ž «ÿfž_c+@sãdZddlZddlZddlZddlmZmZmZddlmZddlmZm Z m Z m Z m Z m Z ddlmZmZmZddlmZmZmZmZmZmZyddlmZWnek röYnXydd lmZWnek rYnXdd lmZmZmZmZydd lmZWnek rjYnXdd lmZm Z m!Z!m"Z"m#Z#m$Z$m%Z%m&Z&m'Z'dd lm(Z(m)Z)m*Z*ddlm+Z+m,Z,m-Z-m.Z.ddlm/Z/e0edƒe1ƒdZ>m?Z?ddl@Z@ddlAZAddlBZBejCrdgZDngZDdZEGdd„deFƒZGdd d!„ZHd"d#„ZIGd$d%„d%eƒZJGd&d'„d'e6ƒZKe5e5eLee.e5eMeMe5d(d)„ ZNd*d+„ZOd,ZPd-ZQd.d/„ZRd0d1„ZSe+e5d2d3„ZTd4d5„ZUdS(6uThis module provides some more Pythonic support for SSL. Object types: SSLSocket -- subtype of socket.socket which does SSL over the socket Exceptions: SSLError -- exception raised for I/O errors Functions: cert_time_to_seconds -- convert time string used for certificate notBefore and notAfter functions to integer seconds past the Epoch (the time values returned from time.time()) fetch_server_certificate (HOST, PORT) -- fetch the certificate provided by the server running on HOST at port PORT. No validation of the certificate is performed. Integer constants: SSL_ERROR_ZERO_RETURN SSL_ERROR_WANT_READ SSL_ERROR_WANT_WRITE SSL_ERROR_WANT_X509_LOOKUP SSL_ERROR_SYSCALL SSL_ERROR_SSL SSL_ERROR_WANT_CONNECT SSL_ERROR_EOF SSL_ERROR_INVALID_ERROR_CODE The following group define certificate requirements that one side is allowing/requiring from the other side: CERT_NONE - no certificates from the other side are required (or will be looked at if provided) CERT_OPTIONAL - certificates are not required, but if provided will be validated, and if validation fails, the connection will also fail CERT_REQUIRED - certificates are required, and will be validated, and if validation fails, the connection will also fail The following constants identify various SSL protocol variants: PROTOCOL_SSLv2 PROTOCOL_SSLv3 PROTOCOL_SSLv23 PROTOCOL_TLSv1 iN(uOPENSSL_VERSION_NUMBERuOPENSSL_VERSION_INFOuOPENSSL_VERSION(u _SSLContext(uSSLErroruSSLZeroReturnErroruSSLWantReadErroruSSLWantWriteErroruSSLSyscallErroru SSLEOFError(u CERT_NONEu CERT_OPTIONALu CERT_REQUIRED(uOP_ALLu OP_NO_SSLv2u OP_NO_SSLv3u OP_NO_TLSv1uOP_CIPHER_SERVER_PREFERENCEuOP_SINGLE_DH_USE(uOP_NO_COMPRESSION(uOP_SINGLE_ECDH_USE(u RAND_statusuRAND_addu RAND_bytesuRAND_pseudo_bytes(uRAND_egd( uSSL_ERROR_ZERO_RETURNuSSL_ERROR_WANT_READuSSL_ERROR_WANT_WRITEuSSL_ERROR_WANT_X509_LOOKUPuSSL_ERROR_SYSCALLu SSL_ERROR_SSLuSSL_ERROR_WANT_CONNECTu SSL_ERROR_EOFuSSL_ERROR_INVALID_ERROR_CODE(uHAS_SNIuHAS_ECDHuHAS_NPN(uPROTOCOL_SSLv3uPROTOCOL_SSLv23uPROTOCOL_TLSv1u PROTOCOL_TLS(u_OPENSSL_API_VERSIONu PROTOCOL_TLSuPROTOCOL_SSLv23uTLSv1uSSLv23uSSLv3(uPROTOCOL_SSLv2uSSLv2(u getnameinfo(uerror(usocketuAF_INETu SOCK_STREAMucreate_connection(u