Directory:~$ /lib/python2.7/site-packages/urllib3/util/

Upload File

[Home] [System Details] [Kill Me]

�
_X�Tc	@s�
dd
lm
Z
mZ
ddlmZmZmZ
ddlmZ
dZ
eZdZ
ddlZddlZy0ddlmZmZmZ
ddlmZ
Wnek
r�


n
Xy ddlmZmZmZ
Wn#ek
r�


d\ZZdZn
XyddlmZ
Wnek
r#



d
Zn
Xyddlm
Z

Wn3ek
rm



ddlZdef
d��YZ
n
Xd�Zd�Zd�Zdejddd�Zddddddddd�ZdS(i����(thexlifyt	unhexlify(tmd5tsha1tsha256i(
tSSLErrorN(twrap_sockett	CERT_NONEtPROTOCOL_SSLv23(
tHAS_SNI(tOP_NO_SSLv2tOP_NO_SSLv3tOP_NO_COMPRESSIONi
ii(
t_DEFAULT_CIPHERSs�ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+HIGH:RSA+3DES:!aNULL:!eNULL:!MD5(
t
SSLContextRcBsGeZ
ejdkZd�Zd�Zd�Zd�Zdd�
Z
RS(	iicCsO|
|_t
|_tj|_d|_d
|_d|_	d|_
d|_dS(Ni(tprotocoltFalsetcheck_hostnametsslRtverify_modetNonetca_certstoptionstcertfiletkeyfiletciphers(tselftprotocol_version((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pyt__init__,s
		

	
	
	
	
cCs|
|_||_
dS(
N(RR(RRR((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pytload_cert_chain7s
	
cCs
|
|_dS(
N(
R(Rtlocation((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pytload_verify_locations;s
cCs%|jst
d
�
�
n|
|_dS(Ns�Your
version of Python does not support setting a custom cipher suite. Please
upgrade to Python 2.7, 3.2, or later if you need this
functionality.(tsupports_set_cipherst	TypeErrorR(Rtcipher_suite((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pytset_ciphers>s
	

cCshi|jd
6|j
d6|jd6|jd6|jd6}|jrWt|
d|j|�

St|
|�
SdS(NRRRt	cert_reqstssl_versionR(RRRRRR
RR(Rtsockettserver_hostnametkwargs((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pyRGs










	
(iiN(t__name__t
__module__tsystversion_infoR
RRRR#RR(((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pyR)s
					cCs�itd
6t
d6td6}|
jdd�j�}
tt|
�
d�\}}|s`||krotd�
�
nt|
j	��
}||}||�
j
�}||ks�tdjt|�
t|�
��
�
nd	S(
s�
    Checks if given fingerprint matches the supplied certificate.

    :param cert:
        Certificate as bytes object.
    :param fingerprint:
        Fingerprint as string of hexdigits, can be interspersed by colons.
    iii t
:tis!Fingerprint is of invalid length.s6Fingerprints did not
match. Expected "{0}", got
"{1}".N(
RRRtreplacetlowertdivmodtlenRR
tencodetdigesttformatR(tcerttfingerprintthashfunc_mapt
digest_lengthtoddtfingerprint_bytesthashfunctcert_digest((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pytassert_fingerprintUs







	
	
c
Cs[|dkrt
St|t�rWtt|d�}
|
dkrSttd
|�}
n|
S|S(s�

    Resolves the argument to a numeric constant, which can be passed to
    the wrap_socket function/method from the ssl module.
    Defaults to :data:`ssl.CERT_NONE`.
    If given a string it is assumed to be the name of the constant in the
    :mod:`ssl` module or its abbrevation.
    (So you can specify `REQUIRED` instead of `CERT_REQUIRED`.
    If it's neither `None` nor a string we assume it is already the
numeric
    constant which can directly be passed to wrap_socket.
    tCERT_N(RRt
isinstancetstrtgetattrR(t	candidatetres((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pytresolve_cert_reqszs




c
Cs[|dkrt
St|t�rWtt|d�}
|
dkrSttd
|�}
n|
S|S(s

    like resolve_cert_reqs
   
t	PROTOCOL_N(RRR@RARBR(RCRD((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pytresolve_ssl_version�s




cCs�t|pt
j�
}|dkrHd
}|tO}|tO}|tO}n|j|O_t|dt	�r|j
|pxt�

n|
|_t|dd�dk	r�t
|_n|S(s�All arguments have
the same meaning as ``ssl_wrap_socket``.

    By default, this function does a lot of the same work that
    ``ssl.create_default_context`` does on Python 3.4+. It:

    - Disables SSLv2, SSLv3, and compression
    - Sets a restricted set of server ciphers

    If you wish to enable SSLv3, you can do::

        from urllib3.util import ssl_
        context = ssl_.create_urllib3_context()
        context.options &= ~ssl_.OP_NO_SSLv3

    You can do the same to enable compression (substituting ``COMPRESSION``
    for ``SSLv3`` in the last line above).

    :param ssl_version:
        The desired protocol version to use. This will default to
        PROTOCOL_SSLv23 which will negotiate the highest protocol that both
        the server and your installation of OpenSSL support.
    :param cert_reqs:
        Whether to require the certificate verification. This defaults to
        ``ssl.CERT_REQUIRED``.
    :param options:
        Specific OpenSSL options. These default to ``ssl.OP_NO_SSLv2``,
        ``ssl.OP_NO_SSLv3``, ``ssl.OP_NO_COMPRESSION``.
    :param ciphers:
        Which cipher suites to allow the server to select.
    :returns:
        Constructed SSLContext object with specified options
    :rtype: SSLContext
    iR RN(RRRRR
RRRRBtTrueR#R
RRR(R%R$RRtcontext((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pytcreate_urllib3_context�s#




	

c	Cs�|}	|	dkr*t
||d
|�
}	n|r�y|	j|�

Wq�tk
rb
}

t|
�
�
q�tk
r�
}

|
jtjkr�t|
�
�
n�q�Xn|r�|	j||
�
nt	r�|	j
|d|�

S|	j
|�
S(s0
    All arguments except for server_hostname and ssl_context have the same
    meaning as they do when using :func:`ssl.wrap_socket`.

    :param server_hostname:
        When SNI is supported, the expected hostname of the certificate
    :param ssl_context:
        A pre-made :class:`SSLContext` object. If none is provided, one
will
        be created using :func:`create_urllib3_context`.
    :param ciphers:
        A string of ciphers we wish the client to support. This is not
        supported on Python 2.6 as the ssl module does not support it.
   
RR'N(RRJRtIOErrorRtOSErrorterrnotENOENTRR	R(tsockRRR$RR'R%Rtssl_contextRIt
e((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pytssl_wrap_socket�s$















(i
i( tbinasciiRR
thashlibRRRt
exceptionsRRRRR	tcreate_default_contextRMRRRRtImportErrorR
RRR
R+tobjectR>RERGt
CERT_REQUIREDRJRR(((s5/usr/lib/python2.7/site-packages/urllib3/util/ssl_.pyt<module>
sD























,	%			
;