o h@sddlZddlZddlmZddlZddlZddlZddlZddl Zddl Zej dZ GdddZddZdd Zd d ZdS) N)urlparsez_dns.resolver.arpac@s6eZdZddZddZddZddZd d d Zd S) _SVCBInfocCs||_||_||_||_dSN)bootstrap_addressporthostname nameservers)selfrrrrr ;/var/www/html/venv/lib/python3.10/site-packages/dns/_ddr.py__init__s z_SVCBInfo.__init__cCs.|dD]\}}|dkr||jkrdSqdS)zIVerify that the _SVCBInfo's address is in the cert's subjectAltName (SAN)subjectAltNamez IP AddressTF)r)r certnamevaluer r r ddr_check_certificate!s z_SVCBInfo.ddr_check_certificatecCstjj}|}|jj|_|Sr)dnsquerysslcreate_default_context TLSVersionTLSv1_2minimum_version)r rctxr r r make_tls_context(s z_SVCBInfo.make_tls_contextc Cs|}t|}t|j|jf|>}|j||jd%}|t j || | }||WdWdS1sEwYWddS1sUwYdS)N)server_hostname)rtimesocketcreate_connectionrr wrap_socketr settimeoutrr _remaining do_handshake getpeercertr)r lifetimer expirationstsrr r r ddr_tls_check_sync.s  "z_SVCBInfo.ddr_tls_check_syncNc s|dur tj}|}t|}|tj|jt j dd|j|j f|||j IdH4IdH}| tj|IdH}||WdIdHS1IdHsTwYdS)Nr)rZ asyncbackendZget_default_backendrrZ make_socketinetZaf_for_addressrr SOCK_STREAMrrr#rr!r)r r$backendrr%r'rr r r ddr_tls_check_async:s&     0z_SVCBInfo.ddr_tls_check_asyncr)__name__ __module__ __qualname__r rrr(r,r r r r rs  rc Cs|j}tj|s gSg}|jD]}g}|jtjj j j }|dur%qt |j }|jjdd}d}|jtjj j j}|durD|j}d|vr|jtjj j j}|dus\|jds]q|jdd} | dsod| } |durud}d|d || } zt| |tj| |Wn tyYnwd |vr|durd }|tj|||d |vr|durd }|tj||d|t|d kr|t||||q|S)NT)Zomit_final_dotsh2s{?dns}i/izhttps://:sdotiUsdoqr)Z nameserverrr)Z is_addressZrrsetZprocessing_orderparamsgetZrdtypesZsvcbbaseZParamKeyZALPNsetZidstargetZto_textZPORTrZDOHPATHrendswithdecode startswithrappendZ DoHNameserver ExceptionZ DoTNameserverZ DoQNameserverlenr) answerrinfosZrrrparamZalpnshostrpathurlr r r _extract_nameservers_from_svcbMs^     rBc CsFg}t|}|D]}z ||r||jWqty Yqw|S)VReturn a list of TLS-validated resolver nameservers extracted from an SVCB answer.)rBr(extendrr:r<r$rr=infor r r _get_nameservers_syncs   rGc sNg}t|}|D]}z||IdHr||jWq ty$Yq w|S)rCN)rBr,rDrr:rEr r r _get_nameservers_asyncs  rH)rr urllib.parserZdns.asyncbackendrZdns.inetZdns.nameZdns.nameserverZ dns.queryZdns.rdtypes.svcbbaserZ from_textZ_local_resolver_namerrBrGrHr r r r s   34