HEX

File: //opt/alt/python311/lib/python3.11/site-packages/setuptools/__pycache__/ssl_support.cpython-311.pyc
�

��;f-!��*�ddlZddlZddlZddlZddlZddlmZmZmZm	Z	ddl
mZmZ	ddl
Z
n
#e$rdZ
YnwxYwgd�Zd������Z	ejjZejZn#e$rexZZYnwxYwe
duoeeefvZ	ddl
mZmZn(#e$r 	ddlmZddlmZn#e$rdZdZYnwxYwYnwxYwesGd	�d
e��Zesdd�Zd
�ZGd�de��ZGd�de��Zdd�Z d�Z!e!d���Z"d�Z#d�Z$dS)�N)�urllib�http_client�map�filter)�ResolutionError�ExtractionError)�VerifyingHTTPSHandler�find_ca_bundle�is_available�
cert_paths�
opener_fora
/etc/pki/tls/certs/ca-bundle.crt
/etc/ssl/certs/ca-certificates.crt
/usr/share/ssl/certs/ca-bundle.crt
/usr/local/share/certs/ca-root.crt
/etc/ssl/cert.pem
/System/Library/OpenSSL/certs/cert.pem
/usr/local/share/certs/ca-root-nss.crt
/etc/ssl/ca-bundle.pem
)�CertificateError�match_hostname)r)rc��eZdZdS)rN)�__name__�
__module__�__qualname__���I/opt/alt/python311/lib/python3.11/site-packages/setuptools/ssl_support.pyrr5s�������rr�c�l�g}|sdS|�d��}|d}|dd�}|�d��}||krtdt|��z���|s*|���|���kS|dkr|�d��n�|�d	��s|�d	��r(|�tj|����n;|�tj|���	d
d����|D])}|�tj|�����*tj
dd
�|��zdztj��}	|	�
|��S)zqMatching according to RFC 6125, section 6.4.3

        https://tools.ietf.org/html/rfc6125#section-6.4.3
        F�.rrN�*z,too many wildcards in certificate DNS name: z[^.]+zxn--z\*z[^.]*z\Az\.z\Z)�split�countr�repr�lower�append�
startswith�re�escape�replace�compile�join�
IGNORECASE�match)
�dn�hostname�
max_wildcards�pats�parts�leftmost�	remainder�	wildcards�frag�pats
          r�_dnsname_matchr2;s���
���	��5����������8���!�"�"�I�	��N�N�3�'�'�	��}�$�$�
#�>��b���I�K�K�
K��	2��8�8�:�:����!1�!1�1�1�
�s�?�?�
�K�K�� � � � �
�
 �
 ��
(�
(�	E�H�,?�,?��,G�,G�	E�

�K�K��	�(�+�+�,�,�,�,�
�K�K��	�(�+�+�3�3�E�7�C�C�D�D�D��	)�	)�D��K�K��	�$���(�(�(�(��j�����D�!1�!1�1�E�9�2�=�I�I���y�y��"�"�"rc�z�|std���g}|�dd��}|D]3\}}|dkr(t||��rdS|�|���4|sP|�dd��D]9}|D]4\}}|dkr)t||��rdS|�|���5�:t	|��dkr;td	|�d
d�tt|���������t	|��dkrtd	|�d|d
�����td���)a=Verify that *cert* (in decoded format as returned by
        SSLSocket.getpeercert()) matches the *hostname*.  RFC 2818 and RFC 6125
        rules are followed, but IP addresses are not accepted for *hostname*.

