5i9dZddlZddlZddlZddlZddlmZ ddlZ ddl m Z m Z  e j Z n#e$r e jZ YnwxYwn #e$rdZ YnwxYwddlZddlmZmZddlmZmZdd lmZGd d ZGd d eeZGddeeZGddZGddeZGddeZdS)a A library for integrating :doc:`pyOpenSSL ` with Cheroot. The :py:mod:`OpenSSL ` module must be importable for SSL/TLS/HTTPS functionality. You can obtain it from `here `_. To use this module, set :py:attr:`HTTPServer.ssl_adapter ` to an instance of :py:class:`ssl.Adapter `. There are two ways to use :abbr:`TLS (Transport-Level Security)`: Method One ---------- * :py:attr:`ssl_adapter.context `: an instance of :py:class:`SSL.Context `. If this is not None, it is assumed to be an :py:class:`SSL.Context ` instance, and will be passed to :py:class:`SSL.Connection ` on bind(). The developer is responsible for forming a valid :py:class:`Context ` object. This approach is to be preferred for more flexibility, e.g. if the cert and key are streams instead of files, or need decryption, or :py:data:`SSL.SSLv3_METHOD ` is desired instead of the default :py:data:`SSL.SSLv23_METHOD `, etc. Consult the :doc:`pyOpenSSL ` documentation for complete options. Method Two (shortcut) --------------------- * :py:attr:`ssl_adapter.certificate `: the file name of the server's TLS certificate. * :py:attr:`ssl_adapter.private_key `: the file name of the server's private key file. Both are :py:data:`None` by default. If :py:attr:`ssl_adapter.context ` is :py:data:`None`, but ``.private_key`` and ``.certificate`` are both given and valid, they will be read, and the context will be automatically created from them. .. spelling:: pyopenssl N)warn)SSLcrypto)errorsserver) StreamReader StreamWriter)AdaptercPeZdZdZdZdZdZfdZd fd ZfdZ fd Z xZ S) SSLFileobjectMixinz#Base mixin for a TLS socket stream.g{Gz?c:tj} ||i|S#tj$rtj|jYntj$rtj|jYntj$rO}|r|jdkrYd}~dS|jd}|r|tj vrYd}~dStj |d}~wtj $r}|r|jdkrYd}~dSd}tjt5|jddd}dddn #1swxYwY|dkr tjtj|jd}~wwxYwtj|z |jkrtjd) zWrap the given call with TLS error-trapping. is_reader: if False EOF errors will be raised. If True, EOF errors will return "" (to emulate normal sockets). T)zUnexpected EOFNrrz http requestz timed out)timer WantReadErrorsleep ssl_retryWantWriteError SysCallErrorargsrsocket_errors_to_ignoresocketerrorError contextlibsuppress IndexError NoSSLError FatalSSLAlert ssl_timeouttimeout) self is_readercallrkwargsstarteerrnumthirdargs K/home/kali/Ninja/venv/lib/python3.11/site-packages/cheroot/ssl/pyopenssl.py _safe_callzSSLFileobjectMixin._safe_callXs  # 2 4tT,V,,,$ + + +  4>*****% + + + 4>*****# + + ++A!A!A333336+I!I!I33333l6***9 4 4 4+A!A!A33333(44// vay|AH///////////////~-- ++*AF33 4y{{U"T%555n[111G# 2sc(E% 'E%2E% C C 6C  E% E /E  D0$ E 0D4 4E 7D4 8(E  E%cb|dtt|j|S)z*Receive message of a size from the socket.T)r.superrrecvr%size __class__s r-r1zSSLFileobjectMixin.recvs0  $d + + 0    rrcb|dtt|j|S)zReceive message of a size from the socket. Matches the following interface: https://docs.python.org/3/library/io.html#io.IOBase.readline T)r.r0rreadliner2s r-r6zSSLFileobjectMixin.readlines2   $d + + 4    rcX|jdtt|jg|Ri|S)z!Send whole message to the socket.F)r.r0rsendallr%rr(r4s r-r8zSSLFileobjectMixin.sendallsKt  $d + + 3        rcX|jdtt|jg|Ri|S)z(Send some part of message to the socket.F)r.r0rsendr9s r-r;zSSLFileobjectMixin.sendsKt  $d + + 0        r)r) __name__ __module__ __qualname____doc__r#rr.r1r6r8r; __classcell__r4s@r-rrQs--KI*2*2*2X                          rrceZdZdZdS)SSLFileobjectStreamReader,SSL file object attached to a socket object.Nr<r=r>r?rr-rCrC6666rrCceZdZdZdS)SSLFileobjectStreamWriterrDNrErFrr-rIrIrGrrIceZdZdZdZdS)SSLConnectionProxyMetaz2Metaclass for generating a bunch of proxy methods.c d}d d} fd}|D]}||||<|||_d}|D]} || || <t|||S)z.Attach