Skip to content
Permalink
Browse files

Merge pyextra subtree

  • Loading branch information...
Vehicle Researcher
Vehicle Researcher committed Mar 26, 2019
2 parents ede869e + 342bb13 commit be5c2aef3a043c5e84e1286cac8ceb750bdd176b
Showing with 8,796 additions and 0 deletions.
  1. +89 −0 pyextra/backports.ssl_match_hostname-3.7.0.1-py2.7.egg-info/PKG-INFO
  2. +8 −0 pyextra/backports.ssl_match_hostname-3.7.0.1-py2.7.egg-info/SOURCES.txt
  3. +1 −0 pyextra/backports.ssl_match_hostname-3.7.0.1-py2.7.egg-info/dependency_links.txt
  4. +8 −0 pyextra/backports.ssl_match_hostname-3.7.0.1-py2.7.egg-info/installed-files.txt
  5. +1 −0 pyextra/backports.ssl_match_hostname-3.7.0.1-py2.7.egg-info/top_level.txt
  6. +3 −0 pyextra/backports/__init__.py
  7. +204 −0 pyextra/backports/ssl_match_hostname/__init__.py
  8. +201 −0 pyextra/bin/wsdump.py
  9. +187 −0 pyextra/json_rpc-1.12.1-py2.7.egg-info/PKG-INFO
  10. +42 −0 pyextra/json_rpc-1.12.1-py2.7.egg-info/SOURCES.txt
  11. +1 −0 pyextra/json_rpc-1.12.1-py2.7.egg-info/dependency_links.txt
  12. +68 −0 pyextra/json_rpc-1.12.1-py2.7.egg-info/installed-files.txt
  13. +1 −0 pyextra/json_rpc-1.12.1-py2.7.egg-info/top_level.txt
  14. +11 −0 pyextra/jsonrpc/__init__.py
  15. 0 pyextra/jsonrpc/backend/__init__.py
  16. +89 −0 pyextra/jsonrpc/backend/django.py
  17. +85 −0 pyextra/jsonrpc/backend/flask.py
  18. +87 −0 pyextra/jsonrpc/base.py
  19. +132 −0 pyextra/jsonrpc/dispatcher.py
  20. +185 −0 pyextra/jsonrpc/exceptions.py
  21. +28 −0 pyextra/jsonrpc/jsonrpc.py
  22. +151 −0 pyextra/jsonrpc/jsonrpc1.py
  23. +267 −0 pyextra/jsonrpc/jsonrpc2.py
  24. +136 −0 pyextra/jsonrpc/manager.py
  25. +584 −0 pyextra/jsonrpc/six.py
  26. 0 pyextra/jsonrpc/tests/__init__.py
  27. +7 −0 pyextra/jsonrpc/tests/py35_utils.py
  28. 0 pyextra/jsonrpc/tests/test_backend_django/__init__.py
  29. +11 −0 pyextra/jsonrpc/tests/test_backend_django/settings.py
  30. +89 −0 pyextra/jsonrpc/tests/test_backend_django/tests.py
  31. +7 −0 pyextra/jsonrpc/tests/test_backend_django/urls.py
  32. 0 pyextra/jsonrpc/tests/test_backend_flask/__init__.py
  33. +182 −0 pyextra/jsonrpc/tests/test_backend_flask/tests.py
  34. +39 −0 pyextra/jsonrpc/tests/test_base.py
  35. +34 −0 pyextra/jsonrpc/tests/test_bug29.py
