ó z\Vc@s¨dZddgZddlZddlmZmZddlmZddlmZmZm Z ddl Z ddl Z ddl m Z d „Zdd d „ƒYZdS( sSSL Connection aka socket Copyright (c) 1999-2004 Ng Pheng Siong. All rights reserved. Portions created by Open Source Applications Foundation (OSAF) are Copyright (C) 2004-2007 OSAF. All Rights Reserved. Copyright 2008 Heikki Toivonen. All rights reserved. t ConnectionttimeoutiÿÿÿÿN(tCiphert Cipher_Stack(tSession(tBIOtX509tm2(tSSLErrorcOsdS(Ni((targstkw((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt_serverPostConnectionCheckscBsŽeZdZejƒZeZejZ ej Z dDe jd„Zd„Zd„Zd„Zd„Zd„Zd„Zdd „Zd „Zd „Zd „Zd „Zd„Zd„Zd„Zd„Zd„Zd„Z d„Z!d„Z"d„Z#d„Z$d„Z%d„Z&d„Z'd„Z(d„Z)dd„Z*dd„Z+d „Z,e,Z-Z.dd!„Z/e/Z0d"„Z1d#„Z2d$„Z3d%„Z4d&„Z5d'„Z6d(„Z7d)„Z8d*„Z9d+„Z:d,„Z;d-„Z<d.„Z=d/„Z>d0„Z?d1d2„Z@d3„ZAd4d5d6„ZBd7„ZCd8„ZDd9„ZEd:„ZFd;„ZGd<„ZHd=„ZId>„ZJd?„ZKd@„ZLdA„ZMdB„ZNdC„ZORS(EsAn SSL connection.cCsä||_tj|jjƒ|_|dk r9||_n4tj|tjƒ|_|jjtjtj dƒ|jj ƒ|_ |jj ƒ|_ |j dkr¬d|_ ntj|_|jjdk rà|j|jjƒndS(Nigð¿(tctxRtssl_newtssltNonetsockett SOCK_STREAMt setsockoptt SOL_SOCKETt SO_REUSEADDRtfilenot_filenot gettimeoutt_timeoutt bio_noclosetssl_close_flagtpost_connection_checkt"set_post_connection_check_callback(tselfR tsocktfamily((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt__init__)s     cCs’t|ddƒr%|j|jƒnt|ddƒrJ|j|jƒn|jtjkrt|ddƒr|j|j ƒn|j j ƒdS(NtsslbiotsockbioR( tgetattrRt m2_bio_freeR!R"RRRt m2_ssl_freeRRtclose(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt__del__>s$cCstj|jƒdS(N(Rt ssl_shutdownR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyR&GscCstj|jƒS(s§ If there were errors in this connection, call clear() rather than close() to end it, so that bad sessions will be cleared from cache. (Rt ssl_clearR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytclearJscCstj|j|ƒdS(N(Rtssl_set_shutdown1R(Rtmode((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt set_shutdownRscCstj|jƒS(N(Rtssl_get_shutdownR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt get_shutdownUscCs|jj|ƒdS(N(Rtbind(Rtaddr((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyR0XsicCs|jj|ƒdS(N(Rtlisten(Rtqlen((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyR2[scCstj|j|ƒS(N(Rt ssl_get_errorR(Rtret((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyR4^scCs&tj|j|jƒ|jƒƒdS(s4 Explicitly set read and write bios N(Rt ssl_set_bioRt_ptr(Rtreadbiotwritebio((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_bioascCstj|j|ƒdS(s Set the acceptable client CA list. If the client returns a certificate, it must have been issued by one of the CAs listed in cafile. Makes sense only for servers. @param cafile: Filename from which to load the CA list. N(Rt ssl_set_client_CA_list_from_fileR(Rtcafile((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_client_CA_list_from_filegs cCstj|j|jjƒdS(sÖ Set the acceptable client CA list. If the client returns a certificate, it must have been issued by one of the CAs listed in context. Makes sense only for servers. N(Rt#ssl_set_client_CA_list_from_contextRR (R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_client_CA_list_from_contextsscCs ||_dS(N(R1(RR1((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt setup_addr}scCs4|tjtjfkr'tdƒ‚n||_dS(s{ By default, SSL struct will be freed in __del__. Call with m2.bio_close to override this default. s+flag must be m2.bio_close or m2.bio_nocloseN(Rt bio_closeRt ValueErrorR(Rtflag((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_ssl_close_flag€scCsrtj|jjƒdƒ|_tj|j|j|jƒtjtjƒƒ|_ tj |j |jtj ƒdS(Ni( Rtbio_new_socketRRR"R6Rtbio_newt bio_f_sslR!t bio_set_sslR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt setup_ssl‰scCs|j|ƒ|jƒdS(t DeprecatedN(R@RI(RR1((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt _setup_ssl“s cCstj|jƒdS(N(Rtssl_set_accept_stateR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_accept_state˜scCstj|j|jƒS(N(Rt ssl_acceptRR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt accept_ssl›scCs§|jjƒ\}}t|j|ƒ}||_|jƒ|jƒ|jƒt|d|j ƒ}|dk r||j ƒ|jdƒst j d‚qn||fS(s¿Accept an SSL connection. The return value is a pair (ssl, addr) where ssl is a new SSL connection object and addr is the address bound to the other end of the SSL connection.tpostConnectionCheckispost connection check failedN(RtacceptRR R1RIRMROR#tserverPostConnectionCheckRt get_peer_certtCheckertSSLVerificationError(RRR1Rtcheck((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyRQžs     cCstj|jƒdS(N(Rtssl_set_connect_stateR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_connect_state®scCstj|j|jƒS(N(Rt ssl_connectRR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt connect_ssl±scCsŒ|jj|ƒ||_|jƒ|jƒ|jƒ}t|d|jƒ}|dk rˆ||j ƒ|jdƒsˆt j d‚qˆn|S(NRPispost connection check failed( RtconnectR1RIRXRZR#tclientPostConnectionCheckRRSRTRU(RR1R5RV((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyR[´s     cCstj|j|ƒdS(N(Rtssl_set_shutdownR(Rthow((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytshutdownÀscCstj|jƒS(s-Renegotiate this connection's SSL parameters.(Rtssl_renegotiateR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt renegotiateÃscCstj|jƒS(sKReturn the numbers of octets that can be read from the connection.(Rt ssl_pendingR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytpendingÇscCstj|j||jƒS(N(Rt ssl_writeRR(Rtdata((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt _write_bioÌscCstj|j|ƒS(N(Rtssl_write_nbioR(RRe((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt _write_nbioÏsicCs1|dkrtd‚ntj|j||jƒS(Nis size <= 0(RBRtssl_readRR(Rtsize((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt _read_bioÒs  cCs+|dkrtd‚ntj|j|ƒS(Nis size <= 0(RBRt ssl_read_nbioR(RRj((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt _read_nbio×s  cCs)|jdkr|j|ƒS|j|ƒS(Ng(RRfRh(RRe((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytwriteÜs cCs)|jdkr|j|ƒS|j|ƒS(Ng(RRkRm(RRj((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytreadâs cCs/|jj|ƒ|r"d|_n d|_dS(s2Set this connection's underlying socket to _mode_.gð¿gN(Rt setblockingR(RR,((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyRpès cCs8|jj|ƒ||_|jdkr4d|_ndS(s?Set this connection's underlying socket's timeout to _timeout_.gð¿N(Rt settimeoutRR(RR((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyRqðs cCs |jjƒS(N(RR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyR÷scGst|jj|ƒS(N(tapplyRt getsockopt(RR ((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyRsúscGst|jj|ƒS(N(RrRR(RR ((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyRýscCstj|jƒS(sGReturn the SSL.Context object associated with this connection.(Rtssl_get_ssl_ctxR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt get_contextscCstj|jƒS(s(Return the SSL state of this connection.(Rt ssl_get_stateR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt get_statescCstj|jƒtjkS(N(Rtssl_get_verify_resultRt X509_V_OK(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt verify_ok scCstj|jƒS(s.Return the peer certificate verification mode.(Rtssl_get_verify_modeR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytget_verify_mode scCstj|jƒS(s/Return the peer certificate verification depth.(Rtssl_get_verify_depthR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytget_verify_depthscCstj|jƒS(s0Return the peer certificate verification result.