o NK&hF% @sdddlmZddlZddlZddlZddlmZmZddlm Z ddl m Z ddl m Z ddlmZddlmZmZmZmZdd lmZdd lmZdd lmZmZmZdd lmZdd lm Z ddl!m"Z"m#Z#zddl$Z$dZ%Wne&e'fyedZ$dZ%Ynwerddl(m)Z)gdZ*d)ddZ+d*d!d"Z,Gd#d$d$eZ-Gd%d&d&e-Z.Gd'd(d(e-Z/dS)+) annotationsN)ABCabstractmethod)suppress)Path)mkdtemp) ModuleType) TYPE_CHECKINGOptionalUnioncast)Mode)loading)DEFAULT_LOCAL_TLS_CERTDEFAULT_LOCAL_TLS_KEYLocalCertCreator)SanicException)Default) CertSimpleSanicSSLContextTtrustmeF)Sanic)zECDHE-ECDSA-CHACHA20-POLY1305zECDHE-ECDSA-AES256-GCM-SHA384zECDHE-ECDSA-AES128-GCM-SHA256zECDHE-RSA-CHACHA20-POLY1305zECDHE-RSA-AES256-GCM-SHA384zECDHE-RSA-AES128-GCM-SHA256 maybe_pathUnion[Path, str]tmpdirOptional[Path]returnrcCs6t|tr|St|}|s|std||S|S)Nz$Reached an unknown state. No tmpdir.) isinstancerexists RuntimeError)rrpathr!J/var/www/html/venv/lib/python3.10/site-packages/sanic/http/tls/creators.py _make_path2s r#apprsslOptional[ssl.SSLContext]ssl.SSLContextcCsR|r|S|jjtjurtdt|tt|j j |j j |j j }| |j j}|S)Na?Cannot run Sanic as an HTTPS server in PRODUCTION mode without passing a TLS certificate. If you are developing locally, please enable DEVELOPMENT mode and Sanic will generate a localhost TLS certificate. For more information please see: https://sanic.dev/en/guide/deployment/development.html#automatic-tls-certificate.)statemoder PRODUCTIONr CertCreatorselectr rconfigLOCAL_CERT_CREATOR LOCAL_TLS_KEYLOCAL_TLS_CERT generate_cert LOCALHOST)r$r%creatorcontextr!r!r"get_ssl_context?s  r5c@sNeZdZdddZedddZedd d ZedddZe dddZ dS)r+rNonecCs||_||_||_d|_t|jtst|jtrtt|_t|jtr&tn|j}t|jtr1t n|j}t ||j|_ t ||j|_ dSN) r$keycertrrrrrrrr#key_path cert_path)selfr$r8r9r!r!r"__init__Zs    zCertCreator.__init__cCdSr7r!r<r!r!r"check_supportedqzCertCreator.check_supported localhoststrr'cCr>r7r!)r<rBr!r!r"r1urAzCertCreator.generate_certr$r cert_creatorrc CsTd}ttjfttjff}|D]\}}||||||||}|r!nq|s(td|S)NzSanic could not find package to create a TLS certificate. You must have either mkcert or trustme installed. See https://sanic.dev/en/guide/deployment/development.html#automatic-tls-certificate for more details.) MkcertCreatorrMKCERTTrustmeCreatorTRUSTME _try_selectr) clsr$rD local_tls_keylocal_tls_certr3cert_creator_options creator_class local_creatorr!r!r"r,ys.  zCertCreator.selectr3Optional[CertCreator]rNtype[CertCreator]creator_requirementcreator_requestedcCsT|s |tjur ||ur |S||||}z|W|Sty)||ur&YdSwr7)rAUTOr@r)r$r3rNrRrSrKrLinstancer!r!r"rIs    zCertCreator._try_selectNrr6rBrCrr')r$rrDrrr+) r$rr3rPrNrQrRrrSr) __name__ __module__ __qualname__r=rr@r1 classmethodr, staticmethodrIr!r!r!r"r+Ys    &r+c@ eZdZd ddZd dd Zd S) rErr6c CsDztjddgdtjtjdWdSty!}ztd|d}~ww)Nmkcertz-helpT)checkstderrstdoutaSanic is attempting to use mkcert to generate local TLS certificates since you did not supply a certificate, but one is required. Sanic cannot proceed since mkcert does not appear to be installed. Alternatively, you can use trustme. Please install mkcert, trustme, or supply TLS certificates to proceed. Installation instructions can be found here: https://github.com/FiloSottile/mkcert. Find out more information about your options here: https://sanic.dev/en/guide/deployment/development.html#automatic-tls-certificate) subprocessrunDEVNULL Exceptionr)r<er!r!r"r@s  zMkcertCreator.check_supportedrBrCr'c sz[jsPd}t|"ddtjdtj|g}tj|dtjtjdd}Wdn1s1wYt j ddt |d t j t j |j Wjjfd d }n jjfd d }wtjj}d|jd <||jd <t||S)NzGenerating TLS certificater^z -key-filez -cert-fileT)r_rar`text  csVjr)ttjjWdn1swYjdSdSr7)rrFileNotFoundErrorr:unlinkr;rmdir)_r?r!r"cleanups   z,MkcertCreator.generate_cert..cleanupr3rB)r;rrrCr:rbrcPIPESTDOUTsysrawritelenflushr$main_process_stoprsanicrcreate_from_ssl_context)r<rBmessagecmdrespror4r!r?r"r1s@      zMkcertCreator.generate_certNrVrWrXrYrZr@r1r!r!r!r"rEs rEc@r]) rGrr6cCststddS)Na Sanic is attempting to use trustme to generate local TLS certificates since you did not supply a certificate, but one is required. Sanic cannot proceed since trustme does not appear to be installed. Alternatively, you can use mkcert. Please install mkcert, trustme, or supply TLS certificates to proceed. Installation instructions can be found here: https://github.com/python-trio/trustme. Find out more information about your options here: https://sanic.dev/en/guide/deployment/development.html#automatic-tls-certificate)TRUSTME_INSTALLEDrr?r!r!r"r@s zTrustmeCreator.check_supportedrBrCr'cCstttj}|j|jd|_t }| |}| || ||jt|j|jt|jd|jd<||jd<|S)N)r9r8rr3rB)rrxr% SSLContextPROTOCOL_TLS_SERVERr;absoluter:rwrCA issue_certconfigure_certconfigure_trustcert_pem write_to_pathrCprivate_key_and_cert_chain_pem)r<rBr4ca server_certr!r!r"r1 s"       zTrustmeCreator.generate_certNrVrWr|r!r!r!r"rGs rG)rrrrrr)r$rr%r&rr')0 __future__rr%rbrrabcrr contextlibrpathlibrtempfilertypesrtypingr r r r sanic.application.constantsr sanic.application.spinnerrsanic.constantsrrrsanic.exceptionsr sanic.helpersrsanic.http.tls.contextrrrr} ImportErrorModuleNotFoundErrorrwr CIPHERS_TLS12r#r5r+rErGr!r!r!r"s>           cA