fdZddlmZddlZddlZddlZddlmZmZejrddl m Z dZ Gdd e Z d dd Zdd Z d dd Zy)zHThe match_hostname() function from Python 3.5, essential when using SSL.) annotationsN) IPv4Address IPv6Address)_TYPE_PEER_CERT_RET_DICTz3.5.0.1c eZdZy)CertificateErrorN)__name__ __module__ __qualname__W/home/Script/Script_env/lib/python3.12/site-packages/urllib3/util/ssl_match_hostname.pyr r srr cg}|sy|jd}|d}|dd}|jd}||kDrtdt|z|s*t |j |j k(S|dk(r|j dn{|jd s|jd r%|j tj|n4|j tj|jd d |D]&}|j tj|(tjd d j|zdztj} | j|S)zhMatching according to RFC 6125, section 6.4.3 http://tools.ietf.org/html/rfc6125#section-6.4.3 F.rrN*z,too many wildcards in certificate DNS name: z[^.]+zxn--z\*z[^.]*z\Az\.z\Z)splitcountr reprboollowerappend startswithreescapereplacecompilejoin IGNORECASEmatch) dnhostname max_wildcardspatspartsleftmost remainder wildcardsfragpats r_dnsname_matchr+sO D  HHTNEQxHab Is#I=  :T"X E  BHHJ(.."2233 3 G   V $(;(;F(C BIIh'( BIIh'//w?@% BIIdO$% **UUZZ--5r}} EC 99X rctj|j}t|j|jk(S)aExact matching of IP addresses. RFC 9110 section 4.3.5: "A reference identity of IP-ID contains the decoded bytes of the IP address. An IP version 4 address is 4 octets, and an IP version 6 address is 16 octets. [...] A reference identity of type IP-ID matches if the address is identical to an iPAddress value of the subjectAltName extension of the certificate." ) ipaddress ip_addressrstriprpacked)ipnamehost_ipips r_ipaddress_matchr4Ps2   fmmo .B  W^^+ ,,rc |s td d|vr(tj|d|jd}ntj|}g}|j dd}|D]S\}}|dk(r"|t ||ry|j |-|dk(s3|t||ry|j |U|rK|I|sG|j ddD]2}|D]+\}}|d k(s t ||ry|j |-4t|d kDr.td |d d jtt|t|d k(rtd |d|dtd#t$rd}Y0wxYw)a)Verify that *cert* (in decoded format as returned by SSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125 rules are followed, but IP addresses are not accepted for *hostname*. CertificateError is raised on failure. On success, the function returns nothing. ztempty or no certificate, match_hostname needs a SSL socket or SSL context with either CERT_OPTIONAL or CERT_REQUIRED%NsubjectAltNamer DNSz IP Addresssubject commonNamerz hostname z doesn't match either of z, z doesn't match rz/no appropriate subjectAltName fields were found) ValueErrorr-r.rfindgetr+rr4lenr rmapr) certr"hostname_checks_common_namer2dnsnamessankeyvaluesubs rmatch_hostnamerG_s  -   (?**84IhnnS6I+JKG**84G H'+xx0@"'EC# U %<>%#B OOE " L "'7w'G OOE "##wx88Ir* +C! + U,&%eX6OOE*  + + 8}q,4diiD(@S6T V   X! 8,ohqk_UVVPQQG sAE22 FF)r)r!z typing.Anyr"strr#intreturnztyping.Match[str] | None | bool)r1rHr2zIPv4Address | IPv6AddressrJr)F)r@z_TYPE_PEER_CERT_RET_DICT | Noner"rHrArrJNone)__doc__ __future__rr-rtypingrr TYPE_CHECKINGssl_r __version__r;r r+r4rGr rrrRsN # . .  z 9:55!5255$5p -$).@R )@R@R"&@R @Rr