h1dZddlZddlZddlmZddlm Z ddl m Z ddlmZmZddlmZmZddlmZdd lmZdd lmZdd lm Z!dd l"m#Z#m$Z$dd l%m&Z&ddl'm(Z(m)Z*e jVZ,e jZZ-e j\Z.e j^Z/e0e ddZ1dZ2dZ3dZ4e jjZ6ejne jpejre jtejve jte jxziZ=e>de=jDZ@dZAe je je jfZEdZFGdde jZHGddeIZJGddeIZKy)zMA CPython compatible SSLContext implementation wrapping PyOpenSSL's context. N)EINTR) ip_address)SSL)verify_hostnameverify_ip_address)CertificateErrorVerificationError)default_backend)_unicode)r)time)_load_trusted_ca_certs_ocsp_callback) _OCSPCache)_errno_from_exception SocketCheckerOP_NO_RENEGOTIATIONTc#*K|] \}}||f ywN).0keyvalues \/var/www/html/ranktracker/api/venv/lib/python3.12/site-packages/pymongo/pyopenssl_context.py rFs8S%UCL8scX tt|y#ttf$rYywxYw)NTF) _ip_addressr ValueError UnicodeError)addresss r_is_ip_addressr Is.HW%&  %s ))c |jdk(S)zyy#t tf$r}t|tk(rYd}~kd}~wwxYw)NrzConnection closed) memoryviewlenr=r-r(sendIOErrorOSErrorr_EINTR Exception) r/bufflagsview total_length total_sentsentr$r2s rsendallz_sslConn.sendalls#3x  <' zz(D.Z[0A5Jqy 344 $ J<'W% (-7 s"A!!B 0BBB )r) __name__ __module__ __qualname__r.r=r?rArHrW __classcell__)r2s@rr(r(^s'2 Or&r(ceZdZdZdZy) _CallbackDataz0Data class which is passed to the OCSP callback.c>d|_d|_t|_yr)trusted_ca_certscheck_ocsp_endpointrocsp_response_cacher/s rr.z_CallbackData.__init__s $#' #-< r&N)rXrYrZ__doc__r.rr&rr]r]s :0r&r]ceZdZdZdZdZedZdZdZ eee Z dZ dZ ee e Z d Zd ZeeeZd Zd ZeeeZddZddZdZ ddZy ) SSLContextzUA CPython compatible SSLContext implementation wrapping PyOpenSSL's context. ) _protocol_ctx_callback_data_check_hostnamec||_tj|j|_t |_d|_d|j _|jjt|j y)NT)callbackdata) rfrBContextrgr]rhrir`set_ocsp_client_callbackr)r/protocols rr.zSSLContext.__init__sa!LL0 +o# 37/ **#$*=*= + ?r&c|jS)zhThe protocol version chosen when constructing the context. This attribute is read-only. )rfrbs rrozSSLContext.protocols ~~r&cDt|jjS)zWhether to try to verify other peers' certificates and how to behave if verification fails. This attribute must be one of ssl.CERT_NONE, ssl.CERT_OPTIONAL or ssl.CERT_REQUIRED. )_REVERSE_VERIFY_MAPrgget_verify_moderbs r__get_verify_modezSSLContext.__get_verify_modes #499#<#<#>??r&cPd}|jjt||y)zSetter for verify_mode.c|Srr)connobjx509objerrnumerrdepthretcodes r_cbz)SSLContext.__set_verify_mode.._cbs Nr&N)rg set_verify _VERIFY_MAP)r/rr|s r__set_verify_modezSSLContext.__set_verify_modes"  [/5r&c|jSr)rirbs r__get_check_hostnamezSSLContext.__get_check_hostnames###r&cHt|ts td||_y)Nz$check_hostname must be True or False) isinstancebool TypeErrorrir/rs r__set_check_hostnamezSSLContext.__set_check_hostnames %&BC C$r&c.|jjSr)rhr`rbs r__get_check_ocsp_endpointz$SSLContext.__get_check_ocsp_endpoints""666r&c\t|ts td||j_y)Nz check_ocsp must be True or False)rrrrhr`rs r__set_check_ocsp_endpointz$SSLContext.__set_check_ocsp_endpoints&%&>? ?27/r&c8|jjdSrG)rg set_optionsrbs r __get_optionszSSLContext.