|
Server : Apache System : Linux iad1-shared-b8-43 6.6.49-grsec-jammy+ #10 SMP Thu Sep 12 23:23:08 UTC 2024 x86_64 User : dh_edsupp ( 6597262) PHP Version : 8.2.26 Disable Function : NONE Directory : /lib/python3/dist-packages/boto/__pycache__/ |
Upload File : |
o
����ckF[����������������������@���sl���d�Z�ddlZddlZddlZddlZddlmZmZ�G�dd��dej�Z dd��Z
dd ��Z
G�d
d
��d
ej
�Z
dS�)
zCExtensions to allow HTTPS requests with SSL certificate validation.�����N)�six�
http_clientc�������������������@���s ���e�Zd�ZdZdd��Zdd��ZdS�)�InvalidCertificateExceptionz?Raised when a certificate is provided with an invalid hostname.c�����������������C���s"���t�j�|���||�_||�_||�_dS�)z�Constructor.
Args:
host: The hostname the connection was made to.
cert: The SSL certificate (as a dictionary) the host returned.
N)r����
HTTPException�__init__�host�cert�reason)�selfr���r���r �����r
����7/usr/lib/python3/dist-packages/boto/https_connection.pyr���"���s���
z$InvalidCertificateException.__init__c�����������������C���s���d|�j�|�j|�jf�S�)Nz0Host %s returned an invalid certificate (%s): %s)r���r ���r���)r
���r
���r
���r
����__str__.���s����z#InvalidCertificateException.__str__N)�__name__�
__module__�
__qualname__�__doc__r���r
���r
���r
���r
���r
���r��� ���s����
r���c�����������������C���s,���d|�v�r
dd��|�d�D��S�dd��|�d�D��S�)z�Returns a list of valid host globs for an SSL certificate.
Args:
cert: A dictionary representing an SSL certificate.
Returns:
list: A list of valid host globs.
�subjectAltNamec�����������������S���s$���g�|�]}|d������dkr|d��qS�)r����dns������lower��.0�xr
���r
���r
����
<listcomp><���s���$�z(GetValidHostsForCert.<locals>.<listcomp>c�����������������S���s,���g�|�]}|d��d������dkr|d��d��qS�)r����
commonnamer���r���r���r
���r
���r
���r���>���s����
��subjectr
���)r���r
���r
���r
����GetValidHostsForCert3���s���r
���c�����������������C���sV���t�|��}tj�d||��|D�]}|�dd��dd�}t�d|f�|tj�r(�dS�qdS�) a��Validates that a given hostname is valid for an SSL certificate.
Args:
cert: A dictionary representing an SSL certificate.
hostname: The hostname to test.
Returns:
bool: Whether or not the hostname is valid for this certificate.
z@validating server certificate: hostname=%s, certificate hosts=%s�.z\.�*z[^.]*z^%s$TF)r
����boto�log�debug�replace�re�search�I)r����hostname�hostsr����host_rer
���r
���r
����ValidateCertificateHostnameB���s��� ��r*���c�������������������@���s2���e�Zd�ZdZejZeddddfdd�Zdd��ZdS�)�
CertValidatingHTTPSConnectionzDAn HTTPConnection that connects over SSL and validates certificates.Nc�����������������K���s>���t�jr||d<�tjj|�f||d�|���||�_||�_||�_dS�)a*��Constructor.
Args:
host: The hostname. Can be in 'host:port' form.
port: The port. Defaults to 443.
key_file: A file containing the client's private key
cert_file: A file containing the client's certificates
ca_certs: A file contianing a set of concatenated certificate authority
certs for validating the server against.
strict: When true, causes BadStatusLine to be raised if the status line
can't be parsed as a valid HTTP/1.0 or 1.1 status line.
�strict)r����portN)r����PY2r����HTTPConnectionr����key_file� cert_file�ca_certs)r
���r���r-���r0���r1���r2���r,����kwargsr
���r
���r
���r���[���s
���
z&CertValidatingHTTPSConnection.__init__c�����������������C���s����t�|�d�rt�|�j|�jf|�j�}n t�|�j|�jf�}d}|�jr'|d|�j�7�}n|d7�}tj� |��t
j
||�j
|�j
t
j|�jd�|�_|�j���}|�j�dd�d�}t||�s[t||d|���d S�)
z(Connect to a host on a given (SSL) port.�timeoutzwrapping ssl socket; zCA certificate file=%sz using system provided SSL certs)�keyfile�certfile� cert_reqsr2����:r���z/remote hostname "%s" does not match certificateN)�hasattr�socket�create_connectionr���r-���r4���r2���r ���r!���r"����ssl�
wrap_socketr0���r1����
CERT_REQUIRED�sock�
getpeercert�splitr*���r���)r
���r?����msgr���r'���r
���r
���r
����connectt���s.���
�
���z%CertValidatingHTTPSConnection.connect) r���r���r���r���r����
HTTPS_PORT�
default_portr���rC���r
���r
���r
���r
���r+���V���s����
�
r+���)r���r$���r:���r<���r ����
boto.compatr���r���r���r���r
���r*���r/���r+���r
���r
���r
���r
����<module>���s���