SOL_SOCKETuSO_TYPEu tls-uniqueu)DEFAULT:!aNULL:!eNULL:!LOW:!EXPORT:!SSLv2cBs|EeZdZdS(uCertificateErrorN(u__name__u __module__u __qualname__(u __locals__((u(/opt/alt/python33/lib64/python3.3/ssl.pyuCertificateError‰suCertificateErroric CsDg}|sd S|jdƒ^}}|jdƒ}||krYtdt|ƒƒ‚n|su|jƒ|jƒkS|dkr‘|jdƒnY|jdƒs¯|jdƒrÈ|jtj |ƒƒn"|jtj |ƒj ddƒƒx$|D]}|jtj |ƒƒqñWtj dd j |ƒd tj ƒ}|j|ƒS( uhMatching according to RFC 6125, section 6.4.3 http://tools.ietf.org/html/rfc6125#section-6.4.3 u.u*u,too many wildcards in certificate DNS name: u[^.]+uxn--u\*u[^.]*u\Au\.u\ZF(uFalseusplitucountuCertificateErrorurepruloweruappendu startswithureuescapeureplaceucompileujoinu IGNORECASEumatch( udnuhostnameu max_wildcardsupatsuleftmostu remainderu wildcardsufragupat((u(/opt/alt/python33/lib64/python3.3/ssl.pyu_dnsname_matchs&  " &u_dnsname_matchcCs[|stdƒ‚ng}|jdfƒ}xC|D];\}}|dkr4t||ƒr_dS|j|ƒq4q4W|sßxc|jdfƒD]L}xC|D];\}}|dkr™t||ƒrÄdS|j|ƒq™q™WqŒWnt|ƒdkrtd|d jtt|ƒƒfƒ‚n;t|ƒdkrKtd ||d fƒ‚n td ƒ‚dS( u)Verify that *cert* (in decoded format as returned by SSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125 rules are followed, but IP addresses are not accepted for *hostname*. CertificateError is raised on failure. On success, the function returns nothing. uempty or no certificateusubjectAltNameuDNSNusubjectu commonNameiu&hostname %r doesn't match either of %su, uhostname %r doesn't match %riu=no appropriate commonName or subjectAltName fields were found( u ValueErrorugetu_dnsname_matchuappendulenuCertificateErrorujoinumapurepr(ucertuhostnameudnsnamesusanukeyuvalueusub((u(/opt/alt/python33/lib64/python3.3/ssl.pyumatch_hostname¾s.  %umatch_hostnamecBs\|EeZdZdZd Zdd„Zdd„Zd ddd dd„Z d d „Z d S(u SSLContextu|An SSLContext holds various SSL-related configuration options and data, such as certificates and possibly a private key.uprotocolcOs2tj||ƒ}|tkr.|jtƒn|S(N(u _SSLContextu__new__u_SSLv2_IF_EXISTSu set_ciphersu_DEFAULT_CIPHERS(uclsuprotocoluargsukwargsuself((u(/opt/alt/python33/lib64/python3.3/ssl.pyu__new__ís uSSLContext.__new__cCs ||_dS(N(uprotocol(uselfuprotocol((u(/opt/alt/python33/lib64/python3.3/ssl.pyu__init__ósuSSLContext.__init__c Cs+td|d|d|d|d|d|ƒS(Nusocku server_sideudo_handshake_on_connectusuppress_ragged_eofsuserver_hostnameu_context(u SSLSocket(uselfusocku server_sideudo_handshake_on_connectusuppress_ragged_eofsuserver_hostname((u(/opt/alt/python33/lib64/python3.3/ssl.pyu wrap_socketös uSSLContext.wrap_socketcCstƒ}xp|D]h}t|dƒ}t|ƒdksIt|ƒdkrXtdƒ‚n|jt|ƒƒ|j|ƒqW|j|ƒdS(Nuasciiiiÿu(NPN protocols must be 1 to 255 in length(u bytearrayubytesulenuSSLErroruappenduextendu_set_npn_protocols(uselfu