� u��g�3��ddlmZddlZddlZddlZddlZddlmZmZddl m Z ddlmZddl mZmZddlmZmZmZmZmZdd lmZmZdd lmZmZmZmZejdkr ddl mZm Z nddl!mZm Z ed ��Z"ed��Z#e$e$e%e%fdfZ&e$e&dfZ'Gd�de��Z(e d��Gd�de��Z)e d��Gd�dee)��Z*dS)�)�annotationsN)�Callable�Mapping)� dataclass)�wraps)�Any�TypeVar�)�BrokenResourceError�EndOfStream�aclose_forcefully�get_cancelled_exc_class� to_thread)�TypedAttributeSet�typed_attribute)� AnyByteStream� ByteStream�Listener� TaskGroup)��)�TypeVarTuple�Unpack�T_Retval�PosArgsT.c�@�eZdZUdZe��Zded<e��Zded<e��Zded<e��Z ded <e��Z d ed<e��Zded <e��Zded<e��Z ded<e��Zded<e��Zded<dS)�TLSAttributez5Contains Transport Layer Security related attributes.� str | None� alpn_protocol�bytes�channel_binding_tls_uniqueztuple[str, str, int]�cipherz*None | dict[str, str | _PCTRTTT | _PCTRTT]�peer_certificatezbytes | None�peer_certificate_binary�bool�server_sidez!list[tuple[str, str, int]] | None�shared_ciphers� ssl.SSLObject� ssl_object�standard_compatible�str�tls_versionN)�__name__� __module__�__qualname__�__doc__rr�__annotations__r!r"r#r$r&r'r)r*r,��a/home/asafur/pinokio/api/open-webui.git/app/env/lib/python3.11/site-packages/anyio/streams/tls.pyrr!s!��?�?�!0�� 1� 1�M�1�1�1�1�(7��(9�(9��9�9�9�9�#2�?�#4�#4�F�4�4�4�4�FU�_�EV�EV��V�V�V�V�,;�O�,=�,=��=�=�=�=�'��)�)�K�)�)�)�)�9H��8I�8I�N�I�I�I�I� /�� 1� 1�J�1�1�1�1�!0�� 1� 1��1�1�1�1�&��(�(�K�(�(�(�(�(�(r3rF)�eqc��eZdZUdZded<ded<ded<ded <ded <eddddd �d*d��Zd+d�Zd,d�Zd-d�Z d.d/d$�Z d0d&�Zd-d'�Ze d1d)��ZdS)2� TLSStreama A stream wrapper that encrypts all sent data and decrypts received data. This class has no public initializer; use :meth:`wrap` instead. All extra attributes from :class:`~TLSAttribute` are supported. :var AnyByteStream transport_stream: the wrapped stream r�transport_streamr%r*r(�_ssl_objectz ssl.MemoryBIO� _read_bio� _write_bioNT)r&�hostname�ssl_contextr*r&�bool | Noner<rr=�ssl.SSLContext | None�returnc��FK�|�|}|sh|rtjjntjj}tj|��}ttd��r|xjtjzc_tj��}tj��}t|��tj ur|�||||��} n$tj |j||||d��d{V��} |||| ||��} | �| j��d{V��| S)a� Wrap an existing stream with Transport Layer Security. This performs a TLS handshake with the peer. :param transport_stream: a bytes-transporting stream to wrap :param server_side: ``True`` if this is the server side of the connection, ``False`` if this is the client side (if omitted, will be set to ``False`` if ``hostname`` has been provided, ``False`` otherwise). Used only to create a default context when an explicit context has not been provided. :param hostname: host name of the peer (if host name checking is desired) :param ssl_context: the SSLContext object to use (if not provided, a secure default will be created) :param standard_compatible: if ``False``, skip the closing handshake when closing the connection, and don't raise an exception if the peer does the same :raises ~ssl.SSLError: if the TLS handshake fails N�OP_IGNORE_UNEXPECTED_EOF)r&�server_hostname)r8r*r9r:r;)�ssl�Purpose�CLIENT_AUTH�SERVER_AUTH�create_default_context�hasattr�optionsrB� MemoryBIO�type� SSLContext�wrap_bior�run_sync�_call_sslobject_method�do_handshake)�clsr8r&r<r=r*�purpose�bio_in�bio_outr)�wrappers r4�wrapzTLSStream.wrapOsl��:��&�,�K�� E�+6�S��'�'�C�K�<S� ��4�W�=�=�K��s�6�7�7� E��#�#��(D�'D�D�#�#��-�/�/��.