a dbF@srdZddlZddlZz ddlZWney6dZYn0dZGdddeZdddZd d Z d d Z d dZ dS)zJThe match_hostname() function from Python 3.3.3, essential when using SSL.Nz3.5.0.1c@s eZdZdS)CertificateErrorN)__name__ __module__ __qualname__rr/home/tom/ab/renpy-build/tmp/install.linux-x86_64/lib/python3.9/site-packages/urllib3/packages/ssl_match_hostname/_implementation.pyrsrc Csg}|s dS|d}|d}|dd}|d}||krLtdt||s`||kS|dkrt|dn>|d s|d r|t|n|t| d d |D]}|t|qt d d |dtj } | |S)zhMatching according to RFC 6125, section 6.4.3 http://tools.ietf.org/html/rfc6125#section-6.4.3 F.rrN*z,too many wildcards in certificate DNS name: z[^.]+zxn--z\*z[^.]*z\Az\.z\Z)splitcountrreprlowerappend startswithreescapereplacecompilejoin IGNORECASEmatch) dnhostnameZ max_wildcardsZpatspartsZleftmost remainder wildcardsfragpatrrr_dnsname_matchs,     rcCs&t|tr"tjdkr"t|ddd}|S)N)asciistrict)encodingerrors) isinstancestrsys version_infounicode)objrrr _to_unicodeOsr+cCstt|}||kS)zExact matching of IP addresses. RFC 6125 explicitly doesn't define an algorithm for this (section 1.7.2 - "Out of Scope"). ) ipaddress ip_addressr+rstrip)ipnamehost_ipiprrr_ipaddress_matchTsr2cCs|s tdztt|}WnJty4d}Yn6tyHd}Yn"tyhtdurbd}nYn0g}|dd}|D]^\}}|dkr|durt||rdS||q~|dkr~|durt ||rdS||q~|s*|ddD]8}|D].\}}|dkrt||rdS||qqt |d krVt d |d t t|fn,t |d krzt d ||d fnt ddS)a)Verify that *cert* (in decoded format as returned by SSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125 rules are followed, but IP addresses are not accepted for *hostname*. CertificateError is raised on failure. On success, the function returns nothing. ztempty or no certificate, match_hostname needs a SSL socket or SSL context with either CERT_OPTIONAL or CERT_REQUIREDNsubjectAltNamerDNSz IP Addresssubject commonNamerz&hostname %r doesn't match either of %sz, zhostname %r doesn't match %rrz=no appropriate commonName or subjectAltName fields were found) ValueErrorr,r-r+ UnicodeErrorAttributeErrorgetrrr2lenrrmapr )certrr0dnsnamessankeyvaluesubrrrmatch_hostname`sN          rC)r) __doc__rr'r, ImportError __version__r7rrr+r2rCrrrrs    5