%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python3/dist-packages/certbot/_internal/plugins/__pycache__/
Upload File :
Create Path :
Current File : //lib/python3/dist-packages/certbot/_internal/plugins/__pycache__/standalone.cpython-312.pyc

�

M/�e|$����dZddlZddlZddlZddlZddlmZddlmZddlmZddlm	Z	ddlm
Z
ddlmZdd	lmZdd
lm
Z
ddlmZddlmZdd
lmZddlmZddlmZddlmZddlmZddlmZddlmZddlmZddlmZej@e!�Z"ereejFe
ejHfZ%Gd�d�Z&Gd�dejNejP�Z(dejRddfd�Z*y)zStandalone Authenticator.�N)�Any)�Callable)�DefaultDict)�Dict)�Iterable)�List)�Mapping)�Set)�Tuple)�Type)�
TYPE_CHECKING)�crypto)�
challenges)�
standalone)�achallenges)�errors)�
interfaces)�util)�commonc	��eZdZdZdeeeejejffde
ejjddfd�Z	d
dedeej$d	edej(fd
�Zdeddfd�Zdeeej(ffd�Zy)�
ServerManagera�Standalone servers manager.

    Manager for `ACMEServer` and `ACMETLSServer` instances.

    `certs` and `http_01_resources` correspond to
    `acme.crypto_util.SSLSocket.certs` and
    `acme.crypto_util.SSLSocket.http_01_resources` respectively. All
    created servers share the same certificates and resources, so if
    you're running both TLS and non-TLS instances, HTTP01 handlers
    will serve the same URLs!

    �certs�http_01_resources�returnNc�.�i|_||_||_y�N)�
_instancesrr)�selfrrs   �F/usr/lib/python3/dist-packages/certbot/_internal/plugins/standalone.py�__init__zServerManager.__init__2s��RT�����
�!2����port�challenge_type�
listenaddrc��|tjk(sJ�||jvr|j|S||f}	tj||j
�}|j�|j�dd}||j|<|S#tj$r}tj||��d}~wwxYw)aRun ACME server on specified ``port``.

        This method is idempotent, i.e. all calls with the same pair of
        ``(port, challenge_type)`` will reuse the same server.

        :param int port: Port to run the server on.
        :param challenge_type: Subclass of `acme.challenges.Challenge`,
            currently only `acme.challenge.HTTP01`.
        :param str listenaddr: (optional) The address to listen on. Defaults to all addrs.

        :returns: DualNetworkedServers instance.
        :rtype: ACMEServerMixin

        Nr�)r�HTTP01r�acme_standalone�HTTP01DualNetworkedServersr�socket�errorr�StandaloneBindError�
serve_forever�getsocknames)rr"r#r$�address�serversr+�	real_ports        r�runzServerManager.run9s��� ��!2�!2�2�2�2��4�?�?�"��?�?�4�(�(��t�$��	:�%�@�@���/�/�1�G�
	�����(�(�*�1�-�a�0�	�%,����	�"�����|�|�	:��,�,�U�D�9�9��	:�s� B�B=�"B8�8B=c��|j|}|j�D]}tjdg|dd����|j	�|j|=y)zWStop ACME server running on the specified ``port``.

        :param int port:

        zStopping server at %s:%d...N�)rr.�logger�debug�shutdown_and_server_close)rr"�instance�socknames    r�stopzServerManager.stop\sa���?�?�4�(�� �-�-�/�	(�H��L�L�6�
(�"�2�A�,�
(�	(�	�*�*�,��O�O�D�!r!c�6�|jj�S)z�Return all running instances.

        Once the server is stopped using `stop`, it will not be
        returned.

        :returns: Mapping from ``port`` to ``servers``.
        :rtype: tuple

        )r�copy�rs r�runningzServerManager.runningis�����#�#�%�%r!)�)�__name__�
__module__�__qualname__�__doc__r	�bytesrr�PKey�X509r
r(�HTTP01RequestHandler�HTTP01Resourcer �intrr�	Challenge�strr)r2r:rr>�r!rrr%s����3�g�e�U�6�;�;����3K�-L�&L�M�3�$'��(L�(L�([�([�$\�3��3�!�!��!�T�*�2F�2F�-G�!��!�%4�%O�%O�!�F"��"��"�
&��c�?�#M�#M�M�N�
&r!rc���eZdZdZdZdededdf�fd�Zeded	ddfd
��Z	de
fd�Zdd�Zd
e
de
eej fd�Zde
ej&deej*fd�Zdej&dej*fd�Zdej&dej*fd�Zdej&deej6ej*ffd�Zde
ej&ddfd�Zdeej&de
fd�Z�xZS)�
AuthenticatoraStandalone Authenticator.

