>OOf2pdZddlZddlmZmZmZ ddlmZmZy#e $rGdde Zd dZ d ZYywxYw)  N)log log_enabledNETWORK)match_hostnameCertificateErrorc eZdZy)r N)__name__ __module__ __qualname__Y/var/www/premiumrankchecker/venv/lib/python3.12/site-packages/ldap3/utils/tls_backport.pyr r s rr c2ttrttd||g}|sy|jd}|d}|dd}|j d}||kDrt dt |z|s!|j|jk(S|dk(r|jd n{|jd s|jd r%|jtj|n4|jtj|jd d |D]&}|jtj|(tjd dj|zdztj} | j!|S)zBackported from Python 3.4.3 standard library Matching according to RFC 6125, section 6.4.3 http://tools.ietf.org/html/rfc6125#section-6.4.3 zmatching dn %s with hostname %sF.rN*z,too many wildcards in certificate DNS name: z[^.]+zxn--z\*z[^.]*z\Az\.z\Z)rrrsplitcountr reprlowerappend startswithreescapereplacecompilejoin IGNORECASEmatch) dnhostname max_wildcardspatspiecesleftmost remainder wildcardsfragpats r_dnsname_matchr,#sa w  :B I$!912J NN3' } $ #>bIK K88:!11 1 s? KK   (H,?,?,G KK (+ , KK (+33E7C D )D KK $ ( )jjD!11E92==Iyy""rc |s tdg}|jdd}|D]*\}}|dk(s t||ry|j|,|sG|jddD]2}|D]+\}}|dk(s t||ry|j|-4t |dkDr.t d |d d j tt|t |dk(rt d |d |d t d)auBackported from Python 3.4.3 standard library. Verify that *cert* (in decoded format as returned by SSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125 rules are followed, but IP addresses are not accepted for *hostname*. CertificateError is raised on failure. On success, the function returns nothing. ztempty or no certificate, match_hostname needs a SSL socket or SSL context with either CERT_OPTIONAL or CERT_REQUIREDsubjectAltNamerDNSNsubject commonNamerz hostname z doesn't match either of z, z doesn't match rz=no appropriate commonName or subjectAltName fields were found) ValueErrorgetr,rlenr rmapr)certr#dnsnamessankeyvaluesubs rrrZs3>? ?hh', 'JCe|!%2&  ' xx 2. /"%/JCl*)%:" . / / x=1 "&. #dH:M0N$PQ Q]a "&. $=> >#$FG Gr)r) __doc__r utils.logrrrbackports.ssl_match_hostnamerr ImportErrorr2r,rrrr@sN0 11iGMMgG : 4#n+GygGs 55