bg&XddlmZddlZddlZddlZddlZddlZddlZddlZddl Z ddl m Z ddl m Z ddl mZddlmZejrddlmZdd lmZdd lmZdd lmZdd lmZdd lmZddlmZm Z m!Z!ddl"m#Z#ddl$m%Z% ddl&Z&e&j'Z(n#e)e*f$rdZ&Gdde+Z(YnwxYwddl,m-Z-ddl,m.Z.ddl,m/Z/ddl0m1Z1ddl2m3Z3m4Z4m5Z5m6Z6m7Z7m8Z8ddl9m:Z:m;Z;mm?Z?ddlm@ZAddlmBZBmCZCmDZDmEZEmFZFddlGmHZHmIZIddlJmKZKeLZLeMZMejNeOZPddd ZQejRd!ddZSejTd"ZUeVed#ZWGd$d%e Z Gd&d'e ZXGd(d)ejYZZd*d+dYdEZ[ dZd[dLZ\d\dQZ]d]dRZ^GdSdTZ_e&se_ZXeXZ` d^d_dXZadS)`) annotationsN)HTTPConnection) HTTPException)ResponseNotReadytimeout)Literal HTTPResponse)_TYPE_PEER_CERT_RET_DICT) SSLTransport)HTTPHeaderDict)assert_header_parsing)_DEFAULT_TIMEOUT _TYPE_TIMEOUTTimeout)to_str) wait_for_readceZdZdS) BaseSSLErrorN)__name__ __module__ __qualname__I/opt/cloudlinux/venv/lib64/python3.11/site-packages/urllib3/connection.pyrr$s rr) _TYPE_BODY) ProxyConfig)_ResponseOptions __version__)ConnectTimeoutErrorHeaderParsingErrorNameResolutionErrorNewConnectionError ProxyErrorSystemTimeWarning) SKIP_HEADERSKIPPABLE_HEADERS connectionssl_)body_to_chunks)assert_fingerprint)create_urllib3_context is_ipaddressresolve_cert_reqsresolve_ssl_versionssl_wrap_socket)CertificateErrormatch_hostname)UrlPihttphttpsiz[^-!#$%&'*+.^_`|~0-9a-zA-Z]auditceZdZUdZedZded<ejej dfgZ ded<dZ d ed <d Z d ed <ded<ded<ded<d ed<ded<ded<ded<ded< dMe d de d d ddNfd*ZedOd+ZejdPd-ZdQd/Z dRdSfd3 ZdTd4ZedUd5ZedUd6ZedUd7ZdTfd8 Z dVdWfd= ZdXfd@ Z dYddAdAdAdBdZdIZ dYd[dJZd\fdL ZxZS)]ra Based on :class:`http.client.HTTPConnection` but provides an extra constructor backwards-compatibility layer between older and newer Pythons. Additional keyword parameters are used to configure attributes of the connection. Accepted parameters include: - ``source_address``: Set the source address for the current connection. - ``socket_options``: Set specific options on the underlying socket. If not specified, then defaults are loaded from ``HTTPConnection.default_socket_options`` which includes disabling Nagle's algorithm (sets TCP_NODELAY to 1) unless the connection is behind a proxy. For example, if you wish to enable TCP Keep Alive in addition to the defaults, you might pass: .. code-block:: python HTTPConnection.default_socket_options + [ (socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1), ] Or you may want to disable the defaults by passing an empty list (e.g., ``[]``). r9ztyping.ClassVar[int] default_portr z0typing.ClassVar[connection._TYPE_SOCKET_OPTIONS]default_socket_optionsFbool is_verifiedNz bool | Noneproxy_is_verifiedint blocksizetuple[str, int] | Nonesource_addressz&connection._TYPE_SOCKET_OPTIONS | Nonesocket_options_has_connected_to_proxyz_ResponseOptions | None_response_options str | None _tunnel_host int | None _tunnel_port_tunnel_scheme )rrErCrFproxy proxy_confighoststrportrr&None | connection._TYPE_SOCKET_OPTIONSrO Url | NonerPProxyConfig | NonereturnNonect||tj|||||_||_||_d|_d|_d|_ d|_ d|_ dS)N)rQrSrrErCF) super__init__rresolve_default_timeoutrFrOrPrGrHrJrLrM) selfrQrSrrErCrFrOrP __class__s rr[zHTTPConnection.