ó ñ1Mc@s¨dZddgZddlZddlmZmZddlmZddlmZmZm Z ddl Z ddl Z ddl m Z d „Zdd d „ƒYZdS( sSSL Connection aka socket Copyright (c) 1999-2004 Ng Pheng Siong. All rights reserved. Portions created by Open Source Applications Foundation (OSAF) are Copyright (C) 2004-2007 OSAF. All Rights Reserved. Copyright 2008 Heikki Toivonen. All rights reserved. t ConnectionttimeoutiÿÿÿÿN(tCiphert Cipher_Stack(tSession(tBIOtX509tm2(tSSLErrorcOsdS(Ni((targstkw((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt_serverPostConnectionCheckscBsveZdZejƒZeZejZ ej Z dBd„Z d„Zd„Zd„Zd„Zd„Zd„Zdd „Zd „Zd „Zd „Zd „Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Z d„Z!d„Z"d„Z#d„Z$d„Z%d„Z&d„Z'dd„Z(dd„Z)d „Z*e*Z+Z,dd!„Z-e-Z.d"„Z/d#„Z0d$„Z1d%„Z2d&„Z3d'„Z4d(„Z5d)„Z6d*„Z7d+„Z8d,„Z9d-„Z:d.„Z;d/„Z<d0d1„Z=d2„Z>d3d4d5„Z?d6„Z@d7„ZAd8„ZBd9„ZCd:„ZDd;„ZEd<„ZFd=„ZGd>„ZHd?„ZId@„ZJdA„ZKRS(CsAn SSL connection.cCs¤||_tj|jjƒ|_|dk r9||_n7tjtjtjƒ|_|jjtj tj dƒ|jj ƒ|_ |jj ƒ|_tj|_dS(Ni(tctxRtssl_newtssltNonetsockettAF_INETt SOCK_STREAMt setsockoptt SOL_SOCKETt SO_REUSEADDRtfilenot_filenot gettimeouttblockingt bio_noclosetssl_close_flag(tselfR tsock((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt__init__)s   cCs’t|ddƒr%|j|jƒnt|ddƒrJ|j|jƒn|jtjkrt|ddƒr|j|j ƒn|j j ƒdS(NtsslbiotsockbioR( tgetattrRt m2_bio_freeRR RRRt m2_ssl_freeRRtclose(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt__del__8s$cCstj|jƒdS(N(Rt ssl_shutdownR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyR$AscCstj|jƒS(s§ If there were errors in this connection, call clear() rather than close() to end it, so that bad sessions will be cleared from cache. (Rt ssl_clearR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytclearDscCstj|j|ƒdS(N(Rtssl_set_shutdown1R(Rtmode((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt set_shutdownLscCstj|jƒS(N(Rtssl_get_shutdownR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt get_shutdownOscCs|jj|ƒdS(N(Rtbind(Rtaddr((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyR.RsicCs|jj|ƒdS(N(Rtlisten(Rtqlen((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyR0UscCstj|j|ƒS(N(Rt ssl_get_errorR(Rtret((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyR2XscCs&tj|j|jƒ|jƒƒdS(s4 Explicitly set read and write bios N(Rt ssl_set_bioRt_ptr(Rtreadbiotwritebio((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytset_bio[scCstj|j|ƒdS(s Set the acceptable client CA list. If the client returns a certificate, it must have been issued by one of the CAs listed in cafile. Makes sense only for servers. @param cafile: Filename from which to load the CA list. N(Rt ssl_set_client_CA_list_from_fileR(Rtcafile((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytset_client_CA_list_from_fileas cCstj|j|jjƒdS(sÖ Set the acceptable client CA list. If the client returns a certificate, it must have been issued by one of the CAs listed in context. Makes sense only for servers. N(Rt#ssl_set_client_CA_list_from_contextRR (R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytset_client_CA_list_from_contextmscCs ||_dS(N(R/(RR/((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt setup_addrwscCs4|tjtjfkr'tdƒ‚n||_dS(s{ By default, SSL struct will be freed in __del__. Call with m2.bio_close to override this default. s+flag must be m2.bio_close or m2.bio_nocloseN(Rt bio_closeRt ValueErrorR(Rtflag((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytset_ssl_close_flagzscCsrtj|jjƒdƒ|_tj|j|j|jƒtjtjƒƒ|_ tj |j |jtj ƒdS(Ni( Rtbio_new_socketRRR R4Rtbio_newt bio_f_sslRt bio_set_sslR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt setup_sslƒscCs|j|ƒ|jƒdS(t