Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1 | /* |
| 2 | * connection.c |
| 3 | * |
Jean-Paul Calderone | 8671c85 | 2011-03-02 19:26:20 -0500 | [diff] [blame] | 4 | * Copyright (C) AB Strakt |
| 5 | * Copyright (C) Jean-Paul Calderone |
| 6 | * See LICENSE for details. |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 7 | * |
| 8 | * SSL Connection objects and methods. |
| 9 | * See the file RATIONALE for a short explanation of why this module was written. |
| 10 | * |
| 11 | * Reviewed 2001-07-23 |
| 12 | */ |
| 13 | #include <Python.h> |
Jean-Paul Calderone | 12ea9a0 | 2008-02-22 12:24:39 -0500 | [diff] [blame] | 14 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 15 | #ifndef MS_WINDOWS |
| 16 | # include <sys/socket.h> |
| 17 | # include <netinet/in.h> |
| 18 | # if !(defined(__BEOS__) || defined(__CYGWIN__)) |
| 19 | # include <netinet/tcp.h> |
| 20 | # endif |
| 21 | #else |
| 22 | # include <winsock.h> |
Jean-Paul Calderone | 12ea9a0 | 2008-02-22 12:24:39 -0500 | [diff] [blame] | 23 | # include <wincrypt.h> |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 24 | #endif |
| 25 | |
Jean-Paul Calderone | 12ea9a0 | 2008-02-22 12:24:39 -0500 | [diff] [blame] | 26 | #define SSL_MODULE |
Jean-Paul Calderone | 3ad85d4 | 2009-04-30 20:24:35 -0400 | [diff] [blame] | 27 | #include <openssl/bio.h> |
Jean-Paul Calderone | 12ea9a0 | 2008-02-22 12:24:39 -0500 | [diff] [blame] | 28 | #include <openssl/err.h> |
Jean-Paul Calderone | 12ea9a0 | 2008-02-22 12:24:39 -0500 | [diff] [blame] | 29 | #include "ssl.h" |
| 30 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 31 | /** |
| 32 | * If we are on UNIX, fine, just use PyErr_SetFromErrno. If we are on Windows, |
| 33 | * apply some black winsock voodoo. This is basically just copied from Python's |
| 34 | * socketmodule.c |
| 35 | * |
| 36 | * Arguments: None |
| 37 | * Returns: None |
| 38 | */ |
| 39 | static void |
| 40 | syscall_from_errno(void) |
| 41 | { |
| 42 | #ifdef MS_WINDOWS |
| 43 | int errnum = WSAGetLastError(); |
| 44 | if (errnum) |
| 45 | { |
| 46 | static struct { int num; const char *msg; } *msgp, msgs[] = { |
| 47 | { WSAEINTR, "Interrupted system call" }, |
| 48 | { WSAEBADF, "Bad file descriptor" }, |
| 49 | { WSAEACCES, "Permission denied" }, |
| 50 | { WSAEFAULT, "Bad address" }, |
| 51 | { WSAEINVAL, "Invalid argument" }, |
| 52 | { WSAEMFILE, "Too many open files" }, |
| 53 | { WSAEWOULDBLOCK, "The socket operation could not complete " |
| 54 | "without blocking" }, |
| 55 | { WSAEINPROGRESS, "Operation now in progress" }, |
| 56 | { WSAEALREADY, "Operation already in progress" }, |
| 57 | { WSAENOTSOCK, "Socket operation on non-socket" }, |
| 58 | { WSAEDESTADDRREQ, "Destination address required" }, |
| 59 | { WSAEMSGSIZE, "Message too long" }, |
| 60 | { WSAEPROTOTYPE, "Protocol wrong type for socket" }, |
| 61 | { WSAENOPROTOOPT, "Protocol not available" }, |
| 62 | { WSAEPROTONOSUPPORT, "Protocol not supported" }, |
| 63 | { WSAESOCKTNOSUPPORT, "Socket type not supported" }, |
| 64 | { WSAEOPNOTSUPP, "Operation not supported" }, |
| 65 | { WSAEPFNOSUPPORT, "Protocol family not supported" }, |
| 66 | { WSAEAFNOSUPPORT, "Address family not supported" }, |
| 67 | { WSAEADDRINUSE, "Address already in use" }, |
| 68 | { WSAEADDRNOTAVAIL, "Can't assign requested address" }, |
| 69 | { WSAENETDOWN, "Network is down" }, |
| 70 | { WSAENETUNREACH, "Network is unreachable" }, |
| 71 | { WSAENETRESET, "Network dropped connection on reset" }, |
| 72 | { WSAECONNABORTED, "Software caused connection abort" }, |
| 73 | { WSAECONNRESET, "Connection reset by peer" }, |
