3

Z'ícfNã@sddlmZddlZddlZddlZddlZddlZddlZddlmZ	ddlm
Zddlm
Z
ddlmZddlmZdd	lmZyddlZejZWn,eefk
rÂdZGd
d„deƒZYnXyeZWn$ek
rðGdd
„d
eƒZYnXyeZWn&ek
r Gdd„deƒZYnXddlmZddl m!Z!ddl"m#Z#m$Z$m%Z%m&Z&ddl'm(Z(m)Z)m*Z*ddl+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1ddl2m3Z3m4Z4ej5e6ƒZ7dddœZ8ej9dddƒZ:ej;dƒZ<Gdd„dee=ƒZGdd„deƒZ>dd „Z?d!d"„Z@Gd#d$„d$e=ƒZAeseAZ>e>ZBdS)%é)Úabsolute_importN)Úerror)Útimeouté)Úsix)ÚHTTPConnection)Ú
HTTPException)Úcreate_proxy_ssl_contextc@seZdZdS)ÚBaseSSLErrorN)Ú__name__Ú
__module__Ú__qualname__©rrú5/tmp/pip-build-gk9425m9/urllib3/urllib3/connection.pyr
sr
c@seZdZdS)ÚConnectionErrorN)rrr
rrrrr!src@seZdZdS)ÚBrokenPipeErrorN)rrr
rrrrr*sr)ÚHTTPHeaderDict)Ú__version__)ÚConnectTimeoutErrorÚNewConnectionErrorÚSubjectAltNameWarningÚSystemTimeWarning)ÚSKIP_HEADERÚSKIPPABLE_HEADERSÚ
connection)Úassert_fingerprintÚcreate_urllib3_contextÚis_ipaddressÚresolve_cert_reqsÚresolve_ssl_versionÚssl_wrap_socket)ÚCertificateErrorÚmatch_hostnameéPi»)ÚhttpÚhttpsiæz[^-!#$%&'*+.^_`|~0-9a-zA-Z]csžeZdZdZedZejejdfgZ	dZ
dZdd„Ze
dd	„ƒZejd
d	„ƒZdd„Zd
d„Zdd„Zdd„Zdd„Zdd„Zd‡fdd„	Zddd„Z‡ZS)ra5
    Based on :class:`http.client.HTTPConnection` but provides an extra constructor
    backwards-compatibility layer between older and newer Pythons.

    Additional keyword parameters are used to configure attributes of the connection.
    Accepted parameters include:

    - ``strict``: See the documentation on :class:`urllib3.connectionpool.HTTPConnectionPool`
    - ``source_address``: Set the source address for the current connection.
    - ``socket_options``: Set specific options on the underlying socket. If not specified, then
      defaults are loaded from ``HTTPConnection.default_socket_options`` which includes disabling
      Nagle's algorithm (sets TCP_NODELAY to 1) unless the connection is behind a proxy.

      For example, if you wish to enable TCP Keep Alive in addition to the defaults,
      you might pass:

      .. code-block:: python

         HTTPConnection.default_socket_options + [
             (socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1),
         ]

      Or you may want to disable the defaults by passing an empty list (e.g., ``[]``).
    r$rFNcOs`tjs|jddƒ|jdƒ|_|jd|jƒ|_|jddƒ|_|jddƒ|_t	j
|f|ž|ŽdS)NÚstrictÚsource_addressÚsocket_optionsÚproxyÚproxy_config)rÚPY2ÚpopÚgetr'Údefault_socket_optionsr(r)r*Ú_HTTPConnectionÚ__init__)ÚselfÚargsÚkwrrrr0sszHTTPConnection.__init__cCs|jjdƒS)aŸ
        Getter method to remove any trailing dots that indicate the hostname is an FQDN.

        In general, SSL certificates don't include the trailing dot indicating a
        fully-qualified domain name, and thus, they don't validate properly when
        checked against a domain name that includes the dot. In addition, some
        servers may not expect to receive the trailing dot when provided.

        However, the hostname with trailing dot is critical to DNS resolution; doing a
        lookup with the trailing dot will properly only resolve the appropriate FQDN,
        whereas a lookup without a trailing dot will search the system's search domain
        list. Thus, it's important to keep the original host around for use only in
        those cases where it's appropriate (i.e., when doing DNS lookup to establish the
        actual TCP connection across which we're going to send HTTP requests).
        Ú.)Ú	_dns_hostÚrstrip)r1rrrÚhost„szHTTPConnection.hostcCs
||_dS)z×
        Setter for the `host` property.

        We assume that only urllib3 uses the _dns_host attribute; httplib itself
        only uses `host`, and it seems reasonable that other libraries follow suit.
        N)r5)r1Úvaluerrrr7—scCs i}|jr|j|d<|jr$|j|d<ytj|j|jf|jf|Ž}WnXtk
rlt|d|j	|jfƒ‚Yn0t
k
rš}zt|d|ƒ‚WYdd}~XnX|S)zoEstablish a socket connection and set nodelay settings on it.