__get_optionssyy$$Q''r&cL|jjt|yr)rgrintrs r __set_optionszSSLContext.__set_optionss c%j)r&Ncr fd}|jj||jj||jj|xs||jj y)aLoad a private key and the corresponding certificate. The certfile string must be the path to a single file in PEM format containing the certificate as well as any number of CA certificates needed to establish the certificate's authenticity. The keyfile string, if present, must point to a file containing the private key. Otherwise the private key will be taken from certfile as well. c&jdS)Nzutf-8)encode) max_length prompt_twice user_datapasswords r_pwcbz)SSLContext.load_cert_chain.._pwcbs w//r&N)rg set_passwd_cbuse_certificate_chain_fileuse_privatekey_filecheck_privatekey)r/certfilekeyfilerrs ` rload_cert_chainzSSLContext.load_cert_chainsZ  0 II # #E * ,,X6 %%g&9: ""$r&cp|jj||t||j_y)zLoad a set of "certification authority"(CA) certificates used to validate other peers' certificates when `~verify_mode` is other than ssl.CERT_NONE. N)rgload_verify_locationsr rhr_)r/cafilecapaths rrz SSLContext.load_verify_locationss+ ''7/Ef/M,r&c8|jjy)zdSpecify that the platform provided CA certificates are to be used for verification purposes.N)rgset_default_verify_pathsrbs rrz#SSLContext.set_default_verify_pathss **,r&cdt|j||}|r|j||dur|jnj|r+t |s |j |j d|jtjk7r|j|j|rY|j|jr=|; t |rt|t||St!|t| |S|S#t"t$f$r}t't)|d}~wwxYw)zTWrap an existing Python socket sock and return a TLS socket object. TidnaN)r(rg set_sessionset_accept_stater set_tlsext_host_namer verify_mode _stdlibssl CERT_NONE request_ocspset_connect_stater?check_hostname_verify_ip_addressr _verify_hostname_SICertificateError_SIVerificationError_CertificateErrorstr) r/r1 server_sidedo_handshake_on_connectr,server_hostnamesessionssl_connr$s r wrap_socketzSSLContext.wrap_socketsDIIt-AB    ) $   % % '~o'F--o.D.DV.LM:#7#77%%'  & & ( #  ! ! #""'B6%o6*8Xo5NO )8O3LMx,-AB6+CH556s D-DD/D**D/)NN)FTTNN)rXrYrZrc __slots__r.propertyro_SSLContext__get_verify_mode_SSLContext__set_verify_moder_SSLContext__get_check_hostname_SSLContext__set_check_hostnamer$_SSLContext__get_check_ocsp_endpoint$_SSLContext__set_check_ocsp_endpointr`_SSLContext__get_options_SSLContext__set_optionsoptionsrrrrrr&rreresKI ? @6,.?@K$% 24HIN78 ##<#<>( * }m4G%,N--2,0)-26'r&re)Lrcsocketr8sslrerrnorrO ipaddressrrOpenSSLrrBservice_identity.pyopensslrrrrservice_identityrrr rcryptography.hazmat.backendsr _default_backendbson.py3compatr pymongo.errorsrpymongo.monotonicr r5pymongo.ocsp_supportr rpymongo.ocsp_cacherpymongo.socket_checkerrrr* SSLv23_METHODPROTOCOL_SSLv23 OP_NO_SSLv2 OP_NO_SSLv3OP_NO_COMPRESSIONgetattrrHAS_SNICHECK_HOSTNAME_SAFE IS_PYOPENSSLErrorSSLErrorr VERIFY_NONE CERT_OPTIONAL VERIFY_PEER CERT_REQUIREDVERIFY_FAIL_IF_NO_PEER_CERTr~dictitemsrrr WantReadErrorWantWriteErrorWantX509LookupErrorr6r% Connectionr(objectr]rerr&rrsc!0-/M#@+*<$$  **d$91=   ::$**d..d..1Q1QQ 8#.#4#4#688 ++T-E-EG .>t>B0F0]]r&