| 74 | { WSAENOBUFS, "No buffer space available" }, |
| 75 | { WSAEISCONN, "Socket is already connected" }, |
| 76 | { WSAENOTCONN, "Socket is not connected" }, |
| 77 | { WSAESHUTDOWN, "Can't send after socket shutdown" }, |
| 78 | { WSAETOOMANYREFS, "Too many references: can't splice" }, |
| 79 | { WSAETIMEDOUT, "Operation timed out" }, |
| 80 | { WSAECONNREFUSED, "Connection refused" }, |
| 81 | { WSAELOOP, "Too many levels of symbolic links" }, |
| 82 | { WSAENAMETOOLONG, "File name too long" }, |
| 83 | { WSAEHOSTDOWN, "Host is down" }, |
| 84 | { WSAEHOSTUNREACH, "No route to host" }, |
| 85 | { WSAENOTEMPTY, "Directory not empty" }, |
| 86 | { WSAEPROCLIM, "Too many processes" }, |
| 87 | { WSAEUSERS, "Too many users" }, |
| 88 | { WSAEDQUOT, "Disc quota exceeded" }, |
| 89 | { WSAESTALE, "Stale NFS file handle" }, |
| 90 | { WSAEREMOTE, "Too many levels of remote in path" }, |
| 91 | { WSASYSNOTREADY, "Network subsystem is unvailable" }, |
| 92 | { WSAVERNOTSUPPORTED, "WinSock version is not supported" }, |
| 93 | { WSANOTINITIALISED, "Successful WSAStartup() not yet performed" }, |
| 94 | { WSAEDISCON, "Graceful shutdown in progress" }, |
| 95 | /* Resolver errors */ |
| 96 | { WSAHOST_NOT_FOUND, "No such host is known" }, |
| 97 | { WSATRY_AGAIN, "Host not found, or server failed" }, |
| 98 | { WSANO_RECOVERY, "Unexpected server error encountered" }, |
| 99 | { WSANO_DATA, "Valid name without requested data" }, |
| 100 | { WSANO_ADDRESS, "No address, look for MX record" }, |
| 101 | { 0, NULL } |
| 102 | }; |
| 103 | PyObject *v; |
| 104 | const char *msg = "winsock error"; |
| 105 | |
| 106 | for (msgp = msgs; msgp->msg; msgp++) |
| 107 | { |
| 108 | if (errnum == msgp->num) |
| 109 | { |
| 110 | msg = msgp->msg; |
| 111 | break; |
| 112 | } |
| 113 | } |
| 114 | |
| 115 | v = Py_BuildValue("(is)", errnum, msg); |
| 116 | if (v != NULL) |
| 117 | { |
| 118 | PyErr_SetObject(ssl_SysCallError, v); |
| 119 | Py_DECREF(v); |
| 120 | } |
| 121 | return; |
| 122 | } |
| 123 | #else |
| 124 | PyErr_SetFromErrno(ssl_SysCallError); |
| 125 | #endif |
| 126 | } |
| 127 | |
| 128 | /* |
Jean-Paul Calderone | aff0fc4 | 2009-04-27 17:13:34 -0400 | [diff] [blame] | 129 | * Handle errors raised by BIO functions. |
| 130 | * |
| 131 | * Arguments: bio - The BIO object |
| 132 | * ret - The return value of the BIO_ function. |
| 133 | * Returns: None, the calling function should return NULL; |
| 134 | */ |
| 135 | static void |
| 136 | handle_bio_errors(BIO* bio, int ret) |
| 137 | { |
| 138 | if (BIO_should_retry(bio)) { |
| 139 | if (BIO_should_read(bio)) { |
| 140 | PyErr_SetNone(ssl_WantReadError); |
| 141 | } else if (BIO_should_write(bio)) { |
| 142 | PyErr_SetNone(ssl_WantWriteError); |
| 143 | } else if (BIO_should_io_special(bio)) { |
| 144 | /* |
| 145 | * It's somewhat unclear what this means. From the OpenSSL source, |
| 146 | * it seems like it should not be triggered by the memory BIO, so |
| 147 | * for the time being, this case shouldn't come up. The SSL BIO |
| 148 | * (which I think should be named the socket BIO) may trigger this |
| 149 | * case if its socket is not yet connected or it is busy doing |
| 150 | * something related to x509. |
| 151 | */ |
| 152 | PyErr_SetString(PyExc_ValueError, "BIO_should_io_special"); |
| 153 | } else { |
| 154 | /* |
| 155 | * I hope this is dead code. The BIO documentation suggests that |
| 156 | * one of the above three checks should always be true. |
| 157 | */ |
| 158 | PyErr_SetString(PyExc_ValueError, "unknown bio failure"); |
| 159 | } |
| 160 | } else { |
| 161 | /* |
