|_ "@sBddlZddlZddlZddlZddlZddlmZmZmZm Z ddl m Z m Z yddl Z Wnek rdZ YnXdddddgZd jjZyejjZejZWnek reZZYnXe dk oeeefkZydd l mZmZWnWek ry$dd lmZdd lmZWnek rdZdZYnXYnXesGd ddeZesdddZddZGdddeZGdddeZdddZ ddZ!e!ddZ"ddZ#ddZ$dS)N)urllib http_clientmapfilter)ResolutionErrorExtractionErrorVerifyingHTTPSHandlerfind_ca_bundle is_available cert_paths opener_fora /etc/pki/tls/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt /usr/share/ssl/certs/ca-bundle.crt /usr/local/share/certs/ca-root.crt /etc/ssl/cert.pem /System/Library/OpenSSL/certs/cert.pem /usr/local/share/certs/ca-root-nss.crt /etc/ssl/ca-bundle.pem )CertificateErrormatch_hostname)r )rc@seZdZdS)r N)__name__ __module__ __qualname__rrs zVerifyingHTTPSHandler.__init__csjfdd|S)Ncst|j|S)N)VerifyingHTTPSConnr<)hostkw)r?rrsz2VerifyingHTTPSHandler.https_open..)do_open)r?reqr)r?r https_opensz VerifyingHTTPSHandler.https_openN)rrr__doc__r>rFrrrrrs  c@s.eZdZdZddZddZdS)r@z@Simple verifying connection: no auth, subclasses, timeouts, etc.cKs tj|||||_dS)N)HTTPSConnectionr>r<)r?rAr<rBrrrr>szVerifyingHTTPSConn.__init__c Cstj|j|jft|dd}t|drjt|ddrj||_|j|j}n |j}t j |dt j d|j |_yt |jj|Wn5tk r|jjtj|jjYnXdS)Nsource_address_tunnel _tunnel_host cert_reqsca_certs)socketcreate_connectionrAportgetattrhasattrsockrJrKssl wrap_socket CERT_REQUIREDr<r getpeercertr shutdown SHUT_RDWRclose)r?rS actual_hostrrrconnects$!      zVerifyingHTTPSConn.connectN)rrrrGr>r\rrrrr@s  r@cCs"tjjt|ptjS)z@Get a urlopen() replacement that uses ca_bundle for verification)rrequest build_openerrr open)r<rrrr s cs%tjfdd}|S)Ncs(tds!||_jS)Nalways_returns)rRr`)argskwargs)funcrrwrapperszonce..wrapper) functoolswraps)rcrdr)rcronces!rgc sryddl}Wntk r(dSYnXGfddd|j}|jd|jd|jS)Nrcs:eZdZfddZfddZS)z"get_win_certfile..CertFilecs't|jtj|jdS)N)superr>atexitregisterrZ)r?)CertFile __class__rrr>sz+get_win_certfile..CertFile.__init__c s0yt|jWntk r+YnXdS)N)rhrZOSError)r?)rkrlrrrZs z(get_win_certfile..CertFile.close)rrrr>rZr)rk)rlrrks rkCAROOT) wincertstore ImportErrorrkZaddstorename)rpZ _wincertsr)rkrget_win_certfiles     rscCs4ttjjt}tp3t|dp3tS)z*Return an existing CA bundle path, or NoneN)rospathisfiler rsnext_certifi_where)Zextant_cert_pathsrrrr s c Cs6ytdjSWntttfk r1YnXdS)NZcertifi) __import__whererqrrrrrrrxsrx)%rtrNrirreZsetuptools.extern.six.movesrrrr pkg_resourcesrrrTrq__all__striprr r]r=rHAttributeErrorobjectr r rZbackports.ssl_match_hostnamer3r.rr@r rgrsr rxrrrrsP     "         4 ) #