3 \e @sddlZddlZy ddlZWnek r4dZYnXddlmZddlmZddlmZddlmZddl m Z dd Z d d Z d Z d ZdZdZGdddeZGdddejejZGdddejZdS)N) base_events)compat) protocols) transports)loggercCsj|r tdttdr*tj}|sfd|_n|j dkrtj |_ |j tj tj tj fkr|j tj k|_WYdd}~XnX|jjr|j|jj|t|ks|jrDPqDW||fS)a Feed plaintext data into the pipe. Return an (ssldata, offset) tuple. The ssldata element is a list of buffers containing record level data that needs to be sent to the remote SSL instance. The offset is the number of plaintext bytes that were processed, which may be less than the length of data. NOTE: In case of short writes, this call MUST be retried with the SAME buffer passed into the *data* argument (i.e. the id() must be the same). This is an OpenSSL requirement. A further particularity is that a short write will always have offset == 0, because the _ssl module does not enable partial writes. And even though the offset is zero, there will still be encrypted data in ssldata. NFZPROTOCOL_IS_SHUTDOWN)rrlen memoryviewr rr7r r;reasonr>r6r?r@rrAr:r8)r#rBoffsetr0ZviewrDrrr feed_appdatas2       z_SSLPipe.feed_appdatai)N)N)N)F)r)__name__ __module__ __qualname____doc__r9r%propertyr$r&r'r)r2r4r5r.rIrrrrr0s       Jrc@seZdZddZdddZddZdd Zd d Zd d Ze j rHddZ ddZ ddZ dddZddZddZddZddZdS) _SSLProtocolTransportcCs||_||_d|_dS)NF)_loop _ssl_protocol_closed)r#loopZ ssl_protocolrrrr%)sz_SSLProtocolTransport.__init__NcCs|jj||S)z#Get optional transport information.)rQ_get_extra_info)r#namedefaultrrrget_extra_info/sz$_SSLProtocolTransport.get_extra_infocCs ||j_dS)N)rQ _app_protocol)r#protocolrrr set_protocol3sz"_SSLProtocolTransport.set_protocolcCs|jjS)N)rQrX)r#rrr get_protocol6sz"_SSLProtocolTransport.get_protocolcCs|jS)N)rR)r#rrr is_closing9sz _SSLProtocolTransport.is_closingcCsd|_|jjdS)a Close the transport. Buffered data will be flushed asynchronously. No more data will be received. After all buffered data is flushed, the protocol's connection_lost() method will (eventually) called with None as its argument. TN)rRrQ_start_shutdown)r#rrrclose<sz_SSLProtocolTransport.closecCs&|js"tjd|t|d|jdS)Nzunclosed transport %r)source)rRwarningswarnResourceWarningr^)r#rrr__del__Ks z_SSLProtocolTransport.__del__cCs|jjjdS)zPause the receiving end. No data will be passed to the protocol's data_received() method until resume_reading() is called. N)rQ _transport pause_reading)r#rrrreQsz#_SSLProtocolTransport.pause_readingcCs|jjjdS)zResume the receiving end. Data received will once again be passed to the protocol's data_received() method. N)rQrdresume_reading)r#rrrrfYsz$_SSLProtocolTransport.resume_readingcCs|jjj||dS)aSet the high- and low-water limits for write flow control. These two values control when to call the protocol's pause_writing() and resume_writing() methods. If specified, the low-water limit must be less than or equal to the high-water limit. Neither value can be negative. The defaults are implementation-specific. If only the high-water limit is given, the low-water limit defaults to an implementation-specific value less than or equal to the high-water limit. Setting high to zero forces low to zero as well, and causes pause_writing() to be called whenever the buffer becomes non-empty. Setting low to zero causes resume_writing() to be called only once the buffer is empty. Use of zero for either limit is generally sub-optimal as it reduces opportunities for doing I/O and computation concurrently. N)rQrdset_write_buffer_limits)r#ZhighZlowrrrrgasz-_SSLProtocolTransport.set_write_buffer_limitscCs |jjjS)z,Return the current size of the write buffer.)rQrdget_write_buffer_size)r#rrrrhvsz+_SSLProtocolTransport.get_write_buffer_sizecCs<t|tttfs$tdjt|j|s,dS|jj |dS)zWrite some data bytes to the transport. This does not block; it buffers the data and arranges for it to be sent out asynchronously. z/data: expecting a bytes-like instance, got {!r}N) isinstancebytes bytearrayrF TypeErrorformattyperJrQ_write_appdata)r#rBrrrr7zs z_SSLProtocolTransport.writecCsdS)zAReturn True if this transport supports write_eof(), False if not.Fr)r#rrr can_write_eofsz#_SSLProtocolTransport.can_write_eofcCs|jjdS)zClose the transport immediately. Buffered data will be lost. No more data will be received. The protocol's connection_lost() method will (eventually) be called with None as its argument. N)rQ_abort)r#rrrabortsz_SSLProtocolTransport.abort)N)NN)rJrKrLr%rWrZr[r\r^rZPY34rcrerfrgrhr7rprrrrrrrO&s   rOc@seZdZdZd(ddZd)ddZd d Zd d Zd dZddZ ddZ ddZ d*ddZ ddZ ddZddZddZdd Zd+d"d#Zd$d%Zd&d'ZdS), SSLProtocolzSSL protocol. Implementation of SSL on top of a socket using incoming and outgoing buffers which are ssl.MemoryBIO objects. FNTcCstdkrtd|st||}||_|r6| r6||_nd|_||_t|d|_tj |_ d|_ ||_ ||_ ||_t|j ||_d|_d|_d|_d|_d|_||_dS)Nzstdlib ssl module not available)rrF)r r,rrr _sslcontextdict_extra collectionsdeque_write_backlog_write_buffer_size_waiterrPrXrO_app_transport_sslpipe_session_established _in_handshake _in_shutdownrd_call_connection_made)r#rSZ app_protocolrZwaiterrrZcall_connection_maderrrr%s,    zSSLProtocol.__init__cCsD|jdkrdS|jjs:|dk r.|jj|n |jjdd|_dS)N)r{Z cancelledZ set_exceptionZ set_result)r#rDrrr_wakeup_waiters   zSSLProtocol._wakeup_waitercCs&||_t|j|j|j|_|jdS)zXCalled when the low-level connection is made. Start the SSL handshake. N)rdrrtrrr}_start_handshake)r# transportrrrconnection_mades  zSSLProtocol.connection_madecCs8|jrd|_|jj|jj|d|_d|_|j|dS)zCalled when the low-level connection is lost or closed. The argument is an exception object or None (the latter meaning a regular EOF is received or the connection was aborted or closed). FN)r~rP call_soonrXconnection_lostrdr|r)r#rDrrrrs zSSLProtocol.connection_lostcCs|jjdS)z\Called when the low-level transport's buffer goes over the high-water mark. N)rX pause_writing)r#rrrrszSSLProtocol.pause_writingcCs|jjdS)z^Called when the low-level transport's buffer drains below the low-water mark. N)rXresume_writing)r#rrrrszSSLProtocol.resume_writingcCs|jdkrdSy|jj|\}}WnHtjk rj}z*|jjrTtjd||j|j |j dSd}~XnXx|D]}|j j |qrWx(|D] }|r|j j|q|jPqWdS)zXCalled when some SSL data is received. The argument is a bytes object. Nz%r: SSL error %s (reason %s))r}r.r r;rP get_debugrwarningr6rGrqrdr7rX data_receivedr])r#rBr0r1erCrrrrs"    zSSLProtocol.data_receivedc CsTzB|jjrtjd||jt|js@|jj}|r@tj dWd|j j XdS)aCalled when the other end of the low-level stream is half-closed. If this returns a false value (including None), the transport will close itself. If it returns a true value, closing the transport is up to the protocol. z%r received EOFz?returning true from eof_received() has no effect when using sslN) rPrrdebugrConnectionResetErrorrrX eof_receivedrrdr^)r#Z keep_openrrrr s    zSSLProtocol.eof_receivedcCs4||jkr|j|S|jdk r,|jj||S|SdS)N)rvrdrW)r#rUrVrrrrT!s    zSSLProtocol._get_extra_infocCs.|jr dS|jr|jnd|_|jddS)NTr*)rrrqro)r#rrrr])s  zSSLProtocol._start_shutdowncCs.|jj|df|jt|7_|jdS)Nr)ryr:rzrE_process_write_backlog)r#rBrrrro2szSSLProtocol._write_appdatacCsH|jjr$tjd||jj|_nd|_d|_|jjd|j dS)Nz%r starts SSL handshakeTr*r)r*r) rPrrrtime_handshake_start_timerryr:r)r#rrrr7s   zSSLProtocol._start_handshakecCsTd|_|jj}yF|dk r||j}t|jdsR|jrR|jjtj krRtj ||jWn~t k r}zb|j j rt|tjrtjd|ddntjd|dd|jjt|tr|j|dSWYdd}~XnX|j j r|j j|j}tjd||d|jj||j|j|d |jr4|jj|j |jd|_!|j j"|j#dS) NFr z5%r: SSL handshake failed on verifying the certificateT)exc_infoz%r: SSL handshake failedz%r: SSL handshake took %.1f msg@@)peercertcipher compressionr&)$rr}r&Z getpeercertr rtrr r Z CERT_NONEZmatch_hostname BaseExceptionrPrrir<rrrdr^ ExceptionrrrrrvupdaterrrrXrr|r~rr)r#Z handshake_excZsslobjrrDZdtrrr_on_handshake_completeCsD         z"SSLProtocol._on_handshake_completecCs>|jdks|jdkrdSyxtt|jD]}|jd\}}|rT|jj||\}}n*|rl|jj|j}d}n|jj|j }d}x|D]}|jj |qW|t|kr||f|jd<|jj r|jj P|jd=|j t|8_ q*WWnRtk r8}z4|jr|j|n |j|dt|ts(WYdd}~XnXdS)NrrzFatal error on SSL transport)rdr}rangerEryrIr2rr4 _finalizer7Z_pausedrfrzrr _fatal_errorrir)r#irBrHr0rCrDrrrrws8      z"SSLProtocol._process_write_backlogFatal error on transportcCsXt|tjr*|jjrBtjd||ddn|jj|||j|d|jrT|jj |dS)Nz%r: %sT)r)messageZ exceptionrrY) rirZ_FATAL_ERROR_IGNORErPrrrZcall_exception_handlerrdZ _force_close)r#rDrrrrrs   zSSLProtocol._fatal_errorcCsd|_|jdk r|jjdS)N)r}rdr^)r#rrrrs zSSLProtocol._finalizec Cs(z|jdk r|jjWd|jXdS)N)rdrrr)r#rrrrqs zSSLProtocol._abort)FNT)N)N)r)rJrKrLrMr%rrrrrrrrTr]rorrrrrrqrrrrrss& "     4, rs)rwr`r ImportErrorrrrrlogrrrrr-r(r3objectrZ_FlowControlMixinZ TransportrOZProtocolrsrrrrs*       wn