| 162 | * If we aren't to retry, it's really an error, so fall back to the |
| 163 | * normal error reporting code. However, the BIO interface does not |
| 164 | * specify a uniform error reporting mechanism. We can only hope that |
| 165 | * the code which triggered the error also kindly pushed something onto |
| 166 | * the error stack. |
| 167 | */ |
Rick Dean | d369c93 | 2009-07-08 11:48:33 -0500 | [diff] [blame] | 168 | exception_from_error_queue(ssl_Error); |
Jean-Paul Calderone | aff0fc4 | 2009-04-27 17:13:34 -0400 | [diff] [blame] | 169 | } |
| 170 | } |
| 171 | |
| 172 | /* |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 173 | * Handle errors raised by SSL I/O functions. NOTE: Not SSL_shutdown ;) |
| 174 | * |
| 175 | * Arguments: ssl - The SSL object |
| 176 | * err - The return code from SSL_get_error |
| 177 | * ret - The return code from the SSL I/O function |
| 178 | * Returns: None, the calling function should return NULL |
| 179 | */ |
| 180 | static void |
| 181 | handle_ssl_errors(SSL *ssl, int err, int ret) |
| 182 | { |
| 183 | switch (err) |
| 184 | { |
| 185 | /* |
| 186 | * Strange as it may seem, ZeroReturn is not an error per se. It means |
| 187 | * that the SSL Connection has been closed correctly (note, not the |
| 188 | * transport layer!), i.e. closure alerts have been exchanged. This is |
| 189 | * an exception since |
| 190 | * + There's an SSL "error" code for it |
| 191 | * + You have to deal with it in any case, close the transport layer |
| 192 | * etc |
| 193 | */ |
| 194 | case SSL_ERROR_ZERO_RETURN: |
| 195 | PyErr_SetNone(ssl_ZeroReturnError); |
| 196 | break; |
| 197 | |
| 198 | /* |
| 199 | * The WantXYZ exceptions don't mean that there's an error, just that |
| 200 | * nothing could be read/written just now, maybe because the transport |
| 201 | * layer would block on the operation, or that there's not enough data |
| 202 | * available to fill an entire SSL record. |
| 203 | */ |
| 204 | case SSL_ERROR_WANT_READ: |
| 205 | PyErr_SetNone(ssl_WantReadError); |
| 206 | break; |
| 207 | |
| 208 | case SSL_ERROR_WANT_WRITE: |
| 209 | PyErr_SetNone(ssl_WantWriteError); |
| 210 | break; |
| 211 | |
| 212 | case SSL_ERROR_WANT_X509_LOOKUP: |
| 213 | PyErr_SetNone(ssl_WantX509LookupError); |
| 214 | break; |
| 215 | |
| 216 | case SSL_ERROR_SYSCALL: |
| 217 | if (ERR_peek_error() == 0) |
| 218 | { |
| 219 | if (ret < 0) |
| 220 | { |
| 221 | syscall_from_errno(); |
| 222 | } |
| 223 | else |
| 224 | { |
| 225 | PyObject *v; |
| 226 | |
| 227 | v = Py_BuildValue("(is)", -1, "Unexpected EOF"); |
| 228 | if (v != NULL) |
| 229 | { |
| 230 | PyErr_SetObject(ssl_SysCallError, v); |
| 231 | Py_DECREF(v); |
| 232 | } |
| 233 | } |
| 234 | break; |
| 235 | } |
| 236 | |
| 237 | /* NOTE: Fall-through here, we don't want to duplicate code, right? */ |
| 238 | |
| 239 | case SSL_ERROR_SSL: |
| 240 | ; |
| 241 | default: |
Rick Dean | d369c93 | 2009-07-08 11:48:33 -0500 | [diff] [blame] | 242 | exception_from_error_queue(ssl_Error); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 243 | break; |
| 244 | } |
| 245 | } |
| 246 | |
| 247 | /* |
| 248 | * Here be member methods of the Connection "class" |
| 249 | */ |
| 250 | |
| 251 | static char ssl_Connection_get_context_doc[] = "\n\ |
| 252 | Get session context\n\ |
| 253 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 254 | @return: A Context object\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 255 | "; |
| 256 | static PyObject * |
Jean-Paul Calderone | 1d69a72 | 2010-07-29 09:05:53 -0400 | [diff] [blame] | 257 | ssl_Connection_get_context(ssl_ConnectionObj *self, PyObject *args) { |
