o >h;5 @sddlZddlZddlZddlmZmZmZmZddlm Z ddl m Z m Z ddl mZmZddlmZzddlmZWn eyIedZYnwz ddl mZd ZWneycd ZedZYnwzdd l mZdd lmZdd lmZd ZWn eyd ZYnwdZdddZdeeefde fddZ!esdde"de#dee dee$fddZ%ndde"de#dee dee$fddZ%esde"deee effddZ&ndedeee effddZ&deeefde#defddZ'dS) N)OptionalUnionDictAny)Deferred) IPv4Address UNIXAddress) ITransportIProcessTransport)TransportDetails) PipeAddress) IPv6AddressTF) ISSLTransport)TLSMemoryBIOProtocol) Connection)sleeppeer2strtransport_channel_idextract_peer_certificatecreate_transport_detailscCs*|sddlm}t}|||jd|S)aD Inline sleep for use in co-routines (Twisted ``inlineCallback`` decorated functions). .. seealso:: * `twisted.internet.defer.inlineCallbacks `__ * `twisted.internet.interfaces.IReactorTime `__ :param delay: Time to sleep in seconds. :type delay: float :param reactor: The Twisted reactor to use. :type reactor: None or provider of ``IReactorTime``. r)reactorN)twisted.internetrr callLatercallback)delayrdru/var/www/vedio/testing/chatpythonscript.ninositsolution.com/env/lib/python3.10/site-packages/autobahn/twisted/util.pyrDs  r transportreturncCst|r d|j}|St|r\|}t|tr%d|j|j }|St r6t|t r6d|j|j }|St|t rJ|j rFd|j }|Sd}|St|trXdt}|Sd}|Sd}|S)a Return a *peer descriptor* given a Twisted transport, for example: * ``tcp4:127.0.0.1:52914``: a TCPv4 socket * ``unix:/tmp/server.sock``: a Unix domain socket * ``process:142092``: a Pipe originating from a spawning (parent) process * ``pipe``: a Pipe terminating in a spawned (child) process :returns: Returns a string representation of the peer of the Twisted transport. z process:{}z tcp4:{0}:{1}z tcp6:{0}:{1}zunix:{0}unixz process:{0}unknown)r providedByformatpidr getPeer isinstancerhostport _HAS_IPV6r rnamer osgetppid)rresaddrrrrrXs0       r is_serverchannel_id_typecCs|durdStd|)N zUcannot determine TLS channel ID of type "{}" when TLS is not available on this system) RuntimeErrorr#)rr/r0rrrrsrcCs|durdS|dvrtd|t|ts td|t||}|r+t|ts-Jd}|dkrS||kr<|}n|}|durFdSt }| || St d|) a( Return TLS channel ID of WAMP transport of the given TLS channel ID type. Application-layer user authentication protocols are vulnerable to generic credential forwarding attacks, where an authentication credential sent by a client C to a server M may then be used by M to impersonate C at another server S. To prevent such credential forwarding attacks, modern authentication protocols rely on channel bindings. For example, WAMP-cryptosign can use the tls-unique channel identifier provided by the TLS layer to strongly bind authentication credentials to the underlying channel, so that a credential received on one TLS channel cannot be forwarded on another. :param transport: The Twisted TLS transport to extract the TLS channel ID from. If the transport isn't TLS based, and non-empty ``channel_id_type`` is requested, ``None`` will be returned. If the transport is indeed TLS based, an empty ``channel_id_type`` of ``None`` is requested, 32 NUL bytes will be returned. :param is_server: Flag indicating that the transport is a server transport. :param channel_id_type: TLS channel ID type, if set currently only ``"tls-unique"`` is supported. :returns: The TLS channel ID (32 bytes). Nr1) tls-uniquez*invalid TLS channel ID type "{}" requestedz[cannot determine TLS channel ID of type "{}" when TLS is not available on this transport {}Tr3z7should not arrive here (unhandled channel_id_type "{}"))r2r#r&rtype getHandlerget_peer_finished get_finishedhashlibsha256updatedigestNotImplementedError)rr/r0 connectionis_not_resumedtls_finished_msgmrrrrs.   cCsdS)z~ Dummy when no TLS is available. :param transport: Ignored. :return: Always return ``None``. Nr)rrrrrsrc Cst|r t|ds dS|}|rdd}d||dd||dd||dt||| t | || t | ||||gd }t|D]$}||}d||d|||d kd }|d |qdd |fd|ffD]'\}}i||<|D]\} } || } || } d| ||d| <qq|SdS)a Extract TLS x509 client certificate information from a Twisted stream transport, and return a dict with x509 TLS client certificate information (if the client provided a TLS client certificate). :param transport: The secure transport from which to extract the peer certificate (if present). :returns: If the peer provided a certificate, the parsed certificate information set. getPeerCertificateNcSst|tr |dS|S)Nutf8)r&bytesdecode)_valuerrr maybe_bytess  z-extract_peer_certificate..maybe_bytesz{}md5sha1r9) rGrHr9expiredhashserialsignature_algorithmversion not_before not_after extensionsr)r*valuecriticalrPsubjectissuer)rr"hasattrrAr#r;upperbool has_expiredsubject_name_hashintget_serial_numberget_signature_algorithm get_version get_notBefore get_notAfterrangeget_extension_count get_extensionget_short_name get_criticalappend get_subject get_issuerget_componentslower) rcertrFresultiextext_infoentityr*keyrQrrrrsB            c Cst|}t}ttdrt}nt}d}tr1t |r1dt ||di}t j }t |}d} n i}t j}d}d} t j} t || |||||| ||d } | S)aB Create transport details from Twisted transport. :param transport: The Twisted transport to extract information from. :param is_server: Flag indicating whether this transport side is a "server" (as in TCP server). :return: Transport details object filled with information from the Twisted transport. get_native_idr3TNF) channel_typechannel_framingpeerr/own_pidown_tidown_fd is_secure channel_id peer_cert)rr+getpidrU threadingrq get_ident_HAS_TLSrr"rr CHANNEL_TYPE_TLSrCHANNEL_TYPE_TCPCHANNEL_FRAMING_WEBSOCKET) rr/rurvrwrxrzrsr{ryrttdrrrrs,   r)N)(r+r8r}typingrrrrtwisted.internet.deferrtwisted.internet.addressrrtwisted.internet.interfacesr r autobahn.wamp.typesr twisted.internet.stdior ImportErrorr4r r)rtwisted.protocols.tlsr OpenSSL.SSLrr__allrstrrobjectrWrCrrrrrrrsL            '&$A  "7