�.�$�-�-��[�(�.��J�J� )�1��$�� J��#�-� 3�"�� ,�,�Z�-D�E�E�E�E�E�E�E�E�E��r3�func�&Callable[[Unpack[PosArgsT]], T_Retval]�args�Unpack[PosArgsT]rc��K� ||�}|jjr7|j�|j��d{V��|S#t j$r� |jjr7|j�|j��d{V��|j��d{V��}|j� |��np#t$r|j��YnKt$r?}|j��|j��t|�d}~wwxYwY�nt j$r:|j�|j��d{V��Yn�t j$r?}|j��|j��t|�d}~wt j$ry}|j��|j��t#|t j��s|jr d|jvr|jrt|�td��d}~wwxYw��j)NT�UNEXPECTED_EOF_WHILE_READING)r;�pendingr8�send�readrD�SSLWantReadError�receiver:�writer� write_eof�OSErrorr�SSLWantWriteError�SSLSyscallError�SSLError� isinstance�SSLEOFError�strerrorr*)�selfrXrZ�result�data�excs r4rPz TLSStream._call_sslobject_method�s��) �( ��t��H�?�*�M��/�4�4�T�_�5I�5I�5K�5K�L�L�L�L�L�L�L�L�L�� M�'� /� /� /� /��.�Q�"�3�8�8��9M�9M�9O�9O�P�P�P�P�P�P�P�P�P�!%�!6�!>�!>�!@�!@�@�@�@�@�@�@�D��N�(�(��.�.�.�.��#�/�/�/��N�,�,�.�.�.�.�.��7�7�7��N�,�,�.�.�.��O�-�-�/�/�/�-�3�6��7��(� I� I� I��+�0�0��1E�1E�1G�1G�H�H�H�H�H�H�H�H�H�H�H��&� 3� 3� 3��(�(�*�*�*��)�)�+�+�+�)�s�2��<� � � ��(�(�*�*�*��)�)�+�+�+��c�3�?�3�3�4��L�4�%C�s�|�%S�%S��/�4�1�s�:�)�t�3�� 1) sb�A�I)�A"C�I)�#E �?I)� E � :E�E � I)�AI)�I)�$:G�I)�0A4I$�$I)�tuple[AnyByteStream, bytes]c��K�|�|jj��d{V��|j��|j��|j|j��fS)z� Does the TLS closing handshake. :return: a tuple of (wrapped byte stream, bytes left in the read buffer) N)rPr9�unwrapr:rdr;r8r`�rls r4rrzTLSStream.unwrap�sx��)�)�$�*:�*A�B�B�B�B�B�B�B�B�B�� "�"�"��!�!�#�#�#��$�d�n�&9�&9�&;�&;�;�;r3�Nonec��K�|jrE |��d{V��n)#t$rt|j��d{V��wxYw|j��d{V��dS�N)r*rr� BaseExceptionr r8�acloserss r4rxzTLSStream.aclose�s��#� � ��k�k�m�m�#�#�#�#�#�#�#�#�� '��(=�>�>�>�>�>�>�>�>�>�� #�*�*�,�,�,�,�,�,�,�,�,�,�,s �&�&A�� max_bytes�intr c��hK�|�|jj|��d{V��}|st�|Srv)rPr9r`r)rlrzrns r4rbzTLSStream.receive�sF��0�0��1A�1F� �R�R�R�R�R�R�R�R�� r3�itemc��VK�|�|jj|��d{V��dSrv)rPr9rc)rlr}s r4r_zTLSStream.send�s:��)�)�$�*:�*@�$�G�G�G�G�G�G�G�G�G�G�Gr3c��PK�|�tj��}tjd|��}|r`t|�d��t|�d��pd��}}||fdkrtd|��td��)NzTLSv(\d+)(?:\.(\d+))?�r r)r�rz;send_eof() requires at least TLSv1.3; current session uses z7send_eof() has not yet been implemented for TLS streams)�extrarr,�re�matchr{�group�NotImplementedError)rlr,r��major�minors r4�send_eofzTLSStream.send_eof�s��j�j��!9�:�:��1�;�?�?�� u�{�{�1�~�~�.�.��E�K�K��N�N�4G�a�0H�0H�5�E��u�~��&�&�)�2�$/�2�2�� "�E� � � r3�Mapping[Any, Callable[[], Any]]c��i�jj�tj�jjtj�jjtj�jjtj �fd�tj �fd�tj�fd�tj�fd�tj �fd�tj�fd�tj�jji �S)Nc�8��j�d��S)NF�r9�getpeercertrss�r4�<lambda>z,TLSStream.extra_attributes.<locals>.<lambda>�s��4�3C�3O�3O�PU�3V�3V�r3c�8��j�d��S)NTr�rss�r4r�z,TLSStream.extra_attributes.<locals>.<lambda>�s��$�:J�:V�:V��;�;�r3c��jjSrv)r9r&rss�r4r�z,TLSStream.extra_attributes.<locals>.<lambda>s ��d�.>�.J�r3c�R��jjr�j��ndSrv)r9r&r'rss�r4r�z,TLSStream.extra_attributes.<locals>.<lambda>s-��+�2��1A�1P�1P�1R�1R�1R��r3c��jSrv�r*rss�r4r�z,TLSStream.extra_attributes.<locals>.<lambda>� ��d�6N�r3c��jSrv)r9rss�r4r�z,TLSStream.extra_attributes.<locals>.<lambda>s ��T�-=�r3)r8�extra_attributesrrr9�selected_alpn_protocolr!