gc@s ddlZddlZddlZddlZddlZddlZddlmZmZddlm Z yddl Z Wne k rdZ nXdddddgZ d jjZeZZxmd d d gfd ddgffD]G\ZZx8eD]0ZydeefdUWqe k r0qXqWqWe dk oTeeefkZyddlmZWn5e k reedeZeddZnXddlmZmZdefdYZdefdYZddZ da!dZ"dZ#dS(iN(tResolutionErrortExtractionError(turllib2tVerifyingHTTPSHandlertfind_ca_bundlet is_availablet cert_pathst opener_fors /etc/pki/tls/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt /usr/share/ssl/certs/ca-bundle.crt /usr/local/share/certs/ca-root.crt /etc/ssl/cert.pem /System/Library/OpenSSL/certs/cert.pem t HTTPSHandlerRsurllib.requesttHTTPSConnectionthttplibs http.clientsfrom %s import %s(tcreate_connectiont_GLOBAL_DEFAULT_TIMEOUTc Cs|\}}d}xtj||dtjD]}|\}}} } } d} y\tj||| } |tk r| j|n|r| j|n| j| | SWq.tk rt }| dk r| j qq.Xq.W|rn tddS(sConnect to *address* and return the socket object. Convenience function. Connect to *address* (a 2-tuple ``(host, port)``) and return the socket object. Passing the optional *timeout* parameter will set the timeout on the socket instance before attempting to connect. If no *timeout* is supplied, the global default timeout setting returned by :func:`getdefaulttimeout` is used. If *source_address* is set it must be a tuple of (host, port) for the socket to bind as a source address before making the connection. An host of '' or port 0 tells the OS to use the default. is!getaddrinfo returns an empty listN( tNonetsockett getaddrinfot SOCK_STREAMR t settimeouttbindtconnectterrortTruetclose( taddressttimeouttsource_addressthosttportterrtrestaftsocktypetprotot canonnametsatsock((s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyR 0s( "    (tCertificateErrortmatch_hostnamecBs eZdZdZdZRS(s=Simple verifying handler: no auth, subclasses, timeouts, etc.cCs||_tj|dS(N(t ca_bundleRt__init__(tselfR&((s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyR'qs csjfd|S(Ncst|j|S(N(tVerifyingHTTPSConnR&(Rtkw(R((s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pytws(tdo_open(R(treq((R(s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyt https_openus(t__name__t __module__t__doc__R'R.(((s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyRns R)cBs eZdZdZdZRS(s@Simple verifying connection: no auth, subclasses, timeouts, etc.cKs tj|||||_dS(N(R R'R&(R(RR&R*((s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyR'}scCst|j|jft|dd}t|drgt|ddrg||_|j|j}n |j}t j |dt j d|j |_yt |jj|Wn4tk r|jjtj|jjnXdS(NRt_tunnelt _tunnel_hostt cert_reqstca_certs(R RRtgetattrR thasattrR#R2R3tsslt wrap_sockett CERT_REQUIREDR&R%t getpeercertR$tshutdownRt SHUT_RDWRR(R(R#t actual_host((s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyRs$!      (R/R0R1R'R(((s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyR){s cCstjt|ptjS(s@Get a urlopen() replacement that uses ca_bundle for verification(Rt build_openerRRtopen(R&((s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyRscsttdk rtjSyddlmWntk r;dSXdffdY}|dddgatjS(Ni(tCertFilet MyCertFilecseZddfdZRS(csLj|x|D]}|j|qW|j|tj|jdS(N(R'taddstoretaddcertstatexittregisterR(R(tstorestcertststore(RA(s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyR's    (((R/R0R'((RA(s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyRBsRGtCAtROOT(t _wincertsR tnamet wincertstoreRAt ImportError(RB((RAs:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pytget_win_certfiles  cCsstjdkrtSx$tD]}tjj|r|SqWytjddSWntt t fk rndSXdS(s*Return an existing CA bundle path, or Nonetnttcertifis cacert.pemN( tosRMRPRtpathtisfilet pkg_resourcestresource_filenameRORRR (t cert_path((s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pyRs ($tsysRSRREtreRVRRtsetuptools.compatRR8ROR t__all__tstriptsplitRtobjectRR twhattwheretmoduleRR R6R tbackports.ssl_match_hostnameR$R%RR)RRLRPR(((s:/usr/lib/python2.7/site-packages/setuptools/ssl_support.pytsB<          $ !