mne&UddlZddlZddlZddlZddlZddlZddlmZmZm Z m Z ejdk(r ddl m Z mZn%ejdk(r ddlm Z mZnddlm Z mZej"rddlmZeezej,ezej,ezZej0ed<eezej4geezfzZej0ed <dd Zdd ZGd de Zdej>ej@zdedzd dfdZ!y)N)_original_SSLContext_original_super_SSLContext#_truststore_SSLContext_dunder_class"_truststore_SSLContext_super_classWindows)_configure_context_verify_peercerts_implDarwin)Buffer_StrOrBytesPath _PasswordTypereturncttdt ddlmcm}t|dty#t $rYywxYw)zqInjects the :class:`truststore.SSLContext` into the ``ssl`` module by replacing :class:`ssl.SSLContext`. SSLContextrN)setattrsslrurllib3.util.ssl_utilssl_ ImportError urllib3_ssls /lib/python3.12/site-packages/truststore/_api.pyinject_into_sslrs9 Cz* // \:6    s 2 >>cvttdt ddlmcm}t|_y#t$rYywxYw)z@Restores the :class:`ssl.SSLContext` class to its original staterrN)rrrrrrrrrs rextract_from_sslr.s4 C34 //!5     s , 88ceZdZdZedefdZdAdeddfdZ dBd e jd e d e d e d e dzde jdzde jfdZ dCde j de j d e d e dzde jdzde j"f dZ dDde ezej*e zej*ezdzde ezej*e zej*ezdzdej.e ddfddfdZ dEdededzdedzddfdZe j8j:fde j8ddfdZdej>e ddfdZ d ej>e ddfd!Z!d"e ddfd#Z"dejFfd$Z$de%e effd%Z&de%e effd&Z'ejP dFd'ejRdde*ejFfd(Z+ejPdFd'ejRdde*efd)Z+ejPdFd'e dejFfd*Z+dGd'e de*ejFe*ezfd+Z+ede fd,Z,e,jZd-e ddfd.Z,ede fd/Z.e.jZd-e ddfd0Z.ede fd1Z/e/jZd-e ddfd2Z/ede j`fd3Z1e1jZd-e j`ddfd4Z1ede j`fd5Z2e2jZd-e j`ddfd6Z2ede jffd7Z4e4jZd-e jfddfd8Z4ede fd9Z5e5jZd-e ddfd:Z5ede jlfd;Z7edefd<Z8ede jrfd=Z:e:jZd-e jrddfd>Z:ede jvfd?Z.TruststoreSSLObjectcRt|}t||j|S)Nserver_hostname)super do_handshake_verify_peercertsr+)r"retr#s rr-z=SSLContext.__init__..TruststoreSSLObject.do_handshakeKs%g*,!$8L8LM r$rN)__name__ __module__ __qualname__r- __classcell__)r#s@rTruststoreSSLObjectr(Fs   r$r5)r_ctxr SSLObjectsslobject_class)r"r%r5s r__init__zSSLContext.__init__Cs,(2  #-- %8 !r$FTsock server_sidedo_handshake_on_connectsuppress_ragged_eofsr+sessionc t|j5|jj||||||}ddd t||S#1swYxYw#t$rj wxYw)N)r;r+r<r=r>r*)r r6 wrap_socketr. Exceptionclose)r"r:r;r<r=r+r>ssl_socks rr@zSSLContext.wrap_socketRs  * yy,,' /(?%9 -H   h H    NN   s"A AAA7incomingoutgoingct|j5|jj|||||}ddd|S#1swYSxYw)N)r+r;r>)r r6wrap_bio)r"rDrEr;r+r>ssl_objs rrGzSSLContext.wrap_bionsV  * ii(( /' )G  s !AA cafilecapathcadatar c>|jj|||S)N)rIrJrK)r6load_verify_locations)r"rIrJrKs rrMz SSLContext.load_verify_locationss' yy..&/  r$certfilekeyfilepasswordc>|jj|||S)N)rNrOrP)r6load_cert_chain)r"rNrOrPs rrRzSSLContext.load_cert_chains' yy((w)  r$purposec8|jj|Sr )r6load_default_certs)r"rSs rrUzSSLContext.load_default_certssyy++G44r$alpn_protocolsc8|jj|Sr )r6set_alpn_protocols)r"rVs rrXzSSLContext.set_alpn_protocolssyy++N;;r$ npn_protocolsc8|jj|Sr )r6set_npn_protocols)r"rYs rr[zSSLContext.set_npn_protocolssyy**=99r$_SSLContext__cipherlistc8|jj|Sr )r6 set_ciphers)r"r\s rr^zSSLContext.set_cipherssyy$$\22r$c6|jjSr )r6 get_ciphersr!s rr`zSSLContext.get_cipherssyy$$&&r$c6|jjSr )r6 session_statsr!s rrbzSSLContext.session_statssyy&&((r$ctr NotImplementedErrorr!s rcert_store_statszSSLContext.cert_store_stats !