B v9a/i@sddlZddlZy ddlZWnek r4dZYnXddlmZddlmZddlmZddlmZddl m Z dd Z d Z d Z d Zd ZGdddeZGdddejejZGdddejZdS)N) base_events) constants) protocols) transports)loggercCs"|r tdt}|sd|_|S)Nz(Server side SSL needs a valid SSLContextF) ValueErrorsslZcreate_default_contextZcheck_hostname) server_sideserver_hostname sslcontextr /usr/lib/python3.7/sslproto.py_create_transport_contexts rZ UNWRAPPEDZ DO_HANDSHAKEZWRAPPEDZSHUTDOWNc@szeZdZdZdddZeddZeddZed d Zed d Z dd dZ dddZ ddZ dddZ dddZdS)_SSLPipeiNcCsH||_||_||_t|_t|_t|_d|_ d|_ d|_ d|_ dS)NF) _context _server_side_server_hostname _UNWRAPPED_stater Z MemoryBIO _incoming _outgoing_sslobj _need_ssldata _handshake_cb _shutdown_cb)selfcontextr r r r r__init__8s   z_SSLPipe.__init__cCs|jS)N)r)rr r rrNsz_SSLPipe.contextcCs|jS)N)r)rr r r ssl_objectSsz_SSLPipe.ssl_objectcCs|jS)N)r)rr r r need_ssldata[sz_SSLPipe.need_ssldatacCs |jtkS)N)r_WRAPPED)rr r rwrappedasz_SSLPipe.wrappedcCsR|jtkrtd|jj|j|j|j|jd|_ t |_||_ |j ddd\}}|S)Nz"handshake in progress or completed)r r T)only_handshake) rr RuntimeErrorrZwrap_biorrrrr _DO_HANDSHAKEr feed_ssldata)rcallbackssldataappdatar r r do_handshakejs  z_SSLPipe.do_handshakecCsB|jtkrtd|jtkr$tdt|_||_|d\}}|S)Nzno security layer presentzshutdown in progressr#)rrr% _SHUTDOWNrr')rr(r)r*r r rshutdowns  z_SSLPipe.shutdowncCs|j|d\}}dS)Nr#)rZ write_eofr')rr)r*r r rfeed_eofs z_SSLPipe.feed_eofFc Cs|jtkr"|r|g}ng}g|fSd|_|r8|j|g}g}y|jtkrx|jt|_|j rl| d|rx||fS|jtkrxn|j |j }| ||sPqWnJ|jt kr|jd|_t|_|jr|n|jtkr| |j Wnztjtjfk rn}zRt|dd}|tjtjtjfkrR|jtkrP|j rP| ||tjk|_Wdd}~XYnX|jjr| |j ||fS)NFerrno)rrrrwriter&rr+r!rreadmax_sizeappendr,Zunwraprr SSLErrorCertificateErrorgetattrSSL_ERROR_WANT_READSSL_ERROR_WANT_WRITESSL_ERROR_SYSCALLrpending)rdatar$r*r)chunkexc exc_errnor r rr'sX               z_SSLPipe.feed_ssldatarc Cs|jtkr6|t|kr&||dg}ng}|t|fSg}t|}xd|_y(|t|krp||j||d7}Wnhtjk r}zHt |dd}|j dkrtj }|_ |tj tj tjfkr|tj k|_Wdd}~XYnX|jjr||j|t|ks|jrDPqDW||fS)NFr/ZPROTOCOL_IS_SHUTDOWN)rrlen memoryviewrrr0r r4r6reasonr7r/r8r9rr:r3r1)rr;offsetr)Zviewr=r>r r r feed_appdatas4        z_SSLPipe.feed_appdata)N)N)N)F)r)__name__ __module__ __qualname__r2rpropertyrrr r"r+r-r.r'rCr r r rr$s       Krc@seZdZejjZddZd"ddZddZ dd Z d d Z d d Z ddZ ddZddZddZd#ddZddZeddZddZddZd d!ZdS)$_SSLProtocolTransportcCs||_||_d|_dS)NF)_loop _ssl_protocol_closed)rloopZ ssl_protocolr r rr!sz_SSLProtocolTransport.