f{zddlZddlZddlZ ddlZddlmZddlmZddlmZddlm Z ddl m Z eejejfZGdd ejZGd d ejZd Zd ZGdde j(e j*ZGddej.Zy#e$rdZYwxYw)N) constants) exceptions) protocols) transports)loggerc eZdZdZdZdZdZdZy)SSLProtocolState UNWRAPPED DO_HANDSHAKEWRAPPEDFLUSHINGSHUTDOWNN)__name__ __module__ __qualname__r r r rr'/usr/lib/python3.12/asyncio/sslproto.pyr r sI!LGHHrr ceZdZdZdZdZdZy)AppProtocolState STATE_INITSTATE_CON_MADE STATE_EOFSTATE_CON_LOSTN)rrrrrrrrrrrrsJ%NI%NrrcZ|r tdtj}|sd|_|S)Nz(Server side SSL needs a valid SSLContextF) ValueErrorsslcreate_default_contextcheck_hostname) server_sideserver_hostname sslcontexts r_create_transport_contextr$/s2CDD ++-J $) ! rc|||dz}n |}d|z}n|}||dz}n|}||cxk\rdk\sntd|d|d||fS)Nirzhigh (z) must be >= low (z) must be >= 0)r)highlowkbhilos radd_flowcontrol_defaultsr,=sh | ;dBBRB  { 1W  =q=b"# # r6MrceZdZdZej j ZdZddZ dZ dZ dZ dZ efd Zd Zd Zd Zdd ZdZdZddZdZdZedZdZdZdZdZdZdZ dZ!y)_SSLProtocolTransportTc.||_||_d|_y)NF)_loop _ssl_protocol_closed)selfloop ssl_protocols r__init__z_SSLProtocolTransport.__init__Xs ) rNc:|jj||S)z#Get optional transport information.)r1_get_extra_infor3namedefaults rget_extra_infoz$_SSLProtocolTransport.get_extra_info]s!!11$@@rc:|jj|yN)r1_set_app_protocol)r3protocols r set_protocolz"_SSLProtocolTransport.set_protocolas ,,X6rc.|jjSr>)r1 _app_protocolr3s r get_protocolz"_SSLProtocolTransport.get_protocolds!!///rc|jSr>)r2rDs r is_closingz _SSLProtocolTransport.is_closinggs ||rcn|js"d|_|jjyd|_y)a Close the transport. Buffered data will be flushed asynchronously. No more data will be received. After all buffered data is flushed, the protocol's connection_lost() method will (eventually) called with None as its argument. TN)r2r1_start_shutdownrDs rclosez_SSLProtocolTransport.closejs,||DL    . . 0!%D rcX|jsd|_|jdtyy)NTz9unclosed transport )r2warnResourceWarning)r3 _warningss r__del__z_SSLProtocolTransport.__del__xs)||DL NN* ,rc0|jj Sr>)r1_app_reading_pausedrDs r is_readingz _SSLProtocolTransport.is_readings%%9999rc8|jjy)zPause the receiving end. No data will be passed to the protocol's data_received() method until resume_reading() is called. N)r1_pause_readingrDs r pause_readingz#_SSLProtocolTransport.pause_readings ))+rc8|jjy)zResume the receiving end. Data received will once again be passed to the protocol's data_received() method. N)r1_resume_readingrDs rresume_readingz$_SSLProtocolTransport.resume_readings **,rcp|jj|||jjy)aSet the high- and low-water limits for write flow control. These two values control when to call the protocol's pause_writing() and resume_writing() methods. If specified, the low-water limit must be less than or equal to the high-water limit. Neither value can be negative. The defaults are implementation-specific. If