__init__s 3G<<)    - (',$!%(,(,*.rc6|jdS)a Getter method to remove any trailing dots that indicate the hostname is an FQDN. In general, SSL certificates don't include the trailing dot indicating a fully-qualified domain name, and thus, they don't validate properly when checked against a domain name that includes the dot. In addition, some servers may not expect to receive the trailing dot when provided. However, the hostname with trailing dot is critical to DNS resolution; doing a lookup with the trailing dot will properly only resolve the appropriate FQDN, whereas a lookup without a trailing dot will search the system's search domain list. Thus, it's important to keep the original host around for use only in those cases where it's appropriate (i.e., when doing DNS lookup to establish the actual TCP connection across which we're going to send HTTP requests). .) _dns_hostrstripr]s rrQzHTTPConnection.hosts"~$$S)))rvaluec||_dS)z Setter for the `host` property. We assume that only urllib3 uses the _dns_host attribute; httplib itself only uses `host`, and it seems reasonable that other libraries follow suit. N)ra)r]rds rrQzHTTPConnection.hostsr socket.socketc  tj|j|jf|j|j|j}n~#tj$r}t|j |||d}~wt$r'}t|d|j d|jd|d}~wt$r}t|d||d}~wwxYwtr!t!jd||j |j|S)zoEstablish a socket connection and set nodelay settings on it. :return: New socket connection. )rErFNzConnection to z timed out. (connect timeout=)z&Failed to establish a new connection: zhttp.client.connect)r+create_connectionrarSrrErFsocketgaierrorr%rQ SocketTimeoutr#OSErrorr&_HAS_SYS_AUDITsysr;)r]sockes r _new_connzHTTPConnection._new_conns)  /+ #2#2 DD  A A A%diq99q @   %XXXXXX     $BqBB    I I+T49di H H H s-36B1A B1)"B  B1B,,B1headerstyping.Mapping[str, str] | Noneschemec|dvrtd|dt|||||_dS)Nr8z$Invalid proxy scheme for tunneling: z", must be either 'http' or 'https')rSrs) ValueErrorrZ set_tunnelrM)r]rQrSrsrur^s rrxzHTTPConnection.set_tunnels` * * *cvccc  4dG<<<$rc||_|jrd|_|t |j|_dS)NT)rrrprJrG_tunnelr?rOrcs rconnectzHTTPConnection.connectsONN$$   +/D ( LLNNN (,DJ'7'7$$$rc|jduSN)rprcs r is_closedzHTTPConnection.is_closedsyD  rcB|jdSt|jd S)NFgr)rprrcs r is_connectedzHTTPConnection.is_connecteds' 9 5 C88888rc|jSr})rGrcs rhas_connected_to_proxyz%HTTPConnection.has_connected_to_proxy s ++rc4 td|_d|_d|_d|_d|_d|_d|_d|_ dS#d|_d|_d|_d|_d|_d|_d|_d|_ wxYw)NF) rZcloserpr@rArGrHrJrLrM)r]r^s