[ssl] Set values to constants (#14544)

Author: donBarbos

stdlib/_ssl.pyi

@@ -12,7 +12,7 @@ from ssl import (
     SSLWantWriteError as SSLWantWriteError,
     SSLZeroReturnError as SSLZeroReturnError,
 )
-from typing import Any, ClassVar, Literal, TypedDict, final, overload, type_check_only
+from typing import Any, ClassVar, Final, Literal, TypedDict, final, overload, type_check_only
 from typing_extensions import NotRequired, Self, TypeAlias
 
 _PasswordType: TypeAlias = Callable[[], str | bytes | bytearray] | str | bytes | bytearray
@@ -161,135 +161,134 @@ if sys.version_info < (3, 12):
     err_names_to_codes: dict[str, tuple[int, int]]
     lib_codes_to_names: dict[int, str]
 
-_DEFAULT_CIPHERS: str
+_DEFAULT_CIPHERS: Final[str]
 
 # SSL error numbers
-SSL_ERROR_ZERO_RETURN: int
-SSL_ERROR_WANT_READ: int
-SSL_ERROR_WANT_WRITE: int
-SSL_ERROR_WANT_X509_LOOKUP: int
-SSL_ERROR_SYSCALL: int
-SSL_ERROR_SSL: int
-SSL_ERROR_WANT_CONNECT: int
-SSL_ERROR_EOF: int
-SSL_ERROR_INVALID_ERROR_CODE: int
+SSL_ERROR_ZERO_RETURN: Final = 6
+SSL_ERROR_WANT_READ: Final = 2
+SSL_ERROR_WANT_WRITE: Final = 3
+SSL_ERROR_WANT_X509_LOOKUP: Final = 4
+SSL_ERROR_SYSCALL: Final = 5
+SSL_ERROR_SSL: Final = 1
+SSL_ERROR_WANT_CONNECT: Final = 7
+SSL_ERROR_EOF: Final = 8
+SSL_ERROR_INVALID_ERROR_CODE: Final = 10
 
 # verify modes
-CERT_NONE: int
-CERT_OPTIONAL: int
-CERT_REQUIRED: int
+CERT_NONE: Final = 0
+CERT_OPTIONAL: Final = 1
+CERT_REQUIRED: Final = 2
 
 # verify flags
-VERIFY_DEFAULT: int
-VERIFY_CRL_CHECK_LEAF: int
-VERIFY_CRL_CHECK_CHAIN: int
-VERIFY_X509_STRICT: int
-VERIFY_X509_TRUSTED_FIRST: int
+VERIFY_DEFAULT: Final = 0
+VERIFY_CRL_CHECK_LEAF: Final = 0x4
+VERIFY_CRL_CHECK_CHAIN: Final = 0x8
+VERIFY_X509_STRICT: Final = 0x20
+VERIFY_X509_TRUSTED_FIRST: Final = 0x8000
 if sys.version_info >= (3, 10):
-    VERIFY_ALLOW_PROXY_CERTS: int
-    VERIFY_X509_PARTIAL_CHAIN: int
+    VERIFY_ALLOW_PROXY_CERTS: Final = 0x40
+    VERIFY_X509_PARTIAL_CHAIN: Final = 0x80000
 