only the high-water limit is given, the low-water limit defaults to an implementation-specific value less than or equal to the high-water limit. Setting high to zero forces low to zero as well, and causes pause_writing() to be called whenever the buffer becomes non-empty. Setting low to zero causes resume_writing() to be called only once the buffer is empty. Use of zero for either limit is generally sub-optimal as it reduces opportunities for doing I/O and computation concurrently. N)r1_set_write_buffer_limits_control_app_writingr3r'r(s rset_write_buffer_limitsz-_SSLProtocolTransport.set_write_buffer_limitss,& 33D#> //1rcZ|jj|jjfSr>)r1_outgoing_low_water_outgoing_high_waterrDs rget_write_buffer_limitsz-_SSLProtocolTransport.get_write_buffer_limits*""66""779 9rc6|jjS)z-Return the current size of the write buffers.)r1_get_write_buffer_sizerDs rget_write_buffer_sizez+_SSLProtocolTransport.get_write_buffer_sizes!!88::rcp|jj|||jjy)aSet the high- and low-water limits for read flow control. These two values control when to call the upstream transport's pause_reading() and resume_reading() methods. If specified, the low-water limit must be less than or equal to the high-water limit. Neither value can be negative. The defaults are implementation-specific. If only the high-water limit is given, the low-water limit defaults to an implementation-specific value less than or equal to the high-water limit. Setting high to zero forces low to zero as well, and causes pause_reading() to be called whenever the buffer becomes non-empty. Setting low to zero causes resume_reading() to be called only once the buffer is empty. Use of zero for either limit is generally sub-optimal as it reduces opportunities for doing I/O and computation concurrently. N)r1_set_read_buffer_limits_control_ssl_readingr\s rset_read_buffer_limitsz,_SSLProtocolTransport.set_read_buffer_limitss,& 224= //1rcZ|jj|jjfSr>)r1_incoming_low_water_incoming_high_waterrDs rget_read_buffer_limitsz,_SSLProtocolTransport.get_read_buffer_limitsrbrc6|jjS)z+Return the current size of the read buffer.)r1_get_read_buffer_sizerDs rget_read_buffer_sizez*_SSLProtocolTransport.get_read_buffer_sizes!!7799rc.|jjSr>)r1_app_writing_pausedrDs r_protocol_pausedz&_SSLProtocolTransport._protocol_pauseds!!555rct|tttfs!t dt |j |sy|jj|fy)zWrite some data bytes to the transport. This does not block; it buffers the data and arranges for it to be sent out asynchronously. z+data: expecting a bytes-like instance, got N) isinstancebytes bytearray memoryview TypeErrortyperr1_write_appdatar3datas rwritez_SSLProtocolTransport.writesX $ : >?