npn_protocolsuprotosuprotocolub((u(/opt/alt/python33/lib64/python3.3/ssl.pyuset_npn_protocolss  $uSSLContext.set_npn_protocolsN(uprotocolFT( u__name__u __module__u __qualname__u__doc__u __slots__u__new__u__init__uFalseuTrueuNoneu wrap_socketuset_npn_protocols(u __locals__((u(/opt/alt/python33/lib64/python3.3/ssl.pyu SSLContextçs  u SSLContextcBsÜ|EeZdZdZd?d?d?d@eed?dAe e dd?dAd?d?d?d?dd„Z dd„Z d?dd„Z dd?d d „Zd d „Zd@d d„Zdd„Zdd„Zdd„Zddd„Zd?dd„Zdd„Zddd„Zdddd„Zd?dd d!„Zddd"d#„Zd?dd$d%„Zd&d'„Zd(d)„Zd*d+„Zd,d-„Zd.d/„Z d0d1„Z!d@d2d3„Z"d4d5„Z#d6d7„Z$d8d9„Z%d:d;„Z&d<d=d>„Z'd?S(Bu SSLSocketuµThis class implements a subtype of socket.socket that wraps the underlying OS socket in an SSL context when necessary, and provides read and write methods over that channel.ic"Cs2|r||_n|r.| r.tdƒ‚n|rJ| rJtdƒ‚n|r`| r`|}nt|ƒ|_||j_|r”|jj|ƒn|r°|jj||ƒn|rÉ|jj|ƒn|râ|jj|ƒn||_||_ ||_ ||_ ||_ ||_ |jttƒtkr?tdƒ‚n|rZ|rZtdƒ‚n||_||_||_| |_d }|dk r8tj|d|jd|jd|jd|jƒƒ|j|j ƒƒy|j!ƒWn=t"k r$}z|j#t#j$kr‚nWYdd}~XnXd }|j&ƒnA| dk rZtj|d| ƒntj|d| d| d| ƒd |_'d|_(||_)|r.yY|jj*|||ƒ|_(|rò|j ƒ}|d kråtd ƒ‚n|j+ƒnWq.t"k r*}z|j,ƒ|‚WYdd}~Xq.XndS( Nu5certfile must be specified for server-side operationsucertfile must be specifiedu!only stream sockets are supportedu4server_hostname can only be specified in client modeufamilyutypeuprotoufilenoguHdo_handshake_on_connect should not be specified for non-blocking socketsFT(-ucontextu ValueErroru SSLContextu verify_modeuload_verify_locationsuload_cert_chainuset_npn_protocolsu set_ciphersukeyfileucertfileu cert_reqsu ssl_versionuca_certsuciphersu getsockoptu SOL_SOCKETuSO_TYPEu SOCK_STREAMuNotImplementedErroru server_sideuserver_hostnameudo_handshake_on_connectusuppress_ragged_eofsuFalseuNoneusocketu__init__ufamilyutypeuprotoufilenou settimeoutu gettimeoutu getpeernameu socket_erroruerrnouENOTCONNuTrueudetachu_closedu_sslobju _connectedu _wrap_socketu do_handshakeuclose(uselfusockukeyfileucertfileu server_sideu cert_reqsu ssl_versionuca_certsudo_handshake_on_connectufamilyutypeuprotoufilenousuppress_ragged_eofsu npn_protocolsuciphersuserver_hostnameu_contextu connectedueutimeoutux((u(/opt/alt/python33/lib64/python3.3/ssl.pyu__init__s‚                                 uSSLSocket.__init__cCstd|jjƒ‚dS(NuCan't dup() %s instances(uNotImplementedu __class__u__name__(uself((u(/opt/alt/python33/lib64/python3.3/ssl.pyuduphsu SSLSocket.dupcCsdS(N((uselfumsg((u(/opt/alt/python33/lib64/python3.3/ssl.pyu _checkClosedlsuSSLSocket._checkClosedcCs°|jƒyD|dk r1|jj||ƒ}n|jj|pCdƒ}|SWn[tk r«}z;|jdtkr–|jr–|dk rdSdSn‚WYdd}~XnXdS(uORead up to LEN bytes and return them. Return zero-length string on EOF.iisN(u _checkCloseduNoneu_sslobjureaduSSLErroruargsu SSL_ERROR_EOFusuppress_ragged_eofs(uselfulenubufferuvux((u(/opt/alt/python33/lib64/python3.3/ssl.pyureadps   uSSLSocket.readcCs|jƒ|jj|ƒS(uhWrite DATA to the underlying SSL channel. Returns number of bytes of DATA actually transmitted.