3 \e @sddlZddlZy ddlZWnek r4dZYnXddlmZddlmZddlmZddlmZddl m Z dd Z d d Z d Z d ZdZdZGdddeZGdddejejZGdddejZdS)N) base_events)compat) protocols) transports)loggercCsj|r tdttdr*tj}|sfd|_n|j dkrtj |_ |j tj tj tjfkrЂ|j tj k|_WYdd}~XnX|jjr |j|jj|t|ks|jrdPqdW||fS)a Feed plaintext data into the pipe. Return an (ssldata, offset) tuple. The ssldata element is a list of buffers containing record level data that needs to be sent to the remote SSL instance. The offset is the number of plaintext bytes that were processed, which may be less than the length of data. NOTE: In case of short writes, this call MUST be retried with the SAME buffer passed into the *data* argument (i.e. the id() must be the same). This is an OpenSSL requirement. A further particularity is that a short write will always have offset == 0, because the _ssl module does not enable partial writes. And even though the offset is zero, there will still be encrypted data in ssldata. rNFZPROTOCOL_IS_SHUTDOWN)r/r0rr memoryviewr rr9r r=reasonr@r8rArBrrCr<r:)r#rDoffsetr2ZviewrFrrr feed_appdatas4         z_SSLPipe.feed_appdatai)N)N)N)F)r)__name__ __module__ __qualname____doc__r;r%propertyr$r&r'r)r4r6r7r.rJrrrrr0s       Jrc@seZdZddZdddZddZdd Zd d Zd d Ze j rHddZ ddZ ddZ dddZddZddZddZddZdS) _SSLProtocolTransportcCs||_||_d|_dS)NF)_loop _ssl_protocol_closed)r#loopZ ssl_protocolrrrr%)sz_SSLProtocolTransport.__init__NcCs|jj||S)z#Get optional transport information.)rR_get_extra_info)r#namedefaultrrrget_extra_info/sz$_SSLProtocolTransport.get_extra_infocCs ||j_dS)N)rR _app_protocol)r#protocolrrr set_protocol3sz"_SSLProtocolTransport.set_protocolcCs|jjS)N)rRrY)r#rrr get_protocol6sz"_SSLProtocolTransport.get_protocolcCs|jS)N)rS)r#rrr is_closing9sz _SSLProtocolTransport.is_closingcCsd|_|jjdS)a Close the transport. Buffered data will be flushed asynchronously. No more data will be received. After all buffered data is flushed, the protocol's connection_lost() method will (eventually) called with None as its argument. TN)rSrR_start_shutdown)r#rrrclose<sz_SSLProtocolTransport.closecCs&|js"tjd|t|d|jdS)Nzunclosed transport %r)source)rSwarningswarnResourceWarningr_)r#rrr__del__Ks z_SSLProtocolTransport.__del__cCs|jjjdS)zPause the receiving end. No data will be passed to the protocol's data_received() method until resume_reading() is called. N)rR _transport pause_reading)r#rrrrfQsz#_SSLProtocolTransport.pause_readingcCs|jjjdS)zResume the receiving end. Data received will once again be passed to the protocol's data_received() method. N)rRreresume_reading)r#rrrrgYsz$_SSLProtocolTransport.resume_readingcCs|jjj||dS)aSet the high- and low-water limits for write flow control. These two values control when to call the protocol's pause_writing() and resume_writing() methods. If specified, the low-water limit must be less than or equal to the high-water limit. Neither value can be negative. The defaults are implementation-specific. If only the high-water limit is given, the low-water limit defaults to an implementation-specific value less than or equal to the high-water limit. Setting high to zero forces low to zero as well, and causes pause_writing() to be called whenever the buffer becomes non-empty. Setting low to zero causes resume_writing() to be called only once the buffer is empty. Use of zero for either limit is generally sub-optimal as it reduces opportunities for doing I/O and computation concurrently. N)rRreset_write_buffer_limits)r#ZhighZlowrrrrhasz-_SSLProtocolTransport.set_write_buffer_limitscCs |jjjS)z,Return the current size of the write buffer.)rRreget_write_buffer_size)r#rrrrivsz+_SSLProtocolTransport.get_write_buffer_sizecCs<t|tttfs$tdjt|j|s,dS|jj |dS)zWrite some data bytes to the transport. This does not block; it buffers the data and arranges for it to be sent out asynchronously. z/data: expecting a bytes-like instance, got {!r}N) isinstancebytes bytearrayrG TypeErrorformattyperKrR_write_appdata)r#rDrrrr9zs z_SSLProtocolTransport.writecCsdS)zAReturn True if this transport supports write_eof(), False if not.Fr)r#rrr can_write_eofsz#_SSLProtocolTransport.can_write_eofcCs|jjdS)zClose the transport immediately. Buffered data will be lost. No more data will be received. The protocol's