##':#6#6"79: :  ))4'2rc:|jj|y)zWrite a list (or any iterable) of data bytes to the transport. The default implementation concatenates the arguments and calls write() on the result. N)r1r{)r3 list_of_datas r writelinesz _SSLProtocolTransport.writeliness )),7rct)zuClose the write end after flushing buffered data. This raises :exc:`NotImplementedError` right now. )NotImplementedErrorrDs r write_eofz_SSLProtocolTransport.write_eofs "!rcy)zAReturn True if this transport supports write_eof(), False if not.FrrDs r can_write_eofz#_SSLProtocolTransport.can_write_eofsrc&|jdy)zClose the transport immediately. Buffered data will be lost. No more data will be received. The protocol's connection_lost() method will (eventually) be called with None as its argument. N) _force_closerDs rabortz_SSLProtocolTransport.aborts $rcbd|_|j|jj|yyNT)r2r1_abortr3excs rrz"_SSLProtocolTransport._force_closes.    )    % %c * *rc|jjj||jxjt |z c_yr>)r1_write_backlogappend_write_buffer_sizelenr|s r_test__append_write_backlogz1_SSLProtocolTransport._test__append_write_backlogs7 ))006 --T:-rr>NN)"rrr_start_tls_compatibler _SendfileModeFALLBACK_sendfile_compatibler6r<rArErGrJwarningsrOrRrUrXr]rarerirmrppropertyrsr~rrrrrrrrrr.r.Rs!$22;; A70 &!),:,-2,9;2,9:66 38" + ;rr.ceZdZdZdZdZdZ d*dZdZd+dZ dZ dZ dZ d Z d Zd Zd+d Zd ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!dZ"dZ#d Z$d,d!Z%d"Z&d#Z'd$Z(d,d%Z)d&Z*d'Z+d(Z,d-d)Z-y). SSLProtocoliNc t tdt|j|_t |j|_|tj}n|dkrtd|| tj} n| dkrtd| |s t||}||_ |r |s||_ nd|_ ||_t||_t#j$|_d|_||_||_|j/|d|_d|_d|_||_| |_tj:|_tj:|_t@jB|_"d|_#|rtHjJ|_&ntHjN|_&|jjQ|j<|j>|j|j|_)d|_*d|_+d|_,d|_-d|_.|j_d|_0d|_1d|_2d|_3|ji|jky)Nzstdlib ssl module not availablerz7ssl_handshake_timeout should be a positive number, got z6ssl_shutdown_timeout should be a positive number, got )r#F)r!r")6r RuntimeErrorrwmax_size _ssl_bufferrx_ssl_buffer_viewrSSL_HANDSHAKE_TIMEOUTrSSL_SHUTDOWN_TIMEOUTr$ _server_side_server_hostname _sslcontextdict_extra collectionsdequerr_waiterr0r?_app_transport_app_transport_created _transport_ssl_handshake_timeout_ssl_shutdown_timeout MemoryBIO _incoming _outgoingr r _state _conn_lostrr _app_staterwrap_bio_sslobj_ssl_writing_pausedrQ_ssl_reading_pausedrlrkrg _eof_receivedrrr`r_rZ_get_app_transport) r3r4 app_protocolr#waiterr!r"call_connection_madessl_handshake_timeoutssl_shutdown_timeouts rr6zSSLProtocol.__init__sE ;@A A$T]]3 *4+;+; < ($-$C$C ! "a ',-/0 0 '#,#A#A !Q &+,./ /2_.J( ;$3D !$(D !%j1 *//1"#   |,"&+#&;#%9"&00  .99DO.==DO''00 NNDNN)) 1113 $) #( #( $%!#$  $$&"#( $%!