Ñò ñ1Mc @s¨dZddgZddkZddklZlZddklZddklZlZl Z ddk Z ddk Z ddk l Z d „Zdd d „ƒYZdS( sSSL Connection aka socket Copyright (c) 1999-2004 Ng Pheng Siong. All rights reserved. Portions created by Open Source Applications Foundation (OSAF) are Copyright (C) 2004-2007 OSAF. All Rights Reserved. Copyright 2008 Heikki Toivonen. All rights reserved. t ConnectionttimeoutiÿÿÿÿN(tCiphert Cipher_Stack(tSession(tBIOtX509tm2(tSSLErrorcOsdS(Ni((targstkw((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt_serverPostConnectionCheckscBsveZdZeiƒZeZeiZ ei Z dBd„Z d„Zd„Zd„Zd„Zd„Zd„Zdd „Zd „Zd „Zd „Zd „Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Z d„Z!d„Z"d„Z#d„Z$d„Z%d„Z&d„Z'dd„Z(dd„Z)d „Z*e*Z+Z,dd!„Z-e-Z.d"„Z/d#„Z0d$„Z1d%„Z2d&„Z3d'„Z4d(„Z5d)„Z6d*„Z7d+„Z8d,„Z9d-„Z:d.„Z;d/„Z<d0d1„Z=d2„Z>d3d4d5„Z?d6„Z@d7„ZAd8„ZBd9„ZCd:„ZDd;„ZEd<„ZFd=„ZGd>„ZHd?„ZId@„ZJdA„ZKRS(CsAn SSL connection.cCs¦||_ti|iiƒ|_|dj o ||_n8tititiƒ|_|iiti ti dƒ|ii ƒ|_ |ii ƒ|_ti|_dS(Ni(tctxRtssl_newtssltNonetsockettAF_INETt SOCK_STREAMt setsockoptt SOL_SOCKETt SO_REUSEADDRtfilenot_filenot gettimeouttblockingt bio_noclosetssl_close_flag(tselfR tsock((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt__init__)s   cCs™t|ddƒo|i|iƒnt|ddƒo|i|iƒn|itijo't|ddƒo|i|i ƒn|i i ƒdS(NtsslbiotsockbioR( tgetattrRt m2_bio_freeRR RRRt m2_ssl_freeRRtclose(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt__del__8s&cCsti|iƒdS(N(Rt ssl_shutdownR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyR$AscCsti|iƒS(s§ If there were errors in this connection, call clear() rather than close() to end it, so that bad sessions will be cleared from cache. (Rt ssl_clearR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytclearDscCsti|i|ƒdS(N(Rtssl_set_shutdown1R(Rtmode((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt set_shutdownLscCsti|iƒS(N(Rtssl_get_shutdownR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt get_shutdownOscCs|ii|ƒdS(N(Rtbind(Rtaddr((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyR.RsicCs|ii|ƒdS(N(Rtlisten(Rtqlen((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyR0UscCsti|i|ƒS(N(Rt ssl_get_errorR(Rtret((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyR2XscCs&ti|i|iƒ|iƒƒdS(s4 Explicitly set read and write bios N(Rt ssl_set_bioRt_ptr(Rtreadbiotwritebio((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytset_bio[scCsti|i|ƒdS(s Set the acceptable client CA list. If the client returns a certificate, it must have been issued by one of the CAs listed in cafile. Makes sense only for servers. @param cafile: Filename from which to load the CA list. N(Rt ssl_set_client_CA_list_from_fileR(Rtcafile((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytset_client_CA_list_from_fileas cCsti|i|iiƒdS(sÖ Set the acceptable client CA list. If the client returns a certificate, it must have been issued by one of the CAs listed in context. Makes sense only for servers. N(Rt#ssl_set_client_CA_list_from_contextRR (R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytset_client_CA_list_from_contextmscCs ||_dS(N(R/(RR/((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt setup_addrwscCs6|titifjotdƒ‚n||_dS(s{ By default, SSL struct will be freed in __del__. Call with m2.bio_close to override this default. s+flag must be m2.bio_close or m2.bio_nocloseN(Rt bio_closeRt ValueErrorR(Rtflag((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytset_ssl_close_flagzscCsrti|iiƒdƒ|_ti|i|i|iƒtitiƒƒ|_ ti |i |iti ƒdS(Ni( Rtbio_new_socketRRR R4Rtbio_newt bio_f_sslRt bio_set_sslR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt setup_sslƒscCs|i|ƒ|iƒdS(t