ó ¿öYc@@sWdZddlmZddlZdZdefd„ƒYZdd„Zd „ZdS( sHThe match_hostname() function from Python 3.2, essential when using SSL.i(tabsolute_importNs3.2.2tCertificateErrorcB@seZRS((t__name__t __module__(((sO/opt/alt/python27/lib/python2.7/site-packages/raven/utils/ssl_match_hostname.pyR sic C@sLg}|stS|jdƒ}|d}|jdƒ}||kr]tdt|ƒƒ‚n|sy|jƒ|jƒkS|dkr•|jdƒnY|jdƒs³|jdƒrÌ|jtj |ƒƒn"|jtj |ƒj ddƒƒx(|d D]}|jtj |ƒƒqùWtj d d j |ƒd tj ƒ}|j|ƒS( shMatching according to RFC 6125, section 6.4.3 http://tools.ietf.org/html/rfc6125#section-6.4.3 t.it*s,too many wildcards in certificate DNS name: s[^.]+sxn--s\*s[^.]*is\As\.s\Z(tFalsetsplittcountRtreprtlowertappendt startswithtretescapetreplacetcompiletjoint IGNORECASEtmatch( tdnthostnamet max_wildcardstpatstpartstleftmostt wildcardstfragtpat((sO/opt/alt/python27/lib/python2.7/site-packages/raven/utils/ssl_match_hostname.pyt_dnsname_matchs(   "&cC@s[|stdƒ‚ng}|jdd ƒ}xC|D];\}}|dkr4t||ƒr_dS|j|ƒq4q4W|sßxc|jddƒD]L}xC|D];\}}|dkr™t||ƒrÄdS|j|ƒq™q™WqŒWnt|ƒdkrtd|d jtt|ƒƒfƒ‚n;t|ƒdkrKtd ||d fƒ‚n td ƒ‚dS(s)Verify that *cert* (in decoded format as returned by SSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125 rules are followed, but IP addresses are not accepted for *hostname*. CertificateError is raised on failure. On success, the function returns nothing. sempty or no certificatetsubjectAltNametDNSNtsubjectt commonNameis&hostname %r doesn't match either of %ss, shostname %r doesn't match %ris=no appropriate commonName or subjectAltName fields were found((( t ValueErrortgetRR tlenRRtmapR (tcertRtdnsnamestsantkeytvaluetsub((sO/opt/alt/python27/lib/python2.7/site-packages/raven/utils/ssl_match_hostname.pytmatch_hostname@s2  %( t__doc__t __future__RR t __version__R"RRR,(((sO/opt/alt/python27/lib/python2.7/site-packages/raven/utils/ssl_match_hostname.pyts   2