o
    0׾g                  	   @   s  d Z ddlmZ ddlZejZddlZddlmZm	Z	 ddlm
Z ddlmZ eZddlmZ g dZeed	r@ed	 g Znd	gZdd
lmZ ddlmZ ddlmZ ddlmZ ddlmZ ddlmZ ddlmZ ddlmZ ddlmZ ddlm Z  ddlm!Z! ddlm"Z" ddlm#Z# ddlm$Z$ ddlm%Z% ddlm&Z& ddlm'Z' eee( edg ddZ)ee) e Z*de*v re*+d ej,Z-G dd  d ej.Z/G d!d" d"e0Z1G d#d$ d$e-Z,G d%d& d&eZ2e2e,_3ed'Z4ed(Z5ed)Z6ddd*ee#dd+d+df	d,d	Z7e#dfd-d.Z8dS )/zSSL wrapper for socket objects on Python 3.

For the documentation, refer to :mod:`ssl` module manual.

This module implements cooperative SSL socket wrappers.
    )absolute_importN)sockettimeout_default)timeout)copy_globals)ref)
SSLContext	SSLSocketget_server_certificatewrap_socket)AF_INET)SOCK_STREAM)SO_TYPE)
SOL_SOCKET)SSLWantReadError)SSLWantWriteError)SSLEOFError)	CERT_NONE)SSLError)SSL_ERROR_EOF)SSL_ERROR_WANT_READ)SSL_ERROR_WANT_WRITE)PROTOCOL_SSLv23)CHANNEL_BINDING_TYPES)CERT_REQUIRED)DER_cert_to_PEM_cert)create_connectionr    )names_to_ignoredunder_names_to_keep
namedtuplec                       s    e Zd ZdZ fddZ  ZS )_contextawaresock)_sslsockc                    s   t  |||| || _d S N)super__init__r"   )selffamilytypeprotofilenosslsocket_wref	__class__r   T/var/www/html/backend_erp/backend_erp_env/lib/python3.10/site-packages/gevent/ssl.pyr%   Z   s   
z_contextawaresock.__init__)__name__
__module____qualname__	__slots__r%   __classcell__r   r   r,   r.   r!   W   s    r!   c                   @   s    e Zd ZdZdd Zdd ZdS )	_Callbackuser_functionc                 C   s
   || _ d S r#   r5   )r&   r6   r   r   r.   r%   b   s   
z_Callback.__init__c                 G   s   |  }| j|g|R  S r#   )r"   r6   )r&   connargsr   r   r.   __call__e   s   z_Callback.__call__N)r/   r0   r1   r2   r%   r9   r   r   r   r.   r4   ^   s    r4   c                       s  e Zd ZdZdZ					dddZeejdr6ejj	 fdd	Zej
j	 fd
dZ
ejj	 fddZeedrOejj	 fddZejj	 fddZeedree fddZej	 fddZeedre fddZej	 fddZ  ZS  fddZ  ZS )r   r   NFTc              	   C   s   | j |||||| |dS )N)sockserver_sidedo_handshake_on_connectsuppress_ragged_eofsserver_hostname_context_session)sslsocket_class)r&   r:   r;   r<   r=   r>   sessionr   r   r.   r   p   s   zSSLContext.wrap_socketsetterc                       t ttj| | d S r#   )r$   orig_SSLContextoptions__set__r&   valuer,   r   r.   rF         zSSLContext.optionsc                    rD   r#   )r$   rE   verify_flagsrG   rH   r,   r   r.   rK      rJ   zSSLContext.verify_flagsc                    rD   r#   )r$   rE   verify_moderG   rH   r,   r   r.   rL      rJ   zSSLContext.verify_modeminimum_versionc                    rD   r#   )r$   rE   rM   rG   rH   r,   r   r.   rM      rJ   zSSLContext.minimum_versionc                    rD   r#   )r$   rE   maximum_versionrG   rH   r,   r   r.   rN      rJ   zSSLContext.maximum_version_msg_callbackc                       t  j}t|tr|j}|S r#   )r$   rO   
isinstancer4   r6   r&   resultr,   r   r.   rO         
zSSLContext._msg_callbackc                    sD   |r
t |r
t|}tt_ztttj| | W tt_d S tt_w r#   )callabler4   rE   __ssl__r   r$   rO   rG   rH   r,   r   r.   rO      s   sni_callbackc                    rP   r#   )r$   rW   rQ   r4   r6   rR   r,   r   r.   rW      rT   zSSLContext.sni_callbackc                    s,   |r
t |r
t|}tttj| | d S r#   )rU   r4   r$   rE   rW   rG   rH   r,   r   r.   rW      s   c                    s$   |r
t |r
t|}t | d S r#   )rU   r4   r$   set_servername_callback)r&   server_name_callbackr,   r   r.   rX      s   z"SSLContext.set_servername_callback)FTTNN)r/   r0   r1   r2   rA   r   hasattrrE   rF   rC   rK   rL   rM   rN   propertyrO   rW   rX   r3   r   r   r,   r.   r   i   s@    