        CertificateError is raised on failure. On success, the function
        returns nothing.
        zempty or no certificate�subjectAltNamer�DNSN�subject�
commonNamerz	hostname z doesn't match either of z, z doesn't match rz=no appropriate commonName or subjectAltName fields were found)	�
ValueError�getr2r�lenrr%rr)�certr)�dnsnames�san�key�value�subs       rrros����	8��6�7�7�7����h�h�'��,�,���	'�	'�J�C���e�|�|�!�%��2�2���F�F�����&�&�&���
	/��x�x�	�2�.�.�
/�
/��"%�/�/�J�C���l�*�*�)�%��:�:�#�"�F�F�F� ����.�.�.��
/��x�=�=�1���"�"��8�8�T�Y�Y�s�4��':�':�;�;�;�$=�>�>�
>���]�]�a�
�
�"�"��8�8�X�a�[�[�$*�+�+�
+�#�$3�4�4�
4rc��eZdZdZd�Zd�ZdS)r	z=Simple verifying handler: no auth, subclasses, timeouts, etc.c�H�||_t�|��dS�N)�	ca_bundle�HTTPSHandler�__init__)�selfrDs  rrFzVerifyingHTTPSHandler.__init__�s#��"������d�#�#�#�#�#rc�6�����fd�|��S)Nc�*��t|�jfi|��SrC)�VerifyingHTTPSConnrD)�host�kwrGs  �r�<lambda>z2VerifyingHTTPSHandler.https_open.<locals>.<lambda>�s���1�$���M�M�"�M�M�r)�do_open)rG�reqs` r�
https_openz VerifyingHTTPSHandler.https_open�s'����|�|�M�M�M�M�s�
�
�	
rN)rrr�__doc__rFrPrrrr	r	�s8������G�G�$�$�$�
�
�
�
�
rr	c��eZdZdZd�Zd�ZdS)rJz@Simple verifying connection: no auth, subclasses, timeouts, etc.c�:�tj||fi|��||_dSrC)�HTTPSConnectionrFrD)rGrKrDrLs    rrFzVerifyingHTTPSConn.__init__�s(��� ��t�2�2�r�2�2�2�"����rc���tj|j|jft	|dd����}t|d��r4t	|dd��r#||_|���|j}n|j}ttd��r7tj
|j���}|�||���|_n+tj|tj
|j���|_	t|j���|��dS#t $r?|j�tj��|j����wxYw)N�source_address�_tunnel�_tunnel_host�create_default_context)�cafile)�server_hostname)�	cert_reqs�ca_certs)�socket�create_connectionrK�port�getattr�hasattr�sockrWrX�sslrYrD�wrap_socket�
CERT_REQUIREDr�getpeercertr�shutdown�	SHUT_RDWR�close)rGrc�actual_host�ctxs    r�connectzVerifyingHTTPSConn.connect�sV���'�
�Y��	�"�G�D�2B�D�$I�$I�
�
��
�4��#�#�		$���n�d�(K�(K�		$��D�I��L�L�N�N�N�
�+�K�K��)�K��3�0�1�1�	��,�D�N�C�C�C�C�����k��J�J�D�I�I����� 1�D�N����D�I�	��4�9�0�0�2�2�K�@�@�@�@�@���	�	�	��I���v�/�0�0�0��I�O�O�����	���s
�4'D�A	E&N)rrrrQrFrmrrrrJrJ�s8������J�J�#�#�#�����rrJc��tj�t|p
t	������jS)z@Get a urlopen() replacement that uses ca_bundle for verification)r�request�build_openerr	r
�open)rDs rr
r
�s5���>�&�&��i�;�>�+;�+;�<�<���
�rc�F��tj����fd���}|S)Nc�L��t�d��s
�|i|���_�jS)N�always_returns)rbrt)�args�kwargs�funcs  �r�wrapperzonce.<locals>.wrapper�s6����t�-�.�.�	8�"&�$��"7��"7�"7�D���"�"r)�	functools�wraps)rwrxs` r�oncer{�s8����_�T���#�#�#�#���#��Nrc����	ddl}n#t$rYdSwxYwG�fd�d|j������}|�d��|�d��|jS)Nrc�.���eZdZ��fd�Z��fd�Z�xZS)�"get_win_certfile.<locals>.CertFilec�~��t�|�����tj|j��dSrC)�superrF�atexit�registerrj�rG�CertFile�	__class__s ��rrFz+get_win_certfile.<locals>.CertFile.__init__�s7����(�D�!�!�*�*�,�,�,��O�D�J�'�'�'�'�'rc�p��	t�|�����dS#t$rYdSwxYwrC)r�rj�OSErrorr�s ��rrjz(get_win_certfile.<locals>.CertFile.close�sL���
��h��%�%�+�+�-�-�-�-�-���
�
�
����
���s�"'�
5�5)rrrrFrj�
__classcell__)r�r�s@�rr�r~�s\��������	(�	(�	(�	(�	(�	(�	�	�	�	�	�	�	�	�	�	rr��CA�ROOT)�wincertstore�ImportErrorr��addstore�name)r��	_wincertsr�s  @r�get_win_certfiler��s����������������t�t�����	�	�	�	�	�	�	�<�(�	�	�	���
�
�I�
���t����
���v�����>�s��
�c��ttjjt��}t��pt
|d��p
t��S)z*Return an existing CA bundle path, or NoneN)r�os�path�isfilerr��next�_certifi_where)�extant_cert_pathss rr
r
�sE���r�w�~�z�:�:�����	��!�4�(�(�	����rc��	td�����S#tttf$rYdSwxYw)N�certifi)�
__import__�wherer�rrrrrr�r�sJ��
��)�$�$�*�*�,�,�,����/�:�
�
�
����
���s� #�>�>)rrC)%r�r^r�r!ry�setuptools.extern.six.movesrrrr�
pkg_resourcesrrrdr��__all__�striprrrorErT�AttributeError�objectrrr�backports.ssl_match_hostnamer8r2r	rJr
r{r�r
r�rrr�<module>r�s���	�	�	�	�
�
�
�
�
�
�
�
�	�	�	�	�����H�H�H�H�H�H�H�H�H�H�H�H�:�:�:�:�:�:�:�:���J�J�J�J������
�C�C�C���������
	�
�E�G�G�E�E�G�G��,��>�.�L�!�1�O�O���,�,�,�%+�+�L�?�?�?�,�����$��P�6�,��1P�#P���4�4�4�4�4�4�4�4�4�������A�A�A�A�A�A�?�?�?�?�?�?�?������������������	�����
�
�
�
�
�
�:�
�
�
��\4�2#�2#�2#�2#�h&4�&4�&4�R

�

�

�

�

�L�

�

�

�%�%�%�%�%��%�%�%�P�������������.���
�
�
�
�
sT�/�9�9�'A;�;	B�B�B�C�$B1�0C�1	B=�:C�<B=�=C�C