3 \•eã @sÎddlZddlZy ddlZWnek r4dZYnXddlmZddlmZddlmZddlmZddl m Z dd „Z d d „Z d Z d ZdZdZGdd„deƒZGdd„dejejƒZGdd„dejƒZdS)éNé)Ú base_events)Úcompat)Ú protocols)Ú transports)ÚloggercCsj|r tdƒ‚ttdƒr*tjƒ}|sfd|_n|j dkr˜tj |_ |j tj tj tj fkr°‚|j tj k|_WYdd}~XnX|jjrè|j|jjƒƒ|t|ƒksú|jrDPqDW||fS)a Feed plaintext data into the pipe. Return an (ssldata, offset) tuple. The ssldata element is a list of buffers containing record level data that needs to be sent to the remote SSL instance. The offset is the number of plaintext bytes that were processed, which may be less than the length of data. NOTE: In case of short writes, this call MUST be retried with the SAME buffer passed into the *data* argument (i.e. the id() must be the same). This is an OpenSSL requirement. A further particularity is that a short write will always have offset == 0, because the _ssl module does not enable partial writes. And even though the offset is zero, there will still be encrypted data in ssldata. NFZPROTOCOL_IS_SHUTDOWN)rrÚlenÚ memoryviewr rr7r r;Úreasonr>r6r?r@rrAr:r8)r#rBÚoffsetr0ZviewrDrrrÚ feed_appdataós2       z_SSLPipe.feed_appdatai)N)N)N)F)r)Ú__name__Ú __module__Ú __qualname__Ú__doc__r9r%Úpropertyr$r&r'r)r2r4r5r.rIrrrrr0s       Jrc@s†eZdZdd„Zddd„Zdd„Zdd „Zd d „Zd d „Ze j rHdd„Z dd„Z dd„Z ddd„Zdd„Zdd„Zdd„Zdd„ZdS) Ú_SSLProtocolTransportcCs||_||_d|_dS)NF)Ú_loopÚ _ssl_protocolÚ_closed)r#ÚloopZ ssl_protocolrrrr%)sz_SSLProtocolTransport.__init__NcCs|jj||ƒS)z#Get optional transport information.)rQÚ_get_extra_info)r#ÚnameÚdefaultrrrÚget_extra_info/sz$_SSLProtocolTransport.get_extra_infocCs ||j_dS)N)rQÚ _app_protocol)r#ÚprotocolrrrÚ set_protocol3sz"_SSLProtocolTransport.set_protocolcCs|jjS)N)rQrX)r#rrrÚ get_protocol6sz"_SSLProtocolTransport.get_protocolcCs|jS)N)rR)r#rrrÚ is_closing9sz _SSLProtocolTransport.is_closingcCsd|_|jjƒdS)a Close the transport. Buffered data will be flushed asynchronously. No more data will be received. After all buffered data is flushed, the protocol's connection_lost() method will (eventually) called with None as its argument. TN)rRrQÚ_start_shutdown)r#rrrÚclose<sz_SSLProtocolTransport.closecCs&|js"tjd|t|d|jƒdS)Nzunclosed transport %r)Úsource)rRÚwarningsÚwarnÚResourceWarningr^)r#rrrÚ__del__Ks z_SSLProtocolTransport.__del__cCs|jjjƒdS)z”Pause the receiving end. No data will be passed to the protocol's data_received() method until resume_reading() is called. N)rQÚ _transportÚ pause_reading)r#rrrreQsz#_SSLProtocolTransport.pause_readingcCs|jjjƒdS)z…Resume the receiving end. Data received will once again be passed to the protocol's data_received() method. N)rQrdÚresume_reading)r#rrrrfYsz$_SSLProtocolTransport.resume_readingcCs|jjj||ƒdS)a¦Set the high- and low-water limits for write flow control. These two values control when to call the protocol's pause_writing() and resume_writing() methods. If specified, the low-water limit must be less than or equal to the high-water