  36. +142 −0 pyextra/jsonrpc/tests/test_dispatcher.py
  37. +206 −0 pyextra/jsonrpc/tests/test_examples20.py
  38. +1 −0 pyextra/jsonrpc/tests/test_jsonrpc.py
  39. +429 −0 pyextra/jsonrpc/tests/test_jsonrpc1.py
  40. +728 −0 pyextra/jsonrpc/tests/test_jsonrpc2.py
  41. +150 −0 pyextra/jsonrpc/tests/test_jsonrpc_errors.py
  42. +175 −0 pyextra/jsonrpc/tests/test_manager.py
  43. +28 −0 pyextra/jsonrpc/tests/test_pep3107.py
  44. +130 −0 pyextra/jsonrpc/tests/test_utils.py
  45. +135 −0 pyextra/jsonrpc/utils.py
  46. +29 −0 pyextra/websocket/__init__.py
  47. +447 −0 pyextra/websocket/_abnf.py
  48. +351 −0 pyextra/websocket/_app.py
  49. +52 −0 pyextra/websocket/_cookiejar.py
  50. +515 −0 pyextra/websocket/_core.py
  51. +87 −0 pyextra/websocket/_exceptions.py
  52. +205 −0 pyextra/websocket/_handshake.py
  53. +328 −0 pyextra/websocket/_http.py
  54. +82 −0 pyextra/websocket/_logging.py
  55. +160 −0 pyextra/websocket/_socket.py
  56. +52 −0 pyextra/websocket/_ssl_compat.py
  57. +163 −0 pyextra/websocket/_url.py
  58. +110 −0 pyextra/websocket/_utils.py
  59. 0 pyextra/websocket/tests/__init__.py
  60. +6 −0 pyextra/websocket/tests/data/header01.txt
  61. +6 −0 pyextra/websocket/tests/data/header02.txt
  62. +98 −0 pyextra/websocket/tests/test_cookiejar.py
  63. +662 −0 pyextra/websocket/tests/test_websocket.py
  64. +305 −0 pyextra/websocket_client-0.55.0-py2.7.egg-info/PKG-INFO
  65. +32 −0 pyextra/websocket_client-0.55.0-py2.7.egg-info/SOURCES.txt
  66. +1 −0 pyextra/websocket_client-0.55.0-py2.7.egg-info/dependency_links.txt
  67. +40 −0 pyextra/websocket_client-0.55.0-py2.7.egg-info/installed-files.txt
  68. +2 −0 pyextra/websocket_client-0.55.0-py2.7.egg-info/requires.txt
  69. +1 −0 pyextra/websocket_client-0.55.0-py2.7.egg-info/top_level.txt
@@ -0,0 +1,89 @@
Metadata-Version: 1.1
Name: backports.ssl-match-hostname
Version: 3.7.0.1
Summary: The ssl.match_hostname() function from Python 3.5
Home-page: http://bitbucket.org/brandon/backports.ssl_match_hostname
Author: Toshio Kuratomi
Author-email: toshio@fedoraproject.org
License: Python Software Foundation License
Description:
The ssl.match_hostname() function from Python 3.7
=================================================