rrzHTTPConnection.closes ' GGMMOOODI$D %)D "+0D (%)D " $D  $D "&D   DI$D %)D "+0D (%)D " $D  $D "&D  & & & &s A:Bmethodurl skip_hostskip_accept_encodingct|}|r(td|d|dt ||||S)z+Method cannot contain non-token characters z (found at least rh)rr)_CONTAINS_CONTROL_CHAR_REsearchrwgrouprZ putrequest)r]rrrrmatchr^s rrzHTTPConnection.putrequests*0088  kfkkY^YdYdYfYfkkk ww!! C9CW"   rheadervaluescJtd|Dstj|g|RdSt|t vrDddtt D}td|ddS)rc3VK|]$}t|to |tkV%dSr}) isinstancerRr)).0vs r z+HTTPConnection.putheader..3s6KKq:a%%:!{*:KKKKKKrz', 'cBg|]}t|Sr)rRtitle)rrs r z,HTTPConnection.putheader..7s$KKKv6""KKKrz(urllib3.util.SKIP_HEADER only supports ''N) anyrZ putheaderrlowerr*joinsortedrw)r]rrskippable_headersr^s rrzHTTPConnection.putheader1sKKFKKKKK  EGG f .v . . . . . . FLLNN # #+< < < & KK8I1J1JKKK!! O;LOOO  = .bs2CCaqwwyy 1 1CCCCCCrzaccept-encodingrQ)rr)rrCztransfer-encodingzTransfer-Encodingrzcontent-lengthFTzContent-Lengthz user-agentz User-Agentzutf-8s%x %b s0 )rp settimeoutrr rH frozensetrr-rCchunkscontent_lengthrrR_get_default_user_agentitems endheadersrencodesendlen)r]rrrrsrrrr header_keysrr chunks_and_clrrrrdchunks rrequestzHTTPConnection.request?s 9 I  . . ."2!+)#9 " " "  ?GCC7CCCCC 0K?k)   C.Bi    'tFdnUUU %&5  J"+552I>>>  ;..$ 33 !))"&':IFFFNN#3S5H5HIII { * * NN<)@)B)B C C C$]]__ * *MFE NN65 ) ) ) )    % %eS))2!LL11E%IIoUU0CCDDDDIIe$$$$  $ IIl # # # # # $ $rcrtjdtd|||||ddS)z Alternative to the common request method, which sends the body with chunked encoding and not as one block zHTTPConnection.request_chunked() is deprecated and will be removed in urllib3 v2.1.0. Instead use HTTPConnection.request(..., chunked=True).category stacklevelT)rrsrN)warningswarnDeprecationWarningr)r]rrrrss rrequest_chunkedzHTTPConnection.request_chunkedsM   X'     VStWd KKKKKrr c j|jt|j}d|_|j|jddlm}t} t|j nO#ttf$r;}tdt||j|dYd}~nd}~wwxYwt#|j }||||j|j|j|j|j||j|j|j }|S)a Get the response from the server. If the HTTPConnection is in the correct state, returns an instance of HTTPResponse or of whatever object is returned by the response_class variable. If a request has not been sent or if a previous response has not be handled, ResponseNotReady is raised. If the HTTP response indicates that the connection should be closed, then it will be closed before the response is returned. When the connection is closed, the underlying socket is closed. Nr r z$Failed to parse headers (url=%s): %sT)exc_info) rrsstatusversionreasonrroriginal_responserrr)rHrrprrresponser rZ getresponsermsgr$ TypeErrorlogwarning_url_from_connectionrrrrrrrrrr)r] resp_optionsr httplib_responsehpersrr^s rrzHTTPConnection.getresponsesr  ! )"$$ $- !% T\*** +*****!77..00  !"2"6 7 7 7 7"I.    