fix: 포트 충돌 회피 — note_bridge 8098, intent_service 8099

Jellyfin(8096), OrbStack(8097) 포트 충돌으로 변경.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

.venv/lib/python3.9/site-packages/urllib3/contrib/imcc/_shm.py

@@ -0,0 +1,122 @@
+from __future__ import annotations
+
+import os
+import secrets
+import stat
+import sys
+import typing
+import warnings
+from hashlib import sha256
+from io import UnsupportedOperation
+
+if typing.TYPE_CHECKING:
+    import ssl
+
+
+def load_cert_chain(
+    ctx: ssl.SSLContext,
+    certdata: str | bytes,
+    keydata: str | bytes | None = None,
+    password: typing.Callable[[], str | bytes] | str | bytes | None = None,
+) -> None:
+    """
+    Unique workaround the known limitation of CPython inability to initialize the mTLS context without files.
+    Only supported on Linux, FreeBSD, and OpenBSD.
+    :raise UnsupportedOperation: If anything goes wrong in the process.
+    """
+    if (
+        sys.platform != "linux"
+        and sys.platform.startswith("freebsd") is False
+        and sys.platform.startswith("openbsd") is False
+    ):
+        raise UnsupportedOperation(
+            f"Unable to provide support for in-memory client certificate: Unsupported platform {sys.platform}"
+        )
+
+    unique_name: str = f"{sha256(secrets.token_bytes(32)).hexdigest()}.pem"
+
+    if isinstance(certdata, bytes):
+        certdata = certdata.decode("ascii")
+
+    if keydata is not None:
+        if isinstance(keydata, bytes):
+            keydata = keydata.decode("ascii")
+
+    if hasattr(os, "memfd_create"):
+        fd = os.memfd_create(unique_name, os.MFD_CLOEXEC)
+    else:
+        # this branch patch is for CPython <3.8 and PyPy 3.7+
+        from ctypes import c_int, c_ushort, cdll, create_string_buffer, get_errno, util
+
+        loc = util.find_library("rt") or util.find_library("c")
+
+        if not loc:
+            raise UnsupportedOperation(
+                "Unable to provide support for in-memory client certificate: libc or librt not found."
+            )
+
+        lib = cdll.LoadLibrary(loc)
+
+        _shm_open = lib.shm_open
+        # _shm_unlink = lib.shm_unlink
+
+        buf_name = create_string_buffer(unique_name.encode())
+
+        try:
+            fd = _shm_open(
+                buf_name,
+                c_int(os.O_RDWR | os.O_CREAT),
+                c_ushort(stat.S_IRUSR | stat.S_IWUSR),
+            )
+        except SystemError as e:
+            raise UnsupportedOperation(
+                f"Unable to provide support for in-memory client certificate: {e}"
+            )
+
+        if fd == -1:
+            raise UnsupportedOperation(
+                f"Unable to provide support for in-memory client certificate: {os.strerror(get_errno())}"
+            )
+
+    # Linux 3.17+
+    path = f"/proc/self/fd/{fd}"
+
+    # Alt-path
+    shm_path = f"/dev/shm/{unique_name}"
+
+    if os.path.exists(path) is False:
+        if os.path.exists(shm_path):
+            path = shm_path
+        else:
+            os.fdopen(fd).close()
+
+            raise UnsupportedOperation(
+                "Unable to provide support for in-memory client certificate: no virtual patch available?"
+            )
+
+    os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
+
+    with open(path, "w") as fp:
+        fp.write(certdata)
+
+        if keydata:
+            fp.write(keydata)
+
+        path = fp.name
+
+    ctx.load_cert_chain(path, password=password)
+
+    # we shall start cleaning remnants
+    os.fdopen(fd).close()
+
+    if os.path.exists(shm_path):
+        os.unlink(shm_path)
+
+    if os.path.exists(path) or os.path.exists(shm_path):
+        warnings.warn(
+            "In-memory client certificate: The kernel leaked a file descriptor outside of its expected lifetime.",
+            ResourceWarning,
+        )
+
+
+__all__ = ("load_cert_chain",)