hP \ ddlZddlZddlZddlZddlZddlmZmZmZmZm Z m Z m Z m Z m Z ddlmZddlmZejdZeeeedZedkrededdeded kZd ed ed efd ZeddZeddZeZe Z e Z!e Z"e Z#e Z$e Z%e Z&e Z'e Z(ee'Z)e Z*e Z+ee&Z,ee"Z-ee#Z.ee$Z/ee%Z0e Z1e Z2ee Z3ee Z4ee Z5e Z6e Z7 e*e-gej8_9e3ej8_:e3gej;_9e-ej;_:e+e gej<_9e.ej<_:e5e/gej=_9e+ej=_:e5egej>_9e+ej>_:e2gej?_9e4ej?_:ee.gej@_9e4ej@_:e)e)ee5gejA_9e+ejA_:e5ee6gejB_9e+ejB_:e5ee6gejC_9e+ejC_:e5e_5e6e_6e+e_+dZDdZEe)gejF_9dejF_:e)gejG_9e(ejG_:e*ee!gejH_9e.ejH_:e.e!gejI_9eejI_:e.ee e!gejJ_9eejJ_:e*ee gejK_9e-ejK_:e-gejL_9e ejL_:e-gejM_9e ejM_:e*ee)e e1gejN_9e/ejN_:e*e e1gejO_9e0ejO_:e0e gejP_9dejP_:e/gejQ_9e ejQ_:e/e gejR_9e ejR_:e,gejS_9e ejS_:e,gejT_9e.ejT_:e*Uede_Ve jUede_We)e_)e/e_/e.e_.e,e_,n#eX$rZYedeYddZY[YwwxYwerA e5ee,gejZ_9eejZ_:n#eX$rZYedeYddZY[YwwxYwde+dej[dej[d ej[fdZ\e\ejA_]e\ej=_]e\ej>_]e\ejB_]e\ejC_]GddZ^de_d e-fdZ`de_d e#fdZad e.d edzfd!Zbd"ece_d e0fd#Zdejed$ejfd ejgdfd%Zh d-d&ejfd'ece_d(edzd dfd)Zid&ejfd*ej[d dfd+Zjd&ejfd*ej[d dfd,ZkdS).N) CDLLPOINTERc_boolc_char_pc_int32c_longc_uint32c_ulongc_void_p) find_library)_set_ssl_context_verify_mode.) z,Only OS X 10.8 and newer are supported, not )rnamemacos10_16_pathreturnc tdkr|}nt|}|stt|dS#t$rt d|ddwxYw)z:Loads a CDLL by name, falling back to known path on 10.16+)rT) use_errnoz The library z failed to loadN)_mac_version_infor OSErrorr ImportError)rrpaths }/builddir/build/BUILD/imunify360-venv-2.5.2/opt/imunify360/venv/lib/python3.11/site-packages/pip/_vendor/truststore/_macos.py _load_cdllrs J  ( ("DD%%D MDD)))) JJJ>>>>??TIJs 69ASecurityz6/System/Library/Frameworks/Security.framework/SecurityCoreFoundationzB/System/Library/Frameworks/CoreFoundation.framework/CoreFoundationrkCFAllocatorDefaultkCFTypeArrayCallBackszError initializing ctypes: result_argsc~t|dkr|Sd} t|d}tj|tjtj}t|tj }|Stj d}t ||dtj }|std|j}|t|n"#|t|wwxYw||dkrd|}t!j|)z< Raises an error if the OSStatus value is non-zero. rN'Error copying C string from CFStringRefz8SecureTransport operation returned a non-zero OSStatus: )intrSecCopyErrorMessageStringctypescastrr r CFStringGetCStringPtrCFConstkCFStringEncodingUTF8create_string_bufferCFStringGetCStringrvalue CFReleasesslSSLError)r$r%r&error_message_cfstringerror_message_cfstring_c_void_pmessagebuffers r_handle_osstatusr<sP 6{{a "!=!)!C!CFD!Q!Q+1+ "FN6?$C$C+ + '!66 +W-J   ?066F#66/- F  IGHHHlG " -  $ $%; < < < " -  $ $%; < < < < . 