;e$D dZddlZddlZddlZddlZddlTdZdZdZej ej e Z d4d Zd Zd ZdZdZedkr9eje edd\ZZedd5Zeedddn #1swxYwYedd5Zeedddn #1swxYwYedegdegdedd5Zeeeedddn #1swxYwYedd5Zeedddn #1swxYwYeedd\ZZedd5Zeeeedddn #1swxYwYedd \ZZed!d5Zeeeedddn #1swxYwYedd \ZZed"d5Zeeeedddn #1swxYwYed#dd$%\ZZed&d5Zeeeedddn #1swxYwYgd'Zed(dd)e*\ZZed+d5Zeeeedddn #1swxYwYgd,Zed-dd)e*\ZZed.d5Zeeeedddn #1swxYwYed/dd01\ZZed2d5Zeeeedddn #1swxYwYeed3eded!dSdS)5zOMake the custom certificate and private key files used by test_ssl and friends.N)*20180829142316Z20371028142316Za [ default ] base_url = http://testca.pythontest.net/testca [req] distinguished_name = req_distinguished_name prompt = no [req_distinguished_name] C = XY L = Castle Anthrax O = Python Software Foundation CN = {hostname} [req_x509_extensions_nosan] [req_x509_extensions_simple] subjectAltName = @san [req_x509_extensions_full] subjectAltName = @san keyUsage = critical,keyEncipherment,digitalSignature extendedKeyUsage = serverAuth,clientAuth basicConstraints = critical,CA:false subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always authorityInfoAccess = @issuer_ocsp_info crlDistributionPoints = @crl_info [ issuer_ocsp_info ] caIssuers;URI.0 = $base_url/pycacert.cer OCSP;URI.0 = $base_url/ocsp/ [ crl_info ] URI.0 = $base_url/revocation.crl [san] DNS.1 = {hostname} {extra_san} [dir_sect] C = XY L = Castle Anthrax O = Python Software Foundation CN = dirname example [princ_name] realm = EXP:0, GeneralString:KERBEROS.REALM principal_name = EXP:1, SEQUENCE:principal_seq [principal_seq] name_type = EXP:0, INTEGER:1 name_string = EXP:1, SEQUENCE:principals [principals] princ1 = GeneralString:username [ ca ] default_ca = CA_default [ CA_default ] dir = cadir database = $dir/index.txt crlnumber = $dir/crl.txt default_md = sha256 startdate = {startdate} default_startdate = {startdate} enddate = {enddate} default_enddate = {enddate} default_days = 7000 default_crl_days = 7000 certificate = pycacert.pem private_key = pycakey.pem serial = $dir/serial RANDFILE = $dir/.rand policy = policy_match [ policy_match ] countryName = match stateOrProvinceName = optional organizationName = match organizationalUnitName = optional commonName = supplied emailAddress = optional [ policy_anything ] countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional commonName = supplied emailAddress = optional [ v3_ca ] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer basicConstraints = CA:true Freq_x509_extensions_fullrsa:3072chtd|zg}tdD]I}tjd5}||jdddn #1swxYwYJ|\}} } t ||tt} t|d5}| | dddn #1swxYwYddd d d d |d | d|d|g } |rVtjd5}||j|j} dddn #1swxYwY| d| gz } n| dd| gz } tdg| z|r#dd|d|d| dddddd| g} tdg| zt| d5}| }dddn #1swxYwYt| d5}| }dddn #1swxYwY||f|D]}tj|S#|D]}tj|wxYw)Nzcreating cert for F)deletehostname extra_san startdateenddatewreq-new-nodesz-days7000-newkey-keyout -extensions-config-outz-x509opensslca-outdircadirz-policypolicy_anything-batch-infilesr)printrangetempfileNamedTemporaryFileappendname req_templateformatrropenwrite check_callreadosremove)r signrextkey tempnamesifreq_file cert_filekey_filerargsreqfilecertr(s */usr/lib/python3.11/test/make_ssl_certs.py make_cert_keyr>ws  )***I 1XX%%  ( 6 6 6 %!   