h;5 ddlZddlZddlZddlmZmZmZmZddlm Z ddl m Z m Z ddl mZmZddlmZ ddlmZ ddl mZd Z dd l mZdd lmZdd lmZd ZdZddZdeeefde fdZ!esdde"de#dee dee$fdZ%ndde"de#dee dee$fdZ%esde"deee effdZ&ndedeee effdZ&deeefde#defdZ'y#e$r edZYwxYw#e$r d ZedZYwxYw#e$rd ZYwxYw)N)OptionalUnionDictAny)Deferred) IPv4Address UNIXAddress) ITransportIProcessTransport)TransportDetails) PipeAddress) IPv6AddressTF) ISSLTransport)TLSMemoryBIOProtocol) Connection)sleeppeer2strtransport_channel_idextract_peer_certificatecreate_transport_detailscd|sddlm}t}|j||jd|S)aD Inline sleep for use in co-routines (Twisted ``inlineCallback`` decorated functions). .. seealso:: * `twisted.internet.defer.inlineCallbacks `__ * `twisted.internet.interfaces.IReactorTime `__ :param delay: Time to sleep in seconds. :type delay: float :param reactor: The Twisted reactor to use. :type reactor: None or provider of ``IReactorTime``. r)reactorN)twisted.internetrr callLatercallback)delayrds Q/var/www/Befach/backend/env/lib/python3.12/site-packages/autobahn/twisted/util.pyrrDs, , A eQZZ. H transportreturnctj|rdj|j}|St j|r|j }t |tr(dj|j|j}|Str8t |tr(dj|j|j}|St |tr-|jrdj|j}|Sd}|St |tr%djtj }|Sd}|Sd}|S)a Return a *peer descriptor* given a Twisted transport, for example: * ``tcp4:127.0.0.1:52914``: a TCPv4 socket * ``unix:/tmp/server.sock``: a Unix domain socket * ``process:142092``: a Pipe originating from a spawning (parent) process * ``pipe``: a Pipe terminating in a spawned (child) process :returns: Returns a string representation of the peer of the Twisted transport. z process:{}z tcp4:{0}:{1}z tcp6:{0}:{1}zunix:{0}unixz process:{0}unknown)r providedByformatpidr getPeer isinstancerhostport _HAS_IPV6rr namer osgetppid)r resaddrs rrrXs&##I.!!)--0, J+   y )JSJ[J[J] dK ( '' 499=C$ J#:dK8 '' 499=C Jk *yy '' 2 J Jk * &&rzz|4C J C J Jr is_serverchannel_id_typec<|ytdj|)N zUcannot determine TLS channel ID of type "{}" when TLS is not available on this system) RuntimeErrorr&)r r2r3s rrrs0  "v}}N OP Prc|y|dvrtdj|t|ts$tdj|t ||j }|rt|t sJd}|dk(r^||k7r|j}n|j}|ytj}|j||jStdj|)a( Return TLS channel ID of WAMP transport of the given TLS channel ID type. Application-layer user authentication protocols are vulnerable to generic credential forwarding attacks, where an authentication credential sent by a client C to a server M may then be used by M to impersonate C at another server S. To prevent such credential forwarding attacks, modern authentication protocols rely on channel bindings. For example, WAMP-cryptosign can use the tls-unique channel identifier provided by the TLS layer to strongly bind authentication credentials to the underlying channel, so that a credential received on one TLS channel cannot be forwarded on another. :param transport: The Twisted TLS transport to extract the TLS channel ID from. If the transport isn't TLS based, and non-empty ``channel_id_type`` is requested, ``None`` will be returned. If the transport is indeed TLS based, an empty ``channel_id_type`` of ``None`` is requested, 32 NUL bytes will be returned. :param is_server: Flag indicating that the transport is a server transport. :param channel_id_type: TLS channel ID type, if set currently only ``"tls-unique"`` is supported. :returns: The TLS channel ID (32 bytes). r5) tls-uniquez*invalid TLS channel ID type "{}" requestedz[cannot determine TLS channel ID of type "{}" when TLS is not available on this transport {}Tr8z7should not arrive here (unhandled channel_id_type "{}"))r6r&r)rtype getHandlerget_peer_finished get_finishedhashlibsha256updatedigestNotImplementedError)r r2r3 connectionis_not_resumedtls_finished_msgms rrrs&  " . 0KRRSbcd d)%9:mtt#T)_67 7 "+!4!4!6 jZ@@@ l *N*$.#?#?#A $.#:#:#< ' $NN$)*xxz!%&_&f&fgv&wx xrcy)z~ Dummy when no TLS is available. :param transport: Ignored. :return: Always return ``None``. N)r s rrrsrc (tj|r t|dsy|j}|r]d}dj ||j dj dj ||j dj dj ||j dj t|j||jt|j||jt|j||j||jgd }t!|j#D]v}|j%|}dj ||j'dj |||j)d k7d }|d j+|xd |j-fd |j/ffD]f\}}i||<|j1D]I\} } || } || } dj | ||dj | j3<Kh|Sy)a Extract TLS x509 client certificate information from a Twisted stream transport, and return a dict with x509 TLS client certificate information (if the client provided a TLS client certificate). :param transport: The secure transport from which to extract the peer certificate (if present). :returns: If the peer provided a certificate, the parsed certificate information set. getPeerCertificateNcHt|tr|jdS|S)Nutf8)r)bytesdecode)_values r maybe_bytesz-extract_peer_certificate..maybe_bytess fe,!==00!Mrz{}md5sha1r>) rPrQr>expiredhashserialsignature_algorithmversion not_before not_after extensionsr)r-valuecriticalrYsubjectissuer)rr%hasattrrIr&r@upperbool has_expiredsubject_name_hashintget_serial_numberget_signature_algorithm get_version get_notBefore get_notAfterrangeget_extension_count get_extensionget_short_name get_criticalappend get_subject get_issuerget_componentslower) r certrOresultiextext_infoentityr-keyrZs rrrs=((3 K_8`++-  "{{;t{{5/A#BCIIK K F0C$DEKKM++k$++h2G&HIOOQ 0 0 23#D$:$:$<=d4467'243O3O3Q'Rt//12)$*<*<*>?():):)<=  F43356((+ KK C4F4F4H(IJ![[S)9: # 0 0 2a 7 |$++H57#,T-=-=-?!@8T__M^B_ ` !#v"&"5"5"7JC%c*C'.E?C{{5?QF6N4;;s#3#9#9#;<#8!aMM rc t|}tj}ttdrt j }nt j }d}trBtj|r-dt||di}tj}t|}d} ni}tj}d}d} tj} t|| |||||| || } | S)aB Create transport details from Twisted transport. :param transport: The Twisted transport to extract information from. :param is_server: Flag indicating whether this transport side is a "server" (as in TCP server). :return: Transport details object filled with information from the Twisted transport. get_native_idr8TNF) channel_typechannel_framingpeerr2own_pidown_tidown_fd is_secure channel_id peer_cert)rr.getpidr^ threadingr{ get_ident_HAS_TLSrr%rr CHANNEL_TYPE_TLSrCHANNEL_TYPE_TCPCHANNEL_FRAMING_WEBSOCKET) r r2rrrrrr}rrr~tds rrrs I DiikGy/*))+%%' FM,,Y7 .y)\R (88 ,Y7   '88   '@@O |_[_$-wX^$-*PY [B Ir)N)(r.r=rtypingrrrrtwisted.internet.deferrtwisted.internet.addressrr twisted.internet.interfacesr r autobahn.wamp.typesr twisted.internet.stdior ImportErrorr9rr,rtwisted.protocols.tlsr OpenSSL.SSLrr__allrstrrobjectr`rLrrrrGrrrs6 --+=E02 4I 9:&H  ($j*;;<$$NPP4PRZ[^R_PkstykzP >y>y4>yRZ[^R_>ykstykz>yBFxS#X7O4,@4XdSVX[S[nE]4n(j:K.K(L(Y](br(At*KIt*KHs4C CC1 CCC.-C.1C;:C;