vKg!%SSKJr SSKrSSKrSSKrSSKJr SSK J r J r J r JrJrJr SSKrSSKJr SSKJr SSKJrJr SS KJrJr \ (aSS KJrJr \"S 5r S r!S \"S'SSjr#"SS\$5r%"SS5r&\ "S/SQ5r'\"S\S9r(\"SS\\\(55r)\)RTRWSS5\)l*\"SS\\)\(55r,g)) annotationsN)Enum) TYPE_CHECKINGAnyClassVarFinalGenericTypeVar)_sync)aclose_forcefully)ConflictDetectorfinal)ListenerStream) AwaitableCallableTi@TFinalSTARTING_RECEIVE_SIZEcd[U[R5=(d S[USS5;$)NUNEXPECTED_EOF_WHILE_READINGstrerror) isinstance _stdlib_ssl SSLEOFErrorgetattr)excs I/var/www/highfloat_scraper/venv/lib/python3.13/site-packages/trio/_ssl.py_is_eofr!s/ c;22 3 &'#z2*FFc\rSrSrSrSrg)NeedHandshakeErrorzSome :class:`SSLStream` methods can't return any meaningful data until after the handshake. If you call them before the handshake, they raise this error. rN)__name__ __module__ __qualname____firstlineno____doc____static_attributes__rr"r r$r$sr"r$c<\rSrSrSSjrSSjr\S Sj5rSrg) _Oncec^XlX lSUl[R"5Ulg)NF)_afn_argsstartedr Event_done)selfafnargss r __init___Once.__init__s    [[] r"cN# UR(dCSUlUR"UR6IShvN URR 5 gU(d URR 5(agURR 5IShvN gNiN7f)NT)r2r0r1r4setis_setwait)r5 checkpoints r ensure _Once.ensuresm||DL))TZZ( ( ( JJNN  1 1 3 3 **//# # # ) $s"5B%B!A#B%B#B%#B%cH[URR55$N)boolr4r<r5s r done _Once.donesDJJ%%'((r")r0r1r4r2N)r6z Callable[..., Awaitable[object]]r7objectreturnNone)r>rCrHrI)rHrC) r&r'r(r)r8r?propertyrEr+rr"r r-r-s # $))r"r-_State)OKBROKENCLOSEDT_Stream)boundc^\rSrSr%SrSSSS.SSjjr1SkrS\S '1S krS\S 'SS jr SU4S jjr SU4Sjjr SSjr SSS.SSjjr SSjrSSjrS S!SjjrS"SjrS#SjrSSjrSSjrSrU=r$)$ SSLStreamaEncrypted communication using SSL/TLS. :class:`SSLStream` wraps an arbitrary :class:`~trio.abc.Stream`, and allows you to perform encrypted communication over it using the usual :class:`~trio.abc.Stream` interface. You pass regular data to :meth:`send_all`, then it encrypts it and sends the encrypted data on the underlying :class:`~trio.abc.Stream`; :meth:`receive_some` takes encrypted data out of the underlying :class:`~trio.abc.Stream` and decrypts it before returning it. You should read the standard library's :mod:`ssl` documentation carefully before attempting to use this class, and probably other general documentation on SSL/TLS as well. SSL/TLS is subtle and quick to anger. Really. I'm not kidding. Args: transport_stream (~trio.abc.Stream): The stream used to transport encrypted data. Required. ssl_context (~ssl.SSLContext): The :class:`~ssl.SSLContext` used for this connection. Required. Usually created by calling :func:`ssl.create_default_context`. server_hostname (str, bytes, or None): The name of the server being connected to. Used for `SNI `__ and for validating the server's certificate (if hostname checking is enabled). This is effectively mandatory for clients, and actually mandatory if ``ssl_context.check_hostname`` is ``True``. server_side (bool): Whether this stream is acting as a client or server. Defaults to False, i.e. client mode. https_compatible (bool): There are two versions of SSL/TLS commonly encountered in the wild: the standard version, and the version used for HTTPS (HTTP-over-SSL/TLS). Standard-compliant SSL/TLS implementations always send a cryptographically signed ``close_notify`` message before closing the connection. This is important because if the underlying transport were simply closed, then there wouldn't be any way for the other side to know whether the connection was intentionally closed by the peer that they negotiated a cryptographic connection to, or by some `man-in-the-middle `__ attacker who can't manipulate the cryptographic stream, but can manipulate the transport layer (a so-called "truncation attack"). However, this part of the standard is widely ignored by real-world HTTPS implementations, which