 # alert descriptions
-ALERT_DESCRIPTION_CLOSE_NOTIFY: int
-ALERT_DESCRIPTION_UNEXPECTED_MESSAGE: int
-ALERT_DESCRIPTION_BAD_RECORD_MAC: int
-ALERT_DESCRIPTION_RECORD_OVERFLOW: int
-ALERT_DESCRIPTION_DECOMPRESSION_FAILURE: int
-ALERT_DESCRIPTION_HANDSHAKE_FAILURE: int
-ALERT_DESCRIPTION_BAD_CERTIFICATE: int
-ALERT_DESCRIPTION_UNSUPPORTED_CERTIFICATE: int
-ALERT_DESCRIPTION_CERTIFICATE_REVOKED: int
-ALERT_DESCRIPTION_CERTIFICATE_EXPIRED: int
-ALERT_DESCRIPTION_CERTIFICATE_UNKNOWN: int
-ALERT_DESCRIPTION_ILLEGAL_PARAMETER: int
-ALERT_DESCRIPTION_UNKNOWN_CA: int
-ALERT_DESCRIPTION_ACCESS_DENIED: int
-ALERT_DESCRIPTION_DECODE_ERROR: int
-ALERT_DESCRIPTION_DECRYPT_ERROR: int
-ALERT_DESCRIPTION_PROTOCOL_VERSION: int
-ALERT_DESCRIPTION_INSUFFICIENT_SECURITY: int
-ALERT_DESCRIPTION_INTERNAL_ERROR: int
-ALERT_DESCRIPTION_USER_CANCELLED: int
-ALERT_DESCRIPTION_NO_RENEGOTIATION: int
-ALERT_DESCRIPTION_UNSUPPORTED_EXTENSION: int
-ALERT_DESCRIPTION_CERTIFICATE_UNOBTAINABLE: int
-ALERT_DESCRIPTION_UNRECOGNIZED_NAME: int
-ALERT_DESCRIPTION_BAD_CERTIFICATE_STATUS_RESPONSE: int
-ALERT_DESCRIPTION_BAD_CERTIFICATE_HASH_VALUE: int
-ALERT_DESCRIPTION_UNKNOWN_PSK_IDENTITY: int
+ALERT_DESCRIPTION_CLOSE_NOTIFY: Final = 0
+ALERT_DESCRIPTION_UNEXPECTED_MESSAGE: Final = 10
+ALERT_DESCRIPTION_BAD_RECORD_MAC: Final = 20
+ALERT_DESCRIPTION_RECORD_OVERFLOW: Final = 22
+ALERT_DESCRIPTION_DECOMPRESSION_FAILURE: Final = 30
+ALERT_DESCRIPTION_HANDSHAKE_FAILURE: Final = 40
+ALERT_DESCRIPTION_BAD_CERTIFICATE: Final = 42
+ALERT_DESCRIPTION_UNSUPPORTED_CERTIFICATE: Final = 43
+ALERT_DESCRIPTION_CERTIFICATE_REVOKED: Final = 44
+ALERT_DESCRIPTION_CERTIFICATE_EXPIRED: Final = 45
+ALERT_DESCRIPTION_CERTIFICATE_UNKNOWN: Final = 46
+ALERT_DESCRIPTION_ILLEGAL_PARAMETER: Final = 47
+ALERT_DESCRIPTION_UNKNOWN_CA: Final = 48
+ALERT_DESCRIPTION_ACCESS_DENIED: Final = 49
+ALERT_DESCRIPTION_DECODE_ERROR: Final = 50
+ALERT_DESCRIPTION_DECRYPT_ERROR: Final = 51
+ALERT_DESCRIPTION_PROTOCOL_VERSION: Final = 70
+ALERT_DESCRIPTION_INSUFFICIENT_SECURITY: Final = 71
+ALERT_DESCRIPTION_INTERNAL_ERROR: Final = 80
+ALERT_DESCRIPTION_USER_CANCELLED: Final = 90
+ALERT_DESCRIPTION_NO_RENEGOTIATION: Final = 100
+ALERT_DESCRIPTION_UNSUPPORTED_EXTENSION: Final = 110
+ALERT_DESCRIPTION_CERTIFICATE_UNOBTAINABLE: Final = 111
+ALERT_DESCRIPTION_UNRECOGNIZED_NAME: Final = 112
+ALERT_DESCRIPTION_BAD_CERTIFICATE_STATUS_RESPONSE: Final = 113
+ALERT_DESCRIPTION_BAD_CERTIFICATE_HASH_VALUE: Final = 114
+ALERT_DESCRIPTION_UNKNOWN_PSK_IDENTITY: Final = 115
 
 # protocol versions
-PROTOCOL_SSLv23: int
-PROTOCOL_TLS: int
-PROTOCOL_TLS_CLIENT: int
-PROTOCOL_TLS_SERVER: int
-PROTOCOL_TLSv1: int
-PROTOCOL_TLSv1_1: int
-PROTOCOL_TLSv1_2: int
+PROTOCOL_SSLv23: Final = 2
+PROTOCOL_TLS: Final = 2
+PROTOCOL_TLS_CLIENT: Final = 16
+PROTOCOL_TLS_SERVER: Final = 17
+PROTOCOL_TLSv1: Final = 3
+PROTOCOL_TLSv1_1: Final = 4
+PROTOCOL_TLSv1_2: Final = 5
 