(u _checkClosedu_sslobjuwrite(uselfudata((u(/opt/alt/python33/lib64/python3.3/ssl.pyuwrite„s uSSLSocket.writecCs|jƒ|jj|ƒS(uáReturns a formatted version of the data in the certificate provided by the other end of the SSL channel. Return None if no certificate was provided, {} if a certificate was provided, but not validated.(u _checkClosedu_sslobjupeer_certificate(uselfu binary_form((u(/opt/alt/python33/lib64/python3.3/ssl.pyu getpeercert‹s uSSLSocket.getpeercertcCs3|jƒ|j stj r"dS|jjƒSdS(N(u _checkClosedu_sslobju_ssluHAS_NPNuNoneuselected_npn_protocol(uself((u(/opt/alt/python33/lib64/python3.3/ssl.pyuselected_npn_protocol”s uSSLSocket.selected_npn_protocolcCs(|jƒ|jsdS|jjƒSdS(N(u _checkClosedu_sslobjuNoneucipher(uself((u(/opt/alt/python33/lib64/python3.3/ssl.pyucipher›s  uSSLSocket.ciphercCs(|jƒ|jsdS|jjƒSdS(N(u _checkClosedu_sslobjuNoneu compression(uself((u(/opt/alt/python33/lib64/python3.3/ssl.pyu compression¢s  uSSLSocket.compressioncCsÈ|jƒ|jr±|dkr5td|jƒ‚nxŒy|jj|ƒ}WnVtk r¦}z6|jdtkrzdS|jdtkr‘dS‚WYdd}~Xq8X|Sq8nt j |||ƒSdS(Niu3non-zero flags not allowed in calls to send() on %s( u _checkClosedu_sslobju ValueErroru __class__uwriteuSSLErroruargsuSSL_ERROR_WANT_READuSSL_ERROR_WANT_WRITEusocketusend(uselfudatauflagsuvux((u(/opt/alt/python33/lib64/python3.3/ssl.pyusend©s"    uSSLSocket.sendcCsb|jƒ|jr)td|jƒ‚n5|dkrHtj|||ƒStj||||ƒSdS(Nu%sendto not allowed on instances of %s(u _checkClosedu_sslobju ValueErroru __class__uNoneusocketusendto(uselfudatau flags_or_addruaddr((u(/opt/alt/python33/lib64/python3.3/ssl.pyusendto¿s   uSSLSocket.sendtocOstd|jƒ‚dS(Nu&sendmsg not allowed on instances of %s(uNotImplementedErroru __class__(uselfuargsukwargs((u(/opt/alt/python33/lib64/python3.3/ssl.pyusendmsgÉsuSSLSocket.sendmsgcCs˜|jƒ|jr|dkr5td|jƒ‚nt|ƒ}d}x3||kr||j||d…ƒ}||7}qJW|Stj|||ƒSdS(Niu6non-zero flags not allowed in calls to sendall() on %s(u _checkClosedu_sslobju ValueErroru __class__ulenusendusocketusendall(uselfudatauflagsuamountucountuv((u(/opt/alt/python33/lib64/python3.3/ssl.pyusendallÏs    uSSLSocket.sendallicCsY|jƒ|jrB|dkr5td|jƒ‚n|j|ƒStj|||ƒSdS(Niu3non-zero flags not allowed in calls to recv() on %s(u _checkClosedu_sslobju ValueErroru __class__ureadusocketurecv(uselfubuflenuflags((u(/opt/alt/python33/lib64/python3.3/ssl.pyurecvßs    uSSLSocket.recvcCs•|jƒ|r+|dkr+t|ƒ}n|dkr@d}n|jr{|dkrktd|jƒ‚n|j||ƒStj||||ƒSdS(Niiu8non-zero