관리-도구

편집 파일: gnutls.cpython-39.opt-1.pyc

a ����� �g�'����������������������@���sL���d�d
l�Z�d�d
l
Z
d�dlmZmZ
�d�dlmZ
�ddlmZ
�G�dd��de�Z d
S�)�����N)�CalledProcessError�call)
�mkstemp�
���)
�ConfigGeneratorc����������������%���@���s|
��e�Z
d�Zd
Zh�d�
Zddddddd�Zdddd d dddd ddddd� Zddddddddddd� Zddd d!d"d#d$�Zd%d&d'�Z d(g
d)g
d*g
d+g
d,g
d-g
d.g
d/g
d0g
d1d2gd3g
d4g
d5d6gd7g
d8g
d9d:gd;g
d<g
d=g
d>g
d?g
d@g
dAg
dBg
dCg
dDg
dEg
dFg
dGg
dHg
dIg
dJg
dKg
dLg
dMg
dNg
dO�$Z dPdPdQdRdSdTdUdVdWdXdYdZd[d\d]d^�Zd_d`dadbdc�Zdddedfdgdhdidjdkdl�Z edmdn���
Zedodp���
ZdS�)q�GnuTLSGenerator�gnutls>���ZsslZtlsr����AEAD�SHA1�MD5NZSHA512)r ���z HMAC-SHA1zHMAC-MD5z HMAC-SHA2-256z HMAC-SHA2-384z HMAC-SHA2-512ZSHA224ZSHA256ZSHA384�SHA3-224�SHA3-256�SHA3-384�SHA3-512� SHAKE-128� SHAKE-256) r ���r ���r���zSHA2-224zSHA2-256zSHA2-384zSHA2-512r���r ���r���r���r���r���z GROUP-X448zGROUP-X25519zGROUP-SECP256R1zGROUP-SECP384R1zGROUP-SECP521R1zGROUP-FFDHE6144zGROUP-FFDHE2048zGROUP-FFDHE3072zGROUP-FFDHE4096zGROUP-FFDHE8192) �X448�X25519� SECP256R1� SECP384R1� SECP521R1z FFDHE-6144z FFDHE-2048z FFDHE-3072z FFDHE-4096z FFDHE-8192r���r���� SECP224R1r���r���r���)r���r���r���r���r���r���ZEd448ZEd25519)�EDDSA-ED448� EDDSA-ED25519�RSA-MD5�RSA-SHA1�DSA-SHA1� ECDSA-SHA1z RSA-SHA224z DSA-SHA224zECDSA-SHA224z RSA-SHA256z DSA-SHA256zECDSA-SHA256zECDSA-SECP256R1-SHA256z RSA-SHA384z DSA-SHA384zECDSA-SHA384zECDSA-SECP384R1-SHA384z RSA-SHA512z DSA-SHA512zECDSA-SHA512zECDSA-SECP521R1-SHA512zRSA-PSS-SHA256zRSA-PSS-SHA384zRSA-PSS-SHA512zRSA-PSS-RSAE-SHA256zRSA-PSS-RSAE-SHA384zRSA-PSS-RSAE-SHA512�RSA-SHA3-224�DSA-SHA3-224�ECDSA-SHA3-224�RSA-SHA3-256�DSA-SHA3-256�ECDSA-SHA3-256�RSA-SHA3-384�DSA-SHA3-384�ECDSA-SHA3-384�RSA-SHA3-512�DSA-SHA3-512�ECDSA-SHA3-512zEdDSA-Ed448z EdDSA-Ed25519)$r���r���r���r���zRSA-SHA2-224zDSA-SHA2-224zECDSA-SHA2-224zRSA-SHA2-256zDSA-SHA2-256zECDSA-SHA2-256zRSA-SHA2-384zDSA-SHA2-384zECDSA-SHA2-384zRSA-SHA2-512zDSA-SHA2-512zECDSA-SHA2-512zRSA-PSS-SHA2-256zRSA-PSS-SHA2-384zRSA-PSS-SHA2-512zRSA-PSS-RSAE-SHA2-256zRSA-PSS-RSAE-SHA2-384zRSA-PSS-RSAE-SHA2-512r���r���r ���r!���r"���r#���r$���r%���r&���r'���r(���r)���r���r������AES-256-GCM�AES-128-GCM�AES-256-CCM�AES-128-CCM�AES-256-CBC�AES-128-CBC�CAMELLIA-256-GCM�CAMELLIA-128-GCM�CAMELLIA-256-CBC�CAMELLIA-128-CBC�CHACHA20-POLY1305�3DES-CBCzARCFOUR-128)zAES-256-CTRzAES-128-CTRr+���r,���r-���r.���r/���r0���r1���r2���r3���r4���r5���r6���zRC4-128)z ECDHE-RSAzECDHE-ECDSA)
�RSA)
�DHE-RSA)
�DHE-DSS)ZECDHEr7���r8���r9����SSL3.0�TLS1.0�TLS1.1�TLS1.2�TLS1.3�DTLS0.9�DTLS1.0�DTLS1.2)r:���r;���r<���r=���r>���r?���r@���rA���c�������������� ������s���|
j�}t
�d
�
���}|d�rj|d�D�]D}z,��j|�rR|d7�}|��j|�7�}|d7�}W�q$�tyf
�
�
�Y�q$0�q$|d�r�|d�D�]D}z,��j|�r�|d7�}|��j|�7�}|d7�}W�qz�ty�
�
�
�Y�qz0�qz|d�D�]$}|��jv�r�|d��j|���d�7�}qȇ�f
d d �|d�D��
}|D�]"}|D�]}|d|��d�7�}�
q�
q|D�]"}|D�]}|d |��d�7�}�
q8�
q0|
jd��
rx|d7�}|d7�}|d7�}|d�D�](}|��j v��
r�|d��j |���d�7�}�
q�|d�D�](}|��j v��
r�|d��j |���d�7�}�
q�|d��r:|d�D�]J}z.��j|��r|d7�}|��j|�7�}|d7�}W�n�t�y4
�
�
�Y�n0��
q�|d�D�]4}|��jv��rB��j|�D�]}|d|��d�7�}�q\�qB|d�D�](}|��j v��r�|d��j |���d�7�}�q�t�dd�dk}|�s|
jd�dk�r�|d7�}n*|
jd�dk�r�|d 7�}n|
jd�d!k�r|
jd"�} |
jd#�} | d$k
�s,| d$k
�r6|d%7�}n�| d&k
�sJ| d&k
�rT|d'7�}nb| d(k
�sh| d(k
�rr|d)7�}nD| d*k
�s�| d*k
�r�|d+7�}n&| d,k
�s�| d,k
�r�|d-7�}n|d.7�}|d/7�}|S�)0Nz] [global] override-mode = allowlist [overrides] �hashzsecure-hash = �
Zmacztls-enabled-mac = �groupztls-enabled-group = c
��������������������s ���g�|�]}
|
��j�v�r��j�|
��qS���)
�sign_map)�.0�
i�
�clsrE����</usr/share/crypto-policies/python/policygenerators/gnutls.py� <listcomp>���������z3GnuTLSGenerator.generate_config.<locals>.<listcomp>�signz secure-sig = zsecure-sig-for-cert = Z sha1_in_certszsecure-sig-for-cert = rsa-sha1 zsecure-sig-for-cert = dsa-sha1 z!secure-sig-for-cert = ecdsa-sha1 zenabled-curve = Zcipherztls-enabled-cipher = Zkey_exchangeztls-enabled-kx = Zprotocolzenabled-version = ZGNUTLS_NO_TLS_SESSION_HASH�
0�
1Z__emsZENFORCEztls-session-hash = require ZRELAXztls-session-hash = request ZDEFAULT�min_dh_size�min_rsa_sizei���z$min-verification-profile = very_weaki���zmin-verification-profile = lowi���z!min-verification-profile = mediumi���zmin-verification-profile = highi� ��z min-verification-profile = ultraz!min-verification-profile = futurez [priorities] SYSTEM=NONE )Zenabled�textwrap�dedent�lstrip�hash_map�KeyError�mac_map� group_mapZintegers�group_curve_map�sign_curve_map� cipher_map�key_exchange_map�protocol_map�os�getenvZenums)rJ���Zpolicy�
p�
srH���Zsigs�
jZkxZno_tls_session_hashrQ���rR���rE���rI���rK����generate_config����s�����












