DeprecatedN(R>RG(RR/((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt _setup_ssls cCstj|jƒdS(N(Rtssl_set_accept_stateR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytset_accept_state’scCstj|jƒS(N(Rt ssl_acceptR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt accept_ssl•scCs§|jjƒ\}}t|j|ƒ}||_|jƒ|jƒ|jƒt|d|j ƒ}|dk r||j ƒ|jdƒst j d‚qn||fS(s¿Accept an SSL connection. The return value is a pair (ssl, addr) where ssl is a new SSL connection object and addr is the address bound to the other end of the SSL connection.tpostConnectionCheckispost connection check failedN(RtacceptRR R/RGRKRMR!tserverPostConnectionCheckRt get_peer_certtCheckertSSLVerificationError(RRR/Rtcheck((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyRO˜s     cCstj|jƒdS(N(Rtssl_set_connect_stateR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytset_connect_state¨scCstj|jƒS(N(Rt ssl_connectR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt connect_ssl«scCsŒ|jj|ƒ||_|jƒ|jƒ|jƒ}t|d|jƒ}|dk rˆ||j ƒ|jdƒsˆt j d‚qˆn|S(NRNispost connection check failed( RtconnectR/RGRVRXR!tclientPostConnectionCheckRRQRRRS(RR/R3RT((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyRY®s     cCstj|j|ƒdS(N(Rtssl_set_shutdownR(Rthow((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytshutdownºscCstj|jƒS(s-Renegotiate this connection's SSL parameters.(Rtssl_renegotiateR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt renegotiate½scCstj|jƒS(sKReturn the numbers of octets that can be read from the connection.(Rt ssl_pendingR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytpendingÁscCstj|j|ƒS(N(Rt ssl_writeR(Rtdata((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt _write_bioÆscCstj|j|ƒS(N(Rtssl_write_nbioR(RRc((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt _write_nbioÉsicCs+|dkrtd‚ntj|j|ƒS(Nis size <= 0(R@Rtssl_readR(Rtsize((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt _read_bioÌs  cCs+|dkrtd‚ntj|j|ƒS(Nis size <= 0(R@Rt ssl_read_nbioR(RRh((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt _read_nbioÑs  cCs#|jr|j|ƒS|j|ƒS(N(RRdRf(RRc((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytwriteÖs  cCs#|jr|j|ƒS|j|ƒS(N(RRiRk(RRh((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytreadÜs  cCs|jj|ƒ||_dS(s2Set this connection's underlying socket to _mode_.N(Rt setblockingR(RR*((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyRnâscCs |jjƒS(N(RR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyRçscGst|jj|ƒS(N(tapplyRt getsockopt(RR ((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyRpêscGst|jj|ƒS(N(RoRR(RR ((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyRíscCstj|jƒS(sGReturn the SSL.Context object associated with this connection.(Rtssl_get_ssl_ctxR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt get_contextðscCstj|jƒS(s(Return the SSL state of this connection.(Rt ssl_get_stateR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt get_stateõscCstj|jƒtjkS(N(Rtssl_get_verify_resultRt X509_V_OK(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt verify_okùscCstj|jƒS(s.Return the peer certificate verification mode.(Rtssl_get_verify_modeR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytget_verify_modeüscCstj|jƒS(s/Return the peer certificate verification depth.(Rtssl_get_verify_depthR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytget_verify_depthscCstj|jƒS(s0Return the peer certificate verification result.