U M8Úc~ã@stdZddlZddlZz ddlZWnek r8dZYnXdZGdd„deƒZddd„Zd d „Z d d „Z d d„Z dS)zJThe match_hostname() function from Python 3.3.3, essential when using SSL.éNz3.5.0.1c@s eZdZdS)ÚCertificateErrorN)Ú__name__Ú __module__Ú __qualname__©rrúC/tmp/pip-unpacked-wheel-1wxsa54m/urllib3/util/ssl_match_hostname.pyrsréc Csòg}|s dS| d¡}|d}|dd…}| d¡}||krLtdt|ƒƒ‚|s`| ¡| ¡kS|dkrt| d¡n>| d ¡sˆ| d ¡rš| t |¡¡n| t |¡  d d ¡¡|D]}| t |¡¡q¶t  d d   |¡dtj ¡} |   |¡S)zhMatching according to RFC 6125, section 6.4.3 http://tools.ietf.org/html/rfc6125#section-6.4.3 FÚ.rrNÚ*z,too many wildcards in certificate DNS name: z[^.]+zxn--z\*z[^.]*z\Az\.z\Z)ÚsplitÚcountrÚreprÚlowerÚappendÚ startswithÚreÚescapeÚreplaceÚcompileÚjoinÚ IGNORECASEÚmatch) ÚdnÚhostnameÚ max_wildcardsÚpatsÚpartsÚleftmostÚ remainderÚ wildcardsÚfragÚpatrrrÚ_dnsname_matchs,    ÿ r"cCs&t|tƒr"tjdkr"t|ddd}|S)N)éÚasciiÚstrict)ÚencodingÚerrors)Ú isinstanceÚstrÚsysÚ version_infoÚunicode)ÚobjrrrÚ _to_unicodeOsr.cCst t|ƒ ¡¡}||kS)zˆExact matching of IP addresses. RFC 6125 explicitly doesn't define an algorithm for this (section 1.7.2 - "Out of Scope"). )Ú ipaddressÚ ip_addressr.Úrstrip)ÚipnameÚhost_ipÚiprrrÚ_ipaddress_matchVsr5c Csz|s tdƒ‚zt t|ƒ¡}Wn>ttfk r:d}Yn$tk r\tdkrVd}n‚YnXg}| dd¡}|D]^\}}|dkr¦|dkršt||ƒršdS| |¡qr|dkrr|dk rÆt ||ƒrÆdS| |¡qr|s| dd¡D]8}|D].\}}|dkrìt||ƒrdS| |¡qìqät |ƒd krJt d |d   t t|ƒ¡fƒ‚n,t |ƒd krnt d ||d fƒ‚nt dƒ‚dS)a)Verify that *cert* (in decoded format as returned by SSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125 rules are followed, but IP addresses are not accepted for *hostname*. CertificateError is raised on failure. On success, the function returns nothing. ztempty or no certificate, match_hostname needs a SSL socket or SSL context with either CERT_OPTIONAL or CERT_REQUIREDNÚsubjectAltNamerÚDNSz IP AddressÚsubjectÚ commonNamerz&hostname %r doesn't match either of %sz, zhostname %r doesn't match %rrz=no appropriate commonName or subjectAltName fields were found)Ú ValueErrorr/r0r.Ú UnicodeErrorÚAttributeErrorÚgetr"rr5ÚlenrrÚmapr )Úcertrr3ÚdnsnamesÚsanÚkeyÚvalueÚsubrrrÚmatch_hostnamebsRÿ      ÿÿÿrF)r) Ú__doc__rr*r/Ú ImportErrorÚ __version__r:rr"r.r5rFrrrrÚs   6