    This authenticator creates its own ephemeral TCP listener on the
    necessary port in order to respond to incoming http-01
    challenges from the certificate authority. Therefore, it does not
    rely on any existing server program.
    z�Runs an HTTP server locally which serves the necessary validation files under the /.well-known/acme-challenge/ request path. Suitable if there is no HTTP server already running. HTTP challenge only (wildcards not supported).�args�kwargsrNc����t�|�|i|��tjt�|_i|_t	�|_t|j|j�|_	yr)
�superr �collections�defaultdict�set�servedrrrr0)rrOrP�	__class__s   �rr zAuthenticator.__init__�sU���
���$�)�&�)�"-�"9�"9�#�">���GI��
�[^�[`���$�T�Z�Z��1G�1G�H��r!�add).Nc��yrrL)�clsrXs  r�add_parser_argumentsz"Authenticator.add_parser_arguments�s��r!c��y)Nz�This authenticator creates its own ephemeral TCP listener on the necessary port in order to respond to incoming http-01 challenges from the certificate authority. Therefore, it does not rely on any existing server program.rLr=s r�	more_infozAuthenticator.more_info�s��Br!c��yrrLr=s r�preparezAuthenticator.prepare�s��r!�domainc�$�tjgSr)rr')rr`s  r�get_chall_prefzAuthenticator.get_chall_pref�s���!�!�"�"r!�achallsc�J�|D�cgc]}|j|���c}Scc}wr)�_try_perform_single)rrc�achalls   r�performzAuthenticator.perform�s!��?F�G�V��(�(��0�G�G��Gs� rfc��		|j|�S#tj$r}t|�Yd}~nd}~wwxYw�>r)�_perform_singlerr,�_handle_perform_error)rrfr+s   rrez!Authenticator._try_perform_single�sA���
-��+�+�F�3�3���-�-�
-�%�e�,�,��
-��s��<�7�<c�j�|j|�\}}|j|j|�|Sr)�_perform_http_01rVrX)rrfr0�responses    rrizAuthenticator._perform_single�s3�� �1�1�&�9�������G�� � ��(��r!c�n�|jj}|jj}|jj	|t
j|��}|j�\}}tjj|j||��}|jj|�||fS)N)r$)�challrm�
validation)�config�http01_port�http01_addressr0r2rr'�response_and_validationr(rGrHrorrX)rrfr"�addrr0rmrp�resources        rrlzAuthenticator._perform_http_01�s����{�{�&�&���{�{�)�)���,�,�"�"�4��):�):�t�"�L��%�=�=�?���*�"�7�7�F�F��,�,��j�G�J�����"�"�8�,��� � r!c�8�|jj�D]"\}}|D]}||vs�|j|���$|jj	�j�D]0\}}|j|r�|jj|��2yr)rV�items�remover0r>r:)rrc�unused_servers�server_achallsrfr"r0s       r�cleanupzAuthenticator.cleanup�s���.2�k�k�.?�.?�.A�	2�*�N�N�!�
2���^�+�"�)�)�&�1�
2�	2�"�\�\�1�1�3�9�9�;�	(�M�D�'��;�;�w�'����!�!�$�'�	(r!�failed_achallsc��|jj|jj}}|r|�d|��nd|��}d|�d�S)N�:zport zThe Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on zt. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.)rqrrrs)rr}r"ru�	neat_addrs     r�	auth_hintzAuthenticator.auth_hint�sW���[�[�,�,�d�k�k�.H�.H�d��(,�t�f�A�d�V�$�E�$��.�	�L�LU�;�W@�@�	Ar!)rN) r@rArBrC�descriptionrr �classmethodrr[rKr]r_rrrrJrbr�AnnotatedChallenger�ChallengeResponsergrerirr(r)rlr|r��
__classcell__)rWs@rrNrNvsp����;�K�I�c�I�S�I�T�I��
�x�	�':�
�t�
��
�C�3�C�
�#�S�#�X�d�:�;O�;O�6P�-Q�#�H�x��(F�(F�G�H��*�6�6�7�H�-�$/�$B�$B�-�GQ�Gc�Gc�-�� +� >� >��CM�C_�C_��
!�{�'E�'E�
!�#�O�$N�$N�$.�$@�$@�%A�B�
!�(�x��(F�(F�G�(�D�(�A��[�-K�-K�(L�A�QT�Ar!rNr+rc��|jjtjk(r.tjdj|j���|jjtjk(rLdj|j�}tj|ddd��}|stj|��y|�)Nz�Could not bind TCP port {0} because you don't have the appropriate permissions (for example, you aren't running this program as root).z�Could not bind TCP port {0} because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.�Retry�CancelF)�default)
�socket_error�errno�EACCESr�PluginError�formatr"�
EADDRINUSE�display_util�yesno)r+�msg�should_retrys   rrjrj�s��������5�<�<�/�� � �
��V�E�J�J�'�	)�	)�

�����5�#3�#3�3�
�%�f�U�Z�Z�0�		�
$�)�)�#�w��%�P����$�$�S�)�)���r!)+rCrSr��loggingr*�typingrrrrrrr	r
rrr
�OpenSSLr�acmerrr(�certbotrrr�certbot.displayrr��certbot.pluginsr�	getLoggerr@r5�BaseDualNetworkedServersr��
ServedTyper�PluginrNr,rjrLr!r�<module>r�s�������
����������� ���.����0�"�	��	�	�8�	$�����0�0��K�*�*�+�	,��J�N&�N&�bZA�F�M�M�:�#;�#;�ZA�z��!;�!;���r!

Zerion Mini Shell 1.0