3 Uf-+@sdZddlmZddlmZddlZddlZddlZddlmZddl Z dZ e edr^ej Z n ddlm Z Gd d d Zd d ZGd ddejejZdS)zK rhn.SSL builds an abstraction on top of the objects provided by pyOpenSSL )SSL)cryptoN)bstrxsslerror) socket_errorc@seZdZdZd(ddZddZddZd)d d Zd d Zd dZ ddZ ddZ ddZ ddZ ddZd*ddZd+ddZddZd d!Zd"d#Zd$d%ZeZeZd,d&d'ZdS)- SSLSocketzM Class that wraps a pyOpenSSL Connection object, adding more methods NcCsnd|_d|_||_g|_|pg}x|D]}|j|q&Wtj|_tj|_ d|_ d|_ t d|_ d|_d|_dS)Ni r)_ctx _connection_sock_trusted_certsadd_trusted_certrZ SSLv23_METHOD _ssl_methodZ VERIFY_PEER_ssl_verify_flags _buffer_size_posr_buffer_makefile_called_closed)selfsocketZ trusted_certsfr/usr/lib/python3.6/SSL.py__init__/s  zSSLSocket.__init__cCs0tj|tjstd||jj|jddS)zh Adds a trusted certificate to the certificate store of the SSL context object. z"Unable to read certificate file %szutf-8N)osaccessR_OK ValueErrorr appendencode)rfilerrrrLs zSSLSocket.add_trusted_certcCs|jtj|j|_|jjtj|jjtj|jrVx"|jD]}|jj |q@Wnd|_ |jj |j t t tdr|jjtjtj|j|j|_|jjdS)z1 Initializes the SSL connection. rOP_DONT_INSERT_EMPTY_FRAGMENTSN) _check_closedrZContextrr Z set_optionsZ OP_NO_SSLv2Z OP_NO_SSLv3r Zload_verify_locationsrZ set_verifyssl_verify_callbackhasattrr#Z Connectionr r Zset_connect_state)rrrrrinit_sslUs  zSSLSocket.init_sslcCs|r ||_|jd|_|S)zG Returns self, since we are a file-like object already )rr)rmodebufsizerrrmakefiless zSSLSocket.makefilecCs,|jr dS|js|jdS|jd|_dS)z+ Closes the SSL connection Nr()rr _really_close)rrrrcloses zSSLSocket.closecCsdS)Nr)rrrrflushszSSLSocket.flushc Cs|jdkrdSd}yt|jd}Wn tk rBt|jd}YnX|dk rtjddkrp|dkr|jjn|dkr|jj|jjd|_dS)NZ state_stringZget_state_stringrs%SSL negotiation finished successfullyz%SSL negotiation finished successfullyr()r getattrAttributeErrorsys version_infoZshutdownr-r)rZ get_staterrrr,s      zSSLSocket._really_closecCs|jrtddS)NzI/O operation on closed file)rr)rrrrr$szSSLSocket._check_closedcCs$t|j|rt|j|St|dS)N)r&r r0r1)rnamerrr __getattr__s  zSSLSocket.__getattr__cCsdS)z' Returns false always. rr)rrrrisattyszSSLSocket.isattycCs|jS)N)r)rrrrtellszSSLSocket.tellrcCs tddS)Nseek)NotImplementedError)rposr)rrrr8szSSLSocket.seekc CsX|j|j}t|j}x||ks,|dkr |dk rBt|||}y:|jj|}|j||_t|j}|jj}|dkrzPWqtj k rPYqtj k rt j d}t d|jPYqtjk r|jtjdYqtjk r|jtjdYqXqW|r4|jd|}|j|d|_n|j}td|_|jt||_|S)z@ Reads up to amt bytes from the SSL connection. Nrr(z SSL exceptionreadr )r$rlenrminr recvpendingrZeroReturnErrorZ SysCallErrorr2exc_infoprintargsWantWriteError_pollselectPOLLOUT WantReadErrorPOLLINrr)ramt buffer_sizeZ buffer_lengthdatar?eretrrrr;s<        zSSLSocket.readcCs|jt||dd<t|S)N)r;r<)rZbufrrrreadintoszSSLSocket.readintocCsBtj}|j|j||j|jjd}|gkr>td|dS)NizConnection timed out on %s)rFZpollregisterr Z gettimeoutTimeoutException)rZ filter_typeZ caller_nameZpollerresrrrrEs zSSLSocket._pollc Cs|jt|}xvy*|jj|}|t|kr.P||d}Wqtjk r`|jtjdYqtj k r|jtj dYqXqW|S)z/ Writes to the SSL connection. Nwrite) r$r<r sendrrDrErFrGrHrI)rrLZoriglenZsentrrrrSs  zSSLSocket.writecCs |j|S)N)r;)rrJrrrr>szSSLSocket.recvc CsB|jxd}|jjtd}|dkr2|d}n|rHt|j|krH|}|dk r|jd|}|j|d|_|jt||_|S|j}|rt|j|t|j}y|jj |}|j||_Wq t j k rPYq t j k r|j tjdYq t jk r|j tjdYq Xq W|j}d|_|jt||_|S)zg Reads a single line (up to `length' characters long) from the SSL connection. N rr(readliner )r$rfindrr<rrr=r r>rr@rDrErFrGrHrI)rZlengthZ charcountirNr*rLrrrrVs:  zSSLSocket.readline)N)N)r)N)N)__name__ __module__ __qualname____doc__rrr'r+r-r.r,r$r5r6r7r8r;rOrErSr>rTZsendallrVrrrrr+s*     3rcCs|S)zb Verify callback, which will be called for each certificate in the certificate chain. r)ZconnZcertZerrnumdepthokrrrr%Ksr%c@seZdZddZddZdS)rQcGs ||_dS)N)rC)rrCrrrrUszTimeoutException.__init__cCsdS)NzTimeout Exceptionr)rrrr__str__XszTimeoutException.__str__N)rYrZr[rr_rrrrrQSsrQ)r\ZOpenSSLrrrrrFZrhn.i18nrr2ZDEFAULT_TIMEOUTr&rrZsslrr%ErrorZtimeoutrQrrrrs      "