o

���g�1�@
sL
dd
lm
Z

ddlZddlZddlZddlZddlmZmZ
ddl	m
Z

ddlmZ
ddl
mZmZ
ddlmZmZmZmZ
dd	lmZmZ
dd
lmZmZmZmZ
ejdkr`ddl
mZmZ
nddl mZmZ
ed
�
Z!ed�
Z"e#e#e$e$fdfZ%e#e%dfZ&Gdd�de�Z'e
dd�
Gdd�de��
Z(e
dd�
Gdd�dee(��
Z)dS)�)
�annotationsN)�Callable�Mapping)
�	dataclass)
�wraps)�Any�TypeVar�)�BrokenResourceError�EndOfStream�aclose_forcefully�get_cancelled_exc_class)�TypedAttributeSet�typed_attribute)�
AnyByteStream�
ByteStream�Listener�	TaskGroup)��)�TypeVarTuple�Unpack�T_Retval�PosArgsT.c@
s�eZ
dZUd
Ze�Zded<e�Zded<e�Zded<e�Z	ded	<e�Z
d
ed<e�Zded
<e�Zded<e�Z
ded<e�Zded<e�Zded<dS)�TLSAttributez5Contains Transport Layer Security related attributes.�
str | None�
alpn_protocol�bytes�channel_binding_tls_uniqueztuple[str, str, int]�cipherz*None | dict[str, str | _PCTRTTT | _PCTRTT]�peer_certificatezbytes | None�peer_certificate_binary�bool�server_sidez!list[tuple[str, str, int]] | None�shared_ciphers�
ssl.SSLObject�
ssl_object�standard_compatible�str�tls_versionN)�__name__�
__module__�__qualname__�__doc__rr�__annotations__rrr r!r#r$r&r'r)�r/r/�</usr/local/lib/python3.10/dist-packages/anyio/streams/tls.pyr s

rF)
�eqc@
s�eZ
dZUd
Zded<ded<ded<ded	<ded
<eddddd
�d2dd��
Zd3dd�Zd4dd �Zd5d"d#�Z	d6d7d(d)�Z
d8d+d,�Zd5d-d.�Ze
d9d0d1��
ZdS):�	TLSStreama

    A stream wrapper that encrypts all sent data and decrypts received data.

    This class has no public initializer; use :meth:`wrap` instead.
    All extra attributes from :class:`~TLSAttribute` are supported.

    :var AnyByteStream transport_stream: the wrapped stream

    r�transport_streamr"r'r%�_ssl_objectz
ssl.MemoryBIO�	_read_bio�
_write_bioNT)r#�hostname�ssl_contextr'r#�bool | Noner7rr8�ssl.SSLContext | None�returnc�
s��
|d
ur|}|s'|rtj
jntj
j}t�|�
}ttd�r'|jtjM_t��}t��}|j	||||d�}	||
||	||d�}
|
�
|	j�
Id
H
|
S)a�
        Wrap an existing stream with Transport Layer Security.

        This performs a TLS handshake with the peer.

        :param transport_stream: a bytes-transporting stream to wrap
        :param server_side: ``True`` if this is the server side of the connection,
            ``False`` if this is the client side (if omitted, will be set to ``False``
            if ``hostname`` has been provided, ``False`` otherwise). Used only to create
            a default context when an explicit context has not been provided.
        :param hostname: host name of the peer (if host name checking is desired)
        :param ssl_context: the SSLContext object to use (if not provided, a secure
            default will be created)
        :param standard_compatible: if ``False``, skip the closing handshake when
            closing the connection, and don't raise an exception if the peer does the
            same
        :raises ~ssl.SSLError: if the TLS handshake fails

        N�OP_IGNORE_UNEXPECTED_EOF)r#�server_hostname)r3r'r4r5r6)�ssl�Purpose�CLIENT_AUTH�SERVER_AUTH�create_default_context�hasattr�optionsr<�	MemoryBIO�wrap_bio�_call_sslobject_method�do_handshake)�clsr3r#r7r8r'�purpose�bio_in�bio_outr&�wrapperr/r/r0�wrapNs.�
�





�




�
zTLSStream.wrap�func�&Callable[[Unpack[PosArgsT]], T_Retval]�args�Unpack[PosArgsT]rc
�
s�
�
	z|
|�}Wn�tj
yY


z|jjr!|j�|j���
IdH
|j��IdH}Wn&ty8


|j	�
�
YntyP
}
z
|j	�
�
|j�
�
t|�d}~w
w|j	�
|�

Ynotjyn


|j�|j���
IdH
YnZtjy�
}
z
|j	�
�
|j�
�
t|�d}~w
tjy�
}
z"|j	�
�
|j�
�
t|tj�s�|jr�d|jvr�|jr�t|�td��d}~w
w|jjr�|j�|j���
IdH
|Sq)NT�UNEXPECTED_EOF_WHILE_READING)r>�SSLWantReadErrorr6�pendingr3�send�read�receiverr5�	write_eof�OSErrorr
�write�SSLWantWriteError�SSLSyscallError�SSLError�
isinstance�SSLEOFError�strerrorr')�selfrOrQ�result�data�excr/r/r0rG�sV�












���







�






�


��
�z TLSStream._call_sslobject_method�tuple[AnyByteStream, bytes]c

�
s:�
|�|j
j�
Id
H
|j��
|j��
|j|j��fS)z�
        Does the TLS closing handshake.