#$  %%' !rc||_t|drDt|tjr*|j |_|j|_d|_ yd|_ y)N get_bufferTF) rChasattrrurBufferedProtocolr_app_protocol_get_bufferbuffer_updated_app_protocol_buffer_updated_app_protocol_is_buffer)r3rs rr?zSSLProtocol._set_app_protocolasP) L, /<)C)CD,8,C,CD )0<0K0KD -+/D (+0D (rc|jy|jjs@|#|jj|d|_y|jjdd|_yr>)r cancelled set_exception set_resultrs r_wakeup_waiterzSSLProtocol._wakeup_waiterlsZ <<  ||%%' **3/  ''- rc|j9|jr tdt|j||_d|_|jS)Nz$Creating _SSLProtocolTransport twiceT)rrrr.r0rDs rrzSSLProtocol._get_app_transportvsJ    &**"#IJJ"7 D"ID *.D '"""rc2||_|jy)zXCalled when the low-level connection is made. Start the SSL handshake. N)r_start_handshake)r3 transports rconnection_madezSSLProtocol.connection_made~s $ rcH|jj|jj|xjdz c_|j d|j _|jtjk7r|jtjk(s|jtjk(rEtj|_ |jj!|j"j$||j'tj(d|_d|_d|_|j-||j.r!|j.j1d|_|j2r"|j2j1d|_yy)zCalled when the low-level connection is lost or closed. The argument is an exception object or None (the latter meaning a regular EOF is received or the connection was aborted or closed). rNT)rclearrreadrrr2rr r rrrrrr0 call_soonrCconnection_lost _set_stater rr_shutdown_timeout_handlecancel_handshake_timeout_handlers rrzSSLProtocol.connection_losts9 !!#  1    **.D   ' ;;*77 7#3#B#BB#3#=#=="2"A"A $$T%7%7%G%GM (223"! C  ( (  ) ) 0 0 2,0D )  ) )  * * 1 1 3-1D * *rc|}|dks||jkDr |j}t|j|kr*t||_t |j|_|j SNr)rrrrwrxr)r3nwants rrzSSLProtocol.get_buffers` 19t}},==D t 4 '(D $.t/?/?$@D !$$$rc|jj|jd||jtj k(r|j y|jtjk(r|jy|jtjk(r|jy|jtjk(r|jyyr>) rr~rrr r _do_handshaker _do_readr _do_flushr _do_shutdown)r3nbytess rrzSSLProtocol.buffer_updateds T227F;< ;;*77 7    [[,44 4 MMO [[,55 5 NN  [[,55 5    6rcd|_ |jjrtjd||j t jk(r|jty|j t jk(r=|jt j|jry|jy|j t jk(r@|j|jt j |j#y|j t j k(r|j#yy#t$$r|j&j)wxYw)aCalled when the other end of the low-level stream is half-closed. If this returns a false value (including None), the transport will close itself. If it returns a true value, closing the transport is up to the protocol. Tz%r received EOFN)rr0 get_debugrdebugrr r _on_handshake_completeConnectionResetErrorr rrrQr _do_writerr ExceptionrrJrDs r eof_receivedzSSLProtocol.eof_receiveds" zz##% .5{{.;;;++,@A 0 8 88 0 9 9:++NN$ 0 9 99  0 9 9:!!# 0 9 99!!#:  OO ! ! #  s&A"E,AE5EAE#-E%E7c||jvr|j|S|j|jj||S|Sr>)rrr<r9s rr8zSSLProtocol._get_extra_infosC 4;; ;;t$ $ __ (??11$@ @Nrc&d}|tjk(rd}n|jtjk(r|tjk(rd}n|jtjk(r|tjk(rd}ne|jtjk(r|tj k(rd}n2|jtj k(r|tj k(rd}|r||_ytdj|j|)NFTz!cannot switch state from {} to {}) r r rr r rrrformat)r3 new_statealloweds rrzSSLProtocol._set_states (22 2G KK+55 5 )66 6G KK+88 8 )11 1G KK+33 3 )22 2G KK+44 4 )22 2G #DK3::KK,- -rcnjjr6tjdjj _nd_j tjjjjfd_ jy)Nz%r starts SSL handshakec$jSr>)_check_handshake_timeoutrDsrz.SSLProtocol._start_handshake..!s$*G*G*Ir) r0rrrtime_handshake_start_timerr r call_laterrrrrDs`rrzSSLProtocol._start_handshakes ::   ! LL2D 9)-):D &)-D & (556 JJ ! !