DeprecatedN(R>RG(RR/((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt _setup_ssls cCsti|iƒdS(N(Rtssl_set_accept_stateR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytset_accept_state’scCsti|iƒS(N(Rt ssl_acceptR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt accept_ssl•scCs«|iiƒ\}}t|i|ƒ}||_|iƒ|iƒ|iƒt|d|i ƒ}|dj o1||i ƒ|idƒpt i d‚q¡n||fS(s¿Accept an SSL connection. The return value is a pair (ssl, addr) where ssl is a new SSL connection object and addr is the address bound to the other end of the SSL connection.tpostConnectionCheckispost connection check failedN(RtacceptRR R/RGRKRMR!tserverPostConnectionCheckRt get_peer_certtCheckertSSLVerificationError(RRR/Rtcheck((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyRO˜s     cCsti|iƒdS(N(Rtssl_set_connect_stateR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytset_connect_state¨scCsti|iƒS(N(Rt ssl_connectR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt connect_ssl«scCs|ii|ƒ||_|iƒ|iƒ|iƒ}t|d|iƒ}|dj o1||i ƒ|idƒpt i d‚qŒn|S(NRNispost connection check failed( RtconnectR/RGRVRXR!tclientPostConnectionCheckRRQRRRS(RR/R3RT((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyRY®s     cCsti|i|ƒdS(N(Rtssl_set_shutdownR(Rthow((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytshutdownºscCsti|iƒS(s-Renegotiate this connection's SSL parameters.(Rtssl_renegotiateR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt renegotiate½scCsti|iƒS(sKReturn the numbers of octets that can be read from the connection.(Rt ssl_pendingR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytpendingÁscCsti|i|ƒS(N(Rt ssl_writeR(Rtdata((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt _write_bioÆscCsti|i|ƒS(N(Rtssl_write_nbioR(RRc((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt _write_nbioÉsicCs-|djo td‚nti|i|ƒS(Nis size <= 0(R@Rtssl_readR(Rtsize((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt _read_bioÌs  cCs-|djo td‚nti|i|ƒS(Nis size <= 0(R@Rt ssl_read_nbioR(RRh((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt _read_nbioÑs  cCs%|io|i|ƒS|i|ƒS(N(RRdRf(RRc((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytwriteÖs cCs%|io|i|ƒS|i|ƒS(N(RRiRk(RRh((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytreadÜs cCs|ii|ƒ||_dS(s2Set this connection's underlying socket to _mode_.N(Rt setblockingR(RR*((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyRnâscCs |iiƒS(N(RR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyRçscGst|ii|ƒS(N(tapplyRt getsockopt(RR ((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyRpêscGst|ii|ƒS(N(RoRR(RR ((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyRíscCsti|iƒS(sGReturn the SSL.Context object associated with this connection.(Rtssl_get_ssl_ctxR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt get_contextðscCsti|iƒS(s(Return the SSL state of this connection.(Rt ssl_get_stateR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt get_stateõscCsti|iƒtijS(N(Rtssl_get_verify_resultRt X509_V_OK(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt verify_okùscCsti|iƒS(s.Return the peer certificate verification mode.(Rtssl_get_verify_modeR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytget_verify_modeüscCsti|iƒS(s/Return the peer certificate verification depth.(Rtssl_get_verify_depthR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytget_verify_depthscCsti|iƒS(s0Return the peer certificate verification result.