o "g;)@sUddlZddlZddlZddlZddlZddlZddlZddlmZm Z m Z m Z e dkr8ddl mZmZne dkrGddlmZmZnddlmZmZejrXddlmZeeBejeBejeBZejed<eeBejgeeBfBZejed <dd d Zdd dZGddde Zej dkrdej!d e"efddZ#n dej!d e"efddZ#dej$ej!BdedBd dfddZ%dS)N)_original_SSLContext_original_super_SSLContext#_truststore_SSLContext_dunder_class"_truststore_SSLContext_super_classWindows)_configure_context_verify_peercerts_implDarwin)Buffer_StrOrBytesPath _PasswordTypereturncCsRttdtzddlmmmm}t|dtWdSty(YdSw)zqInjects the :class:`truststore.SSLContext` into the ``ssl`` module by replacing :class:`ssl.SSLContext`. SSLContextrN) setattrsslrpip._vendor.urllib3.util.ssl__vendorurllib3utilssl_ ImportError urllib3_sslrZ/root/parts/websockify/install/lib/python3.10/site-packages/pip/_vendor/truststore/_api.pyinject_into_ssl s  rcCsLttdtzddlmmmm}t|_WdSt y%YdSw)z@Restores the :class:`ssl.SSLContext` class to its original staterrN) rrrrrrrrrrrrrrextract_from_ssl/s   rc@s eZdZdZedefddZd]deddfddZ  d^d e j d e d e de de dBde j dBde jfddZ  d_de jde jd e de dBde j dBde jf ddZ   d`de eBeje BejeBdBde eBeje BejeBdBdeje ddfddfddZ  dadededBdedBddfd d!Ze jjfd"e jddfd#d$Zd%eje ddfd&d'Z d(eje ddfd)d*Z!d+e ddfd,d-Z"dej#fd.d/Z$de%e effd0d1Z&de%e effd2d3Z'dbd4d5Z(ej) 6dcd7ej*d de+ej#fd8d9Z,ej)dcd7ej*d de+efd:d9Z,ej)dcd7e dej#fd;d9Z,ddd7e de+ej#e+eBfdZ-e-j.d?e ddfd@d>Z-ede fdAdBZ/e/j.d?e ddfdCdBZ/ede fdDdEZ0e0j.d?e ddfdFdEZ0ede j1fdGdHZ2e2j.d?e j1ddfdIdHZ2ede j1fdJdKZ3e3j.d?e j1ddfdLdKZ3ede j4fdMdNZ5e5j.d?e j4ddfdOdNZ5ede fdPdQZ6e6j.d?e ddfdRdQZ6ede j7fdSdTZ8edefdUdVZ9ede j:fdWdXZ;e;j.d?e j:ddfdYdXZ;ede j.TruststoreSSLObjectrNcst}t||jd|S)Nserver_hostname)super do_handshake_verify_peercertsr$)r retr!rrr&Ls z=SSLContext.__init__..TruststoreSSLObject.do_handshakerN)__name__ __module__ __qualname__r& __classcell__rrr)rTruststoreSSLObjectGsr/)r_ctxr SSLObjectsslobject_class)r r"r/rrr__init__Ds  zSSLContext.__init__FTsock server_sidedo_handshake_on_connectsuppress_ragged_eofsr$sessionc Csnt|j|jj||||||d}Wdn1swYz t||dW|Sty6|w)N)r5r$r6r7r8r#)rr0 wrap_socketr' Exceptionclose)r r4r5r6r7r$r8ssl_sockrrrr9Ss"   zSSLContext.wrap_socketincomingoutgoingcCsFt|j|jj|||||d}Wd|S1swY|S)N)r$r5r8)rr0wrap_bio)r r=r>r5r$r8ssl_objrrrr?os  zSSLContext.wrap_biocafilecapathcadatar cC|jj|||dS)N)rArBrC)r0load_verify_locations)r rArBrCrrrrEz SSLContext.load_verify_locationscertfilekeyfilepasswordcCrD)N)rGrHrI)r0load_cert_chain)r rGrHrIrrrrJrFzSSLContext.load_cert_chainpurposecC |j|Sr)r0load_default_certs)r