QV $ $ $ % % % % % % % % % % % % % % %$-!Hi+!! "   (C  A GGCLLL               vx&3 8s8%  2,E::: !a  (((& ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! VW& &DD Wfi1 1DI;%&&&  +8s 7,*gD  {T) * * *)S ! ! Q6688D                (C  A&&((C               Sy  D IdOOOO I  D IdOOOO sA""A& )A& 58H-C HCHC)H"D." H.D22H5D26AHF2& H2F66H9F6:H G." H.G22H5G26HH1rc8tjtdS)N)shutilrmtree TMP_CADIRr= unmake_carEs M)rDctjtttjddd5} dddn #1swxYwYttjddd5}|ddddn #1swxYwYttjddd5}|ddddn #1swxYwYttjdd d 5}|d dddn #1swxYwYtjd 5}t d d tt}||| tj5}dd|jddddddd|jddg }tdg|zdd|jddddtddd d!d"d#|jg}tdg|zdd|jd$dd%g}tdg|zdddn #1swxYwYdddn #1swxYwYtgd&t!jd'd(dS))Nrz index.txta+zcrl.txt00zindex.txt.attrzw+zunique_subject = noserialrzCB2D80995A69525B z our-ca-serverrr rrrrrrrz pycakey.pemrz-subjzG/C=XY/L=Castle Anthrax/O=Python Software Foundation CA/CN=our-ca-serverrr pycacert.pemr rz-keyfilez -selfsignrv3_car!z-gencrlzrevocation.crl)rx509-inrJrcapath/ceff1710.0rNzcapath/b1930218.0)r/mkdirrBr+pathjoinr,r%r&r)r*rrflushr(r-r@copy)r6trr:s r=make_carUsHY bgll7;// 5 5                 bgll79--d 3 3q   bgll7#344T : :'a %&&&''''''''''''''' bgll78,,c 2 2&a $%%%&&&&&&&&&&&&&&&  $S ) )+Q!!$ "       ( * * +a9affz}AFf hD  {T) * * *)QVNHi QVND  {T) * * *)QVY@PQD  {T) * * * + + + + + + + + + + + + + + ++++++++++++++++4 K#%899999sAAAB11B58B5*D  DDE''E+.E+A%J+BI7+ J7I; ;J>I; ?JJJc\ddl}tj||dS)Nr)_sslpprint_test_decode_cert)rPrWs r= print_certrZs/KKK M$((../////rD__main__ localhostreq_x509_extensions_simple)r2z ssl_cert.pemr ssl_key.pemz5password protecting ssl_key.pem in ssl_key.passwd.pem) rpkeyrMr^rzssl_key.passwd.pem-aes256-passout pass:somepass) rr_rMr^rkeycert.passwd.pemr`rarbz keycert.pemrcrG fakehostnamez keycert2.pemT)r1z keycert3.pemz keycert4.pemz localhost-ecczparam:secp384r1.pem)r1r3zkeycertecc.pem) z0otherName.1 = 1.2.3.4;UTF8:some other identifierz/otherName.2 = 1.3.6.1.5.2.2;SEQUENCE:princ_namezemail.1 = user@example.orgzDNS.2 = www.example.orgzdirName.1 = dir_sectzURI.1 = https://www.python.org/zIP.1 = 127.0.0.1z IP.2 = ::1zRID.1 = 1.2.3.4.5allsans )r1rz allsans.pem)z'DNS.2 = xn--knig-5qa.idn.pythontest.netz6DNS.3 = xn--knigsgsschen-lcb0w.idna2003.pythontest.netz6DNS.4 = xn--knigsgchen-b4a3dun.idna2008.pythontest.netz,DNS.5 = xn--nxasmq6b.idna2003.pythontest.netz,DNS.6 = xn--nxasmm1c.idna2008.pythontest.netidnsansz idnsans.pemnosanreq_x509_extensions_nosan)r1r2z nosan.pemz>update Lib/test/test_ssl.py and Lib/test/test_asyncio/utils.py)Frrr)__doc__r/rXr@r% subprocessrrr)rPabspathdirname__file__herer>rBrErUrZ__name__chdirr<r3r+r6r,r#r-rrQrCrDr=rrs   e N wrwx0011356@3333j  ):):):X000  z BHTNNN k/KLLLID# nc " "a   mS ! !Q   E ABBBJvvvwwwJvvvwww mS ! !Q     "D ) )Q   GIII n2NOOOID# nc " "a     k555ID# nc " "a     n4888ID# nc " "a     d(=ID#  $ $       I iddii >R>RSSSID# mS ! !Q       I iddii >R>RSSSID# mS ! !Q     gD6QRRRID# k3  1    IKKK E JKKKJ}J~msB55B9<B9 C..C25C2*+E!!E%(E%8FF!F +HH H)+I  I$'I$+J>>KK&+LL!$L!+NNN+P  P P 1+Q((Q,/Q,