'R--UVUU ,w  s CC<<Dc8eZdZdZedZdZdZdZdZ dS)r0zCoreFoundation constantsiiiiiN) __name__ __module__ __qualname____doc__CFStringEncodingr1#errSecIncompleteCertRevocationCheckerrSecHostNameMismatcherrSecCertificateExpirederrSecNotTrustedrr0r0s?"",,Z88*0'#%rHr0r4chttj|t|SN)r CFDataCreater"len)r4s r_bytes_to_cf_data_refrM&s*  & &*E3u::  rHctj|}ttj|t j}|S)zi Given a Python binary data, create a CFString. The string must be CFReleased by the caller. )r-rr CFStringCreateWithCStringr"r0r1)r4c_strcf_strs r_bytes_to_cf_stringrR,s> OE " "E  5 5* %F MrH cf_string_refc(t|tj}|St jd}t||dtj}|std|j}|| d}|S)z Creates a Unicode string from a CFString object. Used entirely for error reporting. Yes, it annoys me quite a lot that this function is this complex. Nr(r)zutf-8) r r/r0r1r-r2r3rr4decode)rSstringr;r$s r_cf_string_ref_to_strrW:s 1 1w4F~,T2222 64)F   ECDD D w'' MrHcertscJttjdtjtj}|st d|D]}d}d} t|}t tj|}t |||rt ||rt |#|rt ||rt |wwxYw|S)zBuilds a CFArray of SecCertificateRefs from a list of DER-encoded certificates. Responsibility of the caller to call CoreFoundation.CFRelease on the CFArray. rzUnable to allocate memory!N) r CFArrayCreateMutabler"r-byrefr# MemoryErrorrMrSecCertificateCreateWithDataCFArrayAppendValuer5)rXcf_array cert_datacf_data sec_cert_refs r_der_certs_to_cf_cert_arrayrcQs122*  ^9::H 86777 7 7   7+I66G#@@2GL  - -h E E E 2((111 7((666 2((111 7((6666 7 Os AC%%;D ctxc#K|j}|j}d|_t|tj dV||_t||dS#||_t||wxYw)NF)check_hostname verify_moderr6 CERT_NONE)rdrfrgs r_configure_contextrios|'N/KC cm4447 +$S+66666,$S+6666s AA) ssl_context cert_chainserver_hostnamec"d}d}d} ||jrd} t|d}td|}|rt |n=#|rt |wwxYwtdd}|}|jtj zrt t j dtj t j}t ||t |tt"t$z}t ||t |n#|jtjzrt)dd} t+|}t}t||tj ||rt |n"#|rt |wwxYw|d} | rld} t+| } t|| | rt | n"#| rt | wwxYwt|dt6rt9||nt;|||rt ||rt |dSdS#|rt ||rt |wwxYw)NasciiTrz/VERIFY_CRL_CHECK_LEAF not implemented for macOS) binary_formF)rfrRencoderSecPolicyCreateSSLr r5 verify_flagsr6VERIFY_CRL_CHECK_CHAINrZr"r-r[r#r^SecPolicyCreateRevocation#kSecRevocationUseAnyAvailableMethod%kSecRevocationRequirePositiveResponseVERIFY_CRL_CHECK_LEAFNotImplementedErrorrc SecTrustRefSecTrustCreateWithCertificates get_ca_certsSecTrustSetAnchorCertificates!SecTrustSetAnchorCertificatesOnly _is_macos_version_10_14_or_later"_verify_peercerts_impl_macos_10_14"_verify_peercerts_impl_macos_10_13) rjrkrlrXpoliciestrustcf_str_hostname ssl_policyrevocation_policyctx_ca_certs_der ctx_ca_certss r_verify_peercerts_implr|s EH EN,  &;+E &"O >"5o6L6LW6U6U"V"V%88OO ">",,_===#>",,_====>"44T4@@J  #c&@ @ Y%::2 ^ABBH  - -h C C C  $ $Z 0 0 0 ( B B378!!   - -h8I J J J  $ $%6 7 7 7 7  %(A A Y%&WXX X 0/ ;;E((**E  3 3xe!4!4    0((/// 0((//// 0 0;/G/G0H0 0   ;L ;:;KLL 66ulKKK;",,\::: ;",,\::::; 225%@@@ , C .{E B B B B .{E B B B  /  $ $X . . .  ,  $ $U + + + + + , ,  /  $ $X . . .  ,  $ $U + + + + ,sU M=A.M.B  D-M;AH.M.I  M+*J2M2KAM;N sec_trust_refct}t|tj| t |j}n#ttf$rd}YnwxYw|j tj krJ|dvrHddddddd }| |d |}tj |}||_||_|d Sd S) zVerify using 'SecTrustEvaluate' API for macOS 10.13 and earlier. macOS 10.14 added the 'SecTrustEvaluateWithError' API. )r zInvalid trust result typezUser confirmation requiredz.User specified that certificate is not trustedz"Recoverable trust failure occurredzFatal trust failure occurredz0Other error occurred, certificate may be revoked)rr!zUnknown trust result: N)rSecTrustResultTypeSecTrustEvaluater-r[r+r4 ValueError TypeErrorrgr6 CERT_REQUIREDgetSSLCertVerificationErrorverify_message verify_code)rjrsec_trust_result_typesec_trust_result_type_as_int sec_trust_result_type_to_message error_messageerrs rrrs %7799 mV\:O-P-PQQQ*'*+@+F'G'G$$  "***')$$$* 3#444 ( 6 6 ++?3-A , , (9<< ( C%A C C  *=99*6 1 54 6 6sAA32A3ct}t|t j|}|dkrd}n |dkrd}nt jd|d}|sQt|}|j t j kr"|tj ks|tj krd}|sd} t|}t|pd}t}t|t j|t j|} || _|| _| #|rt|wwxYwdS)z>Verify using 'SecTrustEvaluateWithError' API for macOS 10.14+.r TrFz8Unknown result from Security.SecTrustEvaluateWithError: NzCertificate verification failed)r CFErrorRefrSecTrustEvaluateWithErrorr-r[r6r7CFErrorGetCodergrr0rFrECFErrorCopyDescriptionrWrSecTrustGetTrustResultrrrr5) rjrcf_errorsec_trust_eval_result is_trusted cf_error_codecf_error_string_refcf_error_messagerrs rrrs((**H$>>v|H-- !! ! # # l `G\ ` `   M  &55h??  "c&7 7 7 W5 5 5 @@@J >" >"0"G"G"Q"Q &&9::54 %-$?$?$A$A !  + +v|,ABB   ./?@@C!1C +COI" >(()<==== >/>>s BEE>rJ)l contextlibr-platformr6typingrrrrrrr r r ctypes.utilr _ssl_constantsrmac_ver _mac_versiontuplemapr+splitrrr~strrrr BooleanCFIndexrBCFDataCFStringCFArrayCFMutableArrayCFErrorCFTypeCFTypeID CFTypeRefCFAllocatorRefOSStatusr CFDataRef CFStringRef CFArrayRefCFMutableArrayRefCFArrayCallBacks CFOptionFlagsSecCertificateRef SecPolicyRefryrSecTrustOptionFlagsr]argtypesrestypeSecCertificateCopyDatar,r|r}rtrqrzrrrurvr5 CFGetTypeIDrOr/r3rKCFDataGetLengthCFDataGetBytePtr CFArrayCreaterZr^CFArrayGetCountCFArrayGetValueAtIndexrrin_dllr"r#AttributeErrorerAnyr<errcheckr0bytesrMrRrWlistrccontextmanager SSLContextIteratorrirrrrGrHrrs                        %$$$$$888888x!!!$ E##c<#5#5c#:#:;;<<w +d7H7KddN_`aNbdd  $5#@ JSJ3J4JJJJ" :H  H         GFOO   WW   GFOO gh WW   GN++ GH%%wx  gh |C6Di5PH)24EH)10A/BH#,.7H#+3;X2FH&/1)>-**N&,;8?/,,N( )N *N!,N *NCCC +7A77 8 8dBC$GG  GJ  7 *36<*22 GGGk;;;<<$FG2 X2 &*2 FJ2 6:2 2 2 2 j4D'02B&/6F*3+;(%5"9 u     t.tE{7H<  7CN 7vt/D 7 7 7 7#'V,V,V,U V,4ZV, V,V,V,V,r))06 ) ))))X:>:>06 :> :>:>:>:>:>:>s1LQQ0Q++Q06#RR3R..R3