U eJ#@sddlmZddlZddlZddlZddlZddlmZejrZddlm Z ddl m Z m Z ej dd d ZejeefZe d Zd ZGd d d ZdS)) annotationsN)ProxySchemeUnsupported)Literal)_TYPE_PEER_CERT_RET_TYPE_PEER_CERT_RET_DICT_SelfT SSLTransport)bound _ReturnValuei@c @sBeZdZdZedddddZdnd dd d dd d dZdddddZdddddZddddZ dodddddd Z dpdddd"d#d$Z dqd%d&dd'd(d)d*Z drd+ddd,d-d.Z dsd+ddd,d/d0Zdtdddd1d2d&d d d d3d4d5d6Zddd7d8Zddd9d:Zejdudd?d@ZejdAdBd>dCd@Zdvd dEd>dFd@Zd ddGdHZdIddJdKZd ddLdMZd ddNdOZdPddQdRZd ddSdTZdUddVdWdXZdUddYdZZddd[d\Zdwdd]ddd^d_Zejd`ddadbdcZejddd+ddedfdcZejdgdd]d+dhdidcZdxdjdkd]dldhdmdcZdS)yr aL The SSLTransport wraps an existing socket and establishes an SSL connection. Contrary to Python's implementation of SSLSocket, it allows you to chain multiple TLS connections together. It's particularly useful if you need to implement TLS within TLS. The class supports most of the socket API operations. zssl.SSLContextNone) ssl_contextreturncCst|dstddS)z Raises a ProxySchemeUnsupported if the provided ssl_context can't be used for TLS in TLS. The only requirement is that the ssl_context provides the 'wrap_bio' methods. wrap_biozXTLS in TLS requires SSLContext.wrap_bio() which isn't available on non-native SSLContextN)hasattrr)rrG/opt/hc_python/lib/python3.8/site-packages/urllib3/util/ssltransport.py$_validate_ssl_context_for_tls_in_tls"s z1SSLTransport._validate_ssl_context_for_tls_in_tlsNTz socket.socketz str | Nonebool)socketrserver_hostnamesuppress_ragged_eofsrcCsHt|_t|_||_||_|j|j|j|d|_||jj dS)zV Create an SSLTransport around socket using the provided ssl_context. )rN) ssl MemoryBIOincomingoutgoingrrrsslobj _ssl_io_loop do_handshake)selfrrrrrrr__init__2s  zSSLTransport.__init__r )r rcCs|SNrr rrr __enter__IszSSLTransport.__enter__z typing.Any)_rcGs |dSr")close)r r%rrr__exit__LszSSLTransport.__exit__int)rcCs |jSr")rfilenor#rrrr)OszSSLTransport.filenoztyping.Any | Nonez int | bytes)lenbufferrcCs |||Sr")_wrap_ssl_read)r r+r,rrrreadRszSSLTransport.readr)buflenflagsrcCs|dkrtd||S)Nrz+non-zero flags not allowed in calls to recv) ValueErrorr-)r r/r0rrrrecvUszSSLTransport.recv _WriteBufferz int | NonezNone | int | bytes)r,nbytesr0rcCs,|dkrtd|dkr t|}|||S)Nrz0non-zero flags not allowed in calls to recv_into)r1r+r.)r r,r4r0rrr recv_intoZs zSSLTransport.recv_intobytes)datar0rc Csn|dkrtdd}t|H}|d2}t|}||krV|||d}||7}q2W5QRXW5QRXdS)Nrz.non-zero flags not allowed in calls to sendallB)r1 memoryviewcastr+send)r r7r0countview byte_viewamountvrrrsendallfszSSLTransport.sendallcCs |dkrtd||jj|S)Nrz+non-zero flags not allowed in calls to send)r1rrwrite)r r7r0rrrr;pszSSLTransport.send)encodingerrorsnewlinestrz1typing.BinaryIO | typing.TextIO | socket.SocketIO)mode bufferingrCrDrErc Cst|dddhks"td|dd|k}d|kp6| }|sD|sDtd|k}d} |r\| d7} |rh| d7} t|| } |jjd7_|dkrd }|d krtj}|d kr|std | S|r|rt| | |} n&|rt | |} n|stt | |} |r| St | |||} || _ | S) a Python's httpclient uses makefile and buffered io when reading HTTP messages and we need to support it. This is unfortunately a copy and paste of socket.py makefile with small changes to point to the socket directly. rwbz invalid mode z (only r, w, b allowed)rNrz!unbuffered streams must be binary) setr1AssertionErrorrSocketIO_io_refsioDEFAULT_BUFFER_SIZEBufferedRWPairBufferedReaderBufferedWriter TextIOWrapperrG) r rGrHrCrDrEwritingreadingbinaryrawmoderawr,textrrrmakefileus@   zSSLTransport.makefilecCs||jjdSr")rrunwrapr#rrrr_szSSLTransport.unwrapcCs|jdSr")rr&r#rrrr&szSSLTransport.close.zLiteral[False]z_TYPE_PEER_CERT_RET_DICT | None) binary_formrcCsdSr"rr r`rrr getpeercertszSSLTransport.getpeercertz Literal[True]z bytes | NonecCsdSr"rrarrrrbsFrcCs |j|Sr")rrbrarrrrbscCs |jSr")rversionr#rrrrcszSSLTransport.versionztuple[str, str, int] | NonecCs |jSr")rcipherr#rrrrdszSSLTransport.ciphercCs |jSr")rselected_alpn_protocolr#rrrresz#SSLTransport.selected_alpn_protocolcCs |jSr")rselected_npn_protocolr#rrrrfsz"SSLTransport.selected_npn_protocolz!list[tuple[str, str, int]] | NonecCs |jSr")rshared_ciphersr#rrrrgszSSLTransport.shared_cipherscCs |jSr")r compressionr#rrrrhszSSLTransport.compressionz float | None)valuercCs|j|dSr")r settimeout)r rirrrrjszSSLTransport.settimeoutcCs |jSr")r gettimeoutr#rrrrkszSSLTransport.gettimeoutcCs|jdSr")r_decref_socketiosr#rrrrlszSSLTransport._decref_socketioszbytearray | Nonec Cs\z||jj||WStjk rV}z"|jtjkrD|jrDWY dSW5d}~XYnXdS)Nr)rrr.rSSLErrorerrno SSL_ERROR_EOFr)r r+r,errrr-s  zSSLTransport._wrap_ssl_readztyping.Callable[[], None])funcrcCsdSr"r)r rqrrrrszSSLTransport._ssl_io_loopztyping.Callable[[bytes], int])rqarg1rcCsdSr"r)r rqrrrrrrsz/typing.Callable[[int, bytearray | None], bytes])rqrrarg2rcCsdSr"r)r rqrrrsrrrrsz"typing.Callable[..., _ReturnValue]zNone | bytes | intr c Csd}d}|rd}z8|dkr*|dkr*|}n|dkr<||}n |||}Wn@tjk r}z |jtjtjfkrr||j}W5d}~XYnX|j}|j||dkrd}q|tjkr|j t }|r|j |q|j qtt|S)z>Performs an I/O loop between incoming/outgoing and the socket.TNF)rrmrnSSL_ERROR_WANT_READSSL_ERROR_WANT_WRITErr.rrAr2 SSL_BLOCKSIZErrB write_eoftypingr:r ) r rqrrrs should_loopretrnrpbufrrrrs0      )NT)r*N)r*r)Nr)r)r)N).)F)N)NN) __name__ __module__ __qualname____doc__ staticmethodrr!r$r'r)r.r2r5rAr;r^r_r&rxoverloadrbrcrdrerfrgrhrjrkrlr-rrrrrr sb   4  ) __future__rrRrrrx exceptionsr TYPE_CHECKINGrssl_rrTypeVarr Union bytearrayr9r3r rvr rrrrs