flags not allowed in calls to recv_into() on %s( u _checkCloseduNoneulenu_sslobju ValueErroru __class__ureadusocketu recv_into(uselfubufferunbytesuflags((u(/opt/alt/python33/lib64/python3.3/ssl.pyu recv_intoês     uSSLSocket.recv_intocCs@|jƒ|jr)td|jƒ‚ntj|||ƒSdS(Nu'recvfrom not allowed on instances of %s(u _checkClosedu_sslobju ValueErroru __class__usocketurecvfrom(uselfubuflenuflags((u(/opt/alt/python33/lib64/python3.3/ssl.pyurecvfromùs   uSSLSocket.recvfromcCsC|jƒ|jr)td|jƒ‚ntj||||ƒSdS(Nu,recvfrom_into not allowed on instances of %s(u _checkClosedu_sslobju ValueErroru __class__usocketu recvfrom_into(uselfubufferunbytesuflags((u(/opt/alt/python33/lib64/python3.3/ssl.pyu recvfrom_intos   uSSLSocket.recvfrom_intocOstd|jƒ‚dS(Nu&recvmsg not allowed on instances of %s(uNotImplementedErroru __class__(uselfuargsukwargs((u(/opt/alt/python33/lib64/python3.3/ssl.pyurecvmsg suSSLSocket.recvmsgcOstd|jƒ‚dS(Nu+recvmsg_into not allowed on instances of %s(uNotImplementedErroru __class__(uselfuargsukwargs((u(/opt/alt/python33/lib64/python3.3/ssl.pyu recvmsg_into suSSLSocket.recvmsg_intocCs(|jƒ|jr |jjƒSdSdS(Ni(u _checkClosedu_sslobjupending(uself((u(/opt/alt/python33/lib64/python3.3/ssl.pyupendings   uSSLSocket.pendingcCs'|jƒd|_tj||ƒdS(N(u _checkCloseduNoneu_sslobjusocketushutdown(uselfuhow((u(/opt/alt/python33/lib64/python3.3/ssl.pyushutdowns  uSSLSocket.shutdowncCs?|jr%|jjƒ}d|_|Stdt|ƒƒ‚dS(NuNo SSL wrapper around (u_sslobjushutdownuNoneu ValueErrorustr(uselfus((u(/opt/alt/python33/lib64/python3.3/ssl.pyuunwraps   uSSLSocket.unwrapcCsd|_tj|ƒdS(N(uNoneu_sslobjusocketu _real_close(uself((u(/opt/alt/python33/lib64/python3.3/ssl.pyu _real_close%s uSSLSocket._real_closec CsT|jƒ}z3|dkr1|r1|jdƒn|jjƒWd|j|ƒXdS(uPerform a TLS/SSL handshake.gN(u gettimeoutu settimeoutuNoneu_sslobju do_handshake(uselfublockutimeout((u(/opt/alt/python33/lib64/python3.3/ssl.pyu do_handshake*s  uSSLSocket.do_handshakec CsÔ|jrtdƒ‚n|jr0tdƒ‚n|jj|d|jƒ|_ya|rltj ||ƒ}nd}tj ||ƒ|sª|j rž|j ƒnd|_n|SWntk rÏd|_‚YnXdS(Nu!can't connect in server-side modeu/attempt to connect already-connected SSLSocket!FT(u server_sideu ValueErroru _connecteducontextu _wrap_socketuFalseuserver_hostnameu_sslobjusocketu connect_exuNoneuconnectudo_handshake_on_connectu do_handshakeuTrueu socket_error(uselfuaddru connect_exurc((u(/opt/alt/python33/lib64/python3.3/ssl.pyu _real_connect5s$       uSSLSocket._real_connectcCs|j|dƒdS(uQConnects to remote ADDR, and then wraps the connection in an SSL channel.NF(u _real_connectuFalse(uselfuaddr((u(/opt/alt/python33/lib64/python3.3/ssl.pyuconnectLsuSSLSocket.connectcCs|j|dƒS(uQConnects