Xh;ZUddlmZddlZddlZddlZddlZddlmZmZddl m Z ddl m Z ddlm Z ddlmZmZdd lmZmZmZmZmZdd lmZmZdd lmZmZmZmZmZm Z ejBd k\rdd lm"Z"ndd l#m"Z"ejBdk\r ddlm$Z$m%Z%nddl#m$Z$m%Z%ejBdk\rddlm&Z&nddl#m&Z&edZ'e$dZ(e)e)e*e*fdfZ+de,d<e)e+dfZ-de,d<GddeZ.e dGddeZ/e dGddee/Z0Gd d!eZ1y)") annotationsN)CallableMapping) dataclass)wraps) SSLContext)AnyTypeVar)BrokenResourceError EndOfStreamaclose_forcefullyget_cancelled_exc_class to_thread)TypedAttributeSettyped_attribute) AnyByteStreamAnyByteStreamConnectable ByteStreamByteStreamConnectableListener TaskGroup) ) TypeAlias)r ) TypeVarTupleUnpack)r )overrideT_RetvalPosArgsT.r_PCTRTT_PCTRTTTceZdZUdZeZded<eZded<eZded<eZ ded <eZ d ed <eZ d ed <eZ ded<eZ ded<eZd ed<eZded<y) TLSAttributez5Contains Transport Layer Security related attributes. str | None alpn_protocolbyteschannel_binding_tls_uniqueztuple[str, str, int]cipherz*None | dict[str, str | _PCTRTTT | _PCTRTT]peer_certificatez bytes | Nonepeer_certificate_binarybool server_sidez!list[tuple[str, str, int]] | Noneshared_ciphers ssl.SSLObject ssl_objectstandard_compatiblestr tls_versionN)__name__ __module__ __qualname____doc__rr(__annotations__r*r+r,r-r/r0r2r3r5E/var/www/html/myenv/lib/python3.12/site-packages/anyio/streams/tls.pyr&r&3s?!0 1M:1(7(99#2#4F 4FUEVBV,;,=\=')K)9H8IN5I / 1J 1!0 11&(K(r<r&F)eqceZdZUdZded<ded<ded<ded <ded <ed d d d d  ddZ ddZddZddZ dddZ ddZ ddZ e ddZy ) TLSStreama A stream wrapper that encrypts all sent data and decrypts received data. This class has no public initializer; use :meth:`wrap` instead. All extra attributes from :class:`~TLSAttribute` are supported. :var AnyByteStream transport_stream: the wrapped stream rtransport_streamr.r3r1 _ssl_objectz ssl.MemoryBIO _read_bio _write_bioNT)r/hostname ssl_contextr3cK|| }|s|rtjjntjj}tj|}t tdr$|xj tjzc_tj}tj}t|tjur|j||||} n,tj|j||||dd{} |||| ||} | j| jd{| S767w)a Wrap an existing stream with Transport Layer Security. This performs a TLS handshake with the peer. :param transport_stream: a bytes-transporting stream to wrap :param server_side: ``True`` if this is the server side of the connection, ``False`` if this is the client side (if omitted, will be set to ``False`` if ``hostname`` has been provided, ``False`` otherwise). Used only to create a default context when an explicit context has not been provided. :param hostname: host name of the peer (if host name checking is desired) :param ssl_context: the SSLContext object to use (if not provided, a secure default will be created) :param standard_compatible: if ``False``, skip the closing handshake when closing the connection, and don't raise an exception if the peer does the same :raises ~ssl.SSLError: if the TLS handshake fails NOP_IGNORE_UNEXPECTED_EOF)r/server_hostname)rAr3rBrCrD)sslPurpose CLIENT_AUTH SERVER_AUTHcreate_default_contexthasattroptionsrH MemoryBIOtyperwrap_biorrun_sync_call_sslobject_method do_handshake) clsrAr/rErFr3purposebio_inbio_outr2wrappers r=wrapzTLSStream.wrapas/:  &,K+6 ''CKKt j$r?