This contains a number of things:
1) Improve the documentation of the SSL module, with a fuller
explanation of certificate usage, another reference, proper
formatting of this and that.
2) Fix Windows bug in ssl.py, and general bug in sslsocket.close().
Remove some unused code from ssl.py. Allow accept() to be called on
sslsocket sockets.
3) Use try-except-else in import of ssl in socket.py. Deprecate use of
socket.ssl().
4) Remove use of socket.ssl() in every library module, except for
test_socket_ssl.py and test_ssl.py.
diff --git a/Lib/socket.py b/Lib/socket.py
index 48bb4f6..313151c 100644
--- a/Lib/socket.py
+++ b/Lib/socket.py
@@ -46,15 +46,37 @@
import _socket
from _socket import *
-_have_ssl = False
try:
import _ssl
- from _ssl import *
- _have_ssl = True
except ImportError:
+ # no SSL support
pass
+else:
+ def ssl(sock, keyfile=None, certfile=None):
+ # we do an internal import here because the ssl
+ # module imports the socket module
+ import ssl as _realssl
+ warnings.warn("socket.ssl() is deprecated. Use ssl.sslsocket() instead.",
+ DeprecationWarning, stacklevel=2)
+ return _realssl.sslwrap_simple(sock, keyfile, certfile)
-import os, sys
+ # we need to import the same constants we used to...
+ from _ssl import \
+ sslerror, \
+ RAND_add, \
+ RAND_egd, \
+ RAND_status, \
+ SSL_ERROR_ZERO_RETURN, \
+ SSL_ERROR_WANT_READ, \
+ SSL_ERROR_WANT_WRITE, \
+ SSL_ERROR_WANT_X509_LOOKUP, \
+ SSL_ERROR_SYSCALL, \
+ SSL_ERROR_SSL, \
+ SSL_ERROR_WANT_CONNECT, \
+ SSL_ERROR_EOF, \
+ SSL_ERROR_INVALID_ERROR_CODE
+
+import os, sys, warnings
try:
from errno import EBADF
@@ -63,15 +85,9 @@
__all__ = ["getfqdn"]
__all__.extend(os._get_exports_list(_socket))
-if _have_ssl:
- __all__.extend(os._get_exports_list(_ssl))
+
_realsocket = socket
-if _have_ssl:
- def ssl(sock, keyfile=None, certfile=None):
- import ssl as realssl
- return realssl.sslwrap_simple(sock, keyfile, certfile)
- __all__.append("ssl")
# WSA error codes
if sys.platform.lower().startswith("win"):