B H/\7B @sJdZddlmZddlZejZddlZddlZddlm Z ddl m Z m Z ddl m ZmZddl mZddlmZdd lmZd d d d gZeeeedgddZeeeeeBZdekredGdd d e Zeseedsedddde_e dZ!e dZ"e dZ#ddde$e%ddddf dd Z&e%dfdd Z'ddd Z(dS) a< SSL wrapper for socket objects on Python 2.7.8 and below. For the documentation, refer to :mod:`ssl` module manual. This module implements cooperative SSL socket wrappers. .. deprecated:: 1.3 This module is not secure. Support for Python versions with only this level of SSL will be dropped in gevent 1.4. )absolute_importN)socket) _fileobjecttimeout_default)error EWOULDBLOCK)timeout)PYPY) copy_globals SSLSocket wrap_socketget_server_certificatesslwrap_simpler)Znames_to_ignoreZdunder_names_to_keep namedtuplec @seZdZdZdddeeddddf ddZd7dd Zd d Zd8d d Z ddZ de fddZ d9ddZ ddZd:ddZd;ddZddZddZdd Zd!d"Zd#d$Zd%d&Zd'd(Zerd)d*Zd+d,Zd-d.Zd/d0Zd1d2Zd`_ for Pythons < 2.7.9. NFTc Cstj||dtr||r&|s&|}yt|Wn:tk rn} z| jdtjkrXd|_ Wdd} ~ XYnNX| dkrt |j |||||||_ nt |j ||||||| |_ |r| ||_||_||_||_||_| |_||_| |_d|_dS)N)_sockr)r__init__r _dropZ getpeername socket_errorargserrnoZENOTCONN_sslobj_sslsslwrapr do_handshakekeyfilecertfile cert_reqs ssl_versionca_certsciphersdo_handshake_on_connectsuppress_ragged_eofs_makefile_refs) selfsockrr server_siderrrr!r"r err+lib/python3.7/site-packages/gevent/_ssl2.pyr;s<  zSSLSocket.__init__c Csxy |j|Stk r}z|jdtkr8|jr8dS|jdtkrl|jdkrRt |j |j t dn6|jdt kr|jdkrt |j |jt dnWdd}~XYqXqWdS)zORead up to LEN bytes and return them. Return zero-length string on EOF.rg) timeout_excN)rreadSSLErrorr SSL_ERROR_EOFr"SSL_ERROR_WANT_READrsys exc_clear_wait _read_event_SSLErrorReadTimeoutSSL_ERROR_WANT_WRITE _write_event)r$lenexrrr(r,gs"   zSSLSocket.readc Csxy |j|Stk r}zn|jdtkrT|jdkr:t|j|j t dn6|jdt kr|jdkrnt|j|j t dnWdd}~XYqXqWdS)zhWrite DATA to the underlying SSL channel. Returns number of bytes of DATA actually transmitted.rg)r+N) rwriter-rr/rr0r1r2r3_SSLErrorWriteTimeoutr5r6)r$datar8rrr(r9~s   zSSLSocket.writecCs |j|S)zReturns a formatted version of the data in the certificate provided by the other end of the SSL channel. Return None if no certificate was provided, {} if a certificate was provided, but not validated.)rZpeer_certificate)r$Z binary_formrrr( getpeercertszSSLSocket.getpeercertcCs|js dS|jS)N)rcipher)r$rrr(r=szSSLSocket.cipherrc Cs|tkr|j}|jr|dkr*td|jxy|j|}Wntk r}zj|jdtkr|jdkrjdSt | |j n4|jdt kr|jdkrdSt | |jnWdd}~XYq,X|Sq,Wnt||||SdS)Nrz3non-zero flags not allowed in calls to send() on %sg)rrr ValueError __class__r9r-rr/r0r1r2r3r5r6rsend)r$r;flagsrvxrrr(r@s0    zSSLSocket.sendc CsTyt||Wn>tk rN}z |jdkr4ttt|jWdd}~XYnXdS)Ng)rsendall_socket_timeoutrr-r5r)r$r;rAr8rrr(rDs  zSSLSocket.sendallcGs*|jrtd|jntj|f|SdS)Nz%sendto not allowed on instances of %s)rr>r?rsendto)r$rrrr(rFs zSSLSocket.sendtocCs4|jr&|dkrtd|j||St|||S)Nrz3non-zero flags not allowed in calls to recv() on %s)rr>r?r,rrecv)r$ZbuflenrArrr(rGs  zSSLSocket.recvc Cs|r|dkrt|}n |dkr"d}|jr|dkr>td|jxy"||}t|}||d|<|Stk r}z8|jdtkr|jdkrt | |j w@nWdd}~XYq@Xq@Wnt ||||SdS)Nirz8non-zero flags not allowed in calls to recv_into() on %sg)r7rr>r?r,r-rr/rr0r1r2r3r