$"="="I K & rc|jtjk(r+d|jd}|j t |yy)Nz$SSL handshake is taking longer than z! seconds: aborting the connection)rr r r _fatal_errorConnectionAbortedError)r3msgs rrz$SSLProtocol._check_handshake_timeout%sN ;;*77 76../0*+    4S9 : 8rc |jj|jdy#t$r|j Yyt j $r}|j|Yd}~yd}~wwxYwr>)r do_handshakerSSLAgainErrors_process_outgoingrSSLErrorrs rrzSSLProtocol._do_handshake.sb . LL % % '  ' ' -  %  " " $|| -  ' ' , , -s.A6 A6A11A6c|j!|jjd|_|j} | |jtj n||j }|jjrA|jj!|j"z }t%j&d||dz|j(j+||j-|j/||j0t2j4k(r>t2j6|_|j8j;|j=|j|j?y#t$rm}d}|jtjt|tjrd}nd}|j|||j|Yd}~yd}~wwxYw)Nz1SSL handshake failed on verifying the certificatezSSL handshake failedz%r: SSL handshake took %.1f msg@@)peercertcipher compression ssl_object) rrrrr r getpeercertrr rurCertificateErrorrrr0rrrrrrupdaterrrrrrrCrrr)r3 handshake_excsslobjrrrdts rrz"SSLProtocol._on_handshake_complete8s  ) ) 5  * * 1 1 3-1D * $ 0 8 89##))+H ::   !"T%?%??B LL94c J H"(--/'-'9'9';&,  . ??.99 9.==DO    . .t/F/F/H I  1  M OO,66 7#s334I,   c3 '    $  s4F G7 A#G22G7cjtjtjtjfvryj dj _jtjk(rjdyjtjjjjfd_ jy)NTc$jSr>)_check_shutdown_timeoutrDsrrz-SSLProtocol._start_shutdown..rs446r)rr rrr rr2r rrr0rrrrrDs`rrIzSSLProtocol._start_shutdownas KK )) )) **      **.D   ' ;;*77 7 KK  OO,55 6,0JJ,A,A**6-D ) NN rc|jtjtjfvr/|jj t jdyy)NzSSL shutdown timed out)rr rrrrr TimeoutErrorrDs rrz#SSLProtocol._check_shutdown_timeoutvsN KK )) ))  OO ( (''(@A C  rc|j|jtj|j yr>)rrr rrrDs rrzSSLProtocol._do_flushs*  (112 rcJ |js|jj|j|j |j dy#t $r|jYytj$r}|j |Yd}~yd}~wwxYwr>) rrunwrapr_call_eof_received_on_shutdown_completerrrrs rrzSSLProtocol._do_shutdowns -%% ##%  " " $  # # %  & &t , %  " " $|| ,  & &s + + ,s&AB"5B"BB"c|j!|jjd|_|r|j|y|jj |j j yr>)rrrr0rrrJ)r3 shutdown_excs rrz!SSLProtocol._on_shutdown_completesU  ( ( 4  ) ) 0 0 2,0D )    l + JJ !6!6 7rc|jtj|j|jj |yyr>)rr r rrrs rrzSSLProtocol._aborts6 (223 ?? & OO ( ( - 'rc8|jtjtjtjfvrH|j t jk\rtjd|xj dz c_y|D];}|jj||xjt|z c_ = |jtjk(r|jyy#t $r}|j#|dYd}~yd}~wwxYw)NzSSL connection is closedrFatal error on SSL protocol)rr rrr rr!LOG_THRESHOLD_FOR_CONNLOST_WRITESrwarningrrrrr rrr)r3rr}exs rr{zSSLProtocol._write_appdatas KK )) )) **  )"M"MM9: OOq O   1D    & &t ,  # #s4y 0 # 1 A{{.666 7 A   b"? @ @ As-C44 D=DDc~ |jr|jd}|jj|}t|}||kr(||d|jd<|xj|zc_n"|jd=|xj|zc_|jr|j y#t $rYwxYwr)rrr~rrrr)r3r}countdata_lens rrzSSLProtocol._do_writes %%**1- **40t98#-1%&\D''*++u4+++A.++x7+%%     sBB00 B<;B<c|js@|jj}t|r|jj ||j yr>)rrrrrr~r[r|s rrzSSLProtocol._process_outgoingsB''>>&&(D4y%%d+ !!#rc|jtjtjfvry |jsZ|j r|j n|j|jr|jn|j|jy#t$r}|j|dYd}~yd}~wwxYw)Nr)rr r rrQr_do_read__buffered_do_read__copiedrrrrhrr)r3r!s rrzSSLProtocol._do_reads KK (( ))    A++//++-))+&&NN$**,  % % ' A   b"? @ @ AsA6B&& C /CC cd}d}jj}t|} jj ||}|dkDrY|}||kr4jj ||z ||d}|dkDr||z }nn$||kr4j j fd|dkDrj||s!jjyy#t$rYEwxYw)Nrrc$jSr>)rrDsrrz0SSLProtocol._do_read__buffered..s r) rrorrrr0rrrrrI)r3offsetr#bufwantss` rr'zSSLProtocol._do_read__buffereds++D,F,F,HIC LL%%eS1Eqyun LL--efnc&'lKEqy% unJJ(()@A A:  - -f 5  # # %  "    sAC% C%% C10C1cd}d}d} |jj|j}|sn$|rd}d}|}n|rd}|g}nj|L |r|j j n,|s*|j j dj|s!