(RRuR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytget_verify_resultscCs4ti|iƒ}|djodSti|dƒS(s]Return the peer certificate; if the peer did not provide a certificate, return None.iN(Rtssl_get_peer_certRRR(Rtc((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyRQs cCs1ti|iƒ}|djodSti|ƒS(s:Return the peer certificate chain; if the peer did not provide a certificate chain, return None. @warning: The returned chain will be valid only for as long as the connection object is alive. Once the connection object gets freed, the chain will be freed as well. N(Rtssl_get_peer_cert_chainRRRt X509_Stack(RR~((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytget_peer_cert_chains cCs.ti|iƒ}|djodSt|ƒS(sReturn an M2Crypto.SSL.Cipher object for this connection; if the connection has not been initialised with a cipher suite, return None.N(Rtssl_get_current_cipherRRR(RR~((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt get_ciphers cCs.ti|iƒ}|djodSt|ƒS(s“Return an M2Crypto.SSL.Cipher_Stack object for this connection; if the connection has not been initialised with cipher suites, return None.N(Rtssl_get_ciphersRRR(RR~((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt get_ciphers's icCsti|i|ƒS(s@Return the cipher suites for this connection as a string object.(Rtssl_get_cipher_listR(Rtidx((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytget_cipher_list/scCsti|i|ƒS(s*Set the cipher suites for this connection.(Rtssl_set_cipher_listR(Rt cipher_list((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytset_cipher_list3strbtignoredcCs»d|jp d|j}d|jpd|jp d|j}d|j}ddg|ddg|ddg|}ti|id|iƒ}ti|iƒƒti||dd ƒS( Ntrt+twtatbtt _close_cbt_pyfreei(RRR$Rtbio_do_handshakeR5tIOBuffer(RR*tbufsizeRŽRR’tm2modetbio((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytmakefile7s& ,cCs |iiƒS(N(Rt getsockname(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyRœAscCs |iiƒS(N(Rt getpeername(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyRDscCs?ti|i|ƒ}|pttitiƒƒƒ‚ndS(N(Rtssl_set_session_id_contextRRterr_reason_error_stringt err_get_error(RtidR3((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytset_session_id_ctxGscCsti|iƒ}t|ƒS(N(Rtssl_get_sessionRR(Rtsess((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt get_sessionLscCsti|i|iƒƒdS(N(Rtssl_set_sessionRR5(Rtsession((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt set_sessionPscCsti|iƒS(N(Rtssl_get_default_session_timeoutR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytget_default_session_timeoutSscCs+ti|iitititiƒƒƒS(N(Rtstruct_to_timeoutRRpRt SO_RCVTIMEOt struct_size(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytget_socket_read_timeoutVscCs+ti|iitititiƒƒƒS(N(RR«RRpRt SO_SNDTIMEOR­(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytget_socket_write_timeoutYscCs@t|tiƒpt‚|iititi|iƒƒdS(N(t isinstanceRtAssertionErrorRRRR¬tpack(Rttimeo((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytset_socket_read_timeout\scCs@t|tiƒpt‚|iititi|iƒƒdS(N(R±RR²RRRR¯R³(RR´((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pytset_socket_write_timeout`scCsti|iƒS(s8Return the TLS/SSL protocol version for this connection.(Rtssl_get_versionR(R((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt get_versiondscCs ||_dS(N(RN(RRN((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt"set_post_connection_check_callbackhsN(Lt__name__t __module__t__doc__RRRZR RPRtbio_freeR"tssl_freeR#RRR%R$R(R+R-R.R0R2R8R;R=R>RBRGRIRKRMRORVRXRYR]R_RaRdRfRiRkRltsendalltsendRmtrecvRnRRpRRrRtRwRyR{R|RQRRƒR…RˆR‹R›RœRR¢R¥R¨RªR®R°RµR¶R¸R¹(((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyRs†                                                       ((R¼t__all__RRRRtM2CryptoRRRRRRt M2Crypto.SSLRR R(((s=/usr/lib/python2.6/vendor-packages/M2Crypto/SSL/Connection.pyt s