means that if you want to interoperate with them, then you NEED to ignore it too. Fortunately this isn't as bad as it sounds, because the HTTP protocol already includes its own equivalent of ``close_notify``, so doing this again at the SSL/TLS level is redundant. But not all protocols do! Therefore, by default Trio implements the safer standard-compliant version (``https_compatible=False``). But if you're speaking HTTPS or some other protocol where ``close_notify``\s are commonly skipped, then you should set ``https_compatible=True``; with this setting, Trio will neither expect nor send ``close_notify`` messages. If you have code that was written to use :class:`ssl.SSLSocket` and now you're porting it to Trio, then it may be useful to know that a difference between :class:`SSLStream` and :class:`ssl.SSLSocket` is that :class:`~ssl.SSLSocket` implements the ``https_compatible=True`` behavior by default. Attributes: transport_stream (trio.abc.Stream): The underlying transport stream that was passed to ``__init__``. An example of when this would be useful is if you're using :class:`SSLStream` over a :class:`~trio.SocketStream` and want to call the :class:`~trio.SocketStream`'s :meth:`~trio.SocketStream.setsockopt` method. Internally, this class is implemented using an instance of :class:`ssl.SSLObject`, and all of :class:`~ssl.SSLObject`'s methods and attributes are re-exported as methods and attributes on this class. However, there is one difference: :class:`~ssl.SSLObject` has several methods that return information about the encrypted connection, like :meth:`~ssl.SSLSocket.cipher` or :meth:`~ssl.SSLSocket.selected_alpn_protocol`. If you call them before the handshake, when they can't possibly return useful data, then :class:`ssl.SSLObject` returns None, but :class:`trio.SSLStream` raises :exc:`NeedHandshakeError`. This also means that if you register a SNI callback using `~ssl.SSLContext.sni_callback`, then the first argument your callback receives will be a :class:`ssl.SSLObject`. NF)server_hostname server_sidehttps_compatiblecXl[RUlXPl[ R "5UlSUl[ R "5Ul URURURUUS9Ul [UR5Ul[R "5UlSUl[R&"5Ul[+S5Ul[+S5Ul[0Ulg)N)rUrTrz8another task is currently sending data on this SSLStreamz:another task is currently receiving data on this SSLStream)transport_streamrKrL_state_https_compatibler MemoryBIO _outgoing_delayed_outgoing _incomingwrap_bio _ssl_objectr- _do_handshake _handshookr StrictFIFOLock_inner_send_lock_inner_recv_countLock_inner_recv_lockr_outer_send_conflict_detector_outer_recv_conflict_detectorr_estimated_receive_size)r5rX ssl_contextrTrUrVs r r8SSLStream.__init__Zs+;ii !1$..0/3$..0&// NN NN#+ 0   2 23!& 4 4 6!" %  .> F. *.> H. *(=$r">ciphercontextpendingsessionversion compression getpeercertrUsession_reusedshared_ciphersrTget_channel_bindingselected_npn_protocolselected_alpn_protocolr _forwarded> rmrqrrrsrtrurvrwrx_after_handshakecXR;aOXR;a*URR(d[ SU<35e[ UR U5$[U5e)Nz#call do_handshake() before calling )ryrzrbrEr$rr`AttributeError)r5names r __getattr__SSLStream.__getattr__sU ?? ",,,T__5I5I(+Nth)WXX4++T2 2 & &r"cp>XR;a[URX5 g[TU]X5 grB)rysetattrr`super __setattr__)r5r}value __class__s r rSSLStream.__setattr__s* ?? " D$$d 2 G  ,r"c^>[[TU] 55[UR5-$rB)listr__dir__ry)r5rs r rSSLStream.__dir__s#EGO%&doo)>>>r"cUR[RLagUR[RLa[R eUR[R La[Re[5erB) rYrKrLrMtrioBrokenResourceErrorrNClosedResourceErrorAssertionErrorrDs r _check_statusSSLStream._check_statussV ;;&)) #  [[FMM )** * [[FMM )** * " "r")ignore_want_read is_handshakecL# [RR5IShvN SnSnU(GdSnSnU"U6nSnU(aSnSnURR5n U(aWU(dPURR(a5URR5S:XaUR beXlSn U (aoUR"IShvN SnUR bUR U -n SUlUR$R'U 5IShvN SSS5IShvN OU(aUR(n UR*IShvN SnXR(:XaUR$R-5IShvN n U (dUR.R15 O?