| 258 | if (!PyArg_ParseTuple(args, ":get_context")) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 259 | return NULL; |
Jean-Paul Calderone | 1d69a72 | 2010-07-29 09:05:53 -0400 | [diff] [blame] | 260 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 261 | |
| 262 | Py_INCREF(self->context); |
| 263 | return (PyObject *)self->context; |
| 264 | } |
| 265 | |
Jean-Paul Calderone | 95613b7 | 2011-05-25 22:30:21 -0400 | [diff] [blame] | 266 | static char ssl_Connection_set_context_doc[] = "\n\ |
| 267 | Switch this connection to a new session context\n\ |
| 268 | \n\ |
| 269 | @param context: A L{Context} instance giving the new session context to use.\n\ |
| 270 | \n\ |
| 271 | "; |
| 272 | static PyObject * |
| 273 | ssl_Connection_set_context(ssl_ConnectionObj *self, PyObject *args) { |
| 274 | ssl_ContextObj *ctx; |
| 275 | ssl_ContextObj *old; |
| 276 | |
| 277 | if (!PyArg_ParseTuple(args, "O!:set_context", &ssl_Context_Type, &ctx)) { |
| 278 | return NULL; |
| 279 | } |
| 280 | |
| 281 | /* This Connection will hold on to this context now. Make sure it stays |
| 282 | * alive. |
| 283 | */ |
| 284 | Py_INCREF(ctx); |
| 285 | |
| 286 | /* XXX The unit tests don't actually verify that this call is made. |
| 287 | * They're satisfied if self->context gets updated. |
| 288 | */ |
| 289 | SSL_set_SSL_CTX(self->ssl, ctx->ctx); |
| 290 | |
| 291 | /* Swap the old out and the new in. |
| 292 | */ |
| 293 | old = self->context; |
| 294 | self->context = ctx; |
| 295 | |
| 296 | /* XXX The unit tests don't verify that this reference is dropped. |
| 297 | */ |
| 298 | Py_DECREF(old); |
| 299 | |
| 300 | Py_INCREF(Py_None); |
| 301 | return Py_None; |
| 302 | } |
| 303 | |
Jean-Paul Calderone | c4cb658 | 2011-05-26 18:47:00 -0400 | [diff] [blame] | 304 | static char ssl_Connection_get_servername_doc[] = "\n\ |
| 305 | Retrieve the servername extension value if provided in the client hello\n\ |
| 306 | message, or None if there wasn't one.\n\ |
| 307 | \n\ |
| 308 | @return: A byte string giving the server name or C{None}.\n\ |
| 309 | \n\ |
| 310 | "; |
| 311 | static PyObject * |
| 312 | ssl_Connection_get_servername(ssl_ConnectionObj *self, PyObject *args) { |
| 313 | int type = TLSEXT_NAMETYPE_host_name; |
| 314 | const char *name; |
| 315 | |
Jean-Paul Calderone | 871a4d8 | 2011-05-26 19:24:02 -0400 | [diff] [blame^] | 316 | if (!PyArg_ParseTuple(args, ":get_servername")) { |
| 317 | return NULL; |
| 318 | } |
Jean-Paul Calderone | c4cb658 | 2011-05-26 18:47:00 -0400 | [diff] [blame] | 319 | |
| 320 | name = SSL_get_servername(self->ssl, type); |
| 321 | |
| 322 | if (name == NULL) { |
| 323 | Py_INCREF(Py_None); |
| 324 | return Py_None; |
| 325 | } else { |
| 326 | return PyBytes_FromString(name); |
| 327 | } |
| 328 | } |
| 329 | |
| 330 | |
| 331 | static char ssl_Connection_set_tlsext_host_name_doc[] = "\n\ |
| 332 | Set the value of the servername extension to send in the client hello.\n\ |
| 333 | \n\ |
| 334 | @param name: A byte string giving the name.\n\ |
| 335 | \n\ |
| 336 | "; |
| 337 | static PyObject * |
| 338 | ssl_Connection_set_tlsext_host_name(ssl_ConnectionObj *self, PyObject *args) { |
| 339 | char *buf; |
| 340 | |
| 341 | if (!PyArg_ParseTuple(args, BYTESTRING_FMT ":set_tlsext_host_name", &buf)) { |
| 342 | return NULL; |
| 343 | } |
| 344 | |
| 345 | /* XXX I guess this can fail sometimes? */ |
| 346 | SSL_set_tlsext_host_name(self->ssl, buf); |
| 347 | |
| 348 | Py_INCREF(Py_None); |
| 349 | return Py_None; |
| 350 | } |
| 351 | |
| 352 | |