The Secure Sockets Layer is only actually *secure*
if you check the hostname in the certificate returned
by the server to which you are connecting,
and verify that it matches to hostname
that you are trying to reach.

But the matching logic, defined in `RFC2818`_,
can be a bit tricky to implement on your own.
So the ``ssl`` package in the Standard Library of Python 3.2
and greater now includes a ``match_hostname()`` function
for performing this check instead of requiring every application
to implement the check separately.

This backport brings ``match_hostname()`` to users
of earlier versions of Python.
Simply make this distribution a dependency of your package,
and then use it like this::

from backports.ssl_match_hostname import match_hostname, CertificateError
[...]
sslsock = ssl.wrap_socket(sock, ssl_version=ssl.PROTOCOL_SSLv23,
cert_reqs=ssl.CERT_REQUIRED, ca_certs=...)
try:
match_hostname(sslsock.getpeercert(), hostname)
except CertificateError, ce:
...

Brandon Craig Rhodes is merely the packager of this distribution;
the actual code inside comes from Python 3.7 with small changes for
portability.


Requirements
------------

* If you need to use this on Python versions earlier than 2.6 you will need to
install the `ssl module`_. From Python 2.6 upwards ``ssl`` is included in
the Python Standard Library so you do not need to install it separately.

.. _`ssl module`:: https://pypi.python.org/pypi/ssl

History
-------

* This function was introduced in python-3.2
* It was updated for python-3.4a1 for a CVE
(backports-ssl_match_hostname-3.4.0.1)
* It was updated from RFC2818 to RFC 6125 compliance in order to fix another
security flaw for python-3.3.3 and python-3.4a5
(backports-ssl_match_hostname-3.4.0.2)
* It was updated in python-3.5 to handle IPAddresses in ServerAltName fields
(something that backports.ssl_match_hostname will do if you also install the
ipaddress library from pypi).
* It was updated in python-3.7 to handle IPAddresses without the ipaddress library and dropped
support for partial wildcards

.. _`ipaddress module`:: https://pypi.python.org/pypi/ipaddress

.. _RFC2818: http://tools.ietf.org/html/rfc2818.html

Platform: UNKNOWN
Classifier: Development Status :: 5 - Production/Stable
Classifier: License :: OSI Approved :: Python Software Foundation License
Classifier: Programming Language :: Python :: 2.4
Classifier: Programming Language :: Python :: 2.5
Classifier: Programming Language :: Python :: 2.6
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.0
Classifier: Programming Language :: Python :: 3.1
Classifier: Programming Language :: Python :: 3.2
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Topic :: Security :: Cryptography
@@ -0,0 +1,8 @@
README.txt
setup.cfg
backports/__init__.py
backports.ssl_match_hostname.egg-info/PKG-INFO
backports.ssl_match_hostname.egg-info/SOURCES.txt
backports.ssl_match_hostname.egg-info/dependency_links.txt
backports.ssl_match_hostname.egg-info/top_level.txt
backports/ssl_match_hostname/__init__.py
@@ -0,0 +1,8 @@
../backports/__init__.py
../backports/__init__.pyc
../backports/ssl_match_hostname/__init__.py
../backports/ssl_match_hostname/__init__.pyc
PKG-INFO
SOURCES.txt
dependency_links.txt
top_level.txt
@@ -0,0 +1,3 @@
# This is a Python "namespace package" http://www.python.org/dev/peps/pep-0382/
from pkgutil import extend_path
__path__ = extend_path(__path__, __name__)
@@ -0,0 +1,204 @@
"""The match_hostname() function from Python 3.7.0, essential when using SSL."""

import sys
import socket as _socket

try:
# Divergence: Python-3.7+'s _ssl has this exception type but older Pythons do not
from _ssl import SSLCertVerificationError
CertificateError = SSLCertVerificationError
except:
class CertificateError(ValueError):
pass


__version__ = '3.7.0.1'


# Divergence: Added to deal with ipaddess as bytes on python2
def _to_text(obj):
if isinstance(obj, str) and sys.version_info < (3,):
obj = unicode(obj, encoding='ascii', errors='strict')
elif sys.version_info >= (3,) and isinstance(obj, bytes):
obj = str(obj, encoding='ascii', errors='strict')
return obj


def _to_bytes(obj):
if isinstance(obj, str) and sys.version_info >= (3,):
obj = bytes(obj, encoding='ascii', errors='strict')
elif sys.version_info < (3,) and isinstance(obj, unicode):
obj = obj.encode('ascii', 'strict')
return obj


def _dnsname_match(dn, hostname):
"""Matching according to RFC 6125, section 6.4.3
- Hostnames are compared lower case.
- For IDNA, both dn and hostname must be encoded as IDN A-label (ACE).
- Partial wildcards like 'www*.example.org', multiple wildcards, sole
wildcard or wildcards in labels other then the left-most label are not
supported and a CertificateError is raised.
- A wildcard must match at least one character.
"""
if not dn:
return False

wildcards = dn.count('*')
# speed up common case w/o wildcards
if not wildcards:
return dn.lower() == hostname.lower()

if wildcards > 1:
# Divergence .format() to percent formatting for Python < 2.6
raise CertificateError(
"too many wildcards in certificate DNS name: %s" % repr(dn))

dn_leftmost, sep, dn_remainder = dn.partition('.')