|j|jyy#t$rYywxYw)N1TFr) rrrrrrC data_receivedjoinrrI)r3chunkzeroonefirstr}s rr(zSSLProtocol._do_read__copieds  ))$--8 DC!EC!5>DKK&     , ,U 3    , ,SXXd^ <  # # %  "    sA C CCc> |jtjk(rHtj|_|jj }|rt jdyyy#ttf$rt$r}|j|dYd}~yd}~wwxYw)Nz?returning true from eof_received() has no effect when using sslzError calling eof_received()) rrrrrCrrr KeyboardInterrupt SystemExit BaseExceptionr)r3 keep_openr!s rrzSSLProtocol._call_eof_received%s B"2"A"AA"2"<"< ..;;= NN$BCB ":.   B   b"@ A A BsA#A((BBBcZ|j}||jk\r/|js#d|_ |jj y||jkr0|jr#d|_ |jjyyy#t t f$rt$r4}|jjd||j|dYd}~yd}~wwxYw#t t f$rt$r4}|jjd||j|dYd}~yd}~wwxYw)NTzprotocol.pause_writing() failedmessage exceptionrr@Fz protocol.resume_writing() failed) rdr`rrrC pause_writingr7r8r9r0call_exception_handlerrr_resume_writing)r3sizers rr[z SSLProtocol._control_app_writing4s$**, 4,, ,T5M5M'+D $ ""002T-- -$2J2J',D $ ""1133K -&z2    11@!$!%!4!4 $ 3 &z2    11A!$!%!4!4 $ 3 s/B2CC'*CCD*6*D%%D*cH|jj|jzSr>)rpendingrrDs rrdz"SSLProtocol._get_write_buffer_sizeQs~~%%(?(???rc\t||tj\}}||_||_yr>)r,r!FLOW_CONTROL_HIGH_WATER_SSL_WRITEr`r_r\s rrZz$SSLProtocol._set_write_buffer_limitsTs., #yBBD c$(!#& rcd|_yr)rQrDs rrTzSSLProtocol._pause_reading\s #' rcnjr(d_fd}jj|yy)NFcjtjk(rjyjtjk(rj yjtj k(rjyyr>)rr r rrrrrrDsrresumez+SSLProtocol._resume_reading..resumecs`;;"2":"::MMO[[$4$=$==NN$[[$4$=$==%%'>r)rQr0r)r3rJs` rrWzSSLProtocol._resume_reading_s2  # #',D $ ( JJ  ( $rc|j}||jk\r.|js"d|_|jj y||j kr/|jr"d|_|jj yyy)NTF)rorlrrrUrkrX)r3rBs rrhz SSLProtocol._control_ssl_readingnsu))+ 4,, ,T5M5M'+D $ OO ) ) + T-- -$2J2J',D $ OO * * ,3K -rc\t||tj\}}||_||_yr>)r,r FLOW_CONTROL_HIGH_WATER_SSL_READrlrkr\s rrgz#SSLProtocol._set_read_buffer_limitsws., #yAAC c$(!#& rc.|jjSr>)rrDrDs rroz!SSLProtocol._get_read_buffer_size}s~~%%%rc.|jrJd|_y)z\Called when the low-level transport's buffer goes over the high-water mark. TN)rrDs rr?zSSLProtocol.pause_writings++++#' rcN|jsJd|_|jy)z^Called when the low-level transport's buffer drains below the low-water mark. FN)rrrDs rrAzSSLProtocol.resume_writings'''''#(   rcf|jr|jj|t|tr5|jj rt jd||dyyt|tjs+|jj|||j|dyy)Nz%r: %sT)exc_infor<) rrruOSErrorr0rrrrCancelledErrorr@)r3rr=s rrzSSLProtocol._fatal_errors ?? OO ( ( - c7 #zz##% XtWtD&C!:!:; JJ - -" !__ / r)zFatal error on transport).rrrrrrrr6r?rrrrrrrr8rrrrrrIrrrrrr{rrrr'r(rr[rdrZrTrWrhrgror?rArrrrrrsH  $#59&*'+&* Q"f 1# "2H%  !F$-P ;.%R*C -8.A0! $A,#:#< B:@'( )-' & (! rr)renumrr ImportErrorrrrrlogrSSLWantReadErrorSSLSyscallErrorrEnumr rr$r,_FlowControlMixin Transportr.rrrrrr^s  ?**C,?,?@Ntyy &tyy & *r;J88&00r;jW ),,W { CsB00B:9B: