o h@sddlZddlZddlmZddlZddlZddlZddlZddl Zddl Zej dZ GdddZddZdd Zd d ZdS) N)urlparsez_dns.resolver.arpac@s6eZdZddZddZddZddZd d d Zd S) _SVCBInfocCs||_||_||_||_dSN)bootstrap_addressporthostname nameservers)selfrrrrr @/var/www/vip_panel/venv/lib/python3.10/site-packages/dns/_ddr.py__init__s z_SVCBInfo.__init__cCs.|dD]\}}|dkr||jkrdSqdS)zIVerify that the _SVCBInfo's address is in the cert's subjectAltName (SAN)subjectAltNamez IP AddressTF)r)r certnamevaluer r r ddr_check_certificate!s z_SVCBInfo.ddr_check_certificatecCstjj}|}|jj|_|Sr)dnsquerysslcreate_default_context TLSVersionTLSv1_2minimum_version)r rctxr r r make_tls_context(s z_SVCBInfo.make_tls_contextc Cs|}t|}t|j|jf|>}|j||jd%}|t j || | }||WdWdS1sEwYWddS1sUwYdS)N)server_hostname)rtimesocketcreate_connectionrr wrap_socketr settimeoutrr _remaining do_handshake getpeercertr)r lifetimer expirationstsrr r r ddr_tls_check_sync.s  "z_SVCBInfo.ddr_tls_check_syncNc s|dur tj}|}t|}|tj|jt j dd|j|j f|||j IdH4IdH}| tj|IdH}||WdIdHS1IdHsTwYdS)Nr)r asyncbackendget_default_backendrr make_socketinetaf_for_addressrr SOCK_STREAMrrr#rr!r)r r$backendrr%r'rr r r ddr_tls_check_async:s&     0z_SVCBInfo.ddr_tls_check_asyncr)__name__ __module__ __qualname__r rrr(r0r r r r rs  rc Cs|j}tj|s gSg}|jD]}g}|jtjj j j }|dur%qt |j }|jjdd}d}|jtjj j j}|durD|j}d|vr|jtjj j j}|dus\|jds]q|jdd} | dsod| } |durud}d|d || } zt| |tj| |Wn tyYnwd |vr|durd }|tj|||d |vr|durd }|tj||d|t|d kr|t||||q|S)NT)omit_final_dotsh2s{?dns}i/izhttps://:sdotiUsdoqr) nameserverrr, is_addressrrsetprocessing_orderparamsgetrdtypessvcbbaseParamKeyALPNsetidstargetto_textPORTrDOHPATHrendswithdecode startswithrappend DoHNameserver Exception DoTNameserver DoQNameserverlenr) answerrinfosrrrparamalpnshostrpathurlr r r _extract_nameservers_from_svcbMs^     rXc CsFg}t|}|D]}z ||r||jWqty Yqw|S)VReturn a list of TLS-validated resolver nameservers extracted from an SVCB answer.)rXr(extendrrLrPr$rrQinfor r r _get_nameservers_syncs   r]c sNg}t|}|D]}z||IdHr||jWq ty$Yq w|S)rYN)rXr0rZrrLr[r r r _get_nameservers_asyncs  r^)rr urllib.parserdns.asyncbackendrdns.inetdns.namedns.nameserver dns.querydns.rdtypes.svcbbaser from_text_local_resolver_namerrXr]r^r r r r s   34