r   c                       s  e Zd ZdZddddeeddeeddddddddfddZdd	 Z	d
d Z
edd Zejdd Zedd Zejdd Zedd Zdd Zd\ddZdd Zd]ddZdd Zd^dd Zd!d" Zeed#rud$d% Zd&d' Zd(d) Zd*d+ Zd,d- Zdefd.d/Zd\d0d1Z d2d3 Z!d_d4d5Z"d`d7d8Z#dad9d:Z$d`d;d<Z%dad=d>Z&d?d@ Z'dAdB Z(dCdD Z)dEdF Z*dGdH Z+dIdJ Z,dKdL Z-dbdMdNZ.dOdP Z/dQdR Z0dSdT Z1 fdUdVZ2dcdXdYZ3dZd[ Z4  Z5S )dr	   zp
    gevent `ssl.SSLSocket
    <https://docs.python.org/3/library/ssl.html#ssl-sockets>`_ for
    Python 3.
    NFTr   c                 C   s  |r|| _ nR|r|std|r|std|r|s|}t|| _ || j _|r-| j | |r6| j || |r>| j | |rF| j | || _|| _	|| _
|| _|| _|| _|tttkrdtd|rt|rltd|d urttd| j jr~|s~td|| _|| _|| _|| _|| _d}d }|d ur| }tj| |j|j|j| d |   n|d urtj| |d	 n	tj| |	|
|d
 d| _!d | _"z| j#$  W nx t%yG } zk|j&t&j'kr| (   | ) }| *d z| +d}W n  t%y } z|j&t&j't&j,fvr d}W Y d }~nd }~ww | *| |r=d}t-|j&|}||_.d |_/z| (  W | t%y<   Y |w W Y d }~nd }~ww d}| 0| || _1|rz!| 2||| _"|rt|  }|dkrmtd| 3  W d S W d S  t%y   | (   w d S )Nz5certfile must be specified for server-side operationszcertfile must be specifiedz!only stream sockets are supportedz4server_hostname can only be specified in client modez,session can only be specified in client modez'check_hostname requires server_hostnameF)r'   r(   r)   r*   )r*   )r'   r(   r)          z5Closed before TLS handshake with data in recv buffer.T        zHdo_handshake_on_connect should not be specified for non-blocking sockets)4r?   
ValueErrorr   rL   load_verify_locationsload_cert_chainset_npn_protocolsset_cipherskeyfilecertfile	cert_reqsssl_versionca_certsciphers
getsockoptr   r   r   NotImplementedErrorcheck_hostnamer@   r;   r>   r<   r=   
gettimeoutr   r%   r'   r(   r)   r*   detach_closed_sslobj_sockgetpeernameOSErrorerrnoENOTCONNclosegetblockingsetblockingrecvEINVALr   reasonlibrary
settimeout
_connected_SSLSocket__create_sslobjdo_handshake)r&   r:   rd   re   r;   rf   rg   rh   r<   r'   r(   r)   r*   r=   npn_protocolsri   r>   r@   r?   	connectedsock_timeouteblockingnotconn_pre_handshake_datar{    notconn_pre_handshake_data_errorr   r   r   r.   r%      s   





