PowerToys/PythonHome/Lib/ssl.pyc

<03>
<EFBFBD>W`Sc
@s/dZd
dl
Z
d
dlZd
dlmZmZmZ
d
dlmZ
d
dlmZmZm	Z	
d
dlm
Z
mZmZ
d
dlm
Z
mZmZmZmZmZmZmZmZ
d
dlmZmZmZ
id	e6d
e6de6Zyd
dlmZ
eZWnek
r,



eZnXd
ee<d
dlmZmZm Z m!Z"
d
dlm#Z$
d
dlm%Z%m&Z&m'Z'
d
dl(Z(d
dl)Z)dZ*def
d<00><00>YZ+eee,eeee-e-ed<00>	Z.d<00>Z/dZ0dZ1d<00>Z2d<00>Z3eed<00>Z4d<00>Z5eed<00>Z6dS(sThis module provides some more Pythonic support for SSL.

Object types:

  SSLSocket -- subtype of socket.socket which does SSL over the socket

Exceptions:

  SSLError -- exception raised for I/O errors

Functions:

  cert_time_to_seconds -- convert time string used for certificate
                          notBefore and notAfter functions to integer
                          seconds past the Epoch (the time values
                          returned from time.time())

  fetch_server_certificate (HOST, PORT) -- fetch the certificate provided
                          by the server running on HOST at port PORT.  No
                          validation of the certificate is performed.

Integer constants:

SSL_ERROR_ZERO_RETURN
SSL_ERROR_WANT_READ
SSL_ERROR_WANT_WRITE
SSL_ERROR_WANT_X509_LOOKUP
SSL_ERROR_SYSCALL
SSL_ERROR_SSL
SSL_ERROR_WANT_CONNECT

SSL_ERROR_EOF
SSL_ERROR_INVALID_ERROR_CODE

The following group define certificate requirements that one side is
allowing/requiring from the other side:

CERT_NONE - no certificates from the other side are required (or will
            be looked at if provided)
CERT_OPTIONAL - certificates are not required, but if provided will be
                validated, and if validation fails, the connection will
                also fail
CERT_REQUIRED - certificates are required, and will be validated, and
                if validation fails, the connection will also fail

The following constants identify various SSL protocol variants:

PROTOCOL_SSLv2
PROTOCOL_SSLv3
PROTOCOL_SSLv23
PROTOCOL_TLSv1
i<EFBFBD><EFBFBD><EFBFBD><EFBFBD>N(tOPENSSL_VERSION_NUMBERtOPENSSL_VERSION_INFOtOPENSSL_VERSION(
tSSLError(t	CERT_NONEt
CERT_OPTIONALt
CERT_REQUIRED(tRAND_statustRAND_egdtRAND_add(	tSSL_ERROR_ZERO_RETURNtSSL_ERROR_WANT_READtSSL_ERROR_WANT_WRITEtSSL_ERROR_WANT_X509_LOOKUPtSSL_ERROR_SYSCALLt
SSL_ERROR_SSLtSSL_ERROR_WANT_CONNECTt
SSL_ERROR_EOFtSSL_ERROR_INVALID_ERROR_CODE(tPROTOCOL_SSLv3tPROTOCOL_SSLv23tPROTOCOL_TLSv1tTLSv1tSSLv23tSSLv3(
tPROTOCOL_SSLv2tSSLv2(tsockett_fileobjectt_delegate_methodsterror(
tgetnameinfo(t
SOL_SOCKETtSO_TYPEtSOCK_STREAMs)DEFAULT:!aNULL:!eNULL:!LOW:!EXPORT:!SSLv2t	SSLSocketc
Bs
eZ
dZddeeedeedd
<00>	Zdd<00>
Z	d<00>Z
ed<00>
Zd<00>Zdd<00>
Z
dd	<00>
Zdd
<00>
Zddd<00>Zddd<00>Zddd
<00>Zddd<00>Zd<00>Zd<00>Zd<00>Zd<00>Zd<00>Zd<00>Zd<00>Zd<00>Zd<00>Zddd<00>ZRS(s<>This class implements a subtype of socket.socket that wraps
    the underlying OS socket in an SSL context when necessary, and
    provides read and write methods over that channel.c
Cs<>
|
jt
t<00>tkr'td
<00>
<00>
ntj|d|
j<00>


x3tD]+}yt	||<00>
WqDt
k
rn


qDXqDW|
dkr<>|tkr<>t
}
n|r<>|r<>|}nytj|<00>

Wn=tk
r<>
}
|jtjkr<><00>nt|_d|_nGXt|_tj|j|||||||
<00>|_|rA
|j<00>
n||_||_||_||_||_|
|_||_|	|_ d|_!dS(Ns!only stream sockets are supportedt_socki("t
getsockoptR R!R"tNotImplementedErrorRt__init__R$RtdelattrtAttributeErrortNonet_SSLv2_IF_EXISTSt_DEFAULT_CIPHERStgetpeernametsocket_errorterrnotENOTCONNtFalset
_connectedt_sslobjtTruet_ssltsslwraptdo_handshaketkeyfiletcertfilet	cert_reqstssl_versiontca_certstcipherstdo_handshake_on_connecttsuppress_ragged_eofst_makefile_refs(
tselftsockR8R9tserver_sideR:R;R<R>R?R=tattrt
e((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyR'ksF