[3UR4[7U 55UlUR.R9U 5 U=R(S- slSSS5IShvN U(dGMU(d&[RR;5IShvN W$GN0![Ra SnGN/[R [R 4a+n [RUl [RU eSn A ff=fGNGN! [RUl e=fGN!,IShvN (df  N=fGNGNrN!,IShvN (df  GN=fN7f)NFTzTLSv1.3r"r )rlowlevelcheckpoint_if_cancelledrSSLWantReadErrorSSLErrorCertificateErrorrKrMrYrr\readr`rUrqr]rdrXsend_allrerg receive_somer^ write_eofmaxrjlenwritecancel_shielded_checkpoint) r5fnrrr7yieldedfinished want_readretrto_send recv_countdatas r _retrySSLStream._retrysmm335552IC $i ! nn))+G*!$$00$$,,.);--555)0&v000"G 11=&*&<& $ < < #D <D8!NN006..!3.10q(J--::< < < U 6@// ! ((+*F*FG 8$mm ..C7 8B1 F'-mm 100001 J1000 =s "L$IL$IBL$KL$K%#AK$K%K) L$4K"5(L$K?L$!/LLA:L L$L L$%(L$ L"L$J>-L$0#J>&J99J>>L$KKK%"L$%K<+K. , K<8L$LL$L L  L L$c# URURRSS9IShvN gN! [RUle=f7f)NT)r)rr` do_handshakerKrMrYrDs r raSSLStream._do_handshakess@ ++d..;;$+O O O  --DK s%A'313A3A  Acr# UR5 URRSS9IShvN gN7f)uEnsure that the initial handshake has completed. The SSL protocol requires an initial handshake to exchange certificates, select cryptographic keys, and so forth, before any actual data can be sent or received. You don't have to call this method; if you don't, then :class:`SSLStream` will automatically perform the handshake as needed, the first time you try to send or receive data. But if you want to trigger it manually – for example, because you want to look at the peer's certificate before you start talking to them – then you can call this method. If the initial handshake is already in progress in another task, this waits for it to complete and then returns. If the initial handshake has already completed, this returns immediately without doing anything (except executing a checkpoint). .. warning:: If this method is cancelled, then it may leave the :class:`SSLStream` in an unusable state. If this happens then any future attempt to use the object will raise :exc:`trio.BrokenResourceError`. Tr>N)rrbr?rDs r rSSLStream.do_handshakezs.0 oo$$$555s -757c# UR UR5 URRSS9IShvN Uc+[URUR R"5nO'[$R&"U5nUS:a [)S5eUR+UR,R.U5IShvN nUceUsSSS5 $N![R anUR (aw[UR[R5(d[UR5(a4[RR5IShvN SnASSS5 geSnAff=fN![R aenUR (aN[UR5(a4[RR5IShvN SnASSS5 geSnAff=f!,(df  g=f7f)aRead some data from the underlying transport, decrypt it, and return it. See :meth:`trio.abc.ReceiveStream.receive_some` for details. .. warning:: If this method is cancelled while the initial handshake or a renegotiation are in progress, then it may leave the :class:`SSLStream` in an unusable state. If this happens then any future attempt to use the object will raise :exc:`trio.BrokenResourceError`. FrNr"r zmax_bytes must be >= 1)rirrbr?rrrZr __cause__rSSLSyscallErrorr!rr>rrjr^ro _operatorindex ValueErrorrr`r)r5 max_bytesrreceiveds r rSSLStream.receive_somes / /     oo,,,>>>   < T>TU %OOI6 q=$%=>> !%T-=-=-B-BI!NN+++90 /?++ ))s}}k.I.IJJs}}----224440 / ,O++ ))gcmm.D.D--22444M0 /P ;0 /s H G;CCCAG;)E?E= E? H CE:,A5E5!E$"E5'G;+ H 4E55E::G;=E??G8A G3G" G3%G;) H 2G33G88G;; H H c# UR UR5 URRSS9IShvN U(d0[R R 5IShvN SSS5 gURURRU5IShvN SSS5 gNrNGN!,(df  g=f7f)aJEncrypt some data and then send it on the underlying transport. See :meth:`trio.abc.SendStream.send_all` for details. .. warning:: If this method is cancelled, then it may leave the :class:`SSLStream` in an unusable state. If this happens then any attempt to use the object will raise :exc:`trio.BrokenResourceError`. FrN) rhrrbr?rrr>rr`r)r5rs r rSSLStream.send_alls / /    //((E(: : :mm..0000 /++d..44d; ; ;0 / :1 ;0 /s\ C-B5B/,B5)B1*B5/ C8)B5!B3"B5& C/B51B53B55 C?Cc# UR UR UR5 URR SS9IShvN UR UR R5IShvN URn[RUl SUlXRR54sSSS5 sSSS5 $NN[!,(df  O=fSSS5 g!,(df  g=f7f)aCleanly close down the SSL/TLS encryption layer, allowing the underlying stream to be used for unencrypted communication. You almost certainly don't need this. Returns: A pair ``(transport_stream, trailing_bytes)``, where ``transport_stream`` is the underlying transport stream, and ``trailing_bytes`` is a byte string. Since :class:`SSLStream` doesn't necessarily know where the end of the encrypted data will be, it can happen that it accidentally reads too much from the underlying stream. ``trailing_bytes`` contains this extra data; you should process it as if it was returned from a call to ``transport_stream.receive_some(...)