f0dZddlmZddlZddlZddlmZddlmZddl m Z ddl m Z ddl mZd d lmZd d lmZmZmZmZmZmZmZmZej4e5dd lmZdd lmZddddgZ ddZ!ddZ"e dZ#ddZ$ddZ%y#1swY%xYw)zA `pyOpenSSL `_-specific code. ) annotationsN)Sequence)decode) IA5String)ObjectIdentifier) GeneralNames)CertificateError)DNS_IDCertificatePattern DNSPattern IPAddress_IDIPAddressPattern SRVPattern URIPatternverify_service_identity)X509) Connectionverify_hostnamecbtt|jt|ggy)a; Verify whether the certificate of *connection* is valid for *hostname*. Args: connection: A pyOpenSSL connection object. hostname: The hostname that *connection* should be connected to. Raises: service_identity.VerificationError: If *connection* does not provide a certificate that is valid for *hostname*. service_identity.CertificateError: If certificate provided by *connection* contains invalid / unexpected data. This includes the case where the certificate contains no ``subjectAltName``\ s. .. versionchanged:: 24.1.0 :exc:`~service_identity.CertificateError` is raised if the certificate contains no ``subjectAltName``\ s instead of :exc:`~service_identity.VerificationError`.  cert_patternsobligatory_ids optional_idsN)rextract_patternsget_peer_certificater ) connectionhostnames .G.G.IJ!K/JJ(33NN,557 !$??JJ"--ann.>.G.G.IJ!K/>>+D55a8Cm+!'(C(CA(F!GQ%c95JJz'<'r^s#+&-/(   Z%'#&'  B!H!!45 2j "M''s  B  B