	

	



	

	


	




	
	
	
	
	
	
	
	
icCsQy|jj
|
<00>
SWn6tk
rL
}
|jd
tkrF|jrFdS<>n
XdS(sORead up to LEN bytes and return them.
        Return zero-length string on EOF.itN(R3treadRtargsRR?(RAtlent
x((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRG<00>s



cCs|jj
|
<00>
S(
shWrite DATA to the underlying SSL channel.  Returns
        number of bytes of DATA actually transmitted.(R3twrite(RAtdata((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRK<00>scCs|jj
|
<00>
S(
s<>Returns a formatted version of the data in the
        certificate provided by the other end of the SSL channel.
        Return None if no certificate was provided, {} if a
        certificate was provided, but not validated.(R3tpeer_certificate(RAtbinary_form((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pytgetpeercert<72>sc


Cs|js
dS|jj<00>SdS(
N(R3R*tcipher(
RA((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRP<00>s	
icCs<>|jr<>|d
kr+t
d|j<16>
<00>
nx<>tr<>y|jj|
<00>
}WnDtk
r<>
}
|jd
tkrsd
S|jd
tkr<>d
S<>q.X|Sq.Wn|j	j
|
|<00>SdS(Nis3non-zero flags not allowed in calls to send() on %s(R3t
ValueErrort	__class__R4RKRRHRRR$tsend(RARLtflagst
vRJ((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRS<00>s 
	




	






cCsX|jrt
d
|j<16>
<00>
n5|dkr>|jj|
|<00>S|jj|
||<00>SdS(Ns%sendto not allowed on instances of %s(R3RQRRR*R$tsendto(RARLt
flags_or_addrtaddr((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRV<00>s
	



cCs<>|jrq|d
kr+t
d|j<16>
<00>
nt|
<00>
}d
}x-||krl|j|
|<1F>
}||7}q@W|Stj||
|<00>SdS(Nis6non-zero flags not allowed in calls to sendall() on %s(R3RQRRRIRSRtsendall(RARLRTtamounttcountRU((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRY<00>s
	









cCsO|jr8|d
kr+t
d|j<16>
<00>
n|j|
<00>
S|jj|
|<00>SdS(Nis3non-zero flags not allowed in calls to recv() on %s(R3RQRRRGR$trecv(RAtbuflenRT((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyR\<00>s
	





cCs<>|
r!|dkr!t
|
<00>
}n|dkr6d
}n|jr<>|dkratd|j<16>
<00>
n|j|<00>
}t
|<00>
}||
|*|S|jj|
||<00>SdS(Niis8non-zero flags not allowed in calls to recv_into() on %s(R*RIR3RQRRRGR$t	recv_into(RAtbuffertnbytesRTt
tmp_bufferRU((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyR^<00>s



	
	








cCs6|jrt
d
|j<16>
<00>
n|jj|
|<00>SdS(Ns'recvfrom not allowed on instances of %s(R3RQRRR$trecvfrom(RAR]RT((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRb
s
	

cCs9|jrt
d
|j<16>
<00>
n|jj|
||<00>SdS(Ns,recvfrom_into not allowed on instances of %s(R3RQRRR$t
recvfrom_into(RAR_R`RT((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRc
s
	

c


Cs|jr|jj
<00>Sd
SdS(Ni(R3tpending(
RA((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRd
s
	

c
Cs?|jr%|jj
<00>}
d|_|
Std
t|<00>
<17>
<00>
dS(NsNo SSL wrapper around (R3tshutdownR*RQtstr(RAt
s((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pytunwrap
s

	

	
cCsd|_
tj||
<00>
dS(
N(R*R3RRe(RAthow((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRe'
s
	
c

Cs;|jd
kr(d|_tj|<00>

n|jd
8_dS(Ni
(R@R*R3Rtclose(
RA((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRj+
s

	
c


Cs|jj
<00>
d
S(sPerform a TLS/SSL handshake.N(R3R7(
RA((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyR72
sc	Cs<>|jrt
d
<00>
<00>
ntj|jt|j|j|j|j	|j
|j<00>|_ya|rrt
j||
<00>}nd}t
j||
<00>
|s<>|jr<>|j<00>
nt|_n|SWntk
r<>


d|_<00>n
XdS(Ns/attempt to connect already-connected SSLSocket!(R2RQR5R6R$R1R8R9R:R;R<R=R3Rt
connect_exR*tconnectR>R7R4R.(RARXtreturn_errnotrc((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyt
_real_connect8
s$	