        :return: a tuple of (wrapped byte stream, bytes left in the read buffer)

        N)rGr4�unwrapr5rYr6r3rW�
rbr/r/r0rg�s
�




zTLSStream.unwrap�Nonec

�
sP�
|jrz	|�
�IdH
Wnty


t|j�
IdH
�w|j��IdH
dS�
N)r'rg�
BaseExceptionrr3�acloserhr/r/r0rl�s�





�zTLSStream.aclose�
�	max_bytes�intrc�
s$�
|�|j
j|
�IdH}|st�
|Srj)rGr4rWr)rbrnrdr/r/r0rX�s
�


zTLSStream.receive�itemc�
s�
|�|j
j|
�IdH
dSrj)rGr4r[)rbrpr/r/r0rV�s�
zTLSStream.sendc
�
sb�
|�t
j�
}
t�d
|
�}|r-t|�d�
�
t|�d�
pd�
}}||fdkr-td|
���
�
td�
�
)NzTLSv(\d+)(?:\.(\d+))?�
r	r
)rqrz;send_eof() requires at least TLSv1.3; current session uses z7send_eof() has not yet been implemented for TLS streams)�extrarr)�re�matchro�group�NotImplementedError)rbr)rt�major�minorr/r/r0�send_eof�s�


"




��
�zTLSStream.send_eof�Mapping[Any, Callable[[], Any]]c


s�i�jj
�
tj�jjtj�jjtj�jjtj	�f
d
d�tj
�f
dd�tj�f
dd�tj�f
dd�tj
�f
dd�tj�f
dd�tj�jji
�
S)Nc
��j�
d
�
S)NF�r4�getpeercertr/rhr/r0�<lambda>�sz,TLSStream.extra_attributes.<locals>.<lambda>c
r{)NTr|r/rhr/r0r~�s
�c

s�jj
Srj)r4r#r/rhr/r0r~�sc
s�jj
r	�j��SdSrj)r4r#r$r/rhr/r0r~�s
�c

��jSrj�
r'r/rhr/r0r~��c

rrj)
r4r/rhr/r0r~�r�)r3�extra_attributesrrr4�selected_alpn_protocolr�get_channel_bindingrr r!r#r$r'r&r)�versionrhr/rhr0r��s
�









�zTLSStream.extra_attributes)r3rr#r9r7rr8r:r'r"r;r2)rOrPrQrRr;r)r;rf�r;ri)
rm)rnror;r)rprr;ri�r;rz)r*r+r,r-r.�classmethodrNrGrgrlrXrVry�propertyr�r/r/r/r0r2<s*








�
8
.




r2c@
sneZ
dZUd
Zded<ded<dZded<d	Zd
ed<ed dd��
Z	d!d"dd�Z	d#dd�Z
ed$dd��
ZdS)%�TLSListenera�
    A convenience listener that wraps another listener and auto-negotiates a TLS session
    on every accepted connection.

    If the TLS handshake times out or raises an exception,
    :meth:`handle_handshake_error` is called to do whatever post-mortem processing is
    deemed necessary.

    Supports only the :attr:`~TLSAttribute.standard_compatible` extra attribute.

    :param Listener listener: the listener to wrap
    :param ssl_context: the SSL context object
    :param standard_compatible: a flag passed through to :meth:`TLSStream.wrap`
    :param handshake_timeout: time limit for the TLS handshake
        (passed to :func:`~anyio.fail_after`)
    z
Listener[Any]�listenerzssl.SSLContextr8Tr"r'��float�handshake_timeoutrerk�streamrr;ric�
sL�
t|
�
Id
H
t
|t��st�t�
jd|d�
t
|t�r#t
|t��r$�d
S)a�

        Handle an exception raised during the TLS handshake.

        This method does 3 things:

        #. Forcefully closes the original stream
        #. Logs the exception (unless it was a cancellation exception) using the
           ``anyio.streams.tls`` logger
        #. Reraises the exception if it was a base exception or a cancellation exception

        :param exc: the exception
        :param stream: the original stream

        NzError during TLS handshake)
�exc_info)rr_r
�logging�	getLoggerr*�	exception�	Exception)rer�r/r/r0�handle_handshake_error
s�

�
�z"TLSListener.handle_handshake_errorN�handler�Callable[[TLSStream], Any]�
task_group�TaskGroup | Nonec�
s2�
t��
d��
fdd��
}�
j
�||�IdH
dS)Nr�rr;ric

�
s��
d
dlm
}

z$|
�
j�
�
tj|�
j�
jd�IdH}Wd�
n1s%w



Y
WntyG
}
z�
�||�IdH
WYd}~dSd}~w
w�|�
IdH
dS)Nr	)
�
fail_after)r8r')	�r�r�r2rNr8r'rkr�)r�r��wrapped_streamre�r�rbr/r0�handler_wrapper8
s �




��� 
��z*TLSListener.serve.<locals>.handler_wrapper)r�rr;ri)rr��serve)rbr�r�r�r/r�r0r�3
s�
zTLSListener.servec

�
s�
|j�
�IdH
dSrj)r�rlrhr/r/r0rlJ
s�
zTLSListener.acloserzc


stj
�f
d
d�i
S)Nc

rrjr�r/rhr/r0r~P
r�z.TLSListener.extra_attributes.<locals>.<lambda>)rr'rhr/rhr0r�M
s�zTLSListener.extra_attributes)rerkr�rr;rirj)r�r�r�r�r;rir�r�)
r*r+r,r-r.r'r��staticmethodr�r�rlr�r�r/r/r/r0r��s




"�

r�)*�
__future__rr�rsr>�sys�collections.abcrr�dataclassesr�	functoolsr�typingrrr�r
rrr
�_core._typedattrrr�abcrrrr�version_inforr�typing_extensionsrr�tupler(�_PCTRTT�_PCTRTTTrr2r�r/r/r/r0�<module>
s2













?