a list of proxy methods to a new class.)" get_contextpendingr;writer1read renegotiatebindlistenconnectaccept setblockingfilenocloseget_cipher_list getpeername getsockname getsockopt setsockoptmakefile get_app_data set_app_data state_string sock_shutdownget_peer_certificate want_read want_writeset_connect_stateset_accept_state connect_exr8 settimeout gettimeoutshutdown)rk)familycfd}|S)&Create a proxy method for a new class.c|j vr |ddng}t|j||jS#|jwxYwN)_lockacquiregetattr _ssl_connrelease)r%rnew_argsmethodproxy_methods_no_argss r- proxy_wrapperzMSSLConnectionProxyMeta.__new__..lock_decorator..proxy_wrappers ""$$$)#)1F#F#FQQQB;74>6::HEJ&&((((DJ&&((((s 'AA8rF)rwryrxs` r-lock_decoratorz6SSLConnectionProxyMeta.__new__..lock_decorators* ) ) ) ) ) )! rc:fd}|_t|S)rnc.t|jSrp)rsrt)r% property_s r-proxy_prop_wrapperzQSSLConnectionProxyMeta.__new__..make_property..proxy_prop_wrapperst~y999r)r<property)r}r~s` r- make_propertyz5SSLConnectionProxyMeta.__new__..make_propertys6 : : : : :+4  '.// /r)r<type) mclnamebasesnmspc proxy_methods proxy_propsrzmrprxs @r-__new__zSSLConnectionProxyMeta.__new__s# H!.!  ! ! ! ! ! " "A%~a((E!H !E!H   0 0 0 ( (A$}Q''E!HHD%'''rN)r<r=r>r?rrFrr-rKrKs.<<K(K(K(K(K(rrKceZdZdZdZdS) SSLConnectionzA thread-safe wrapper for an ``SSL.Connection``. :param tuple args: the arguments to create the wrapped \ :py:class:`SSL.Connection(*args) \ ` c\tj||_tj|_dS)z"Initialize SSLConnection instance.N)r Connectionrt threadingRLockrq)r%rs r-__init__zSSLConnection.__init__ s#._&& rN)r<r=r>r?rrFrr-rrs-'''''rr) metaclasscxeZdZdZdZ dZ dZ dZ dZ dZ d ddfd Z dZ dZ dZ dZd Zdd ZxZS)pyOpenSSLAdapterz=A wrapper for integrating :doc:`pyOpenSSL `.Nprivate_key_passwordcttdtt||||||d|_dS)z$Initialize OpenSSL Adapter instance.Nz(You must install pyOpenSSL to use HTTPS.r)r ImportErrorr0rr_environ)r% certificate private_keycertificate_chainciphersrr4s r-rzpyOpenSSLAdapter.__init__,s] ;HII I %%..    !5 /    rc|j||_t|j|}||_|S)z!Wrap and return the given socket.)contextrMr get_environr)r%sockconns r-rRzpyOpenSSLAdapter.bindCsF < ++--DLT\400((**  rc8||jfS)z` ) rContext SSLv23_METHOD set_passwd_cbrruse_privatekey_filerrload_verify_locationsuse_certificate_filer)r%cs r-rMzpyOpenSSLAdapter.get_contextks K) * * /1JKKK d.///  ! < # #D$: ; ; ; t/000rc ddtjjdtjjdtjjdt jtjtj  d}|j rZt|j d5}tjtj|}dddn #1swxYwY|||d d |fd |ffD]\}}t-|d d }d|z}|||<|rk|d}|d|||dzd} }|d}|d|||dzd} }| r| r d|d| }| ||<|k|S)z;Return WSGI environ entries to be merged into each request.httpson /z Python/)zwsgi.url_schemeHTTPSSSL_VERSION_INTERFACESSL_VERSION_LIBRARYrbN)SSL_SERVER_M_VERSIONSSL_SERVER_M_SERIALISzSSL_SERVER_%s_DN=r SSL_SERVER__DN_)cheroot_server HTTPServerversionOpenSSL __title__ __version__sysrSSLeay_versionSSLEAY_VERSIONdecoderopenrload_certificate FILETYPE_PEMrPupdate get_versionget_serial_number get_issuer get_subjectrrfind) r% ssl_environ cert_filecertprefixdndnstrwsgikeyposvaluekeys r-rzpyOpenSSLAdapter.get_environysX ')111)))+++ &$'#5"$$fhh     ( 5d&-- .'NN$$                  ,0,<,<,>,>+/+A+A+C+C   doo''(d&&(() 5 5 B2,v5', G$5++c**C#(#;cAgii0@5E++c**C!&tteC!GII.>3E5u55;A6633"G/4 G,5s2CCCrrcd|vrtnt}tr=t|tr(||||}||_|Stj|||S)zReturn socket file object.r) rCrIrr ssl_conn_typerjr#r CP_fileobject)r%rmodebufsizeclswrapped_sockets r-r^zpyOpenSSLAdapter.makefileszd{{ & %*  ":dM22 " StW55N)-):):N &! !+D$@@@r)NN)rr)r<r=r>r?rrrrrrrrRrrrMrr^r@rAs@r-rrsGGK8K9> GG"A  ".***2   ;;;z A A A A A A A Arr) r?rrrrwarningsrrOpenSSL.versionrrrrrAttributeErrorConnectionTyperrrrrr^r r r rrCrIrKrrrFrr-rsd22h  """""" ########+ +++* + CCC21111111W W W W W W W W t77777 2L77777777 2L777N(N(N(N(N(N(N(N(b ' ' ' ' '4 ' ' ' 'qAqAqAqAqAwqAqAqAqAqAs, A/A >A>AA  A