__init__NcCs|j||S)N)rJ_get_extra_info)rnamedefaultr r rget_extra_info'sz$_SSLProtocolTransport.get_extra_infocCs|j|dS)N)rJ_set_app_protocol)rprotocolr r r set_protocol+sz"_SSLProtocolTransport.set_protocolcCs|jjS)N)rJ _app_protocol)rr r r get_protocol.sz"_SSLProtocolTransport.get_protocolcCs|jS)N)rK)rr r r is_closing1sz _SSLProtocolTransport.is_closingcCsd|_|jdS)NT)rKrJ_start_shutdown)rr r rclose4sz_SSLProtocolTransport.closecCs(|js$tjd|t|d|dS)Nzunclosed transport )source)rKwarningswarnResourceWarningrX)rr r r__del__?sz_SSLProtocolTransport.__del__cCs |jj}|dkrtd|S)Nz*SSL transport has not been initialized yet)rJ _transportr% is_reading)rtrr r rr_Esz _SSLProtocolTransport.is_readingcCs|jjdS)N)rJr^ pause_reading)rr r rraKsz#_SSLProtocolTransport.pause_readingcCs|jjdS)N)rJr^resume_reading)rr r rrbSsz$_SSLProtocolTransport.resume_readingcCs|jj||dS)N)rJr^set_write_buffer_limits)rZhighZlowr r rrc[sz-_SSLProtocolTransport.set_write_buffer_limitscCs |jjS)N)rJr^get_write_buffer_size)rr r rrdpsz+_SSLProtocolTransport.get_write_buffer_sizecCs |jjjS)N)rJr^_protocol_paused)rr r rretsz&_SSLProtocolTransport._protocol_pausedcCs<t|tttfs$tdt|j|s,dS|j|dS)Nz+data: expecting a bytes-like instance, got ) isinstancebytes bytearrayr@ TypeErrortyperDrJ_write_appdata)rr;r r rr0ys z_SSLProtocolTransport.writecCsdS)NFr )rr r r can_write_eofsz#_SSLProtocolTransport.can_write_eofcCs|jd|_dS)NT)rJ_abortrK)rr r raborts z_SSLProtocolTransport.abort)N)NN)rDrErFrZ _SendfileModeZFALLBACKZ_sendfile_compatiblerrPrSrUrVrXr]r_rarbrcrdrGrer0rlrnr r r rrHs"     rHc@seZdZd+ddZddZd,dd Zd d Zd d ZddZddZ ddZ ddZ d-ddZ ddZ ddZddZddZd d!Zd"d#Zd.d%d&Zd'd(Zd)d*ZdS)/ SSLProtocolFNTc Cstdkrtd|dkr tj}n|dkr6td||sDt||}||_|rZ|sZ||_nd|_||_t |d|_ t |_ d|_||_||_||t|j||_d|_d|_d|_d|_d|_||_||_dS)Nzstdlib ssl module not availablerz7ssl_handshake_timeout should be a positive number, got )r F)r r%rZSSL_HANDSHAKE_TIMEOUTrrrr _sslcontextdict_extra collectionsdeque_write_backlog_write_buffer_size_waiterrIrQrH_app_transport_sslpipe_session_established _in_handshake _in_shutdownr^_call_connection_made_ssl_handshake_timeout) rrL app_protocolr Zwaiterr r Zcall_connection_madeZssl_handshake_timeoutr r rrs:    zSSLProtocol.__init__cCs||_t|tj|_dS)N)rTrfrZBufferedProtocol_app_protocol_is_buffer)rrr r rrQszSSLProtocol._set_app_protocolcCsD|jdkrdS|js:|dk r.