	






	
cCs|j|
t
<00>
d
S(sQConnects to remote ADDR, and then wraps the connection in
        an SSL channel.N(RoR1(RARX((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRlO
scCs|j|
t
<00>S(
sQConnects to remote ADDR, and then wraps the connection in
        an SSL channel.(RoR4(RARX((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRkT
sc
Cs<>tj
|<00>
\}
}ybt|
d
|jd|jdtd|jd|jd|jd|j	d|j
d	|j<00>
	|fSWn#tk
r<>
}
|
j
<00>
|<00>
n
Xd
S(s<>Accepts a new connection from a remote client, and returns
        a tuple containing that new connection wrapped with a server-side
        SSL channel, and the address of the remote client.R8R9RCR:R;R<R=R>R?N(RtacceptR#R8R9R4R:R;R<R=R>R?R.Rj(RAtnewsockRXRE((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyRpY
s 

	
	
	

	
	
	
	
	
	




t
ri<72><69><EFBFBD><EFBFBD>cCs%|jd
7_t
||
|dt<00>
S(s<>Make and return a file-like object that
        works with the SSL connection.  Just use the code
        from the socket module.i
Rj(R@RR4(RAtmodetbufsize((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pytmakefilep
sN(t__name__t
__module__t__doc__R*R1RRR4R'RGRKRORPRSRVRYR\R^RbRcRdRhReRjR7RoRlRkRpRu(((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyR#es6



0
				
									c

Cs@t|d
|
d|d|d|d|d|d|d|d	|	<00>
	S(
NR8R9RCR:R;R<R>R?R=(
R#(
RBR8R9RCR:R;R<R>R?R=((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pytwrap_socket}
s




c
Cs%d
dl}
|
j
|
j|d<00><00>
S(s<>Takes a date-time string in standard ASN1_print form
    ("MON DAY 24HOUR:MINUTE:SEC YEAR TIMEZONE") and return
    a Python time value in seconds past the epoch.i<><69><EFBFBD><EFBFBD>Ns%b %d %H:%M:%S %Y GMT(ttimetmktimetstrptime(t	cert_timeRz((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pytcert_time_to_seconds<64>
s
s-----BEGIN CERTIFICATE-----s-----END CERTIFICATE-----c
Csctt
d
<00>rBt
j|<00>
}
tdtj|
d<00>dtdStdt
j|<00>
tdSdS(s[Takes a certificate in binary DER format and returns the
    PEM version of it as a string.tstandard_b64encodes

i@N(thasattrtbase64Rt
PEM_HEADERttextwraptfillt
PEM_FOOTERtencodestring(tder_cert_bytest
f((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pytDER_cert_to_PEM_cert<72>
s$c
Csw|jt
<00>
s"td
t
<16>
<00>
n|j<00>jt<00>
sJtdt<16>
<00>
n|j<00>tt
<00>
tt<00>
!}
tj|
<00>
S(shTakes a certificate in ASCII PEM format and returns the
    DER-encoded version of it as a byte sequences(Invalid PEM encoding; must start with %ss&Invalid PEM encoding; must end with %s(	t
startswithR<68>RQtstriptendswithR<68>RIR<>tdecodestring(tpem_cert_stringt
d((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pytPEM_cert_to_DER_cert<72>
s







 
cCsx|\}}|dk	r!t
}nt}tt<00>d
|
d|d|<00>
}|j|<00>

|jt<00>
}|j<00>
t	|<00>
S(s<>Retrieve the certificate from the server at the specified address,
    and return it as a PEM-encoded string.
    If 'ca_certs' is specified, validate the server cert against it.
    If 'ssl_version' is specified, use it in the connection attempt.R;R:R<N(
R*RRRyRRlROR4RjR<>(RXR;R<thosttportR:Rgtdercert((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pytget_server_certificate<74>
s

	







c

Cstj
|d
<00>S(Ns	<unknown>(t_PROTOCOL_NAMEStget(
t
protocol_code((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pytget_protocol_name<6D>
s
cCslt|d
<00>r|j
}ntj|d|
|ttd<00>}y|j<00>
Wntk
r]


nX|j	<00>
|S(s<>A replacement for the old socket.ssl function.  Designed
    for compability with Python 2.5 and earlier.  Will disappear in
    Python 3.0.R$iN(
R<>R$R5R6RRR*R-R.R7(RBR8R9tssl_sock((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pytsslwrap_simple<6C>
s






(7RxR<>R5RR
RRRRRRRR	R
RRR
RRRRRRRRR<>RR+tImportErrorR*RRRRR.Rt_getnameinfoR R!R"R<>R/R,R#R1R4RyR~R<>R<>R<>R<>R<>R<>R<>(((s8e:\github\Wox.JSONRPC\Output\Debug\PythonHome\lib\ssl.pyt<module>8sN



@













"



<16>