o 0׾g @sdZddlmZddlZejZddlZddlmZm Z ddlm Z ddl m Z eZddlmZgdZeed r@ed gZnd gZdd lmZdd lmZdd lmZdd lmZddlmZddlmZddlmZddlmZddlmZddlm Z ddlm!Z!ddlm"Z"ddlm#Z#ddlm$Z$ddlm%Z%ddlm&Z&ddlm'Z'e ee(edgddZ)ee)eZ*de*vre*+dej,Z-Gdd d ej.Z/Gd!d"d"e0Z1Gd#d$d$e-Z,Gd%d&d&eZ2e2e,_3e d'Z4e d(Z5e d)Z6ddd*ee#dd+d+df d,d Z7e#dfd-d.Z8dS)/zSSL wrapper for socket objects on Python 3. For the documentation, refer to :mod:`ssl` module manual. This module implements cooperative SSL socket wrappers. )absolute_importN)sockettimeout_default)timeout) copy_globals)ref) SSLContext SSLSocketget_server_certificate wrap_socket)AF_INET) SOCK_STREAM)SO_TYPE) SOL_SOCKET)SSLWantReadError)SSLWantWriteError) SSLEOFError) CERT_NONE)SSLError) SSL_ERROR_EOF)SSL_ERROR_WANT_READ)SSL_ERROR_WANT_WRITE)PROTOCOL_SSLv23)CHANNEL_BINDING_TYPES) CERT_REQUIRED)DER_cert_to_PEM_cert)create_connectionr)names_to_ignoredunder_names_to_keep namedtuplecs eZdZdZfddZZS)_contextawaresock)_sslsockcst||||||_dSN)super__init__r")selffamilytypeprotofilenosslsocket_wref __class__rT/var/www/html/backend_erp/backend_erp_env/lib/python3.10/site-packages/gevent/ssl.pyr%Zs z_contextawaresock.__init__)__name__ __module__ __qualname__ __slots__r% __classcell__rrr,r.r!Wsr!c@s eZdZdZddZddZdS) _Callback user_functioncCs ||_dSr#r5)r&r6rrr.r%bs z_Callback.__init__cGs|}|j|g|RSr#)r"r6)r&connargsrrr.__call__esz_Callback.__call__N)r/r0r1r2r%r9rrrr.r4^s r4cseZdZdZdZ     dddZeejdr6ejj fdd Zej j fd d Z ej j fd d Z eedrOej j fddZ ej j fddZ eedreefddZej fddZeedrefddZej fddZZSfddZZS)rrNFTc Cs|j|||||||dS)N)sock server_sidedo_handshake_on_connectsuppress_ragged_eofsserver_hostname_context_session)sslsocket_class)r&r:r;r<r=r>sessionrrr.r pszSSLContext.wrap_socketsetterctttj||dSr#)r$orig_SSLContextoptions__set__r&valuer,rr.rFzSSLContext.optionscrDr#)r$rE verify_flagsrGrHr,rr.rKrJzSSLContext.verify_flagscrDr#)r$rE verify_moderGrHr,rr.rLrJzSSLContext.verify_modeminimum_versioncrDr#)r$rErMrGrHr,rr.rMrJzSSLContext.minimum_versioncrDr#)r$rEmaximum_versionrGrHr,rr.rNrJzSSLContext.maximum_version _msg_callbackctj}t|tr |j}|Sr#)r$rO isinstancer4r6r&resultr,rr.rO zSSLContext._msg_callbackcsD|r t|r t|}tt_ztttj||Wtt_dStt_wr#)callabler4rE__ssl__rr$rOrGrHr,rr.rOs  sni_callbackcrPr#)r$rWrQr4r6rRr,rr.rWrTzSSLContext.sni_callbackcs,|r t|r t|}tttj||dSr#)rUr4r$rErWrGrHr,rr.rWs cs$|r t|r t|}t|dSr#)rUr4r$set_servername_callback)r&server_name_callbackr,rr.rXs z"SSLContext.set_servername_callback)FTTNN)r/r0r1r2rAr hasattrrErFrCrKrLrMrNpropertyrOrWrXr3rrr,r.ris@    rcseZdZdZddddeeddeeddddddddfddZdd Z d d Z e d d Z e j dd Z e ddZej ddZe ddZddZd\ddZddZd]ddZddZd^dd Zd!d"Zeed#rud$d%Zd&d'Zd(d)Zd*d+Zd,d-Zdefd.d/Zd\d0d1Z