Jean-Paul Calderone | 95613b7 | 2011-05-25 22:30:21 -0400 | [diff] [blame] | 353 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 354 | static char ssl_Connection_pending_doc[] = "\n\ |
| 355 | Get the number of bytes that can be safely read from the connection\n\ |
| 356 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 357 | @return: The number of bytes available in the receive buffer.\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 358 | "; |
| 359 | static PyObject * |
Jean-Paul Calderone | 1d69a72 | 2010-07-29 09:05:53 -0400 | [diff] [blame] | 360 | ssl_Connection_pending(ssl_ConnectionObj *self, PyObject *args) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 361 | int ret; |
| 362 | |
Jean-Paul Calderone | 1d69a72 | 2010-07-29 09:05:53 -0400 | [diff] [blame] | 363 | if (!PyArg_ParseTuple(args, ":pending")) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 364 | return NULL; |
Jean-Paul Calderone | 1d69a72 | 2010-07-29 09:05:53 -0400 | [diff] [blame] | 365 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 366 | |
| 367 | ret = SSL_pending(self->ssl); |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 368 | return PyLong_FromLong((long)ret); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 369 | } |
Jean-Paul Calderone | 1d69a72 | 2010-07-29 09:05:53 -0400 | [diff] [blame] | 370 | |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 371 | static char ssl_Connection_bio_write_doc[] = "\n\ |
| 372 | When using non-socket connections this function sends\n\ |
| 373 | \"dirty\" data that would have traveled in on the network.\n\ |
| 374 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 375 | @param buf: The string to put into the memory BIO.\n\ |
| 376 | @return: The number of bytes written\n\ |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 377 | "; |
| 378 | static PyObject * |
| 379 | ssl_Connection_bio_write(ssl_ConnectionObj *self, PyObject *args) |
| 380 | { |
| 381 | char *buf; |
Jean-Paul Calderone | aff0fc4 | 2009-04-27 17:13:34 -0400 | [diff] [blame] | 382 | int len, ret; |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 383 | |
Jean-Paul Calderone | 07acf3f | 2009-05-05 13:23:28 -0400 | [diff] [blame] | 384 | if (self->into_ssl == NULL) |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 385 | { |
| 386 | PyErr_SetString(PyExc_TypeError, "Connection sock was not None"); |
| 387 | return NULL; |
| 388 | } |
| 389 | |
Jean-Paul Calderone | fc4ed0f | 2009-04-27 11:51:27 -0400 | [diff] [blame] | 390 | if (!PyArg_ParseTuple(args, "s#|i:bio_write", &buf, &len)) |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 391 | return NULL; |
| 392 | |
| 393 | ret = BIO_write(self->into_ssl, buf, len); |
| 394 | |
| 395 | if (PyErr_Occurred()) |
| 396 | { |
| 397 | flush_error_queue(); |
| 398 | return NULL; |
| 399 | } |
| 400 | |
Jean-Paul Calderone | aff0fc4 | 2009-04-27 17:13:34 -0400 | [diff] [blame] | 401 | if (ret <= 0) { |
| 402 | /* |
| 403 | * There was a problem with the BIO_write of some sort. |
| 404 | */ |
Jean-Paul Calderone | 3ad85d4 | 2009-04-30 20:24:35 -0400 | [diff] [blame] | 405 | handle_bio_errors(self->into_ssl, ret); |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 406 | return NULL; |
| 407 | } |
Jean-Paul Calderone | aff0fc4 | 2009-04-27 17:13:34 -0400 | [diff] [blame] | 408 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 409 | return PyLong_FromLong((long)ret); |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 410 | } |
| 411 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 412 | static char ssl_Connection_send_doc[] = "\n\ |
| 413 | Send data on the connection. NOTE: If you get one of the WantRead,\n\ |