�get_channel_bindingr"r#r$r&r'r*r)r,�versionrss`r4r�zTLSStream.extra_attributes�s�� #�4� ��&��(8�(O��3�� 4��!1�!8��)�+V�+V�+V�+V��0�3�3�3�3� �$�&J�&J�&J�&J��'�*�*�*�*� �,�.N�.N�.N�.N��#�%=�%=�%=�%=��$�d�&6�&>�# � � r3)r8rr&r>r<rr=r?r*r%r@r7)rXrYrZr[r@r)r@rp�r@rt)ry)rzr{r@r )r}r r@rt�r@r�)r-r.r/r0r1�classmethodrWrPrrrxrbr_r��propertyr�r2r3r4r7r7=s=��$�#�#�#�� $(�#�-1�$(�D�D�D�D�D��[�D�L,�,�,�,�\ <� <� <� <�-�-�-�-��H�H�H�H� � � � �� X� � � r3r7c��eZdZUdZded<ded<dZded<d Zd ed<edd��Z ddd�Z dd�Z ed d��ZdS)!�TLSListenera� A convenience listener that wraps another listener and auto-negotiates a TLS session on every accepted connection. If the TLS handshake times out or raises an exception, :meth:`handle_handshake_error` is called to do whatever post-mortem processing is deemed necessary. Supports only the :attr:`~TLSAttribute.standard_compatible` extra attribute. :param Listener listener: the listener to wrap :param ssl_context: the SSL context object :param standard_compatible: a flag passed through to :meth:`TLSStream.wrap` :param handshake_timeout: time limit for the TLS handshake (passed to :func:`~anyio.fail_after`) z Listener[Any]�listenerzssl.SSLContextr=Tr%r*��float�handshake_timeoutrorw�streamrr@rtc��,K�t|��d{V��t|t��s.tjt ��d|��t|t��rt|t��r�dS)a� Handle an exception raised during the TLS handshake. This method does 3 things: #. Forcefully closes the original stream #. Logs the exception (unless it was a cancellation exception) using the ``anyio.streams.tls`` logger #. Reraises the exception if it was a base exception or a cancellation exception :param exc: the exception :param stream: the original stream NzError during TLS handshake)�exc_info)r rir�logging� getLoggerr-� exception� Exception)ror�s r4�handle_handshake_errorz"TLSListener.handle_handshake_error"s�� '�'�'�'�'�'�'�'�'��#�6�8�8�9�9� � ��h�'�'�1�1�,�s� 2� � � � �#�y�)�)� �Z��=T�=V�=V�-W�-W� �� r3N�handler�Callable[[TLSStream], Any]� task_group�TaskGroup | Nonec��K�t��d��fd��}�j�||��d{V��dS)Nr�rr@rtc��N�K�ddlm} |�j��5t�|�j�j��d{V��}ddd��n#1swxYwY�|��d{V��dS#t$r'}��||��d{V��Yd}~dSd}~wwxYw)Nr )� fail_after)r=r*) �r�r�r7rWr=r*rwr�)r�r��wrapped_streamror�rls ��r4�handler_wrapperz*TLSListener.serve.<locals>.handler_wrapperGsP��%�%�%�%�%�%� .��Z�� 6�7�7��+4�>�>��$(�$4�,0�,D�,:�,�,�&�&�&�&�&�&�N��g�n�-�-�-�-�-�-�-�-�-�-�-��!� ?� ?� ?��1�1�#�v�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�� ?��s:�A3�.A� A3�A�A3�A�A3�3 B$�=B�B$)r�rr@rt)rr��serve)rlr�r�r�s`` r4r�zTLSListener.serveBso�� w�� .� .� .� .� .� .� �� .��m�!�!�/�:�>�>�>�>�>�>�>�>�>�>�>r3c��HK�|j��d{V��dSrv)r�rxrss r4rxzTLSListener.acloseYs2��m�"�"�$�$�$�$�$�$�$�$�$�$�$r3r�c�&��tj�fd�iS)Nc��jSrvr�rss�r4r�z.TLSListener.extra_attributes.<locals>.<lambda>_r�r3)rr*rss`r4r�zTLSListener.extra_attributes\s!�� ,�.N�.N�.N�.N� � r3)rorwr�rr@rtrv)r�r�r�r�r@rtr�r�) r-r.r/r0r1r*r��staticmethodr�r�rxr�r�r2r3r4r�r� s��"�� $��$�$�$�$�!��!�!�!�!��\��D(,�?�?�?�?�?�.%�%�%�%�� X� � � r3r�)+� __future__rr�r�rD�sys�collections.abcrr�dataclassesr� functoolsr�typingrr r�rrr rr�_core._typedattrrr�abcrrrr�version_inforr�typing_extensionsrr�tupler+�_PCTRTT�_PCTRTTTrr7r�r2r3r4�<module>r�sm��"�"�"�"�"�"�� -�-�-�-�-�-�-�-�!�!�!�!�!�!��B�A�A�A�A�A�A�A�@�@�@�@�@�@�@�@�@�@�@�@��w��+�+�+�+�+�+�+�+�+�6�6�6�6�6�6�6�6��7�:��<� �#�#�� c�3�h��$� %��#��)�)�)�)�)�$�)�)�)�8��e��I �I �I �I �I � �I �I ��I �X��e��U �U �U �U �U �(�9�%�U �U ��U �U �U r3