£Á°èZ¨Ä…–K§‚«“ô4“ÒÙ´dîfUÙÃÅ WKbyÊ¦•êŽ…È®FÒ¿ÊÎóCozá¬S@6{Í:›œêZÌ:Š•_%:¢¾¾~;‘Ã~èŠ©ÊÇí`ÔÑ©úë™µ'5I¿fš×WO%ø9¾«¾DK|€ùÍD”Ýs]nHÕ¶ê×Ó¼ãžªéUWŸÈË%DÒÕ¬ï‘]/Åcx  ‰ï2ß]ä6G[]S£ÔÏ¯rs{úëóµmÒï#UQxo·õÞCe]"±/aÙ&Eã4ú9Jé_ÞåëdãöKë)AÞ                  ¯¹ægƒÛowÐø^d™ý½ßB7áyMä9ÜÖUã
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
<html>
�
��Yc           @@  sW   d  Z  d d l m Z d d l Z d Z d e f d �  �  YZ d d � Z d	 �  Z d S(
   sH   The match_hostname() function from Python 3.2, essential when using SSL.i    (   t   absolute_importNs   3.2.2t   CertificateErrorc           B@  s   e  Z RS(    (   t   __name__t
   __module__(    (    (    sO   /opt/alt/python27/lib/python2.7/site-packages/raven/utils/ssl_match_hostname.pyR   
   s   i   c   	      C@  sL  g  } |  s t  S|  j d � } | d } | j d � } | | k r] t d t |  � � � n  | sy |  j �  | j �  k S| d k r� | j d � nY | j d � s� | j d � r� | j t j	 | � � n" | j t j	 | � j
 d d � � x( | d	 D] } | j t j	 | � � q� Wt j d
 d j | � d t j � } | j | � S(   sh   Matching according to RFC 6125, section 6.4.3

    http://tools.ietf.org/html/rfc6125#section-6.4.3
    t   .i    t   *s,   too many wildcards in certificate DNS name: s   [^.]+s   xn--s   \*s   [^.]*i   s   \As   \.s   \Z(   t   Falset   splitt   countR   t   reprt   lowert   appendt
   startswitht   ret   escapet   replacet   compilet   joint
   IGNORECASEt   match(	   t   dnt   hostnamet   max_wildcardst   patst   partst   leftmostt	   wildcardst   fragt   pat(    (    sO   /opt/alt/python27/lib/python2.7/site-packages/raven/utils/ssl_match_hostname.pyt   _dnsname_match   s(    
"&c         C@  s[  |  s t  d � � n  g  } |  j d d � } xC | D]; \ } } | d k r4 t | | � r_ d S| j | � q4 q4 W| s� xc |  j d d � D]L } xC | D]; \ } } | d k r� t | | � r� d S| j | � q� q� Wq� Wn  t | � d k rt d | d	 j t t | � � f � � n; t | � d k rKt d
 | | d f � � n t d � � d S(   s)  Verify that *cert* (in decoded format as returned by
    SSLSocket.getpeercert()) matches the *hostname*.  RFC 2818 and RFC 6125
    rules are followed, but IP addresses are not accepted for *hostname*.

    CertificateError is raised on failure. On success, the function
    returns nothing.
    s   empty or no certificatet   subjectAltNamet   DNSNt   subjectt
   commonNamei   s&   hostname %r doesn't match either of %ss   , s   hostname %r doesn't match %ri    s=   no appropriate commonName or subjectAltName fields were found(    (    (	   t
   ValueErrort   getR   R   t   lenR   R   t   mapR	   (   t   certR   t   dnsnamest   sant   keyt   valuet   sub(    (    sO   /opt/alt/python27/lib/python2.7/site-packages/raven/utils/ssl_match_hostname.pyt   match_hostname@   s2    %(	   t   __doc__t
   __future__R    R   t   __version__R"   R   R   R,   (    (    (    sO   /opt/alt/python27/lib/python2.7/site-packages/raven/utils/ssl_match_hostname.pyt   <module>   s   2