&

zSSLSocket.__init__c                 C   s   t ||||t| S r#   )r!   _wref)r&   r'   r(   r)   r*   r   r   r.   _gevent_sock_classb  s   zSSLSocket._gevent_sock_classc                 C   s&   d| j | jd ur| j f S df S )Nz server=%s, cipher=%r )r;   rp   cipherr&   r   r   r.   _extra_repre  s   zSSLSocket._extra_reprc                 C   s   | j S r#   )r?   r   r   r   r.   contextl  s   zSSLSocket.contextc                 C   s   || _ || j_d S r#   )r?   rp   r   )r&   ctxr   r   r.   r   p  s   c                 C      | j dur	| j jS dS )z!The SSLSession for client socket.N)rp   rB   r   r   r   r.   rB   u     
zSSLSocket.sessionc                 C   s    || _ | jd ur|| j_d S d S r#   )r@   rp   rB   )r&   rB   r   r   r.   rB   {  s   
c                 C   r   )z.Was the client session reused during handshakeN)rp   session_reusedr   r   r   r.   r     r   zSSLSocket.session_reusedc                 C   s   t d| jj )NzCan't dup() %s instances)rk   r-   r/   r   r   r   r.   dup  s   zSSLSocket.dupc                 C   s   d S r#   r   )r&   msgr   r   r.   _checkClosed  s   zSSLSocket._checkClosedc                 C   s   | j s	|   d S d S r#   )r~   rr   r   r   r   r.   _check_connected  s   zSSLSocket._check_connected  c              
   C   s  |    d}	 | jstd|dkr|du rdS dS z|dur+|| j||7 }|W S | j|p1dW S  tyJ   | jdkr@ | j| jtd Y n; t	y`   | jdkrV | j| j
td Y n% ty } z|jd tkr| jr|du rwdn|W  Y d}~S  d}~ww q)	zRead up to LEN bytes and return them.
        Return zero-length string on EOF.

        .. versionchanged:: 24.2.1
           No longer requires a non-None *buffer* to implement ``len()``.
           This is a backport from 3.11.8.
        r   Tz'Read on closed or unwrapped SSL socket.Nr]      r^   timeout_exc)r   rp   r_   readr   r   _wait_read_event_SSLErrorReadTimeoutr   _write_eventr   r8   r   r=   )r&   nbytesbuffer
bytes_readexr   r   r.   r     s6   	

zSSLSocket.readc              
   C   s   |    	 | jstdz| j|W S  tyR } z3|jd tkr1| jdkr( | j| j	t
d n|jd tkrG| jdkr> | j| jt
d n W Y d}~nd}~ww q)zhWrite DATA to the underlying SSL channel.  Returns
        number of bytes of DATA actually transmitted.Tz(Write on closed or unwrapped SSL socket.r   r^   r   N)r   rp   r_   writer   r8   r   r   r   r   _SSLErrorWriteTimeoutr   r   )r&   datar   r   r   r.   r     s&   

zSSLSocket.writec                 C   sD   |    |   z	| jj}W ||S  ty!   | jj}Y ||S w )zReturns a formatted version of the data in the
        certificate provided by the other end of the SSL channel.
        Return None if no certificate was provided, {} if a
        certificate was provided, but not validated.)r   r   rp   peer_certificateAttributeErrorgetpeercert)r&   binary_formcr   r   r.   r     s   

zSSLSocket.getpeercertc                 C   "   |    | jr
tjsd S | j S r#   )r   rp   _sslHAS_NPNselected_npn_protocolr   r   r   r.   r        
zSSLSocket.selected_npn_protocolHAS_ALPNc                 C   r   r#   )r   rp   r   r   selected_alpn_protocolr   r   r   r.   r     r   z SSLSocket.selected_alpn_protocolc                 C   s
   | j  S )zReturn a list of ciphers shared by the client during the handshake or
            None if this is not a valid server connection.
            )rp   shared_ciphersr   r   r   r.   r     s   
zSSLSocket.shared_ciphersc                 C   s   | j sdS | j  S )z^Return a string identifying the protocol version used by the
            current SSL channel. N)rp   versionr   r   r   r.   r     s   
zSSLSocket.versionc                 C      |    | js	d S | j S r#   )r   rp   r   r   r   r   r.   r        
zSSLSocket.cipherc                 C   r   r#   )r   rp   compressionr   r   r   r.   r     r   zSSLSocket.compressionc                 C   s   |    |tu r| j}| jrP|dkrtd| j 	 z| j|W S  ty8   | jdkr0Y dS | | j	 Y n t
yN   | jdkrFY dS | | j Y nw qt| |||S )Nr   z3non-zero flags not allowed in calls to send() on %sTr^   )r   r   r   rp   r_   r-   r   r   r   r   r   r   r   send)r&   r   flagsr   r   r   r.   r     s0   