to remote ADDR, and then wraps the connection in an SSL channel.T(u _real_connectuTrue(uselfuaddr((u(/opt/alt/python33/lib64/python3.3/ssl.pyu connect_exQsuSSLSocket.connect_excCsItj|ƒ\}}|jj|d|jd|jddƒ}||fS(u¿Accepts a new connection from a remote client, and returns a tuple containing that new connection wrapped with a server-side SSL channel, and the address of the remote client.udo_handshake_on_connectusuppress_ragged_eofsu server_sideT(usocketuacceptucontextu wrap_socketudo_handshake_on_connectusuppress_ragged_eofsuTrue(uselfunewsockuaddr((u(/opt/alt/python33/lib64/python3.3/ssl.pyuacceptVs    uSSLSocket.acceptu tls-uniquecCs_|tkrtdƒ‚n|dkr?tdj|ƒƒ‚n|jdkrRdS|jjƒS(uäGet channel binding data for current connection. Raise ValueError if the requested `cb_type` is not supported. Return bytes of the data or None if the data is not available (e.g. before the handshake). u Unsupported channel binding typeu tls-uniqueu({0} channel binding type not implementedN(uCHANNEL_BINDING_TYPESu ValueErroruNotImplementedErroruformatu_sslobjuNoneu tls_unique_cb(uselfucb_type((u(/opt/alt/python33/lib64/python3.3/ssl.pyuget_channel_bindingbs  uSSLSocket.get_channel_bindingNFT((u__name__u __module__u __qualname__u__doc__uNoneuFalseu CERT_NONEu PROTOCOL_TLSuTrueuAF_INETu SOCK_STREAMu__init__udupu _checkClosedureaduwriteu getpeercertuselected_npn_protocolucipheru compressionusendusendtousendmsgusendallurecvu recv_intourecvfromu recvfrom_intourecvmsgu recvmsg_intoupendingushutdownuunwrapu _real_closeu do_handshakeu _real_connectuconnectu connect_exuacceptuget_channel_binding(u __locals__((u(/opt/alt/python33/lib64/python3.3/ssl.pyu SSLSocket sJ   P                 u SSLSocketc CsCtd|d|d|d|d|d|d|d|d |d | ƒ S( Nusockukeyfileucertfileu server_sideu cert_reqsu ssl_versionuca_certsudo_handshake_on_connectusuppress_ragged_eofsuciphers(u SSLSocket( usockukeyfileucertfileu server_sideu cert_reqsu ssl_versionuca_certsudo_handshake_on_connectusuppress_ragged_eofsuciphers((u(/opt/alt/python33/lib64/python3.3/ssl.pyu wrap_socketrs   u wrap_socketcCs%ddl}|j|j|dƒƒS(u¢Takes a date-time string in standard ASN1_print form ("MON DAY 24HOUR:MINUTE:SEC YEAR TIMEZONE") and return a Python time value in seconds past the epoch.iNu%b %d %H:%M:%S %Y GMT(utimeumktimeustrptime(u cert_timeutime((u(/opt/alt/python33/lib64/python3.3/ssl.pyucert_time_to_seconds‚s ucert_time_to_secondsu-----BEGIN CERTIFICATE-----u-----END CERTIFICATE-----cCs?ttj|ƒddƒ}tdtj|dƒdtdS(u[Takes a certificate in binary DER format and returns the PEM version of it as a string.uASCIIustrictu i@(ustrubase64ustandard_b64encodeu