KK6$T<+CDD          !!1!5!;!;!=!=>><!#*$,#*(8'6.#/#F'6$0    s+BC 1CC r})rQrRrSrKrrrErDrCrBrFrTrOrUrPrVrWrXrWrR)rdrRrWrX)rWrf)NNr9) rQrRrSrKrsrtrurRrWrXrWrX)rWr?)FF) rrRrrRrr?rr?rWrX)rrRrrRrWrX)NN)rrRrrRrrrsrtrr?rr?rr?rr?rWrX) rrRrrRrrrsrtrWrX)rWr )rrr__doc__port_by_schemer=__annotations__rj IPPROTO_TCP TCP_NODELAYr>r@rArr[propertyrQsetterrrrxr{r~rrrrrrrr __classcell__r^s@rrrSs"0*8)?L????  V/3P K&*))))NNN****::::!!!!....  / "215.D +/////////F***X*$ [[D 37 % % % % % % % 8 8 8 8!!!X!999X9 ,,,X, ' ' ' ' ' '& %*        (      $#'37 _$ $#'+_$_$_$_$_$_$J#'37 LLLLL&5555555555rrc eZdZUdZedZdZded<dZded<dZ ded<dZ d ed <dZ ded <dZ d ed <dZ d ed<dZded< d3eddejdddddddddddddddddd4fd+Z d5d6d,Zd7d-Zd8d2ZxZS)9HTTPSConnectionz Many of the parameters to this constructor are passed to the underlying SSL socket by means of :py:func:`urllib3.util.ssl_wrap_socket`. r:Nint | str | None cert_reqsrIca_certs ca_cert_dirNone | str | bytes ca_cert_data ssl_versionrKssl_minimum_versionssl_maximum_versionr.rN)rrErCrFrOrPrassert_hostnamer.server_hostname ssl_contextrrrrrr cert_filekey_file key_passwordrQrRrSrrrErDrCrBrFrTrOrUrPrVrNone | str | Literal[False]rrssl.SSLContext | NonerrrrWrXc t||||||||||_||_||_| |_| |_| |_| |_||_ ||_ ||_ |otj ||_|otj ||_||_| #|j |jj} nt'd} | |_dS)N)rSrrErCrFrOrP)rZr[rrrrrrr.rrrospath expanduserrrr verify_moder1r)r]rQrSrrErCrFrOrPrrr.rrrrrrrrrrrr^s rr[zHTTPSConnection.__init__s6  ))%  ! "(&.."4&#6 #6  ARW%7%7%A%A &J27+=+=k+J+J(  + ,8 -d33 "rc tjdtd|#|j |jj}nt d}||_||_||_||_ ||_ ||_ |otj ||_|otj ||_| |_dS)zX This method should only be called once, before the connection is used. zHTTPSConnection.set_cert() is deprecated and will be removed in urllib3 v2.1.0. Instead provide the parameters to the HTTPSConnection constructor.rrN)rrrrrr1rrrrrr.rrrrrr) r]rrrrrrr.rrs rset_certzHTTPSConnection.set_cert8s   +(       + ,8 -d33   ""(."4 ARW%7%7%A%A &J27+=+=k+J+J(rc |x|_}|j}d}|jQ|jdkr$||j|x|_}d}d|_||j}|j|j}tj tk}|r#tjdtdtt!did|d|jd|jd |jd |jd |jd |jd |jd|jd|jd|jd|d|jd|d|jd|j}|j|_|j|_tA|j!|_dS)NFr:TzSystem time is way off (before z5). This will probably lead to SSL verification errorsrprrrrrrrrrrrr tls_in_tlsrr.r)"rrrprQrJrM_connect_tls_proxyrGrzrdatetimedatetoday RECENT_DATErrr(#_ssl_wrap_socket_and_match_hostnamerrrrrrrrrrrrr.rjr@r?rO)r]rprr is_time_offsock_and_verifieds rr{zHTTPSConnection.connectas>>+++ D#y    ("g--#'#:#:49d#K#KK D! ,0D ( LLNNN"/O   +"2Om))++k9   M6k666"    @    nn (( !% 8 8  !% 8 8  ]]  (( ** nn ]] ** ,O (( "z !00 $66! $&, ,8 (,DJ'7'7$$$rhostnamerprf ssl.SSLSocketctjt|j}|j}t |f|j|j|j|j |j |j |j |||j |jddddd}|j|_|jS)zY Establish a TLS connection to the proxy using the provided SSL context. NF)rrrrrrrrrrr.rrrr)typingcastrrPrrrrrrrrrrr.r@rArj)r]rrprPrrs rrz"HTTPSConnection._connect_tls_proxys {;0ABB ". ?  