B ��Y�@sBdZddlmZddlZdZGdd�de�Zddd �Zd d�ZdS) zHThe match_hostname() function from Python 3.2, essential when using SSL.�)�absolute_importNz3.2.2c@seZdZdS)�CertificateErrorN)�__name__� __module__�__qualname__�rr�O/opt/alt/python37/lib/python3.7/site-packages/raven/utils/ssl_match_hostname.pyr sr�c Cs�g}|sdS|�d�}|d}|�d�}||kr@tdt|��|sT|��|��kS|dkrh|�d�n>|�d�s||�d�r�|�t�|��n|�t�|�� dd ��x$|d d�D]}|�t�|��q�Wt� dd �|�dtj�}|� |�S)zhMatching according to RFC 6125, section 6.4.3 http://tools.ietf.org/html/rfc6125#section-6.4.3 F�.r�*z,too many wildcards in certificate DNS name: z[^.]+zxn--z\*z[^.]*r Nz\Az\.z\Z)�split�countr�repr�lower�append� startswith�re�escape�replace�compile�join� IGNORECASE�match) Zdn�hostnameZ max_wildcardsZpats�partsZleftmostZ wildcards�frag�patrrr�_dnsname_matchs( rcCs�|std��g}|�dd�}x0|D](\}}|dkr"t||�r@dS|�|�q"W|s�xF|�dd�D]6}x0|D](\}}|dkrjt||�r�dS|�|�qjWq`Wt|�dkr�td |d �tt|��f��n*t|�dkr�td||df��ntd ��dS)a)Verify that *cert* (in decoded format as returned by SSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125 rules are followed, but IP addresses are not accepted for *hostname*. CertificateError is raised on failure. On success, the function returns nothing. zempty or no certificateZsubjectAltNamerZDNSNZsubjectZ commonNamer z&hostname %r doesn't match either of %sz, zhostname %r doesn't match %rrz=no appropriate commonName or subjectAltName fields were found) � ValueError�getrr�lenrr�mapr)ZcertrZdnsnamesZsan�key�value�subrrr�match_hostname@s2 r%)r ) �__doc__� __future__rr�__version__rrrr%rrrr�s 2