ó Á£ô_c@sŠdZddlZddlZddlZddlZddlZddlmZddlmZddlm Z ddl m Z ddl m Z ddl mZejeƒZd e jfd „ƒYZd dd „ƒYZd efd„ƒYZdeefd„ƒYZdejfd„ƒYZdeefd„ƒYZdefd„ƒYZdejfd„ƒYZde jfd„ƒYZdS(s1Support for standalone client challenge solvers. iÿÿÿÿN(tBaseHTTPServer(t http_client(t socketserver(t challenges(t crypto_util(tListt TLSServercBs2eZdZd„Zd„Zd„Zd„ZRS(sGeneric TLS Server.cOs•|jdtƒ|_|jr-tj|_n tj|_|jdiƒ|_|jdtj ƒ|_ |jdt ƒ|_ t jj|||ŽdS(Ntipv6tcertstmethodtallow_reuse_address(tpoptFalseRtsockettAF_INET6taddress_familytAF_INETRRt_DEFAULT_SSL_METHODR tTrueR Rt TCPServert__init__(tselftargstkwargs((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRs  c Cs=tj|jd|jdt|ddƒd|jƒ|_dS(Ntcert_selectiontalpn_selectiont_alpn_selectionR (Rt SSLSocketR t_cert_selectiontgetattrtNoneR (R((s3/usr/lib/python2.7/site-packages/acme/standalone.pyt _wrap_sock"scCs|jƒ}|jj|dƒS(s.Callback selecting certificate for connection.N(tget_servernameRtgetR(Rt connectiont server_name((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR(s cCs|jƒtjj|ƒS(N(RRRt server_bind(R((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR$-s (t__name__t __module__t__doc__RRRR$(((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRs   tACMEServerMixincBseZdZdZeZRS(s"ACME server common settings mixin.s'ACME client standalone challenge solver(R%R&R'tserver_versionRR (((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR(2stBaseDualNetworkedServerscBs2eZdZd„Zd„Zd„Zd„ZRS(sBase class for a pair of IPv6 and IPv4 servers that tries to do everything it's asked for both servers, but where failures in one server don't affect the other. If two servers are instantiated, they will serve on the same port. c Os\|d}g|_g|_xttgD]}yp||d<|df|f|d}|f|}|||Ž} tjd|d|d|r—dndƒWnttjk r|jrètjd|d|d|rÞdndƒq9tjd |d|d|r dndƒq)X|jj| ƒ| jj ƒd}q)W|jsXtjd ƒ‚ndS( NiRiis$Successfully bound to %s:%s using %stIPv6tIPv4s‚Certbot wasn't able to bind to %s:%s using %s, this is often expected due to the dual stack nature of IPv6 socket implementations.s Failed to bind to %s:%s using %ssCould not bind to IPv4 or IPv6.( tthreadstserversRR tloggertdebugR terrortappendt getsockname( Rt ServerClasstserver_addresstremaining_argsRtportt ip_versiont new_addresstnew_argstserver((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRAs2         cCsGx@|jD]5}tjd|jƒ}|jƒ|jj|ƒq WdS(s*Wraps socketserver.TCPServer.serve_foreverttargetN(R.t threadingtThreadt serve_forevertstartR-R2(RR;tthread((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR?ks    cCs#g|jD]}|jjƒ^q S(s/Wraps socketserver.TCPServer.socket.getsockname(R.R R3(RR;((s3/usr/lib/python2.7/site-packages/acme/standalone.pyt getsocknamessscCsSx%|jD]}|jƒ|jƒq Wx|jD]}|jƒq2Wg|_dS(spWraps socketserver.TCPServer.shutdown, socketserver.TCPServer.server_close, and threading.Thread.joinN(R.tshutdownt server_closeR-tjoin(RR;RA((s3/usr/lib/python2.7/site-packages/acme/standalone.pytshutdown_and_server_closews  (R%R&R'RR?RBRF(((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR*9s  *  tTLSALPN01ServercBs2eZdZdZed„Zd„Zd„ZRS(sTLSALPN01 Server.s acme-tls/1cCs,tj||td|d|ƒ||_dS(NRR(RRt_BaseRequestHandlerWithLoggingtchallenge_certs(RR5RRIR((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR‡scCs/|jƒ}tjd|ƒ|jj|dƒS(Ns)Serving challenge cert for server name %s(R R/R0RIR!R(RR"R#((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRs cCsYt|ƒdkr?