HEX
Server: Apache
System: Linux scp1.abinfocom.com 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User: confeduphaar (1010)
PHP: 8.1.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /usr/lib/python3/dist-packages/service_identity/__pycache__/
Upload Files
File: //usr/lib/python3/dist-packages/service_identity/__pycache__/pyopenssl.cpython-38.pyc
U

��\"�@s�dZddlmZmZmZddlZddlZddlmZddl	m
Z
ddlmZddl
mZdd	lmZmZmZmZmZmZmZmZdd
lmZdgZdd�Zd
d�Zed�Zdd�ZdS)zA
`pyOpenSSL <https://github.com/pyca/pyopenssl>`_-specific code.
�)�absolute_import�division�print_functionN)�decode)�	IA5String)�ObjectIdentifier)�GeneralNames�)�DNS_ID�CertificateError�
DNSPattern�IPAddress_ID�IPAddressPattern�
SRVPattern�
URIPattern�verify_service_identity)�SubjectAltNameWarning�verify_hostnamecCs tt|���t|�ggd�dS)a?
    Verify whether the certificate of *connection* is valid for *hostname*.

    :param OpenSSL.SSL.Connection connection: A pyOpenSSL connection object.
    :param unicode hostname: The hostname that *connection* should be connected
        to.

    :raises service_identity.VerificationError: If *connection* does not
        provide a certificate that is valid for *hostname*.
    :raises service_identity.CertificateError: If the certificate chain of
        *connection* contains a certificate that contains invalid/unexpected
        data.

    :returns: ``None``
    �Z
cert_patternsZobligatory_idsZoptional_idsN)r�extract_ids�get_peer_certificater
)�
connectionZhostname�r�</usr/lib/python3/dist-packages/service_identity/pyopenssl.pyr s

�cCs tt|���t|�ggd�dS)a�
    Verify whether the certificate of *connection* is valid for *ip_address*.

    :param OpenSSL.SSL.Connection connection: A pyOpenSSL connection object.
    :param unicode ip_address: The IP address that *connection* should be
        connected to.  Can be an IPv4 or IPv6 address.

    :raises service_identity.VerificationError: If *connection* does not
        provide a certificate that is valid for *ip_address*.
    :raises service_identity.CertificateError: If the certificate chain of
        *connection* contains a certificate that contains invalid/unexpected
        data.

    :returns: ``None``

    .. versionadded:: 18.1.0
    rN)rrrr
)rZ
ip_addressrrr�verify_ip_address7s

�rz1.3.6.1.5.5.7.8.7c
Csvg}tj�|���D�]}|�|�}|��dkrt|��t�d�\}}|D]�}|�	�}|dkrv|�
t|���
���qJ|dkr�|�
t�|���
���qJ|dkr�|�
t|���
���qJ|dkrJ|��}|�d�}	|	tk�rt|�d��\}
}t|
t��r|�
t|
�
���ntd	��nqJqJq|�srd
d�|����D�}tt|�d�}d
d�|D�}tjd|�d�ftdd�|S)a
    Extract all valid IDs from a certificate for service verification.

    If *cert* doesn't contain any identifiers, the ``CN``s are used as DNS-IDs
    as fallback.

    :param OpenSSL.SSL.X509 cert: The certificate to be dissected.

    :return: List of IDs.
    ssubjectAltName)Zasn1SpecZdNSNameZ	iPAddressZuniformResourceIdentifierZ	otherNamerr	zUnexpected certificate content.cSs g|]}|ddkr|d�qS)rsCNr	r��.0�crrr�
<listcomp>�szextract_ids.<locals>.<listcomp>s<not given>cSsg|]}t|��qSr)rrrrrr�sz�Certificate with CN '%s' has no `subjectAltName`, falling back to check for a `commonName` for now.  This feature is being removed by major browsers and deprecated by RFC 2818.  service_identity will remove the support for it in mid-2018.zutf-8�)�
stacklevel)�sixZmoves�rangeZget_extension_countZ
get_extensionZget_short_namer�get_datarZgetName�appendrZgetComponentZasOctetsr�
from_bytesrZgetComponentByPosition�
ID_ON_DNS_SRV�
isinstancerrrZget_subjectZget_components�next�iter�warnings�warnr)
ZcertZids�iZext�names�_�nZname_string�compZoidZsrvZ
componentsZcnrrrrSsV

��

�
�
��	r)�__doc__Z
__future__rrrr*r!Zpyasn1.codec.der.decoderrZpyasn1.type.charrZpyasn1.type.univrZpyasn1_modules.rfc2459rZ_commonr
rrr
rrrr�
exceptionsr�__all__rrr&rrrrr�<module>s(

@ Telegram