limit. Neither value can be negative. The defaults are implementation-specific. If only the high-water limit is given, the low-water limit defaults to an implementation-specific value less than or equal to the high-water limit. Setting high to zero forces low to zero as well, and causes pause_writing() to be called whenever the buffer becomes non-empty. Setting low to zero causes resume_writing() to be called only once the buffer is empty. Use of zero for either limit is generally sub-optimal as it reduces opportunities for doing I/O and computation concurrently. N)rQrdÚset_write_buffer_limits)r#ZhighZlowrrrrgasz-_SSLProtocolTransport.set_write_buffer_limitscCs |jjjƒS)z,Return the current size of the write buffer.)rQrdÚget_write_buffer_size)r#rrrrhvsz+_SSLProtocolTransport.get_write_buffer_sizecCs<t|tttfƒs$tdjt|ƒjƒƒ‚|s,dS|jj |ƒdS)zWrite some data bytes to the transport. This does not block; it buffers the data and arranges for it to be sent out asynchronously. z/data: expecting a bytes-like instance, got {!r}N) Ú isinstanceÚbytesÚ bytearrayrFÚ TypeErrorÚformatÚtyperJrQÚ_write_appdata)r#rBrrrr7zs z_SSLProtocolTransport.writecCsdS)zAReturn True if this transport supports write_eof(), False if not.Fr)r#rrrÚ can_write_eof‡sz#_SSLProtocolTransport.can_write_eofcCs|jjƒdS)zÝClose the transport immediately. Buffered data will be lost. No more data will be received. The protocol's connection_lost() method will (eventually) be called with None as its argument. N)rQÚ_abort)r#rrrÚabort‹sz_SSLProtocolTransport.abort)N)NN)rJrKrLr%rWrZr[r\r^rZPY34rcrerfrgrhr7rprrrrrrrO&s   rOc@s eZdZdZd(dd„Zd)dd„Zd d „Zd d „Zd d„Zdd„Z dd„Z dd„Z d*dd„Z dd„Z dd„Zdd„Zdd„Zdd „Zd+d"d#„Zd$d%„Zd&d'„ZdS),Ú SSLProtocolz‰SSL protocol. Implementation of SSL on top of a socket using incoming and outgoing buffers which are ssl.MemoryBIO objects. FNTcCs¦tdkrtdƒ‚|st||ƒ}||_|r6| r6||_nd|_||_t|d|_tj ƒ|_ d|_ ||_ ||_ ||_t|j |ƒ|_d|_d|_d|_d|_d|_||_dS)Nzstdlib ssl module not available)rrF)r r,rrrÚ _sslcontextÚdictÚ_extraÚ collectionsÚdequeÚ_write_backlogÚ_write_buffer_sizeÚ_waiterrPrXrOÚ_app_transportÚ_sslpipeÚ_session_establishedÚ _in_handshakeÚ _in_shutdownrdÚ_call_connection_made)r#rSZ app_protocolrZwaiterrrZcall_connection_maderrrr%œs,    zSSLProtocol.__init__cCsD|jdkrdS|jjƒs:|dk r.|jj|ƒn |jjdƒd|_dS)N)r{Z cancelledZ set_exceptionZ set_result)r#rDrrrÚ_wakeup_waiterÀs   zSSLProtocol._wakeup_waitercCs&||_t|j|j|jƒ|_|jƒdS)zXCalled when the low-level connection is made. Start the SSL handshake. N)rdrrtrrr}Ú_start_handshake)r#Ú transportrrrÚconnection_madeÊs  zSSLProtocol.connection_madecCs8|jrd|_|jj|jj|ƒd|_d|_|j|ƒdS)zÝCalled when the low-level connection is lost or closed. The argument is an exception object or None (the latter meaning a regular EOF is received or the connection was aborted or closed). FN)r~rPÚ call_soonrXÚconnection_lostrdr|r‚)r#rDrrrr‡Õs zSSLProtocol.connection_lostcCs|jjƒdS)z\Called when