(RRxR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytget_verify_resultscCs2tj|jƒ}|dkr"dStj|dƒS(s]Return the peer certificate; if the peer did not provide a certificate, return None.iN(Rtssl_get_peer_certRRR(Rtc((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyRSs cCs/tj|jƒ}|dkr"dStj|ƒS(s:Return the peer certificate chain; if the peer did not provide a certificate chain, return None. @warning: The returned chain will be valid only for as long as the connection object is alive. Once the connection object gets freed, the chain will be freed as well. N(Rtssl_get_peer_cert_chainRRRt X509_Stack(RR((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytget_peer_cert_chain!s cCs,tj|jƒ}|dkr"dSt|ƒS(sReturn an M2Crypto.SSL.Cipher object for this connection; if the connection has not been initialised with a cipher suite, return None.N(Rtssl_get_current_cipherRRR(RR((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt get_cipher/s cCs,tj|jƒ}|dkr"dSt|ƒS(s“Return an M2Crypto.SSL.Cipher_Stack object for this connection; if the connection has not been initialised with cipher suites, return None.N(Rtssl_get_ciphersRRR(RR((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt get_ciphers7s icCstj|j|ƒS(s@Return the cipher suites for this connection as a string object.(Rtssl_get_cipher_listR(Rtidx((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytget_cipher_list?scCstj|j|ƒS(s*Set the cipher suites for this connection.(Rtssl_set_cipher_listR(Rt cipher_list((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_cipher_listCstrbiÿÿÿÿcCstj|||ƒS(N(Rt _fileobject(RR,tbufsize((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytmakefileGscCs |jjƒS(N(Rt getsockname(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyR“JscCs |jjƒS(N(Rt getpeername(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyR”MscCs=tj|j|ƒ}|s9ttjtjƒƒƒ‚ndS(N(Rtssl_set_session_id_contextRRterr_reason_error_stringt err_get_error(RtidR5((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_session_id_ctxPscCstj|jƒ}t|ƒS(N(Rtssl_get_sessionRR(Rtsess((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt get_sessionUscCstj|j|jƒƒdS(N(Rtssl_set_sessionRR7(Rtsession((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt set_sessionYscCstj|jƒS(N(Rtssl_get_default_session_timeoutR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytget_default_session_timeout\scCs+tj|jjtjtjtjƒƒƒS(N(Rtstruct_to_timeoutRRsRt SO_RCVTIMEOt struct_size(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytget_socket_read_timeout_scCs+tj|jjtjtjtjƒƒƒS(N(RR¢RRsRt SO_SNDTIMEOR¤(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytget_socket_write_timeoutbscCs>t|tjƒst‚|jjtjtj|jƒƒdS(N(t isinstanceRtAssertionErrorRRRR£tpack(Rttimeo((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_socket_read_timeoutescCs>t|tjƒst‚|jjtjtj|jƒƒdS(N(R¨RR©RRRR¦Rª(RR«((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_socket_write_timeoutiscCstj|jƒS(s8Return the TLS/SSL protocol version for this connection.(Rtssl_get_versionR(R((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt get_versionmscCs ||_dS(N(RP(RRP((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyRqscCstj|j|ƒdS(sISet the requested hostname for the SNI (Server Name Indication) extensionN(Rtssl_set_tlsext_host_nameR(Rtname((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pytset_tlsext_host_nametsN(Pt__name__t __module__t__doc__RTR\R RRRtbio_freeR$tssl_freeR%RRtAF_INETR R'R&R*R-R/R0R2R4R:R=R?R@RDRIRKRMRORQRXRZR[R_RaRcRfRhRkRmRntsendalltsendRotrecvRpRqRRsRRuRwRzR|R~RRSR„R†RˆR‹RŽR’R“R”R™RœRŸR¡R¥R§R¬R­R¯RR²(((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyRsŠ                                                        ((Rµt__all__RRRRtM2CryptoRRRRRTt M2Crypto.SSLRR R(((s=/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.pyt s