CYhU#ddlmZddlZddlZddlZddlZddlmZejrddl m Z ddl m Z m Z ejdd Zej eefZejd Zd ZGd d Zy)) annotationsN)ProxySchemeUnsupported)Literal)_TYPE_PEER_CERT_RET_TYPE_PEER_CERT_RET_DICT_SelfT SSLTransport)bound _ReturnValuei@c*eZdZdZed"dZ d# d$dZd%dZd&dZd'dZ d(d)dZ d*d+d Z d, d-d Z d.d/d Z d.d0d Z d1dddd  d2dZd3dZd3dZej& d4 d5dZej&d6dZd7d8dZd9dZd:dZd9dZd9dZd;dZd9dZddZej&d?dZej&d@dZej& dAd Z dB dCd!Zy)Dr aL The SSLTransport wraps an existing socket and establishes an SSL connection. Contrary to Python's implementation of SSLSocket, it allows you to chain multiple TLS connections together. It's particularly useful if you need to implement TLS within TLS. The class supports most of the socket API operations. c2t|ds tdy)z Raises a ProxySchemeUnsupported if the provided ssl_context can't be used for TLS in TLS. The only requirement is that the ssl_context provides the 'wrap_bio' methods. wrap_biozXTLS in TLS requires SSLContext.wrap_bio() which isn't available on non-native SSLContextN)hasattrr) ssl_contexts ;/usr/lib/python3/dist-packages/urllib3/util/ssltransport.py$_validate_ssl_context_for_tls_in_tlsz1SSLTransport._validate_ssl_context_for_tls_in_tls"s%{J/(5 0Nc(tj|_tj|_||_||_|j |j|j||_|j|jjy)zV Create an SSLTransport around socket using the provided ssl_context. )server_hostnameN) ssl MemoryBIOincomingoutgoingsuppress_ragged_eofssocketrsslobj _ssl_io_loop do_handshake)selfrrrrs r__init__zSSLTransport.__init__2sm    $8! !** MM4==/+  $++223rc|SNr!s r __enter__zSSLTransport.__enter__Is rc$|jyr$)close)r!_s r__exit__zSSLTransport.__exit__Ls  rc6|jjSr$)rfilenor&s rr-zSSLTransport.filenoO{{!!##rc&|j||Sr$)_wrap_ssl_read)r!lenbuffers rreadzSSLTransport.readRs""3//rcD|dk7r td|j|S)Nrz+non-zero flags not allowed in calls to recv) ValueErrorr0)r!buflenflagss rrecvzSSLTransport.recvUs& A:JK K""6**rc`|dk7r td| t|}|j||S)Nrz0non-zero flags not allowed in calls to recv_into)r5r1r3)r!r2nbytesr7s r recv_intozSSLTransport.recv_intoZs6 A:OP P >[Fyy((rc|dk7r tdd}t|5}|jd5}t|}||kr|j ||d}||z }||krddddddy#1swYxYw#1swYyxYw)Nrz.non-zero flags not allowed in calls to sendallB)r5 memoryviewcastr1send)r!datar7countview byte_viewamountvs rsendallzSSLTransport.sendallfs A:MN N   tyy~ ^F&.IIi/0 &.      s"A=/A1 A=1A: 6A==Bcn|dk7r td|j|jj|S)Nrz+non-zero flags not allowed in calls to send)r5rrwrite)r!rAr7s rr@zSSLTransport.sendps2 A:JK K  !2!2D99r)encodingerrorsnewlinec:t|hdkstd|dd|v}d|vxs| }|s|sJd|v}d} |r| dz } |r| dz } tj|| } |jxjdz c_|d }|d krt j }|d k(r|s td | S|r|rt j| | |} n3|rt j| |} n|sJt j| |} |r| St j| |||} || _ | S) a Python's httpclient uses makefile and buffered io when reading HTTP messages and we need to support it. This is unfortunately a copy and paste of socket.py makefile with small changes to point to the socket directly. >brwz invalid mode z (only r, w, b allowed)rPrOrNrrz!unbuffered streams must be binary) setr5rSocketIO_io_refsioDEFAULT_BUFFER_SIZEBufferedRWPairBufferedReaderBufferedWriter TextIOWrappermode) r!r\ bufferingrJrKrLwritingreadingbinaryrawmoderawr2texts rmakefilezSSLTransport.makefileus= 4yO+}TH4KLM M++,W'!!  