connection_lost() method will (eventually) be called with None as its argument. N)rR_abort)r#rrrabortsz_SSLProtocolTransport.abort)N)NN)rKrLrMr%rXr[r\r]r_rZPY34rdrfrgrhrir9rqrsrrrrrP&s   rPc@seZdZdZd(ddZd)ddZd d Zd d Zd dZddZ ddZ ddZ d*ddZ ddZ ddZddZddZdd Zd+d"d#Zd$d%Zd&d'ZdS), SSLProtocolzSSL protocol. Implementation of SSL on top of a socket using incoming and outgoing buffers which are ssl.MemoryBIO objects. FNTcCstdkrtd|st||}||_|r6| r6||_nd|_||_t|d|_tj |_ d|_ ||_ ||_ ||_t|j ||_d|_d|_d|_d|_d|_||_dS)Nzstdlib ssl module not available)rrF)r r,rrr _sslcontextdict_extra collectionsdeque_write_backlog_write_buffer_size_waiterrQrYrP_app_transport_sslpipe_session_established _in_handshake _in_shutdownre_call_connection_made)r#rTZ app_protocolrZwaiterrrZcall_connection_maderrrr%s,    zSSLProtocol.__init__cCsD|jdkrdS|jjs:|dk r.|jj|n |jjdd|_dS)N)r|Z cancelledZ set_exceptionZ set_result)r#rFrrr_wakeup_waiters   zSSLProtocol._wakeup_waitercCs&||_t|j|j|j|_|jdS)zXCalled when the low-level connection is made. Start the SSL handshake. N)rerrurrr~_start_handshake)r# transportrrrconnection_mades  zSSLProtocol.connection_madecCs8|jrd|_|jj|jj|d|_d|_|j|dS)zCalled when the low-level connection is lost or closed. The argument is an exception object or None (the latter meaning a regular EOF is received or the connection was aborted or closed). FN)rrQ call_soonrYconnection_lostrer}r)r#rFrrrrs zSSLProtocol.connection_lostcCs|jjdS)z\Called when the low-level transport's buffer goes over the high-water mark. N)rY pause_writing)r#rrrrszSSLProtocol.pause_writingcCs|jjdS)z^Called when the low-level transport's buffer drains below the low-water mark. N)rYresume_writing)r#rrrrszSSLProtocol.resume_writingcCs|jdkrdSy|jj|\}}WnHtjk rj}z*|jjrTtjd||j|j |j dSd}~XnXx|D]}|j j |qrWx(|D] }|r|j j|q|jPqWdS)zXCalled when some SSL data is received. The argument is a bytes object. Nz%r: SSL error %s (reason %s))r~r.r r=rQ get_debugrwarningr8rHrrrer9rY data_receivedr^)r#rDr2r3erErrrrs"    zSSLProtocol.data_receivedc CsTzB|jjrtjd||jt|js@|jj}|r@tj dWd|j j XdS)aCalled when the other end of the low-level stream is half-closed. If this returns a false value (including None), the transport will close itself. If it returns a true value, closing the transport is up to the protocol. z%r received EOFz?returning true from eof_received() has no effect when using sslN) rQrrdebugrConnectionResetErrorrrY eof_receivedrrer_)r#Z keep_openrrrr s    zSSLProtocol.eof_receivedcCs4||jkr|j|S|jdk r,|jj||S|SdS)N)rwrerX)r#rVrWrrrrU!s    zSSLProtocol._get_extra_infocCs.|jr dS|jr|jnd|_|jddS)NTr*)rrrrrp)r#rrrr^)s  zSSLProtocol._start_shutdowncCs.|jj|df|jt|7_|jdS)Nr)rzr<r{r/_process_write_backlog)r#rDrrrrp2szSSLProtocol._write_appdatacCsH|jjr$tjd||jj|_nd|_d|_|jjd|j dS)Nz%r starts SSL handshakeTr*r)r*r) rQrrrtime_handshake_start_timerrzr<r)r#rrrr7s   zSSLProtocol._start_handshakecCsTd|_|jj}yF|dk r||j}t|jdsR|jrR|jjtj krRtj ||jWn~t k r}zb|j j rt|tjrtjd|ddntjd|dd|jjt|tr|j|dSWYdd}~XnX|j j r|j j|j}tjd||d|jj||j|j|d |jr4|jj|j |jd|_!|j j"|j#dS) NFr z5%r: SSL handshake failed on verifying the certificateT)exc_infoz%r: SSL handshake failedz%r: SSL handshake took %.1f msg@@)peercertcipher compressionr&)$rr~r&Z getpeercertr rurr r Z CERT_NONEZmatch_hostname BaseExceptionrQrrjr>rrrer_ ExceptionrrrrrwupdaterrrrYrr}rrr)r#Z handshake_excZsslobjrrFZdtrrr_on_handshake_completeCsD         z"SSLProtocol._on_handshake_completecCsJ|jdks|jdkrdSyxtt|jD]}|jd\}}|rT|jj||\}}n*|rl|jj|j}d}n|jj|j }d}x|D]}|jj |qW|t|kr||f|jd<|jj st |jj r|jjP|jd=|jt|8_q*WWnRtk rD}z4|jr|j|n |j|dt|ts4WYdd}~XnXdS)NrrzFatal error on SSL transport)rer~ranger/rzrJr4rr6 _finalizer9r'r0Z_pausedrgr{rr _fatal_errorrjr)r#irDrIr2rErFrrrrws:       z"SSLProtocol._process_write_backlogFatal error on transportcCsXt|tjr*|jjrBtjd||ddn|jj|||j|d|jrT|jj |dS)Nz%r: %sT)r)messageZ exceptionrrZ) rjrZ_FATAL_ERROR_IGNORErQrrrZcall_exception_handlerreZ _force_close)r#rFrrrrrs   zSSLProtocol._fatal_errorcCsd|_|jdk r|jjdS)N)r~rer_)r#rrrrs zSSLProtocol._finalizec Cs(z|jdk r|jjWd|jXdS)N)rersr)r#rrrrrs zSSLProtocol._abort)FNT)N)N)r)rKrLrMrNr%rrrrrrrrUr^rprrrrrrrrrrrrts& "     4, rt)rxrar ImportErrorrrrrlogrrrrr-r(r5objectrZ_FlowControlMixinZ TransportrPZProtocolrtrrrrs*       wn