ó L]c@s¢dZddlZddlZddlmZddlmZmZmZm Z ddl m Z ddl m Z dZd Zd efd „ƒYZd d gZdS( s*Base implementation of 0MQ authentication.iÿÿÿÿN(tz85(tbytestunicodetbtu(t_check_versioni(tload_certificatest*s1.0t AuthenticatorcBs¹eZdZdddd„Zd„Zd„Zd„Zd„Zddd„Z ddd „Z ddd „Z d „Z ddd „Z d „Zd„Zd„Zd„Zdd„ZRS(sÉImplementation of ZAP authentication for zmq connections. Note: - libzmq provides four levels of security: default NULL (which the Authenticator does not see), and authenticated NULL, PLAIN, CURVE, and GSSAPI, which the Authenticator can see. - until you add policies, all incoming NULL connections are allowed. (classic ZeroMQ behavior), and all PLAIN and CURVE connections are denied. - GSSAPI requires no configuration. sutf-8cCstddƒ|ptjjƒ|_||_t|_i|_d|_ t ƒ|_ t ƒ|_ i|_i|_|p…tjdƒ|_dS(Niitsecurityszmq.auth(ii(RtzmqtContexttinstancetcontexttencodingtFalset allow_anytcredentials_providerstNonet zap_sockettsett whitelistt blacklistt passwordstcertstloggingt getLoggertlog(tselfR RR((s,lib/python2.7/site-packages/zmq/auth/base.pyt__init__s         cCsH|jjtjƒ|_d|j_|jjdƒ|jjdƒdS(sCreate and bind the ZAP socketisinproc://zeromq.zap.01tStartingN( R tsocketR tREPRtlingertbindRtdebug(R((s,lib/python2.7/site-packages/zmq/auth/base.pytstart0s cCs&|jr|jjƒnd|_dS(sClose the ZAP socketN(RtcloseR(R((s,lib/python2.7/site-packages/zmq/auth/base.pytstop7s cGsH|jrtdƒ‚n|jjddj|ƒƒ|jj|ƒdS(saAllow (whitelist) IP address(es). Connections from addresses not in the whitelist will be rejected. - For NULL, all clients from this address will be accepted. - For real auth setups, they will be allowed to continue with authentication. whitelist is mutually exclusive with blacklist. s-Only use a whitelist or a blacklist, not boths Allowing %st,N(Rt ValueErrorRR#tjoinRtupdate(Rt addresses((s,lib/python2.7/site-packages/zmq/auth/base.pytallow=s cGsH|jrtdƒ‚n|jjddj|ƒƒ|jj|ƒdS(sËDeny (blacklist) IP address(es). Addresses not in the blacklist will be allowed to continue with authentication. Blacklist is mutually exclusive with whitelist. s-Only use a whitelist or a blacklist, not boths Denying %sR'N(RR(RR#R)RR*(RR+((s,lib/python2.7/site-packages/zmq/auth/base.pytdenyLs RcCs-|r||j|R]RKRLRMRI(((s,lib/python2.7/site-packages/zmq/auth/base.pyRs       "  ^ ! 3 R0(RoRR t zmq.utilsRtzmq.utils.strtypesRRRRt zmq.errorRRRR0RJtobjectRt__all__(((s,lib/python2.7/site-packages/zmq/auth/base.pyts  "ÿi