``. FrN)rirhrrbr?rr`unwraprXrKrNrYr^rr5rXs r rSSLStream.unwraps" / /1S1S    //((E(: : :++d..556 6 6#44  --DK$(D !$nn&9&9&;<2T1S / / : 62T1S / / /s^ C? C.-C C ,C6C7AC= C. C?CC C" C.% C?. C<8C?c# UR[RLa'[RR 5IShvN gUR[R LdUR(a8[RUlURR5IShvN gURRSS9IShvN [R"[R[R5 UR!UR"R$SS9IShvN SSS5 URR5IShvN [RUlgGN/NNNL!,(df  NP=fN5! ['UR5IShvN e=f![RUlf=f7f)aGracefully shut down this connection, and close the underlying transport. If ``https_compatible`` is False (the default), then this attempts to first send a ``close_notify`` and then close the underlying stream by calling its :meth:`~trio.abc.AsyncResource.aclose` method. If ``https_compatible`` is set to True, then this simply closes the underlying stream and marks this stream as closed. NFrT)r)rYrKrNrrr>rMrZrXacloserbr? contextlibsuppressrBusyResourceErrorrr`rr rDs r rSSLStream.aclosesN ;;&-- '--**, , ,  ;;&-- '4+A+A --DK''..0 0 0 @ ( //((E(: : :`$$T%=%=t?U?UVkk$"2"2"9"9DkQQQW''..0 0 0 --DKM - 1 ;bRWV 1  #D$9$9: : :  !--DKs?G E0A%G 'E3(G .F E5 7F (E9*E7+E9/F 7F0F F0G 3G 5F 7E99 FF F0 F-&F)'F--F00GG cF# UR UR5 URIShvN URR 5IShvN SSS5IShvN SSS5 gN?NN!,IShvN (df  N&=f!,(df  g=f7f)z>See :meth:`trio.abc.SendStream.wait_send_all_might_not_block`.N)rhrrdrXwait_send_all_might_not_blockrDs r r'SSLStream.wait_send_all_might_not_blockXsv / /    ,,,++IIKKK-,!0 / -L-,,,!0 /ss B!!BA0BA6A2A6 B"A4#B' B!0B2A64B6B <A?= B B BB!)r]rjrbrZr^rergrdrirhr\r`rYrX) rXrOrk_stdlib_ssl.SSLContextrTzstr | bytes | NonerUrCrVrCrHrI)r}strrHr)r}rrrGrHrI)rHz list[str]rHrI) rzCallable[..., T]r7rGrrCrrCrHzT | NonerB)rz int | NonerHzbytes | bytearray)rzbytes | bytearray | memoryviewrHrI)rHz tuple[Stream, bytes | bytearray])r&r'r(r)r*r8ry__annotations__rzr~rrrrrarrrrrrr+ __classcell__)rs@r rRrRs[H/3!!&'="'=,'= , '=  '='= '=RJ" "h '- ?#$"'" q qq q  q  qf6F5n<*=4S(j&L&Lr"rRz._sslcL\rSrSrSrSS.S SjjrS SjrS SjrSrg ) SSLListeneriaA :class:`~trio.abc.Listener` for SSL/TLS-encrypted servers. :class:`SSLListener` wraps around another Listener, and converts all incoming connections to encrypted connections by wrapping them in a :class:`SSLStream`. Args: transport_listener (~trio.abc.Listener): The listener whose incoming connections will be wrapped in :class:`SSLStream`. ssl_context (~ssl.SSLContext): The :class:`~ssl.SSLContext` that will be used for incoming connections. https_compatible (bool): Passed on to :class:`SSLStream`. Attributes: transport_listener (trio.abc.Listener): The underlying listener that was passed to ``__init__``. F)rVc(XlX lX0lgrB)transport_listener _ssl_contextrZ)r5rrkrVs r r8SSLListener.__init__s#5'!1r"c# URR5IShvN n[UURSURS9$N$7f)zuAccept the next connection and wrap it in an :class:`SSLStream`. See :meth:`trio.abc.Listener.accept` for details. NT)rUrV)racceptrRrrZrs r rSSLListener.acceptsJ "&!8!8!?!?!AA    !33   BsAA%AcT# URR5IShvN gN7f)zClose the transport listener.N)rrrDs r rSSLListener.acloses%%,,...s (&()rZrrN)rzListener[T_Stream]rkrrVrCrHrI)rHzSSLStream[T_Stream]r) r&r'r(r)r*r8rrr+rr"r rrsA4"' 2. 2, 2  2  2  /r"r)rzBaseException | NonerHrC)- __future__rroperatorrsslrenumr_Enumtypingrrrrrr r rrr _highlevel_genericr _utilrrabcrrcollections.abcrrrrrr! Exceptionr$r-rKrOrRr'replacerrr"r rs"RR 1*!3t CL:!&v%)), x3 4 :V ,D L)D LD LP!++33GR@ 1/(9X./1/1/r"