PEM_HEADERutextwrapufillu PEM_FOOTER(uder_cert_bytesuf((u(/opt/alt/python33/lib64/python3.3/ssl.pyuDER_cert_to_PEM_certsuDER_cert_to_PEM_certcCs†|jtƒs"tdtƒ‚n|jƒjtƒsJtdtƒ‚n|jƒttƒttƒ …}tj|j ddƒƒS(uhTakes a certificate in ASCII PEM format and returns the DER-encoded version of it as a byte sequenceu(Invalid PEM encoding; must start with %su&Invalid PEM encoding; must end with %suASCIIustrict( u startswithu PEM_HEADERu ValueErrorustripuendswithu PEM_FOOTERulenubase64u decodebytesuencode(upem_cert_stringud((u(/opt/alt/python33/lib64/python3.3/ssl.pyuPEM_cert_to_DER_cert–s  #uPEM_cert_to_DER_certcCst|\}}|dk r!t}nt}t|ƒ}t|d|d|d|ƒ}|jdƒ}|jƒt|ƒS(u÷Retrieve the certificate from the server at the specified address, and return it as a PEM-encoded string. If 'ca_certs' is specified, validate the server cert against it. If 'ssl_version' is specified, use it in the connection attempt.u ssl_versionu cert_reqsuca_certsNT( uNoneu CERT_REQUIREDu CERT_NONEucreate_connectionu wrap_socketu getpeercertuTrueucloseuDER_cert_to_PEM_cert(uaddru ssl_versionuca_certsuhostuportu cert_reqsusudercert((u(/opt/alt/python33/lib64/python3.3/ssl.pyuget_server_certificate£s     uget_server_certificatecCstj|dƒS(Nu (u_PROTOCOL_NAMESuget(u protocol_code((u(/opt/alt/python33/lib64/python3.3/ssl.pyuget_protocol_nameµsuget_protocol_name(Vu__doc__utextwrapureu_ssluOPENSSL_VERSION_NUMBERuOPENSSL_VERSION_INFOuOPENSSL_VERSIONu _SSLContextuSSLErroruSSLZeroReturnErroruSSLWantReadErroruSSLWantWriteErroruSSLSyscallErroru SSLEOFErroru CERT_NONEu CERT_OPTIONALu CERT_REQUIREDuOP_ALLu OP_NO_SSLv2u OP_NO_SSLv3u OP_NO_TLSv1uOP_CIPHER_SERVER_PREFERENCEuOP_SINGLE_DH_USEuOP_NO_COMPRESSIONu ImportErroruOP_SINGLE_ECDH_USEu RAND_statusuRAND_addu RAND_bytesuRAND_pseudo_bytesuRAND_egduSSL_ERROR_ZERO_RETURNuSSL_ERROR_WANT_READuSSL_ERROR_WANT_WRITEuSSL_ERROR_WANT_X509_LOOKUPuSSL_ERROR_SYSCALLu SSL_ERROR_SSLuSSL_ERROR_WANT_CONNECTu SSL_ERROR_EOFuSSL_ERROR_INVALID_ERROR_CODEuHAS_SNIuHAS_ECDHuHAS_NPNuPROTOCOL_SSLv3uPROTOCOL_SSLv23uPROTOCOL_TLSv1u PROTOCOL_TLSu_OPENSSL_API_VERSIONugetattruglobalsu_PROTOCOL_NAMESuPROTOCOL_SSLv2u_SSLv2_IF_EXISTSuNoneusocketu getnameinfou _getnameinfouerroru socket_erroruAF_INETu SOCK_STREAMucreate_connectionu SOL_SOCKETuSO_TYPEubase64u tracebackuerrnouHAS_TLS_UNIQUEuCHANNEL_BINDING_TYPESu_DEFAULT_CIPHERSu ValueErroruCertificateErroru_dnsname_matchumatch_hostnameu SSLContextu SSLSocketuFalseuTrueu wrap_socketucert_time_to_secondsu PEM_HEADERu PEM_FOOTERuDER_cert_to_PEM_certuPEM_cert_to_DER_certuget_server_certificateuget_protocol_name(((u(/opt/alt/python33/lib64/python3.3/ssl.pyu7s†   ..  " @ "     "     1 )%ÿg