if '*' in dn_remainder:
# Only match wildcard in leftmost segment.
# Divergence .format() to percent formatting for Python < 2.6
raise CertificateError(
"wildcard can only be present in the leftmost label: "
"%s." % repr(dn))

if not sep:
# no right side
# Divergence .format() to percent formatting for Python < 2.6
raise CertificateError(
"sole wildcard without additional labels are not support: "
"%s." % repr(dn))

if dn_leftmost != '*':
# no partial wildcard matching
# Divergence .format() to percent formatting for Python < 2.6
raise CertificateError(
"partial wildcards in leftmost label are not supported: "
"%s." % repr(dn))

hostname_leftmost, sep, hostname_remainder = hostname.partition('.')
if not hostname_leftmost or not sep:
# wildcard must match at least one char
return False
return dn_remainder.lower() == hostname_remainder.lower()


def _inet_paton(ipname):
"""Try to convert an IP address to packed binary form
Supports IPv4 addresses on all platforms and IPv6 on platforms with IPv6
support.
"""
# inet_aton() also accepts strings like '1'
# Divergence: We make sure we have native string type for all python versions
try:
b_ipname = _to_bytes(ipname)
except UnicodeError:
raise ValueError("%s must be an all-ascii string." % repr(ipname))

# Set ipname in native string format
if sys.version_info < (3,):
n_ipname = b_ipname
else:
n_ipname = ipname

if n_ipname.count('.') == 3:
try:
return _socket.inet_aton(n_ipname)
# Divergence: OSError on late python3. socket.error earlier.
# Null bytes generate ValueError on python3(we want to raise
# ValueError anyway), TypeError # earlier
except (OSError, _socket.error, TypeError):
pass

try:
return _socket.inet_pton(_socket.AF_INET6, n_ipname)
# Divergence: OSError on late python3. socket.error earlier.
# Null bytes generate ValueError on python3(we want to raise
# ValueError anyway), TypeError # earlier
except (OSError, _socket.error, TypeError):
# Divergence .format() to percent formatting for Python < 2.6
raise ValueError("%s is neither an IPv4 nor an IP6 "
"address." % repr(ipname))
except AttributeError:
# AF_INET6 not available
pass

# Divergence .format() to percent formatting for Python < 2.6
raise ValueError("%s is not an IPv4 address." % repr(ipname))


def _ipaddress_match(ipname, host_ip):
"""Exact matching of IP addresses.
RFC 6125 explicitly doesn't define an algorithm for this
(section 1.7.2 - "Out of Scope").
"""
# OpenSSL may add a trailing newline to a subjectAltName's IP address
ip = _inet_paton(ipname.rstrip())
return ip == host_ip


def match_hostname(cert, hostname):
"""Verify that *cert* (in decoded format as returned by
SSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125
rules are followed.
The function matches IP addresses rather than dNSNames if hostname is a
valid ipaddress string. IPv4 addresses are supported on all platforms.
IPv6 addresses are supported on platforms with IPv6 support (AF_INET6
and inet_pton).
CertificateError is raised on failure. On success, the function
returns nothing.
"""
if not cert:
raise ValueError("empty or no certificate, match_hostname needs a "
"SSL socket or SSL context with either "
"CERT_OPTIONAL or CERT_REQUIRED")
try:
# Divergence: Deal with hostname as bytes
host_ip = _inet_paton(_to_text(hostname))
except ValueError:
# Not an IP address (common case)
host_ip = None
except UnicodeError:
# Divergence: Deal with hostname as byte strings.
# IP addresses should be all ascii, so we consider it not
# an IP address if this fails
host_ip = None
dnsnames = []
san = cert.get('subjectAltName', ())
for key, value in san:
if key == 'DNS':
if host_ip is None and _dnsname_match(value, hostname):
return
dnsnames.append(value)
elif key == 'IP Address':
if host_ip is not None and _ipaddress_match(value, host_ip):
return
dnsnames.append(value)
if not dnsnames:
# The subject is only checked when there is no dNSName entry
# in subjectAltName
for sub in cert.get('subject', ()):
for key, value in sub:
# XXX according to RFC 2818, the most specific Common Name
# must be used.
if key == 'commonName':
if _dnsname_match(value, hostname):
return
dnsnames.append(value)
if len(dnsnames) > 1:
raise CertificateError("hostname %r "
"doesn't match either of %s"
% (hostname, ', '.join(map(repr, dnsnames))))
elif len(dnsnames) == 1:
raise CertificateError("hostname %r "
"doesn't match %r"
% (hostname, dnsnames[0]))
else:
raise CertificateError("no appropriate commonName or "
"subjectAltName fields were found")
Oops, something went wrong.

0 comments on commit be5c2ae

Please sign in to comment.
You can’t perform that action at this time.