zSSLSocket.sendc                 C   sB   |    | jrtd| j |d u rt| ||S t| |||S )Nz%sendto not allowed on instances of %s)r   rp   r_   r-   r   sendto)r&   r   flags_or_addraddrr   r   r.   r   3  s   zSSLSocket.sendtoc                 O      t d| j )Nz&sendmsg not allowed on instances of %srk   r-   r&   r8   kwargsr   r   r.   sendmsg<  s   zSSLSocket.sendmsgc                 C   sX   |    | jr|dkrtd| j zt| ||W S  ty+   | jdkr*td w )Nr   z6non-zero flags not allowed in calls to sendall() on %sr^   z&The operation did not complete (write))	r   rp   r_   r-   r   sendall_socket_timeoutr   r   )r&   r   r   r   r   r.   r   B  s   
zSSLSocket.sendallr   c                 C   sH   |    | jr|dkrtd| j |dkrdS | |S t| ||S )Nr   z3non-zero flags not allowed in calls to recv() on %sr]   )r   rp   r_   r-   r   r   ry   r&   buflenr   r   r   r.   ry   R  s   
zSSLSocket.recvc                 C   s   |    |du r'|dur#t|}|j}W d   n1 sw   Y  |s'd}| jr;|dkr5td| j | ||S t| |||S )z
        .. versionchanged:: 24.2.1
           No longer requires a non-None *buffer* to implement ``len()``.
           This is a backport from 3.11.8.
        Nr   r   z8non-zero flags not allowed in calls to recv_into() on %s)	r   
memoryviewr   rp   r_   r-   r   r   	recv_into)r&   r   r   r   viewr   r   r.   r   `  s   
zSSLSocket.recv_intoc                 C   s*   |    | jrtd| j t| ||S )Nz'recvfrom not allowed on instances of %s)r   rp   r_   r-   r   recvfromr   r   r   r.   r   t  s   zSSLSocket.recvfromc                 C   s,   |    | jrtd| j t| |||S )Nz,recvfrom_into not allowed on instances of %s)r   rp   r_   r-   r   recvfrom_into)r&   r   r   r   r   r   r.   r   {  s   zSSLSocket.recvfrom_intoc                 O   r   )Nz&recvmsg not allowed on instances of %sr   r   r   r   r.   recvmsg     zSSLSocket.recvmsgc                 O   r   )Nz+recvmsg_into not allowed on instances of %sr   r   r   r   r.   recvmsg_into  r   zSSLSocket.recvmsg_intoc                 C   s   |    | jr| j S dS Nr   )r   rp   pendingr   r   r   r.   r     s   
zSSLSocket.pendingc                 C   s   |    d | _t| | d S r#   )r   rp   r   shutdown)r&   howr   r   r.   r     s   zSSLSocket.shutdownc              
   C   s   | j stdt|  z| j j}W n ty   | j j}Y nw | j}	 z| }W nI ty=   | jdkr5 | 	| j
 Y n4 tyQ   | jdkrI | 	| j Y n  tyY   Y n typ } z|jdkrkW Y d }~n d }~ww q#d | _ || ju s|J | S )NNo SSL wrapper around Tr^   r   )rp   r_   strr   r   unwraprq   r   r   r   r   r   r   r   rs   rt   )r&   r   sr   r   r   r.   r     s@   


