3 O6bB @sddlZddlZyddlmZWnek r<ddZYnXejddkrReZnddZddlm Z dd d Z d d Z d dZ dS)N) ip_addresscCsdS)N)addressrrY/var/www/html/sandeepIITI/myenv/lib/python3.6/site-packages/pymongo/ssl_match_hostname.py srcCs|S)Nr)valuerrrrs)CertificateErrorc Csg}|s dS|jd}|d}|dd}|jd}||krLtdt||s`|j|jkS|dkrt|jdn>|jd s|jd r|jtj|n|jtj|j d d x|D]}|jtj|qWtj d d j |dtj } | j |S)zhMatching according to RFC 6125, section 6.4.3 http://tools.ietf.org/html/rfc6125#section-6.4.3 F.rr N*z,too many wildcards in certificate DNS name: z[^.]+zxn--z\*z[^.]*z\Az\.z\Z)splitcountr reprlowerappend startswithreescapereplacecompilejoin IGNORECASEmatch) dnhostname max_wildcardspatspartsleftmost remainder wildcardsfragpatrrr_dnsname_matchs*     r$cCstt|j}||kS)zExact matching of IP addresses. RFC 6125 explicitly doesn't define an algorithm for this (section 1.7.2 - "Out of Scope"). )r_unicoderstrip)ipnamehost_ipiprrr_ipaddress_matchHsr*cCsV|s tdytt|}Wnttfk r8d}YnXg}|jdf}xb|D]Z\}}|dkr|dkrvt||rvdS|j|qP|dkrP|dk rt||rdS|j|qPW|sxF|jdfD]6}x0|D](\}}|dkrt||rdS|j|qWqWt|dkr&t d |d j t t |fn,t|dkrJt d ||d fnt d dS)zVerify that *cert* (in decoded format as returned by SSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125 rules are followed. CertificateError is raised on failure. On success, the function returns nothing. ztempty or no certificate, match_hostname needs a SSL socket or SSL context with either CERT_OPTIONAL or CERT_REQUIREDNsubjectAltNameDNSz IP Addresssubject commonNamer z&hostname %r doesn't match either of %sz, zhostname %r doesn't match %rrz=no appropriate commonName or subjectAltName fields were found) ValueErrorrr% UnicodeErrorgetr$rr*lenr rmapr)certrr(dnsnamessankeyrsubrrrmatch_hostnameSs>    r9)r ) rsys ipaddressr ImportError version_infounicoder%Zpymongo.errorsr r$r*r9rrrrs  3