sNG  sNGoodG, !  I q=..I > !DEEJ w&&sC;F &&sI6FN7&&sI6F M&'B  rcN|j|jjyr$)rrunwrapr&s rrfzSSLTransport.unwraps $++,,-rc8|jjyr$)rr)r&s rr)zSSLTransport.closes rcyr$r%r! binary_forms r getpeercertzSSLTransport.getpeercerts rcyr$r%ris rrkzSSLTransport.getpeercert rc8|jj|Sr$)rrkris rrkzSSLTransport.getpeercerts{{&&{33rc6|jjSr$)rversionr&s rrpzSSLTransport.versions{{""$$rc6|jjSr$)rcipherr&s rrrzSSLTransport.cipherr.rc6|jjSr$)rselected_alpn_protocolr&s rrtz#SSLTransport.selected_alpn_protocols{{1133rc6|jjSr$)rselected_npn_protocolr&s rrvz"SSLTransport.selected_npn_protocols{{0022rc6|jjSr$)rshared_ciphersr&s rrxzSSLTransport.shared_cipherss{{))++rc6|jjSr$)r compressionr&s rrzzSSLTransport.compressions{{&&((rc:|jj|yr$)r settimeout)r!values rr|zSSLTransport.settimeouts u%rc6|jjSr$)r gettimeoutr&s rrzSSLTransport.gettimeouts{{%%''rc8|jjyr$)r_decref_socketiosr&s rrzSSLTransport._decref_socketioss %%'rc |j|jj||S#tj$r4}|j tj k(r|jrYd}~yd}~wwxYwNr)rrr3rSSLErrorerrno SSL_ERROR_EOFr)r!r1r2es rr0zSSLTransport._wrap_ssl_readsZ $$T[[%5%5sFC C|| ww#+++0I0I  s&)A0)A+*A++A0cyr$r%)r!funcs rrzSSLTransport._ssl_io_looprmrcyr$r%)r!rarg1s rrzSSLTransport._ssl_io_looprmrcyr$r%)r!rrarg2s rrzSSLTransport._ssl_io_loops rcd}d}|rd} | ||}n| ||}n |||}|j j }|jj||d}nj|tjk(rW|jjt}|r|jj|n|jj|rtjt |S#tj$rE}|jtjtjfvr||j}Yd}~d}~wwxYw)z>Performs an I/O loop between incoming/outgoing and the socket.TNF)rrrSSL_ERROR_WANT_READSSL_ERROR_WANT_WRITErr3rrGr8 SSL_BLOCKSIZErrI write_eoftypingr?r ) r!rrr should_loopretrrbufs rrzSSLTransport._ssl_io_loops E :D>>E)rssl.SSLContextreturnNone)NT) rz socket.socketrrr str | Nonerboolrr)r!r rr )r*z typing.Anyrr)rint)N)r1rr2ztyping.Any | Noner int | bytes)rr)r6rr7rrrr)r2 _WriteBufferr: int | Noner7rrzNone | int | bytes)r)rAbytesr7rrr)rArr7rrrr$) r\strr]rrJrrKrrLrrz1typing.BinaryIO | typing.TextIO | socket.SocketIO)rr).)rjzLiteral[False]rz_TYPE_PEER_CERT_RET_DICT | None)rjz Literal[True]rz bytes | None)F)rjrrr)rr)rztuple[str, str, int] | None)rz!list[tuple[str, str, int]] | None)r} float | Nonerr)rr)r1rr2bytearray | Nonerr)rztyping.Callable[[], None]rr)rztyping.Callable[[bytes], int]rrrr)rz/typing.Callable[[int, bytearray | None], bytes]rrrrrr)NN)rz"typing.Callable[..., _ReturnValue]rzNone | bytes | intrrrr ) __name__ __module__ __qualname____doc__ staticmethodrr"r'r+r-r3r8r;rGr@rdrfr)roverloadrkrprrrtrvrxrzr|rrr0rr%rrr r s(  &'+%) 44$4$ 4 # 4  4.$0+" ) ) ) )  ):!%2 $!"222  2  22 ;2h. __,/ ) (   __  4%$43,)&(( __   __   __ =       $(!% $.0$.!$. $.  $.r) __future__rrVrrr exceptionsr TYPE_CHECKINGtyping_extensionsrssl_rr TypeVarr Union bytearrayr>rr rr r%rrrsn" / )C  7||Iz12 v~~n-  A.A.r