|d|jkr?tjd|jƒ|jStjdt|ƒƒdS(s!Callback to select alpn protocol.iisAgreed on %s ALPNs#Cannot agree on ALPN proto. Got: %st(tlentACME_TLS_1_PROTOCOLR/R0tstr(Rt _connectiont alpn_protos((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR™s %(R%R&R'RLR RRR(((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRG‚s   t HTTPServercBseZdZd„ZRS(sGeneric HTTP Server.cOsS|jdtƒ|_|jr-tj|_n tj|_tjj |||ŽdS(NR( R R RR RRRRRPR(RRR((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR§s   (R%R&R'R(((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRP¤st HTTP01ServercBseZdZedd„ZRS(sHTTP01 Server.icCs/tj||tjd|d|ƒd|ƒdS(Ntsimple_http_resourcesttimeoutR(RPRtHTTP01RequestHandlert partial_init(RR5t resourcesRRS((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR³s(R%R&R'R R(((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRQ°stHTTP01DualNetworkedServerscBseZdZd„ZRS(s`HTTP01Server Wrapper. Tries everything for both. Failures for one don't affect the other.cOstj|t||ŽdS(N(R*RRQ(RRR((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR½s(R%R&R'R(((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRW¹sRTcBsneZdZejddƒZd„Zd„Zd„Zd„Z d„Z d„Z d „Z e d „ƒZRS( sÍHTTP01 challenge handler. Adheres to the stdlib's `socketserver.BaseRequestHandler` interface. :ivar set simple_http_resources: A set of `HTTP01Resource` objects. TODO: better name? tHTTP01Resourceschall response validationcOsG|jdtƒƒ|_|jddƒ|_tjj|||ŽdS(NRRRSi(R tsetRRRSRtBaseHTTPRequestHandlerR(RRR((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRÍscGs"tjd|jd||ƒdS(sLog arbitrary message.s %s - - %siN(R/R0tclient_address(RtformatR((s3/usr/lib/python2.7/site-packages/acme/standalone.pyt log_messageÒscCs!|jdƒtjj|ƒdS(sHandle request.sIncoming requestN(R]RRZthandle(R((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR^Ös cCsS|jdkr|jƒn3|jjdtjjƒrE|jƒn |jƒdS(Nt/(tpatht handle_indext startswithRtHTTP01t URI_ROOT_PATHthandle_simple_http_resourcet handle_404(R((s3/usr/lib/python2.7/site-packages/acme/standalone.pytdo_GETÛs   cCsG|jdƒ|jddƒ|jƒ|jj|jjjƒƒdS(sHandle index page.iÈs Content-Types text/htmlN(t send_responset send_headert end_headerstwfiletwriteR;R)tencode(R((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRaãs  cCsD|jtjddƒ|jddƒ|jƒ|jjdƒdS(sHandler 404 Not Found errors.tmessages Not Founds Content-types text/htmlt404N(RhRt NOT_FOUNDRiRjRkRl(R((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRfês cCs x†|jD]n}|jj|jkr |jd|jjdƒƒ|jtjƒ|jƒ|j j |j jƒƒdSq W|jdƒ|jd|jƒdS(s$Handle HTTP01 provisioned resources.sServing HTTP01 with token %rttokenNsNo resources to serves0%s does not correspond to any resource. ignoring( RRtchallR`R]RmRhRtOKRjRkRlt validation(Rtresource((s3/usr/lib/python2.7/site-packages/acme/standalone.pyReñs    cCstj|d|d|ƒS(s¿Partially initialize this handler. This is useful because `socketserver.BaseServer` takes uninitialized handler and initializes it with the current request. RRRS(t functoolstpartial(tclsRRRS((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRUs  (R%R&R't collectionst namedtupleRXRR]R^RgRaRfRet classmethodRU(((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRTÁs        RHcBs eZdZd„Zd„ZRS(s BaseRequestHandler with logging.cGs"tjd|jd||ƒdS(sLog arbitrary message.s %s - - %siN(R/R0R[(RR\R((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR]scCs!|jdƒtjj|ƒdS(sHandle request.sIncoming requestN(R]RtBaseRequestHandlerR^(R((s3/usr/lib/python2.7/site-packages/acme/standalone.pyR^s (R%R&R'R]R^(((s3/usr/lib/python2.7/site-packages/acme/standalone.pyRHs ((R'RyRvtloggingR R=t six.movesRRRtacmeRRtacme.magic_typingRt getLoggerR%R/RRR(tobjectR*RGRPRQRWRZRTR|RH(((s3/usr/lib/python2.7/site-packages/acme/standalone.pyts*     I"  M