d2d3Z!d_d4d5Z"d`d7d8Z#dad9d:Z$d`d;d<Z%dad=d>Z&d?d@Z'dAdBZ(dCdDZ)dEdFZ*dGdHZ+dIdJZ,dKdLZ-dbdMdNZ.dOdPZ/dQdRZ0dSdTZ1fdUdVZ2dcdXdYZ3dZd[Z4Z5S)dr zp gevent `ssl.SSLSocket `_ for Python 3. NFTrc Cs |r||_nR|r|std|r|std|r|s|}t||_||j_|r-|j||r6|j|||r>|j||rF|j|||_||_ ||_ ||_ ||_ ||_ |tttkrdtd|rt|rltd|durttd|jjr~|s~td||_||_||_||_| |_d}d}|dur|}tj||j|j|j|d| n| durtj|| d n tj|| | | d d|_!d|_"z|j#$Wnxt%yG}zk|j&t&j'kr|(|)}|*dz|+d }Wn t%y}z|j&t&j't&j,fvrd }WYd}~nd}~ww|*||r=d }t-|j&|}||_.d|_/z|(W|t%y<Y|wWYd}~nd}~wwd}|0|||_1|rz!|2|||_"|rt|}|dkrmtd|3WdSWdSt%y|(wdS)Nz5certfile must be specified for server-side operationszcertfile must be specifiedz!only stream sockets are supportedz4server_hostname can only be specified in client modez,session can only be specified in client modez'check_hostname requires server_hostnameF)r'r(r)r*)r*)r'r(r)z5Closed before TLS handshake with data in recv buffer.TzHdo_handshake_on_connect should not be specified for non-blocking sockets)4r? ValueErrorrrLload_verify_locationsload_cert_chainset_npn_protocols set_cipherskeyfilecertfile cert_reqs ssl_versionca_certsciphers getsockoptrrr NotImplementedErrorcheck_hostnamer@r;r>r<r= gettimeoutrr%r'r(r)r*detach_closed_sslobj_sock getpeernameOSErrorerrnoENOTCONNclose getblocking setblockingrecvEINVALrreasonlibrary settimeout _connected_SSLSocket__create_sslobj do_handshake)r&r:rdrer;rfrgrhr<r'r(r)r*r= npn_protocolsrir>r@r? connected sock_timeouteblockingnotconn_pre_handshake_datar{ notconn_pre_handshake_data_errorrrrr.r%s            &  zSSLSocket.__init__cCst||||t|Sr#)r!_wref)r&r'r(r)r*rrr._gevent_sock_classbszSSLSocket._gevent_sock_classcCs&d|j|jdur|jfSdfS)Nz server=%s, cipher=%r)r;rpcipherr&rrr. _extra_repres zSSLSocket._extra_reprcCs|jSr#)r?rrrr.contextlszSSLSocket.contextcCs||_||j_dSr#)r?rpr)r&ctxrrr.rps cC|jdur |jjSdS)z!The SSLSession for client socket.N)rprBrrrr.rBu zSSLSocket.sessioncCs ||_|jdur||j_dSdSr#)r@rprB)r&rBrrr.rB{s  cCr)z.Was the client session reused during handshakeN)rpsession_reusedrrrr.rrzSSLSocket.session_reusedcCstd|jj)NzCan't dup() %s instances)rkr-r/rrrr.dupsz SSLSocket.dupcCsdSr#r)r&msgrrr. _checkClosedszSSLSocket._checkClosedcCs|js |dSdSr#)r~rrrrrr._check_connecteds zSSLSocket._check_connectedc Cs |d} |jstd|dkr|durdSdSz|dur+||j||7}|WS|j|p1dWStyJ|jdkr@|j|jtdYn;t y`|jdkrV|j|j tdYn%t y}z|j dt kr|jr|durwdn|WYd}~Sd}~wwq) zRead up to LEN bytes and return them. Return zero-length string on EOF. .. versionchanged:: 24.2.1 No longer requires a non-None *buffer* to implement ``len()``. This is a backport from 3.11.8. rTz'Read on closed or unwrapped SSL socket.Nr]r^ timeout_exc)rrpr_readrr_wait _read_event_SSLErrorReadTimeoutr _write_eventrr8rr=)r&nbytesbuffer bytes_readexrrr.rs6     zSSLSocket.readc Cs| |js tdz|j|WStyR}z3|jdtkr1|jdkr(|j|j t dn|jdt krG|jdkr>|j|j t dnWYd}~nd}~wwq)zhWrite DATA to the underlying SSL channel. Returns number of bytes of DATA actually transmitted.Tz(Write on closed or unwrapped SSL socket.rr^rN) rrpr_writerr8rrrr_SSLErrorWriteTimeoutrr)r&datarrrr.rs&  zSSLSocket.writecCsD||z |jj}W||Sty!