##r$ binary_formcyr r"rhs r get_ca_certszSSLContext.get_ca_certss r$cyr rjrks rrlzSSLContext.get_ca_certs r$cyr rjrks rrlzSSLContext.get_ca_certsrnr$ctr rdrks rrlzSSLContext.get_ca_certsrgr$c.|jjSr r6check_hostnamer!s rrszSSLContext.check_hostnameyy'''r$valuec&||j_yr rrr"rus rrszSSLContext.check_hostnames#(  r$c.|jjSr r6hostname_checks_common_namer!s rrzz&SSLContext.hostname_checks_common_namesyy444r$c&||j_yr ryrws rrzz&SSLContext.hostname_checks_common_names05 -r$c.|jjSr r6keylog_filenamer!s rr~zSSLContext.keylog_filenameyy(((r$c&||j_yr r}rws rr~zSSLContext.keylog_filenames$) !r$c.|jjSr )r6maximum_versionr!s rrzSSLContext.maximum_versionrr$cXtjj|j|yr )rr__set__r6rws rrzSSLContext.maximum_version"22:: IIu r$c.|jjSr )r6minimum_versionr!s rrzSSLContext.minimum_versionrr$cXtjj|j|yr )rrrr6rws rrzSSLContext.minimum_versionrr$c.|jjSr )r6optionsr!s rrzSSLContext.optionssyy   r$cXtjj|j|yr )rrrr6rws rrzSSLContext.optionss"**22 IIu r$c.|jjSr r6post_handshake_authr!s rrzSSLContext.post_handshake_authsyy,,,r$c&||j_yr rrws rrzSSLContext.post_handshake_auths(- %r$c.|jjSr )r6r%r!s rr%zSSLContext.protocolsyy!!!r$c.|jjSr )r6security_levelr!s rrzSSLContext.security_levelrtr$c.|jjSr )r6 verify_flagsr!s rrzSSLContext.verify_flagssyy%%%r$cXtjj|j|yr )rrrr6rws rrzSSLContext.verify_flagss"//77 IIu r$c.|jjSr )r6 verify_moder!s rrzSSLContext.verify_mode syy$$$r$cXtjj|j|yr )rrrr6rws rrzSSLContext.verify_modes"..66 IIu r$r )FTTNN)FNN)NNN)NN).)F)=r1r2r3__doc__propertytyper#intr9socketboolstrr SSLSession SSLSocketr@ MemoryBIOr7rGbytesosPathLiketypingUnionrMr rrRPurpose SERVER_AUTHrUIterablerXr[r^Anyr`dictrbrfoverloadLiterallistrlrssetterrzr~ TLSVersionrrOptionsrr _SSLMethodr%r VerifyFlagsr VerifyModerrjr$rrr9sG A4AA 8 8 8$"(,%)&*)-mm"&  #  t $& @"&*)- ----  t  $&  (NRMQ48  e bkk#..U1CCdJ e bkk#..U1CCdJ  S(D01    +/)-  ! !4'  $&    &)[[%<%<5{{5 5 <1E<$<:vs/C::333'VZZ')tCH~)$$sCx.$ __36 !>>%0 fjj    __ t(< tE{   __  vzz  $$fjj9IDQVK9W$((()D)T))5T55!''66$6(6)))*S*T**))) S^^   ))) S^^   !!! ^^ S[[ T  -T--..$. ."#..""(((&coo&& #// d  %S^^%%  D  r$rsock_or_sslobjr+c,|} t|ds|j}t|ds|jxsd}|Dcgc]!}|j t j #}}t|j||y#t$rYdwxYwcc}w)z{ Verifies the peer certificates from an SSLSocket or SSLObject against the certificates in the OS trust store. get_unverified_chainrjr*N) hasattr_sslobjAttributeErrorr public_bytes_ssl ENCODING_DERr context)rr+sslobjunverified_chaincert cert_bytess rr.r.s+F &"89^^F&"89 ##%+DTT4$##D$5$56TJT O    Us$B&B B Br0)"rplatformrrrr_ssl_constantsrrrrsystem_windowsr r _macos_openssl TYPE_CHECKINGtyping_extensionsr rrrr TypeAlias__annotations__Callablerrrrrr7r.rjr$rrs  8?? !DDX__("BBD (%(%K"++c2B$BR[[QVEW$W!!W"%+C%K0P"P vP   [ 3[ |MMCMM1DG$J r$