the low-level transport's buffer goes over the high-water mark. N)rXÚ pause_writing)r#rrrrˆãszSSLProtocol.pause_writingcCs|jjƒdS)z^Called when the low-level transport's buffer drains below the low-water mark. N)rXÚresume_writing)r#rrrr‰észSSLProtocol.resume_writingcCs´|jdkrdSy|jj|ƒ\}}WnHtjk rj}z*|jjƒrTtjd||j|j ƒ|j ƒdSd}~XnXx|D]}|j j |ƒqrWx(|D] }|r¢|j j|ƒqŒ|jƒPqŒWdS)zXCalled when some SSL data is received. The argument is a bytes object. Nz%r: SSL error %s (reason %s))r}r.r r;rPÚ get_debugrÚwarningr6rGrqrdr7rXÚ data_receivedr])r#rBr0r1ÚerCrrrrŒïs"    zSSLProtocol.data_receivedc CsTzB|jjƒrtjd|ƒ|jtƒ|js@|jjƒ}|r@tj dƒWd|j j ƒXdS)aCalled when the other end of the low-level stream is half-closed. If this returns a false value (including None), the transport will close itself. If it returns a true value, closing the transport is up to the protocol. z%r received EOFz?returning true from eof_received() has no effect when using sslN) rPrŠrÚdebugr‚ÚConnectionResetErrorrrXÚ eof_receivedr‹rdr^)r#Z keep_openrrrr s    zSSLProtocol.eof_receivedcCs4||jkr|j|S|jdk r,|jj||ƒS|SdS)N)rvrdrW)r#rUrVrrrrT!s    zSSLProtocol._get_extra_infocCs.|jr dS|jr|jƒnd|_|jdƒdS)NTr*)r€rrqro)r#rrrr])s  zSSLProtocol._start_shutdowncCs.|jj|dfƒ|jt|ƒ7_|jƒdS)Nr)ryr:rzrEÚ_process_write_backlog)r#rBrrrro2szSSLProtocol._write_appdatacCsH|jjƒr$tjd|ƒ|jjƒ|_nd|_d|_|jjdƒ|j ƒdS)Nz%r starts SSL handshakeTr*r)r*r) rPrŠrrŽÚtimeÚ_handshake_start_timerryr:r‘)r#rrrrƒ7s   zSSLProtocol._start_handshakecCsTd|_|jj}yF|dk r|‚|jƒ}t|jdƒsR|jrR|jjtj krRtj ||jƒWn~t k rÒ}zb|j j ƒržt|tjƒrŽtjd|ddntjd|dd|jjƒt|tƒrÀ|j|ƒdS‚WYdd}~XnX|j j ƒr|j jƒ|j}tjd||dƒ|jj||jƒ|jƒ|d |jr4|jj|j ƒ|jƒd|_!|j j"|j#ƒdS) NFr z5%r: SSL handshake failed on verifying the certificateT)Úexc_infoz%r: SSL handshake failedz%r: SSL handshake took %.1f msg@@)ÚpeercertÚcipherÚ compressionr&)$rr}r&Z getpeercertr rtrr r Z CERT_NONEZmatch_hostnameÚ BaseExceptionrPrŠrir<rr‹rdr^Ú Exceptionr‚r’r“rŽrvÚupdater–r—rrXr…r|r~r†r‘)r#Z handshake_excZsslobjr•rDZdtrrrÚ_on_handshake_completeCsD         z"SSLProtocol._on_handshake_completecCs>|jdks|jdkrdSyÎxÈtt|jƒƒD]¶}|jd\}}|rT|jj||ƒ\}}n*|rl|jj|jƒ}d}n|jj|j ƒ}d}x|D]}|jj |ƒq„W|t|ƒkrÆ||f|jd<|jj rÄ|jj ƒP|jd=|j t|ƒ8_ q*WWnRtk r8}z4|jr|j|ƒn |j|dƒt|tƒs(‚WYdd}~XnXdS)NrrzFatal error on SSL transport)rdr}ÚrangerEryrIr2r›r4Ú _finalizer7Z_pausedrfrzr˜rÚ _fatal_errorrir™)r#ÚirBrHr0rCrDrrrr‘ws8      z"SSLProtocol._process_write_backlogúFatal error on transportcCsXt|tjƒr*|jjƒrBtjd||ddn|jj|||j|dœƒ|jrT|jj |ƒdS)Nz%r: %sT)r”)ÚmessageZ exceptionr„rY) rirZ_FATAL_ERROR_IGNORErPrŠrrŽZcall_exception_handlerrdZ _force_close)r#rDr¡rrrrž£s   zSSLProtocol._fatal_errorcCsd|_|jdk r|jjƒdS)N)r}rdr^)r#rrrr²s zSSLProtocol._finalizec Cs(z|jdk r|jjƒWd|jƒXdS)N)rdrrr)r#rrrrq¸s zSSLProtocol._abort)FNT)N)N)r )rJrKrLrMr%r‚r…r‡rˆr‰rŒrrTr]rorƒr›r‘ržrrqrrrrrs•s& "     4, rs)rwr`r Ú ImportErrorÚrrrrÚlogrrrrr-r(r3ÚobjectrZ_FlowControlMixinZ TransportrOZProtocolrsrrrrÚs*       wn