관리-도구
편집 파일: ssl.cpython-312.opt-1.pyc
� �Q�f�� � �p � d Z ddlZddlZddlmZ ddlmZmZ m Z ddlmZ ddl Z ddl mZmZmZ ddl mZmZmZ ddl mZmZmZmZmZmZmZ dd l mZmZ dd l mZm Z m!Z! ddl m"Z" ddl m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z- dd l m.Z.m/Z/ e j` de1d� e �� ej` de1d� e �� e j` de1d� e �� e j` de1d� e �� ej` de1d� e �� e j` de1d� e �� e2jf xZ4e2_4 e2jj jm � D � �ci c] \ } }|| �� c}} Z7 e8e2dd� Z9 ee � G d� d� � Z: ee � G d� d� � Z; ee � G d � d!� � Z< ee � G d"� d#� � Z=ej| d$k( rdd%l m?Z?m@Z@ dd&lAmAZAmBZBmCZC dd'lAmDZDmEZEmFZF ddlAZGddlHZHddlIZIddlJZJeKZLd(gZM eNe d)� ZOe.ZPeZQd*� ZRd+� ZSd,� ZT ed-d.� ZUd/� ZV G d0� d1 ed1d2� � ZW G d3� d4eWe� ZX G d5� d6e� ZYeXj� fdddd7�d8�Z[dHe\d9eXj� dddddd:�d;�Z]e[Z^e]Z_ G d<� d=� Z`d>� Za G d?� d@eA� ZbebeY_c e`eY_d dA� ZedBZfdCZgdD� ZhdE� ZiejdeFfdF�ZkdG� Zly# e#$ r Y ��Jw xY wc c}} w )Ia� This module provides some more Pythonic support for SSL. Object types: SSLSocket -- subtype of socket.socket which does SSL over the socket Exceptions: SSLError -- exception raised for I/O errors Functions: cert_time_to_seconds -- convert time string used for certificate notBefore and notAfter functions to integer seconds past the Epoch (the time values returned from time.time()) get_server_certificate (addr, ssl_version, ca_certs, timeout) -- Retrieve the certificate from the server at the specified address and return it as a PEM-encoded string Integer constants: SSL_ERROR_ZERO_RETURN SSL_ERROR_WANT_READ SSL_ERROR_WANT_WRITE SSL_ERROR_WANT_X509_LOOKUP SSL_ERROR_SYSCALL SSL_ERROR_SSL SSL_ERROR_WANT_CONNECT SSL_ERROR_EOF SSL_ERROR_INVALID_ERROR_CODE The following group define certificate requirements that one side is allowing/requiring from the other side: CERT_NONE - no certificates from the other side are required (or will be looked at if provided) CERT_OPTIONAL - certificates are not required, but if provided will be validated, and if validation fails, the connection will also fail CERT_REQUIRED - certificates are required, and will be validated, and if validation fails, the connection will also fail The following constants identify various SSL protocol variants: PROTOCOL_SSLv2 PROTOCOL_SSLv3 PROTOCOL_SSLv23 PROTOCOL_TLS PROTOCOL_TLS_CLIENT PROTOCOL_TLS_SERVER PROTOCOL_TLSv1 PROTOCOL_TLSv1_1 PROTOCOL_TLSv1_2 The following constants identify various SSL alert message descriptions as per http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6 ALERT_DESCRIPTION_CLOSE_NOTIFY ALERT_DESCRIPTION_UNEXPECTED_MESSAGE ALERT_DESCRIPTION_BAD_RECORD_MAC ALERT_DESCRIPTION_RECORD_OVERFLOW ALERT_DESCRIPTION_DECOMPRESSION_FAILURE ALERT_DESCRIPTION_HANDSHAKE_FAILURE ALERT_DESCRIPTION_BAD_CERTIFICATE