|j|n |jdd|_dS)N)rwZ cancelledZ set_exceptionZ set_result)rr=r r r_wakeup_waiters   zSSLProtocol._wakeup_waitercCs&||_t|j|j|j|_|dS)N)r^rrprrry_start_handshake)r transportr r rconnection_mades  zSSLProtocol.connection_madecCsn|jr d|_|j|jj|n|jdk r2d|j_d|_d|_t|ddrT|j | |d|_d|_ dS)NFT_handshake_timeout_handle) rzrI call_soonrTconnection_lostrxrKr^r6rcancelrry)rr=r r rrs    zSSLProtocol.connection_lostcCs|jdS)N)rT pause_writing)rr r rrszSSLProtocol.pause_writingcCs|jdS)N)rTresume_writing)rr r rrszSSLProtocol.resume_writingc Cs|jdkrdSy|j|\}}Wn.tk rP}z||ddSd}~XYnXx|D]}|j|qXWxr|D]j}|ry&|jrt|j |n |j |Wqtk r}z||ddSd}~XYqXqr| PqrWdS)NzSSL error in data receivedz/application protocol failed to receive SSL data) ryr' Exception _fatal_errorr^r0rrZ_feed_data_to_buffered_protorT data_receivedrW)rr;r)r*er<Zexr r rrs,     zSSLProtocol.data_receivedcCsTzB|jrtd||t|js@|j}|r@t dWd|j XdS)Nz%r received EOFz?returning true from eof_received() has no effect when using ssl) rI get_debugrdebugrConnectionResetErrorr{rT eof_receivedZwarningr^rX)rZ keep_openr r rr*s    zSSLProtocol.eof_receivedcCs4||jkr|j|S|jdk r,|j||S|SdS)N)rrr^rP)rrNrOr r rrM@s    zSSLProtocol._get_extra_infocCs.|jr dS|jr|nd|_|ddS)NTr#)r|r{rmrk)rr r rrWHs  zSSLProtocol._start_shutdowncCs.|j|df|jt|7_|dS)Nr)rur3rvr?_process_write_backlog)rr;r r rrkQszSSLProtocol._write_appdatacCs\|jr$td||j|_nd|_d|_|jd|j |j |j |_ | dS)Nz%r starts SSL handshakeT)r#r)rIrrrtime_handshake_start_timer{rur3Z call_laterr~_check_handshake_timeoutrr)rr r rrVs     zSSLProtocol._start_handshakecCs*|jdkr&d|jd}|t|dS)NTz$SSL handshake is taking longer than z! seconds: aborting the connection)r{r~rConnectionAbortedError)rmsgr r rres z$SSLProtocol._check_handshake_timeoutc Csd|_|j|jj}y|dk r&||}WnDtk rt}z&t|tj rTd}nd}| ||dSd}~XYnX|j r|j |j}td||d|jj||||d|jr|j|j|d|_|j |jdS)NFz1SSL handshake failed on verifying the certificatezSSL handshake failedz%r: SSL handshake took %.1f msg@@)peercertcipher compressionrT)r{rrryrZ getpeercertrrfr r5rrIrrrrrrrupdaterrr}rTrrxrrzrr)rZ handshake_excZsslobjrr=rZdtr r r_on_handshake_completens2     z"SSLProtocol._on_handshake_completec Cs0|jdks|jdkrdSyxtt|jD]}|jd\}}|rT|j||\}}n*|rl|j|j}d}n|j|j }d}x|D]}|j |qW|t|kr||f|jd<|jj r|j P|jd=|j t|8_ q*WWnDtk r*}z$|jr||n ||dWdd}~XYnXdS)NrrzFatal error on SSL transport)r^ryranger?rurCr+rr- _finalizer0Z_pausedrbrvrr{r)rir;rBr)r<r=r r rrs4    z"SSLProtocol._process_write_backlogFatal error on transportcCsVt|tr(|jr@tjd||ddn|j|||j|d|jrR|j|dS)Nz%r: %sT)exc_info)messageZ exceptionrrR) rfOSErrorrIrrrZcall_exception_handlerr^Z _force_close)rr=rr r rrs   zSSLProtocol._fatal_errorcCsd|_|jdk r|jdS)N)ryr^rX)rr r rrs zSSLProtocol._finalizecCs(z|jdk r|jWd|XdS)N)r^rnr)rr r rrms zSSLProtocol._abort)FNTN)N)N)r)rDrErFrrQrrrrrrrrMrWrkrrrrrrrmr r r rros* +  "   ') ro)rsrZr ImportErrorrrrrlogrrrr&r!r,objectrZ_FlowControlMixinZ TransportrHZProtocolror r r rs(       yx