(RRuR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytget_verify_resultscCs2tj|jƒ}|dkr"dStj|dƒS(s]Return the peer certificate; if the peer did not provide a certificate, return None.iN(Rtssl_get_peer_certRRR(Rtc((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyRQs cCs/tj|jƒ}|dkr"dStj|ƒS(s:Return the peer certificate chain; if the peer did not provide a certificate chain, return None. @warning: The returned chain will be valid only for as long as the connection object is alive. Once the connection object gets freed, the chain will be freed as well. N(Rtssl_get_peer_cert_chainRRRt X509_Stack(RR~((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytget_peer_cert_chains cCs,tj|jƒ}|dkr"dSt|ƒS(sReturn an M2Crypto.SSL.Cipher object for this connection; if the connection has not been initialised with a cipher suite, return None.N(Rtssl_get_current_cipherRRR(RR~((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt get_ciphers cCs,tj|jƒ}|dkr"dSt|ƒS(s“Return an M2Crypto.SSL.Cipher_Stack object for this connection; if the connection has not been initialised with cipher suites, return None.N(Rtssl_get_ciphersRRR(RR~((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt get_ciphers's icCstj|j|ƒS(s@Return the cipher suites for this connection as a string object.(Rtssl_get_cipher_listR(Rtidx((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytget_cipher_list/scCstj|j|ƒS(s*Set the cipher suites for this connection.(Rtssl_set_cipher_listR(Rt cipher_list((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytset_cipher_list3strbtignoredcCs¸d|kpd|k}d|kp9d|kp9d|k}d|k}ddg|ddg|ddg|}tj|jd|jƒ}tj|jƒƒtj||dd ƒS( Ntrt+twtatbtt _close_cbt_pyfreei(RRR$Rtbio_do_handshakeR5tIOBuffer(RR*tbufsizeRŽRR’tm2modetbio((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytmakefile7s$ ,cCs |jjƒS(N(Rt getsockname(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyRœAscCs |jjƒS(N(Rt getpeername(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyRDscCs=tj|j|ƒ}|s9ttjtjƒƒƒ‚ndS(N(Rtssl_set_session_id_contextRRterr_reason_error_stringt err_get_error(RtidR3((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytset_session_id_ctxGscCstj|jƒ}t|ƒS(N(Rtssl_get_sessionRR(Rtsess((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt get_sessionLscCstj|j|jƒƒdS(N(Rtssl_set_sessionRR5(Rtsession((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt set_sessionPscCstj|jƒS(N(Rtssl_get_default_session_timeoutR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytget_default_session_timeoutSscCs+tj|jjtjtjtjƒƒƒS(N(Rtstruct_to_timeoutRRpRt SO_RCVTIMEOt struct_size(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytget_socket_read_timeoutVscCs+tj|jjtjtjtjƒƒƒS(N(RR«RRpRt SO_SNDTIMEOR­(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytget_socket_write_timeoutYscCs>t|tjƒst‚|jjtjtj|jƒƒdS(N(t isinstanceRtAssertionErrorRRRR¬tpack(Rttimeo((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytset_socket_read_timeout\scCs>t|tjƒst‚|jjtjtj|jƒƒdS(N(R±RR²RRRR¯R³(RR´((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pytset_socket_write_timeout`scCstj|jƒS(s8Return the TLS/SSL protocol version for this connection.(Rtssl_get_versionR(R((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt get_versiondscCs ||_dS(N(RN(RRN((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt"set_post_connection_check_callbackhsN(Lt__name__t __module__t__doc__RRRZR RPRtbio_freeR"tssl_freeR#RRR%R$R(R+R-R.R0R2R8R;R=R>RBRGRIRKRMRORVRXRYR]R_RaRdRfRiRkRltsendalltsendRmtrecvRnRRpRRrRtRwRyR{R|RQRRƒR…RˆR‹R›RœRR¢R¥R¨RªR®R°RµR¶R¸R¹(((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyRs†                                                       ((R¼t__all__RRRRtM2CryptoRRRRRRt M2Crypto.SSLRR R(((s=/usr/lib/python2.7/vendor-packages/M2Crypto/SSL/Connection.pyt s