 # protocol options
-OP_ALL: int
-OP_NO_SSLv2: int
-OP_NO_SSLv3: int
-OP_NO_TLSv1: int
-OP_NO_TLSv1_1: int
-OP_NO_TLSv1_2: int
-OP_NO_TLSv1_3: int
-OP_CIPHER_SERVER_PREFERENCE: int
-OP_SINGLE_DH_USE: int
-OP_NO_TICKET: int
-OP_SINGLE_ECDH_USE: int
-OP_NO_COMPRESSION: int
-OP_ENABLE_MIDDLEBOX_COMPAT: int
-OP_NO_RENEGOTIATION: int
+OP_ALL: Final = 0x80000050
+OP_NO_SSLv2: Final = 0x0
+OP_NO_SSLv3: Final = 0x2000000
+OP_NO_TLSv1: Final = 0x4000000
+OP_NO_TLSv1_1: Final = 0x10000000
+OP_NO_TLSv1_2: Final = 0x8000000
+OP_NO_TLSv1_3: Final = 0x20000000
+OP_CIPHER_SERVER_PREFERENCE: Final = 0x400000
+OP_SINGLE_DH_USE: Final = 0x0
+OP_NO_TICKET: Final = 0x4000
+OP_SINGLE_ECDH_USE: Final = 0x0
+OP_NO_COMPRESSION: Final = 0x20000
+OP_ENABLE_MIDDLEBOX_COMPAT: Final = 0x100000
+OP_NO_RENEGOTIATION: Final = 0x40000000
 if sys.version_info >= (3, 11) or sys.platform == "linux":
-    OP_IGNORE_UNEXPECTED_EOF: int
+    OP_IGNORE_UNEXPECTED_EOF: Final = 0x80
 if sys.version_info >= (3, 12):
-    OP_LEGACY_SERVER_CONNECT: int
-    OP_ENABLE_KTLS: int
+    OP_LEGACY_SERVER_CONNECT: Final = 0x4
+    OP_ENABLE_KTLS: Final = 0x8
 
 # host flags
-HOSTFLAG_ALWAYS_CHECK_SUBJECT: int
-HOSTFLAG_NEVER_CHECK_SUBJECT: int
-HOSTFLAG_NO_WILDCARDS: int
-HOSTFLAG_NO_PARTIAL_WILDCARDS: int
-HOSTFLAG_MULTI_LABEL_WILDCARDS: int
-HOSTFLAG_SINGLE_LABEL_SUBDOMAINS: int
+HOSTFLAG_ALWAYS_CHECK_SUBJECT: Final = 0x1
+HOSTFLAG_NEVER_CHECK_SUBJECT: Final = 0x20
+HOSTFLAG_NO_WILDCARDS: Final = 0x2
+HOSTFLAG_NO_PARTIAL_WILDCARDS: Final = 0x4
+HOSTFLAG_MULTI_LABEL_WILDCARDS: Final = 0x8
+HOSTFLAG_SINGLE_LABEL_SUBDOMAINS: Final = 0x10
 
 if sys.version_info >= (3, 10):
     # certificate file types
-    # Typed as Literal so the overload on Certificate.public_bytes can work properly.
-    ENCODING_PEM: Literal[1]
-    ENCODING_DER: Literal[2]
+    ENCODING_PEM: Final = 1
+    ENCODING_DER: Final = 2
 
 # protocol versions
-PROTO_MINIMUM_SUPPORTED: int
-PROTO_MAXIMUM_SUPPORTED: int
-PROTO_SSLv3: int
-PROTO_TLSv1: int
-PROTO_TLSv1_1: int
-PROTO_TLSv1_2: int
-PROTO_TLSv1_3: int
+PROTO_MINIMUM_SUPPORTED: Final = -2
+PROTO_MAXIMUM_SUPPORTED: Final = -1
+PROTO_SSLv3: Final[int]
+PROTO_TLSv1: Final[int]
+PROTO_TLSv1_1: Final[int]
+PROTO_TLSv1_2: Final[int]
+PROTO_TLSv1_3: Final[int]
 
 # feature support
-HAS_SNI: bool
-HAS_TLS_UNIQUE: bool
-HAS_ECDH: bool
-HAS_NPN: bool
+HAS_SNI: Final[bool]
+HAS_TLS_UNIQUE: Final[bool]
+HAS_ECDH: Final[bool]
+HAS_NPN: Final[bool]
 if sys.version_info >= (3, 13):
-    HAS_PSK: bool
-HAS_ALPN: bool
-HAS_SSLv2: bool
-HAS_SSLv3: bool
-HAS_TLSv1: bool
-HAS_TLSv1_1: bool
-HAS_TLSv1_2: bool
-HAS_TLSv1_3: bool
+    HAS_PSK: Final[bool]
+HAS_ALPN: Final[bool]
+HAS_SSLv2: Final[bool]
+HAS_SSLv3: Final[bool]
+HAS_TLSv1: Final[bool]
+HAS_TLSv1_1: Final[bool]
+HAS_TLSv1_2: Final[bool]
+HAS_TLSv1_3: Final[bool]
 if sys.version_info >= (3, 14):
-    HAS_PHA: bool
+    HAS_PHA: Final[bool]
 
 # version info
-OPENSSL_VERSION_NUMBER: int
-OPENSSL_VERSION_INFO: tuple[int, int, int, int, int]
-OPENSSL_VERSION: str
-_OPENSSL_API_VERSION: tuple[int, int, int, int, int]
+OPENSSL_VERSION_NUMBER: Final[int]
+OPENSSL_VERSION_INFO: Final[tuple[int, int, int, int, int]]
+OPENSSL_VERSION: Final[str]
+_OPENSSL_API_VERSION: Final[tuple[int, int, int, int, int]]