rKrrrrMs zSSLContext.load_default_certsalpn_protocolscCrLr)r0set_alpn_protocols)r rNrrrrO zSSLContext.set_alpn_protocols npn_protocolscCrLr)r0set_npn_protocols)r rQrrrrRrPzSSLContext.set_npn_protocols_SSLContext__cipherlistcCrLr)r0 set_ciphers)r rSrrrrTrPzSSLContext.set_cipherscC |jSr)r0 get_ciphersrrrrrV zSSLContext.get_cipherscCrUr)r0 session_statsrrrrrXrWzSSLContext.session_statscCtrNotImplementedErrorrrrrcert_store_statszSSLContext.cert_store_statscCs|jdSr)r0set_default_verify_pathsrrrrr^sz#SSLContext.set_default_verify_paths. binary_formcCdSrrr r_rrr get_ca_certsszSSLContext.get_ca_certscCr`rrrarrrrbcCr`rrrarrrrbrccCrYrrZrarrrrbr]cC|jjSrr0check_hostnamerrrrrfzSSLContext.check_hostnamevaluecC ||j_dSrrer rhrrrrf cCrdrr0hostname_checks_common_namerrrrrmrgz&SSLContext.hostname_checks_common_namecCrirrlrjrrrrmrkcCrdrr0keylog_filenamerrrrrorgzSSLContext.keylog_filenamecCrirrnrjrrrrorkcCrdr)r0maximum_versionrrrrrprgzSSLContext.maximum_versioncCtj|j|dSr)rrp__set__r0rjrrrrpcCrdr)r0minimum_versionrrrrrtrgzSSLContext.minimum_versioncCrqr)rrtrrr0rjrrrrtrscCrdr)r0optionsrrrrrurgzSSLContext.optionscCrqr)rrurrr0rjrrrrurscCrdrr0post_handshake_authrrrrrwrgzSSLContext.post_handshake_authcCrirrvrjrrrrwrkcCrdr)r0r"rrrrr"rgzSSLContext.protocolcCrdr)r0security_levelrrrrrxrgzSSLContext.security_levelcCrdr)r0 verify_flagsrrrrryrgzSSLContext.verify_flagscCrqr)rryrrr0rjrrrryrscCrdr)r0 verify_moderrrrrz rgzSSLContext.verify_modecCrqr)rrzrrr0rjrrrrzrsr)FTTNN)FNN)NNN)NNr*).)F)>r+r,r-__doc__propertytyper!intr3socketboolstrr SSLSession SSLSocketr9 MemoryBIOr1r?bytesosPathLiketypingUnionrEr r rJPurpose SERVER_AUTHrMIterablerOrRrTAnyrVdictrXr\r^overloadLiterallistrbrfsetterrmro TLSVersionrprtOptionsrurw _SSLMethodr"rx VerifyFlagsry VerifyModerzrrrrr:s           "r) sslobjcC|pd}dd|DS)NrcSs&g|]}t|tr |n|tjqSr) isinstancer public_bytes_ssl ENCODING_DER.0certrrr s/_get_unverified_chain_bytes..get_unverified_chainrunverified_chainrrr_get_unverified_chain_bytess rcCr)NrcSsg|]}|tjqSr)rrrrrrrr(srrrrrrr&s sock_or_sslobjr$cCsR|}zt|ds|j}t|drWn tyYnwt|}t|j||ddS)z{ Verifies the peer certificates from an SSLSocket or SSLObject against the certificates in the OS trust store. rr#N)hasattr_sslobjAttributeErrorrr context)rr$r cert_bytesrrrr'+s    r'r*)&rplatformrrsysrr_ssl_constantsrrrrsystem_windowsrr _macos_openssl TYPE_CHECKINGpip._vendor.typing_extensionsr rrrr TypeAlias__annotations__Callabler rrr version_infor1rrrr'rrrrs>    &$    b