|jj|jj d{7Ynt j$r@}|jj|jjt|d}~wt j $r}|jj|jjt#|t j$s|j&r(d|j&vr|j(rt|tdd}~wwxYww)NUNEXPECTED_EOF_WHILE_READING)rDpendingrAsendreadrJSSLWantReadErrorreceiverCwriter write_eofOSErrorr SSLWantWriteErrorSSLSyscallErrorSSLError isinstance SSLEOFErrorstrerrorr3)selffuncargsresultdataexcs r=rUz TLSStream._call_sslobject_methods ( tH??**//44T__5I5I5KLLL MI'' / /.."33889M9M9OPPP!%!6!6!>!>!@@@DNN((.#/NN,,.7NN,,.OO--/-367 (( I++001E1E1GHHH&& 3((*))+)s2<< ((*))+c3??3LL%Cs||%S//1s:)t3 1sJ8AA J8AJ8J34A DC"D#C&$D)J3#E2(J3*E22;E--E22J35J88AJ3GJ3J8J3;HJ3+BJ..J33J8cK|j|jjd{|jj |j j |j |jjfS7^w)z Does the TLS closing handshake. :return: a tuple of (wrapped byte stream, bytes left in the read buffer) N)rUrBunwraprCrerDrArarms r=rtzTLSStream.unwrapsl))$*:*:*A*ABBB   " !!#$$dnn&9&9&;;; Cs)B B AB cK|jr |jd{|jj d{y7'#t$r t|jd{7wxYw73wN)r3rt BaseExceptionrrAacloserus r=ryzTLSStream.aclosesm  # # kkm## ##**,,, $  '(=(=>>>  -sC A;A A A A;A9A; A !A6.A1/A66A;c~K|j|jj|d{}|st|S7wrw)rUrBrar )rm max_bytesrqs r=rczTLSStream.receives;001A1A1F1F RR  Ss *=;=clK|j|jj|d{y7wrw)rUrBrd)rmitems r=r`zTLSStream.sends())$*:*:*@*@$GGGs *424c(K|jtj}tjd|}|rMt |j dt |j dxsd}}||fdkrtd|tdw)NzTLSv(\d+)(?:\.(\d+))?r r)rrz;send_eof() requires at least TLSv1.3; current session uses z7send_eof() has not yet been implemented for TLS streams)extrar&r5rematchintgroupNotImplementedError)rmr5rmajorminors r=send_eofzTLSStream.send_eofsjj!9!9: 1;? u{{1~.EKKN4Ga0H5Eu~&)$$/=2 " E  sBBc<ijjtjjj tj jjtjjjtjfdtjfdtjfdtjfdtjfdtjfdtjjj i S)Nc:jjdS)NFrB getpeercertrusr=z,TLSStream.extra_attributes..s43C3C3O3OPU3Vr<c:jjdS)NTrrusr=rz,TLSStream.extra_attributes..s$:J:J:V:V;r<c0jjSrw)rBr/rusr=rz,TLSStream.extra_attributes..sd.>.>.J.Jr<chjjrjjSdSrw)rBr/r0rusr=rz,TLSStream.extra_attributes..s0++261A1A1P1P1Rr<cjSrwr3rusr=rz,TLSStream.extra_attributes.. d6N6Nr<cjSrw)rBrusr=rz,TLSStream.extra_attributes..s T-=-=r<)rAextra_attributesr&r(rBselected_alpn_protocolr*get_channel_bindingr+r,r-r/r0r3r2r5versionrus`r=rzTLSStream.extra_attributess ##44  & &(8(8(O(O  3 3  44   !1!1!8!8  ) )+V  0 03  $ $&J  ' '*  , ,.N  # #%=  $ $d&6&6&>&>#  r<) rArr/z bool | NonerEr'rFssl.SSLContext | Noner3r.returnr@)rnz&Callable[[Unpack[PosArgsT]], T_Retval]rozUnpack[PosArgsT]rr!)rztuple[AnyByteStream, bytes]rNone)i)r{rrr))r}r)rrrzMapping[Any, Callable[[], Any]])r6r7r8r9r: classmethodr\rUrtryrcr`rpropertyrr;r<r=r@r@Os$# $(#-1$(D'D! D  D + D"D DDL,:,CS, ,\ <-H    r<r@ceZdZUdZded<ded<dZded<d Zd ed <edd Z d ddZ ddZ e ddZ y ) TLSListenera A convenience listener that wraps another listener and auto-negotiates a TLS session on every accepted connection. If the TLS handshake times out or raises an exception, :meth:`handle_handshake_error` is called to do whatever post-mortem processing is deemed necessary. Supports only the :attr:`~TLSAttribute.standard_compatible` extra attribute. :param Listener listener: the listener to wrap :param ssl_context: the SSL context object :param standard_compatible: a flag passed through to :meth:`TLSStream.wrap` :param handshake_timeout: time limit for the TLS handshake (passed to :func:`~anyio.fail_after`) z Listener[Any]listenerzssl.SSLContextrFTr.r3floathandshake_timeoutcKt|d{t|ts*tjt j d|t|trt|try7hw)a Handle an exception raised during the TLS handshake. This method does 3 things: #. Forcefully closes the original stream #. Logs the exception (unless it was a cancellation exception) using the ``anyio.streams.tls`` logger #. Reraises the exception if it was a base exception or a cancellation exception :param exc: the exception :param stream: the original stream NzError during TLS handshake)exc_info)rrjrlogging getLoggerr6 exception Exception)rrstreams r=handle_handshake_errorz"TLSListener.handle_handshake_error4sr  '''#689   h ' 1 1,s 2  #y)Z=T=V-W .X (sA<A:A)A<NcKtdfd }jj||d{y7w)Nc\Kddlm} |j5tj |j j d{}dddd{y7#1swYxYw7#t$r%}j||d{7Yd}~yd}~wwxYww)Nr ) fail_after)rFr3) rrr@r\rFr3rxr)rrwrapped_streamrrhandlerrms r=handler_wrapperz*TLSListener.serve..handler_wrapperYs % . 6 67+4>>$($4$4,0,D,D,:,&Nn---&.! ?11#v>>> ?suB,A;0A- A+A-A; B,%A9&B,+A--A62A;9B,; B)B$BB$B,$B))B,)rrrr)rrserve)rmr task_grouprs`` r=rzTLSListener.serveTs; w .  .mm!!/:>>>s5A?AcTK|jjd{y7wrw)rryrus r=ryzTLSListener.acloseksmm""$$$s (&(c.tjfdiS)NcjSrwrrusr=rz.TLSListener.extra_attributes..qrr<)r&r3rus`r=rzTLSListener.extra_attributesns  , ,.N  r<)rrrxrrrrrw)rzCallable[[TLSStream], Any]rzTaskGroup | Nonerrrr) r6r7r8r9r:r3r staticmethodrrryrrr;r<r=rrs}" $$!u!D(,?+?%?  ?.%  r<rcFeZdZdZdddd ddZeddZy) TLSConnectablea Wraps another connectable and does TLS negotiation after a successful connection. :param connectable: the connectable to wrap :param hostname: host name of the server (if host name checking is desired) :param ssl_context: the SSLContext object to use (if not provided, a secure default will be created) :param standard_compatible: if ``False``, skip the closing handshake when closing the connection, and don't raise an exception if the server does the same NTrErFr3c8||_|xs-tjtjj|_t |j tjs+tdt|j j||_ ||_ y)Nz7ssl_context must be an instance of ssl.SSLContext, not ) connectablerJrNrKrMrFrjr TypeErrorrRr6rEr3)rmrrErFr3s r=__init__zTLSConnectable.__init__s''2( c6P6P KK # #7 $**CNN;I(()2235 ! #6 r<cK|jjd{} tj||j|j |j d{S7D7#t$rt|d{7wxYww)Nr) rconnectr@r\rErFr3rxr)rmrs r=rzTLSConnectable.connects''//11 " ,,$($<$< ( 2  #F+ + +  sDB A%B :A) A'!A)$B 'A))BBBB ) rrrEr'rFrr3r.rr)rr@)r6r7r8r9rr rr;r<r=rrus[  $-1$( 7-7 7 + 7 " 7 7(  r<r)2 __future__rrrrJsyscollections.abcrr dataclassesr functoolsrrtypingr r rr r rrr_core._typedattrrrabcrrrrrr version_infortyping_extensionsrrr r!r"tupler4r#r:r$r&r@rrr;r<r=rs(" -!Bw +w++6w* :   #5c?C/00GSL))))$)8 eI I I X eU (9%U U p,*,r<