ALERT_DESCRIPTION_UNSUPPORTED_CERTIFICATE ALERT_DESCRIPTION_CERTIFICATE_REVOKED ALERT_DESCRIPTION_CERTIFICATE_EXPIRED ALERT_DESCRIPTION_CERTIFICATE_UNKNOWN ALERT_DESCRIPTION_ILLEGAL_PARAMETER ALERT_DESCRIPTION_UNKNOWN_CA ALERT_DESCRIPTION_ACCESS_DENIED ALERT_DESCRIPTION_DECODE_ERROR ALERT_DESCRIPTION_DECRYPT_ERROR ALERT_DESCRIPTION_PROTOCOL_VERSION ALERT_DESCRIPTION_INSUFFICIENT_SECURITY ALERT_DESCRIPTION_INTERNAL_ERROR ALERT_DESCRIPTION_USER_CANCELLED ALERT_DESCRIPTION_NO_RENEGOTIATION ALERT_DESCRIPTION_UNSUPPORTED_EXTENSION ALERT_DESCRIPTION_CERTIFICATE_UNOBTAINABLE ALERT_DESCRIPTION_UNRECOGNIZED_NAME ALERT_DESCRIPTION_BAD_CERTIFICATE_STATUS_RESPONSE ALERT_DESCRIPTION_BAD_CERTIFICATE_HASH_VALUE ALERT_DESCRIPTION_UNKNOWN_PSK_IDENTITY � N)� namedtuple)�Enum�IntEnum�IntFlag)�_simple_enum)�OPENSSL_VERSION_NUMBER�OPENSSL_VERSION_INFO�OPENSSL_VERSION)�_SSLContext� MemoryBIO� SSLSession)�SSLError�SSLZeroReturnError�SSLWantReadError�SSLWantWriteError�SSLSyscallError�SSLEOFError�SSLCertVerificationError)�txt2obj�nid2obj)�RAND_status�RAND_add� RAND_bytes)�RAND_egd) �HAS_SNI�HAS_ECDH�HAS_NPN�HAS_ALPN� HAS_SSLv2� HAS_SSLv3� HAS_TLSv1�HAS_TLSv1_1�HAS_TLSv1_2�HAS_TLSv1_3)�_DEFAULT_CIPHERS�_OPENSSL_API_VERSION� _SSLMethodc �2 � | j d� xr | dk7 S )N� PROTOCOL_�PROTOCOL_SSLv23�� startswith��names �*/opt/alt/python312/lib64/python3.12/ssl.py�<lambda>r0 } s � �����-�K�$�:K�2K�K� )�source�Optionsc �$ � | j d� S )N�OP_r+ r- s r/ r0 r0 � s � �����'r1 �AlertDescriptionc �$ � | j d� S )N�ALERT_DESCRIPTION_r+ r- s r/ r0 r0 � s � ����!5�6r1 �SSLErrorNumberc �$ � | j d� S )N� SSL_ERROR_r+ r- s r/ r0 r0 � s � �����.r1 �VerifyFlagsc �$ � | j d� S )N�VERIFY_r+ r- s r/ r0 r0 � s � �����+r1 � VerifyModec �$ � | j d� S )N�CERT_r+ r- s r/ r0 r0 � s � �����)r1 �PROTOCOL_SSLv2c � � e Zd Zej Zej Zej Z ej Zej Z ej Zej Zy)� TLSVersionN)�__name__� __module__�__qualname__�_ssl�PROTO_MINIMUM_SUPPORTED�MINIMUM_SUPPORTED�PROTO_SSLv3�SSLv3�PROTO_TLSv1�TLSv1� PROTO_TLSv1_1�TLSv1_1� PROTO_TLSv1_2�TLSv1_2� PROTO_TLSv1_3�TLSv1_3�PROTO_MAXIMUM_SUPPORTED�MAXIMUM_SUPPORTED� r1 r/ rD rD � sQ � ��4�4�����E����E�� � �G�� � �G�� � �G��4�4�r1 rD c �( � e Zd ZdZdZdZdZdZdZdZ y) �_TLSContentTypez@Content types (record layer) See RFC 8446, section B.1 � � � � � � N) rE rF rG �__doc__�CHANGE_CIPHER_SPEC�ALERT� HANDSHAKE�APPLICATION_DATA�HEADER�INNER_CONTENT_TYPErW r1 r/ rY rY � s* � �� ���E��I��� �F��r1 rY c � � e Zd ZdZdZdZdZdZdZdZ dZ d Zd ZdZ dZd ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!d Z"d!Z#d"Z$d#Z%y$)%� _TLSAlertTypezQAlert types for TLSContentType.ALERT messages See RFC 8466, section B.2 r � rZ r[ r\ � �( �) �* �+ �, �- �. �/ �0 �1 �2 �3 �<