        :return: New socket connection.
        r'r(z0Connection to %s timed out. (connect timeout=%s)z(Failed to establish a new connection: %sN)r'r(rÚcreate_connectionr5ÚportrÚ
SocketTimeoutrr7ÚSocketErrorr)r1Úextra_kwÚconnÚerrrÚ	_new_conn¡s"

zHTTPConnection._new_conncCst|ddƒS)NÚ_tunnel_host)Úgetattr)r1rrrÚ_is_using_tunnelÀszHTTPConnection._is_using_tunnelcCs ||_|jƒr|jƒd|_dS)Nr)ÚsockrCÚ_tunnelÚ	auto_open)r1r>rrrÚ
_prepare_connÄszHTTPConnection._prepare_conncCs|jƒ}|j|ƒdS)N)r@rG)r1r>rrrÚconnectÌszHTTPConnection.connectcOs8tj|ƒ}|r"td||jƒfƒ‚tj|||f|ž|ŽS)ú zAMethod cannot contain non-token characters %r (found at least %r))Ú_CONTAINS_CONTROL_CHAR_REÚsearchÚ
ValueErrorÚgroupr/Ú
putrequest)r1ÚmethodÚurlr2ÚkwargsÚmatchrrrrNÐs
zHTTPConnection.putrequestcGs\tdd„|Dƒƒs&tj||f|žŽn2tj|jƒƒtkrXtddjt	t
jttƒƒƒfƒ‚dS)rIcss |]}t|tƒo|tkVqdS)N)Ú
isinstanceÚstrr)Ú.0Úvrrrú	<genexpr>ßsz+HTTPConnection.putheader.<locals>.<genexpr>z+urllib3.util.SKIP_HEADER only supports '%s'z', 'N)
Úanyr/Ú	putheaderrÚ
ensure_strÚlowerrrLÚjoinÚmaprTÚtitleÚsorted)r1ÚheaderÚvaluesrrrrYÝszHTTPConnection.putheadercsN|dkri}n|jƒ}ddd„|Dƒkr2tƒ|d<tt|ƒj||||ddS)Nz
user-agentcss|]}tj|jƒƒVqdS)N)rrZr[)rUÚkrrrrWísz)HTTPConnection.request.<locals>.<genexpr>z
User-Agent)ÚbodyÚheaders)ÚcopyÚ_get_default_user_agentÚsuperrÚrequest)r1rOrPrcrd)Ú	__class__rrrhçs
zHTTPConnection.requestcCs.|pi}tdd„|Dƒƒ}d|k}d|k}|j||||dd|krR|jdtƒƒx |jƒD]\}}	|j||	ƒq\Wd|krˆ|jd	d
ƒ|jƒ|dk	r tjtf}
t	||
ƒr¶|f}xh|D]`}|sÆq¼t	|tƒsÚ|j
dƒ}tt|ƒƒd
d…}t
|j
ƒƒ}
|
d7}
|
|7}
|
d7}
|j|
ƒq¼W|jdƒdS)zƒ
        Alternative to the common request method, which sends the
        body with chunked encoding and not as one block
        cSsg|]}tj|jƒƒ‘qSr)rrZr[)rUrbrrrú
<listcomp>÷sz2HTTPConnection.request_chunked.<locals>.<listcomp>zaccept-encodingr7)Úskip_accept_encodingÚ	skip_hostz
user-agentz
User-Agentztransfer-encodingzTransfer-EncodingÚchunkedNÚutf8és
s0

)ÚsetrNrYrfÚitemsÚ
endheadersrÚstring_typesÚbytesrSÚencodeÚhexÚlenÚ	bytearrayÚsend)r1rOrPrcrdZheader_keysrkrlr`r8Ústringish_typesÚchunkÚlen_strZto_sendrrrÚrequest_chunkedñs:




zHTTPConnection.request_chunked)NN)NN)rrr
Ú__doc__Úport_by_schemeÚdefault_portÚsocketÚIPPROTO_TCPÚTCP_NODELAYr.Úis_verifiedÚproxy_is_verifiedr0Úpropertyr7Úsetterr@rCrGrHrNrYrhr}Ú
__classcell__rr)rirrLs 



rc	@sjeZdZdZedZdZdZdZdZ	dZ
dZdZddddde
jddfdd„Zd
dd„Zd	d
„Zdd„ZdS)ÚHTTPSConnectionz•
    Many of the parameters to this constructor are passed to the underlying SSL
    socket by means of :py:func:`urllib3.util.ssl_wrap_socket`.
    r%NFc
KsDtj|||f||dœ|
—Ž||_||_||_||_|	|_d|_dS)N)r&rr%)rr0Úkey_fileÚ	cert_fileÚkey_passwordÚssl_contextÚserver_hostnameÚ	_protocol)r1r7r:rŠr‹rŒr&rrrŽr3rrrr0)szHTTPSConnection.__init__c