zSSLSocket.unwrapc                 C   s   d | _ t|  d S r#   )rp   r   _real_closer   r   r   r.   r     s   zSSLSocket._real_closec                 C   sx   |    	 z| j  W dS  ty$   | jdkr | j| jtd Y n ty:   | jdkr0 | j| j	td Y nw q)zPerform a TLS/SSL handshake.Tr^   r   N)
r   rp   r   r   r   r   r   _SSLErrorHandshakeTimeoutr   r   r   r   r   r.   r     s   


zSSLSocket.do_handshakec                 C   s   | j j| j|| j| j|dS )N)ownerrB   )r   _wrap_socketrq   r>   )r&   r;   rB   r   r   r.   __create_sslobj  s   
zSSLSocket.__create_sslobjc                 C   s   | j rtd| jrtd| d| j| _z |r t| |}nd }t| | |s4| j	r1| 
  d| _|W S  tyA   d | _ w )Nz!can't connect in server-side modez/attempt to connect already-connected SSLSocket!FT)r;   r_   r~   r   r@   rp   r   
connect_exconnectr<   r   socket_error)r&   r   r   rcr   r   r.   _real_connect  s&   zSSLSocket._real_connectc                 C   s   |  |d dS )QConnects to remote ADDR, and then wraps the connection in
        an SSL channel.FNr   r&   r   r   r   r.   r      s   zSSLSocket.connectc                 C   s   |  |dS )r   Tr   r   r   r   r.   r     s   zSSLSocket.connect_exc                    sB   t   \}}z| jj|| j| jdd}||fW S    |   )z
        Accepts a new connection from a remote client, and returns a
        tuple containing that new connection wrapped with a
        server-side SSL channel, and the address of the remote client.
        T)r<   r=   r;   )r$   acceptr?   r   r<   r=   rv   )r&   newsockr   r,   r   r.   r   
  s   
zSSLSocket.accept
tls-uniquec                 C   sV   t | jdr| j|S |tvrtd|dkrtd|| jdu r&dS | j S )zGet channel binding data for current connection.  Raise ValueError
        if the requested `cb_type` is not supported.  Return bytes of the data
        or None if the data is not available (e.g. before the handshake).
        get_channel_bindingz Unsupported channel binding typer   z({0} channel binding type not implementedN)rZ   rp   r   r   r_   rk   formattls_unique_cb)r&   cb_typer   r   r.   r     s   

zSSLSocket.get_channel_bindingc                 C   s    | j r| j  S tdt|  )Nr   )rp   verify_client_post_handshaker_   r   r   r   r   r.   r   -  s   
z&SSLSocket.verify_client_post_handshaker#   )r   N)F)r   )r   r   r   )FN)r   )6r/   r0   r1   __doc__r   r   r   r   r%   r   r   r[   r   rC   rB   r   r   r   r   r   r   r   r   rZ   r   r   r   r   r   r   r   r   r   r   r   ry   r   r   r   r   r   r   r   r   r   r   r   r   r   r   r   r   r   r3   r   r   r,   r.   r	      sx    
 






5

	
	




6

r	   zThe read operation timed outzThe write operation timed outz!The handshake operation timed outFTc
           
      C   s   t | |||||||||	d
S )N
r:   rd   re   r;   rf   rg   rh   r<   r=   ri   )r	   r   r   r   r.   r   =  s   c              	   C   s   | \}}|durt }nt}t| %}t||||d}|d}W d   n1 s*w   Y  W d   n1 s9w   Y  d }}t|S )zRetrieve the certificate from the server at the specified address,
    and return it as a PEM-encoded string.
    If 'ca_certs' is specified, validate the server cert against it.
    If 'ssl_version' is specified, use it in the connection attempt.N)rg   rf   rh   T)r   r   r   r   r   r   )r   rg   rh   _rf   r:   sslsockdercertr   r   r.   r
   L  s   
r
   )9r   
__future__r   sslrV   r   rt   gevent.socketr   r   r   r   gevent._utilr   rs   r   weakrefr   r   __implements__rZ   append	__extra__r   r   r   r   r   r   r   r   r   r   r   r   r   r   r   r   r   globals__imports____all__remover   rE   r   r!   objectr4   r	   rA   r   r   r   r   r
   r   r   r   r.   <module>   s|   

	

c    l