recv_into)r$buffernbytesrAZ tmp_bufferrBrCrrr(rHs0       zSSLSocket.recv_intocGs*|jrtd|jntj|f|SdS)Nz'recvfrom not allowed on instances of %s)rr>r?rrecvfrom)r$rrrr(rKs zSSLSocket.recvfromcGs*|jrtd|jntj|f|SdS)Nz,recvfrom_into not allowed on instances of %s)rr>r?r recvfrom_into)r$rrrr(rLs zSSLSocket.recvfrom_intocCs|jr|jSdS)Nr)rpending)r$rrr(rMs zSSLSocket.pendingc Csxy |jStk r}z|jdtkr6|jr6dS|jdtkrj|jdkrPt |j |j t dn6|jdt kr|jdkrt |j |jtdnWdd}~XYqXqWdS)Nrr*g)r+)rshutdownr-rr.r"r/rr0r1r2r3r4r5r6r:)r$r8rrr(_sslobj_shutdowns"   zSSLSocket._sslobj_shutdowncCs.|jstdt||}d|_t|dS)NzNo SSL wrapper around )r)rr>strrOr)r$srrr(unwraps zSSLSocket.unwrapcCsd|_t||dS)N)rrrN)r$Zhowrrr(rN"szSSLSocket.shutdowncCs.|jdkrd|_t|n|jd8_dS)N)r#rrclose)r$rrr(rT&s  zSSLSocket.closecCs|jd7_dS)NrS)r#)r$rrr(_reuse/szSSLSocket._reusecCs&|jdkr|n|jd8_dS)NrS)r#rT)r$rrr(r2s  zSSLSocket._dropc Csxy |jStk r}zn|jdtkrR|jdkr8t|j|j t dn6|jdt kr|jdkrlt|j|j t dnWdd}~XYqXqWdS)zPerform a TLS/SSL handshake.rg)r+N) rrr-rr/rr0r1r2r3_SSLErrorHandshakeTimeoutr5r6)r$r8rrr(r8s   zSSLSocket.do_handshakec Cs|jrtdt|||jdkrJt|jd|j|j |j |j |j |_n(t|jd|j|j |j |j |j |j|_|j r|dS)zQConnects to remote ADDR, and then wraps the connection in an SSL channel.z/attempt to connect already-connected SSLSocket!NF)rr>rconnectr rrrrrrrrr!r)r$addrrrr(rWKs   zSSLSocket.connectc Cs|j}xhy|\}}PWnDtk r^}z&|jdtksD|jdkrFtWdd}~XYnX||j qWt ||j |j d|j |j|j|j|j|jd }||fS)zAccepts a new connection from a remote client, and returns a tuple containing that new connection wrapped with a server-side SSL channel, and the address of the remote client.rgNT) rrr&rrrr!r"r )racceptrrrrr0r1r2r3r rrrrrr!r"r )r$r%Z client_socketZaddressr8Zsslobjrrr(rY^s*  zSSLSocket.acceptrcCs"ts|jd7_t|||ddS)zMake and return a file-like object that works with the SSL connection. Just use the code from the socket module.rST)rT)r r#r)r$modebufsizerrr(makefilezszSSLSocket.makefile)r))F)r)r)r)Nr)rZr[)__name__ __module__ __qualname____doc__ CERT_NONEPROTOCOL_SSLv23rr,r9r<r=rr@rDrFrGrHrKrLrMrOrRrNrTr rUrrrWrYr^rrrr(r 5s< '    rcCs|S)N)Z gettimeout)r$rrr(srecCs ||S)N)Z settimeout)r$valuerrr(reszThe read operation timed outzThe write operation timed outz!The handshake operation timed outFTc Cst|||||||||| d S)z)Create a new :class:`SSLSocket` instance.) rrr&rrrr!r"r )r ) r%rrr&rrrr!r"r rrr(r s cCsH|dk rt}nt}tt|||d}|||d}|t|S)zRetrieve the certificate from the server at the specified address, and return it as a PEM-encoded string. If 'ca_certs' is specified, validate the server cert against it. If 'ssl_version' is specified, use it in the connection attempt.N)rrrT)Z CERT_REQUIREDrcr rrWr<rTZDER_cert_to_PEM_cert)rXrrrrQZdercertrrr(r s   cCs t|||S)zA replacement for the old socket.ssl function. Designed for compatibility with Python 2.5 and earlier. Will disappear in Python 3.0.)r )r%rrrrr(rs)NN))rbZ __future__rZsslZ__ssl__rr0rZgevent._socket2rZ gevent.socketrrrrrrrEZgevent._compatr Z gevent._utilr Z__implements__globalsZ __imports__listset__all__remover hasattrpropertyr-r4r:rVrcrdr r rrrrr( sJ      Q