Csv|dkr$|jdk	r|jj}ntdƒ}||_||_||_||_||_||_|oVt	j
j|ƒ|_|oht	j
j|ƒ|_
|	|_dS)zX
        This method should only be called once, before the connection is used.
        N)rÚverify_moderrŠr‹Ú	cert_reqsrŒÚassert_hostnamerÚosÚpathÚ
expanduserÚca_certsÚca_cert_dirÚca_cert_data)
r1rŠr‹r‘rŒr–r’rr—r˜rrrÚset_certCs

zHTTPSConnection.set_certc	Cs|jƒ|_}|j}d}|jƒrP|jr<|j||ƒ|_}d}|jƒd|_|j}|}|j	dk	rd|j	}t
jjƒt
k}|rˆtjdjt
ƒtƒd}|jdkr´d}tt|jƒt|jƒd|_|j}t|jƒ|_|jrô|jrô|jrô|rôt|dƒrô|jƒt||j|j |j!|j|j|j|||d
|_|rj|jdkrjt|jdƒrj|jj"ƒdkrjtjd|j|jj"ƒft#ƒ|j$rŠt$|jj%dd|j$ƒnf|jt&j'krðt(|d
dƒrð|j)dk	rð|jj%ƒ}|j*dfƒsÞtjdj|ƒt+ƒt,||j)pì|ƒ|jt&j-kp|j$dk	|_.dS)NFTrzWSystem time is way off (before {0}). This will probably lead to SSL verification errors)Ússl_versionr‘Úload_default_certs)
rDÚkeyfileÚcertfilerŒr–r—r˜rŽrÚ
tls_in_tlsÚversionÚTLSv1úTLSv1.1z±Negotiating TLSv1/TLSv1.1 by default is deprecated and will be disabled in urllib3 v2.0.0. Connecting to '%s' with '%s' can be enabled by explicitly opting-in with 'ssl_version')Úbinary_formÚcheck_hostnameÚsubjectAltNamezëCertificate for {0} has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/urllib3/urllib3/issues/497 for details.)>r r¡)/r@rDr7rCÚtls_in_tls_requiredÚ_connect_tls_proxyrErFrArŽÚdatetimeÚdateÚtodayÚRECENT_DATEÚwarningsÚwarnÚformatrrrrršrr‘rr–r—r˜Úhasattrr›r rŠr‹rŒrŸÚDeprecationWarningrÚgetpeercertÚsslÚ	CERT_NONErBr’r-rÚ_match_hostnameÚ
CERT_REQUIREDr„)	r1r>ÚhostnameržrŽÚis_time_offZdefault_ssl_contextÚcontextÚcertrrrrHds†




zHTTPSConnection.connectcCs®|j}|j}|rt|||dSt|j|j|j|j|jƒ}t||j|j|j||d}|j	t
jkrœt|ddƒrœ|j
ƒ}|jdfƒs’tjdj|ƒtƒt||ƒ|j	t
jk|_|S)zY
        Establish a TLS connection to the proxy using the provided SSL context.
        )rDrŽr)rDr–r—r˜rŽrr£Fr¤zëCertificate for {0} has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/urllib3/urllib3/issues/497 for details.))r*rr r	ršr‘r–r—r˜rr±r²rBr°r-r«r¬r­rr³r´r…)r1rµr>r*rrr¸rrrr¦Ús>
z"HTTPSConnection._connect_tls_proxy)	NNNNNNNNN)rrr
r~rr€r‘r–r—r˜ršrr¥rÚ_GLOBAL_DEFAULT_TIMEOUTr0r™rHr¦rrrrr‰s8
vr‰cCsb|jdƒ}t|ƒr|}yt||ƒWn8tk
r\}ztjd||ƒ||_‚WYdd}~XnXdS)Nzu[]z@Certificate did not match expected hostname: %s. Certificate: %s)Ústriprr"r!ÚlogÚwarningÚ
_peer_cert)r¸Úasserted_hostnameZstripped_hostnamer?rrrr³s
r³cCsdtS)Nzpython-urllib3/%s)rrrrrrf)srfc@seZdZdZdS)ÚDummyConnectionz-Used to detect a failed ConnectionCls import.N)rrr
r~rrrrr¿-sr¿)CÚ
__future__rr§Úloggingr“Úrerr«rr<rr;ÚpackagesrZpackages.six.moves.http_clientrr/rZ
util.proxyr	r±ÚSSLErrorr
ÚImportErrorÚAttributeErrorÚ
BaseExceptionrÚ	NameErrorÚ	ExceptionrÚ_collectionsrÚ_versionrÚ
exceptionsrrrrÚutilrrrZ	util.ssl_rrrrrr Zutil.ssl_match_hostnamer!r"Ú	getLoggerrr»rr¨rªÚcompilerJÚobjectr‰r³rfr¿ÚVerifiedHTTPSConnectionrrrrÚ<module>s\
 


N{