ԋg:6ddlmZddlZddlZddlZddlZddlZddlZddlm Z dZ ejdk\r d dZ d dZ nd dZ d d Z Gd d Zy) ) annotationsN) get_template)Security)rrc||_yN)minimum_versionctxversions 4lib/python3.12/site-packages/distributed/security.py_set_minimum_versionr %c||_yr )maximum_versionr s r_set_maximum_versionrrrc|tjjurtd||xjtj tj ztjztjzzc_yNzUnsupported TLS/SSL version: ) ssl TLSVersionTLSv1_2 ValueErroroptions OP_NO_SSLv2 OP_NO_SSLv3 OP_NO_TLSv1 OP_NO_TLSv1_1r s rrr#s[ #..00 0>Icp||vr||}ntjj|}t|||yr )r:r;r<setattr)r@rAfield config_namevals rr>zSecurity._set_fields0 F?-C++//+.CeS!rc ||vr_||}dtjjtjjh}||vrt |d|dt ||~|}n{|tjjtjjd}t jj|}||vr||}nt |d|dt |t|||y)N=z# is not supported, expected one of )Ng333333?g?) rrrTLSv1_3rlistr:r;r<r)r@rArrdefaultrvalids rr?zSecurity._set_tls_version_fields F?-C3>>113>>3I3IJE% gQsg%He V{^^++^^++E ++//+.Ce|Cj "m1SG+NtTY{m\ eS!rc.t|j}|jdi}|D]g}t||}|t |t r d|vrd||<,t |t r'dt jj|d||<c|||<i|S)Nr- zTemporary (In-memory)zLocal ()) r8r6removegetattr isinstancestrospathabspath)r@keysattrkrs r _attr_to_dictzSecurity._attr_to_dictsdnn% %&A$"Cc3'DCK5DGS) '(<'=Q?DG!DG rcz|j}ddjd|jDzdzS)Nz Security(z, c30K|]\}}|d|yw)rNrU).0r|values r z$Security.__repr__.. s H!!# iiH4::<HH I  rcTtdj|jS)Nzsecurity.html.j2)security)rrenderr)r@s r _repr_html_zSecurity._repr_html_s%./66@R@R@T6UUrc|dvrtd||j|jt|d|zt|d|zdS)zR Return the TLS configuration for the given role, as a flat dict. >clientworker schedulerz unknown role z tls_%s_certz tls_%s_key)ca_fileciphersrr|)rr#r$r)r@roles rget_tls_config_for_rolez Security.get_tls_config_for_rolesY 8 8}TH56 6''''D-$"674!45   rcX|jdr|jdr|d}|dx}}|jdx}}d|vrtj||}ntj||}t||j|j t ||j d|v} |duxrd|v} | s| rtj5} | rFtjj| d}t|d5} | j|ddd| rFtjj| d }t|d5} | j|ddd|j||dddn|j||tj|_d |_|xj$tj&zc_|jd r |j)|jd |Syy#1swYxYw#1swYxYw#1swYxYw) Nrrr|r)purposecadata)rcafilezdask.crtwzdask.pemFr)r<rcreate_default_contextrr%r&rtempfileTemporaryDirectoryrrropenwriteload_cert_chain CERT_REQUIRED verify_modecheck_hostname verify_flagsVERIFY_X509_STRICT set_ciphers) r@tlsrca cert_pathrkey_pathr|r cert_in_memory key_in_memorytempdirfs r_get_tls_contextzSecurity._get_tls_context!s 779 #''&/YB"6{ *I WWU^ +Hsrz00L00L !d&:&: ;##/$S$*>*>?!T\NtO; M002g%$&GGLL*$E !)S1QGGDM2$#%77<<#D!(C0AGGCL1'' 8<32##Ix8"//CO"'C    !7!7 7 7 wwy! 23JY#2 ,211032s</H H6H  HH H H H H  H)c|j|}|j|tjj|j |j dS)zh Get the *connection_args* argument for a connect() call with the given *role*. ) ssl_contextr"r-)rrrPurpose SERVER_AUTHr"r-r@rrs rget_connection_argszSecurity.get_connection_argsPsJ **4000ckk6M6MN"&"9"9#33  rc|j|}|j|tjj|j dS)zg Get the *connection_args* argument for a listen() call with the given *role*. )rr")rrrr CLIENT_AUTHr"rs rget_listen_argszSecurity.get_listen_args\sA **4000ckk6M6MN"&"9"9  rr )__name__ __module__ __qualname____doc__r6rC classmethodrr>r?rrrrrrrrUrrrr8sZ'R I&WP: : x""4$ V  -^    rr)r zssl.SSLContextr zssl.TLSVersionreturnNone) __future__rrirrrr0r: dask.widgetsr__all__r/rrrrUrrrsS"  % |+&&  Jm m r