is not supported. Return bytes of the data or None if the data is not available (e.g. before the handshake). get_channel_bindingz Unsupported channel binding typerz({0} channel binding type not implementedN)rXrmrrr[rgformatZ tls_unique_cb)r%cb_typerrr,rs    zSSLSocket.get_channel_bindingcCs |jr|jStdt|)Nr)rmverify_client_post_handshaker[rrrrr,rs z&SSLSocket.verify_client_post_handshaker")rN)F)r)rrr)FN)r)6r-r.r/__doc__rrr rr$r|rrYrrAr@rrrrrrrrrXrrrrr~rrrrrrrrrrrrrrrrrvrurrrrrrr1rrr*r,r sv k       +        6   r zThe read operation timed outzThe write operation timed outz!The handshake operation timed outFTc Cst|||||||||| d S)N r8r`rar9rbrcrdr:r;re)r rrrr,r sc Cs|\}}|dur t}nt}t|%}t||||d }|d}Wdn1s*wYWdn1s9wYd}}t|S)zRetrieve the certificate from the server at the specified address, and return it as a PEM-encoded string. If 'ca_certs' is specified, validate the server cert against it. If 'ssl_version' is specified, use it in the connection attempt.N)rcrbrdT)rrrr rr)rrcrd_rbr8sslsockdercertrrr,r s  r )9r __future__rsslrTrrqZ gevent.socketrrrrprrZ gevent._utilrweakrefrr{Z__implements__rXappendZ __extra__r rrrrrrrrrrrrrrrrglobalsZ __imports____all__remover rCr|r objectr2r r?rrrr r rrrr,s|                           c8