�















zGnuTLSGenerator.generate_configc�������������� ���C���s(
��t��
d
�
dkrdS�t��dt�j�s$dS�t��\}}d}z�t��|d��}|�|
�

�W�d����
�n1�s`0�
�
�
�Y�
�z.|t�jd<�dt�jd <�dt�jd <�tddd�}W�n�t y�
�
�
�|�� d �

�Y�n0�W�t�jd=�t�jd =�t�jd =�t��|�

�n$t�jd=�t�jd =�t�jd =�t��|�

�0�|�
r$|�� d�

�|�� d|
����

�dS�dS�)NZ OLD_GNUTLSrP���Tz/usr/bin/gnutls-cli�����
wZGNUTLS_SYSTEM_PRIORITY_FILE�
3ZGNUTLS_DEBUG_LEVELZ&GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALIDz!/usr/bin/gnutls-cli -l >/dev/null)
�shellz%/usr/bin/gnutls-cli: Execution failedz,There is an error in gnutls generated policyzPolicy: F)r_���r`����access�X_OKr����fdopen�write�environr���r���Zeprint�unlink)rJ���Zconfig�fd�path�ret�
frE���rE���rK����test_config
��s>����


 


(





� 



�






zGnuTLSGenerator.test_config)�__name__� __module__�__qualname__ZCONFIG_NAMEZSCOPESrX���rV���rY���rZ���r[���rF���r\���r]���r^����classmethodrd���rs���rE���rE���rE���rK���r������s����





�











�








�




� 
�































�,













�


�






�
i
r���) r_���rS���� subprocessr���r���Ztempfiler���Zconfiggeneratorr���r���rE���rE���rE���rK����<module>���s ���