|jj}Y||Sw)zReturns a formatted version of the data in the certificate provided by the other end of the SSL channel. Return None if no certificate was provided, {} if a certificate was provided, but not validated.)rrrppeer_certificateAttributeError getpeercert)r& binary_formcrrr.rs  zSSLSocket.getpeercertcC"||jr tjs dS|jSr#)rrp_sslHAS_NPNselected_npn_protocolrrrr.r  zSSLSocket.selected_npn_protocolHAS_ALPNcCrr#)rrprrselected_alpn_protocolrrrr.rrz SSLSocket.selected_alpn_protocolcCs |jS)zReturn a list of ciphers shared by the client during the handshake or None if this is not a valid server connection. )rpshared_ciphersrrrr.rs zSSLSocket.shared_cipherscCs|jsdS|jS)z^Return a string identifying the protocol version used by the current SSL channel. N)rpversionrrrr.rs zSSLSocket.versioncC||js dS|jSr#)rrprrrrr.r zSSLSocket.ciphercCrr#)rrp compressionrrrr.rrzSSLSocket.compressioncCs||tur |j}|jrP|dkrtd|j z|j|WSty8|jdkr0YdS||j Ynt yN|jdkrFYdS||j Ynwqt ||||S)Nrz3non-zero flags not allowed in calls to send() on %sTr^)rrrrpr_r-rrrrrrrsend)r&rflagsrrrr.rs0     zSSLSocket.sendcCsB||jrtd|j|durt|||St||||S)Nz%sendto not allowed on instances of %s)rrpr_r-rsendto)r&r flags_or_addraddrrrr.r3szSSLSocket.sendtocOtd|j)Nz&sendmsg not allowed on instances of %srkr-r&r8kwargsrrr.sendmsg<szSSLSocket.sendmsgcCsX||jr|dkrtd|jzt|||WSty+|jdkr*tdw)Nrz6non-zero flags not allowed in calls to sendall() on %sr^z&The operation did not complete (write)) rrpr_r-rsendall_socket_timeoutrr)r&rrrrr.rBs  zSSLSocket.sendallrcCsH||jr|dkrtd|j|dkrdS||St|||S)Nrz3non-zero flags not allowed in calls to recv() on %sr])rrpr_r-rrryr&buflenrrrr.ryRs zSSLSocket.recvcCs||dur'|dur#t| }|j}Wdn1swY|s'd}|jr;|dkr5td|j|||St||||S)z .. versionchanged:: 24.2.1 No longer requires a non-None *buffer* to implement ``len()``. This is a backport from 3.11.8. Nrrz8non-zero flags not allowed in calls to recv_into() on %s) r memoryviewrrpr_r-rr recv_into)r&rrrviewrrr.r`s  zSSLSocket.recv_intocCs*||jrtd|jt|||S)Nz'recvfrom not allowed on instances of %s)rrpr_r-rrecvfromrrrr.rts zSSLSocket.recvfromcCs,||jrtd|jt||||S)Nz,recvfrom_into not allowed on instances of %s)rrpr_r-r recvfrom_into)r&rrrrrr.r{s zSSLSocket.recvfrom_intocOr)Nz&recvmsg not allowed on instances of %srrrrr.recvmsgzSSLSocket.recvmsgcOr)Nz+recvmsg_into not allowed on instances of %srrrrr. recvmsg_intorzSSLSocket.recvmsg_intocCs||jr |jSdSNr)rrppendingrrrr.rs zSSLSocket.pendingcCs|d|_t||dSr#)rrprshutdown)r&howrrr.rszSSLSocket.shutdownc Cs|js tdt|z|jj}Wn ty|jj}Ynw|j} z|}WnIty=|jdkr5| |j Yn4t yQ|jdkrI| |j Yn t yYYntyp}z |jdkrkWYd}~nd}~wwq#d|_||jus|J|S)NNo SSL wrapper around Tr^r)rpr_strrrunwraprqrrrrrrrrsrt)r&rsrrrr.rs@          zSSLSocket.unwrapcCsd|_t|dSr#)rpr _real_closerrrr.rszSSLSocket._real_closecCsx| z|jWdSty$|jdkr|j|jtdYnty:|jdkr0|j|j tdYnwq)zPerform a TLS/SSL handshake.Tr^rN) rrprrrrr_SSLErrorHandshakeTimeoutrrrrrr.rs     zSSLSocket.do_handshakecCs|jj|j||j|j|dS)N)ownerrB)r _wrap_socketrqr>)r&r;rBrrr.__create_sslobjs zSSLSocket.__create_sslobjcCs|jrtd|jrtd|d|j|_z |r t||}nd}t|||s4|j r1| d|_|WSt yAd|_w)Nz!can't connect in server-side modez/attempt to connect already-connected SSLSocket!FT) r;r_r~rr@rpr connect_exconnectr<r socket_error)r&rrrcrrr. _real_connects&  zSSLSocket._real_connectcCs||ddS)QConnects to remote ADDR, and then wraps the connection in an SSL channel.FNrr&rrrr.rszSSLSocket.connectcCs ||dS)rTrrrrr.rs zSSLSocket.connect_excsBt\}}z|jj||j|jdd}||fWS|)z Accepts a new connection from a remote client, and returns a tuple containing that new connection wrapped with a server-side SSL channel, and the address of the remote client. T)r<r=r;)r$acceptr?r r<r=rv)r&newsockrr,rr.r s zSSLSocket.accept tls-uniquecCsVt|jdr |j|S|tvrtd|dkrtd||jdur&dS|jS)zGet channel binding data for current connection. Raise ValueError if the requested `cb_type` is not supported. Return bytes of the data or None if the data is not available (e.g. before the handshake). get_channel_bindingz Unsupported channel binding typerz({0} channel binding type not implementedN)rZrprrr_rkformat tls_unique_cb)r&cb_typerrr.rs    zSSLSocket.get_channel_bindingcCs |jr|jStdt|)Nr)rpverify_client_post_handshaker_rrrrr.r-s z&SSLSocket.verify_client_post_handshaker#)rN)F)r)rrr)FN)r)6r/r0r1__doc__rrr r r%rrr[rrCrBrrrrrrrrrZrrrrrrrrrrrryrrrrrrrrrrrrrrrrrr3rrr,r.r sx        5         6   r zThe read operation timed outzThe write operation timed outz!The handshake operation timed outFTc Cst|||||||||| d S)N r:rdrer;rfrgrhr<r=ri)r rrrr.r =sc Cs|\}}|dur t}nt}t|%}t||||d }|d}Wdn1s*wYWdn1s9wYd}}t|S)zRetrieve the certificate from the server at the specified address, and return it as a PEM-encoded string. If 'ca_certs' is specified, validate the server cert against it. If 'ssl_version' is specified, use it in the connection attempt.N)rgrfrhT)rrrr rr)rrgrh_rfr:sslsockdercertrrr.r Ls  r )9r __future__rsslrVrrt gevent.socketrrrr gevent._utilrrsrweakrefrr__implements__rZappend __extra__r r rrrrrrrrrrrrrrrglobals __imports____all__removerrErr!objectr4r rArrrr r rrrr.s|                          cl