n( $ 8 $ 8](*$#(8+>#   &"3!> ''rr}).rQrRrSrKrrrErDrCrBrFrTrOrUrPrVrrrrr.rIrrIrrrrIrrIrrrrKrrKrrrrIrrIrrIrWrX) NNNNNNNNN)rrIrrIrrrrIrrIrrr.rIrrIrrrWrXr)rrRrprfrWr)rrrrrr=rrrrrrrrr.rrr>r[rr{rrrs@rrrs "'*L"&I&&&&H"K""""'+L++++$(K((((&*****&*****%)))))  :# "215.<.S +/&*7;)-&*-1#"&+/*.*.(, $##'3:#:#:#:#:#:#:#:#| $ $&*#'#7;)-"&+/')')')')')R98989898v((((((((rrc(eZdZUdZded<ded<dS)_WrappedAndVerifiedSocketz[ Wrapped socket and whether the connection is verified after the TLS handshake zssl.SSLSocket | SSLTransportrjr?r@N)rrrrrrrrr r s6 )(((rr F)rrprfrNone | str | intrrrKrrrIrrrrrrrrr.rrrrr?rWc d}|0d}tt|||t|}n|}t||_| s| s| dustjs tjsd|_|s*| s(| s&|r$t|dr| | G| d}d|vr|d| d}t|r|} t|||||| | | || } | r%t|d | n_|jt jkrJ|jsC| dur?|}|rd}nt%|d dpd}t'|| p| |t)||jt jkpt-|  S#t.$r|wxYw) a2Logic for constructing an SSLContext from all TLS parameters, passing that down into ssl_wrap_socket, and then doing certificate verification either via hostname or fingerprint. This function exists to guarantee that both proxies and targets have the same behavior when connecting via TLS. FNT)rrrrload_default_certs[]%) rpkeyfilecertfilerrrrrrr) binary_formhostname_checks_common_name)rjr@)r/r2r1rr, IS_PYOPENSSLHAS_NEVER_CHECK_COMMON_NAMEcheck_hostnamehasattrr striprfindr0r3_assert_fingerprint getpeercertssl CERT_NONEgetattr_match_hostnamer  CERT_REQUIREDr? BaseExceptionr)rprrrrrrrrrrrr.rrrdefault_ssl_contextcontext normalizedssl_sockcertrs rrrs0 "(+K88 3 3' 22    +I66G  '  ' e # #   $/ $ "' %%% % G1 2 2 % ""$$$ "$**400 *  #$;j&6&6s&;&;$;>3C3C D DEE"22 2 !1 1  (  \!5 Y,':Q:Q  WY \ \ G G NrcdtS)Nzpython-urllib3/r!rrrrrts *[ * **rceZdZdZdS)DummyConnectionz-Used to detect a failed ConnectionCls import.N)rrrrrrrr:r:xs7777rr:conn HTTPConnection | HTTPSConnectionrcxt|trdnd}t||j|j|jS)zUReturns the URL from a given connection. This is mainly used for testing and logging.r:r9)rurQrSr)rrr6rQrSr)r;rrus rrrs: #499 EWWvF f49494 H H H LLr)"rprfrr rr rrKrrKrrIrrIrrIrrIrrIrrrrr.rIrrIrrrr?rWr )F)r%r&r'rRrr?rWrX)r+r,r-rIrWr'rr})r;r<rrIrWrR)b __future__rrloggingrr0rjrorr http.clientr_HTTPConnectionrrrrl TYPE_CHECKINGtyping_extensionsr rr util.ssl_r util.ssltransportr _collectionsr util.responser util.timeoutrrr util.utilr util.waitrrSSLErrorr ImportErrorAttributeErrorr _base_connectionrrr _versionr" exceptionsr#r$r%r&r'r(utilr)r*r+r, util.requestr-r.rr/r0r1r2r3util.ssl_match_hostnamer4r5util.urlr6ConnectionErrorBrokenPipeError getLoggerrrrrrcompilerrrnr NamedTupler rrr7rr:VerifiedHTTPSConnectionrrrrr[s"""""" 999999666666((((((++++++ 0))))))&&&&&&333333//////((((((000000BBBBBBBBBB$$$$$$ JJJ