| 414 | WantWrite or WantX509Lookup exceptions on this, you have to call the\n\ |
| 415 | method again with the SAME buffer.\n\ |
| 416 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 417 | @param buf: The string to send\n\ |
Jean-Paul Calderone | 40b32a2 | 2010-01-27 16:56:44 -0500 | [diff] [blame] | 418 | @param flags: (optional) Included for compatibility with the socket\n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 419 | API, the value is ignored\n\ |
| 420 | @return: The number of bytes written\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 421 | "; |
| 422 | static PyObject * |
Jean-Paul Calderone | a5d6ea6 | 2011-01-05 19:57:08 -0500 | [diff] [blame] | 423 | ssl_Connection_send(ssl_ConnectionObj *self, PyObject *args) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 424 | int len, ret, err, flags; |
Jean-Paul Calderone | a5d6ea6 | 2011-01-05 19:57:08 -0500 | [diff] [blame] | 425 | char *buf; |
| 426 | |
Jean-Paul Calderone | 5163f57 | 2011-04-22 18:38:16 -0400 | [diff] [blame] | 427 | #if PY_VERSION_HEX >= 0x02060000 |
Jean-Paul Calderone | a5d6ea6 | 2011-01-05 19:57:08 -0500 | [diff] [blame] | 428 | Py_buffer pbuf; |
| 429 | |
| 430 | if (!PyArg_ParseTuple(args, "s*|i:send", &pbuf, &flags)) |
| 431 | return NULL; |
| 432 | |
| 433 | buf = pbuf.buf; |
| 434 | len = pbuf.len; |
| 435 | #else |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 436 | |
| 437 | if (!PyArg_ParseTuple(args, "s#|i:send", &buf, &len, &flags)) |
| 438 | return NULL; |
Jean-Paul Calderone | a5d6ea6 | 2011-01-05 19:57:08 -0500 | [diff] [blame] | 439 | #endif |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 440 | |
| 441 | MY_BEGIN_ALLOW_THREADS(self->tstate) |
| 442 | ret = SSL_write(self->ssl, buf, len); |
| 443 | MY_END_ALLOW_THREADS(self->tstate) |
| 444 | |
Jean-Paul Calderone | 5163f57 | 2011-04-22 18:38:16 -0400 | [diff] [blame] | 445 | #if PY_VERSION_HEX >= 0x02060000 |
Jean-Paul Calderone | a5d6ea6 | 2011-01-05 19:57:08 -0500 | [diff] [blame] | 446 | PyBuffer_Release(&pbuf); |
| 447 | #endif |
| 448 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 449 | if (PyErr_Occurred()) |
| 450 | { |
| 451 | flush_error_queue(); |
| 452 | return NULL; |
| 453 | } |
| 454 | |
| 455 | err = SSL_get_error(self->ssl, ret); |
| 456 | if (err == SSL_ERROR_NONE) |
| 457 | { |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 458 | return PyLong_FromLong((long)ret); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 459 | } |
| 460 | else |
| 461 | { |
| 462 | handle_ssl_errors(self->ssl, err, ret); |
| 463 | return NULL; |
| 464 | } |
| 465 | } |
| 466 | |
| 467 | static char ssl_Connection_sendall_doc[] = "\n\ |
| 468 | Send \"all\" data on the connection. This calls send() repeatedly until\n\ |
| 469 | all data is sent. If an error occurs, it's impossible to tell how much data\n\ |
| 470 | has been sent.\n\ |
| 471 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 472 | @param buf: The string to send\n\ |
Jean-Paul Calderone | 40b32a2 | 2010-01-27 16:56:44 -0500 | [diff] [blame] | 473 | @param flags: (optional) Included for compatibility with the socket\n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 474 | API, the value is ignored\n\ |
| 475 | @return: The number of bytes written\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 476 | "; |
| 477 | static PyObject * |
| 478 | ssl_Connection_sendall(ssl_ConnectionObj *self, PyObject *args) |
| 479 | { |
| 480 | char *buf; |
| 481 | int len, ret, err, flags; |
| 482 | PyObject *pyret = Py_None; |
| 483 | |
Jean-Paul Calderone | 5163f57 | 2011-04-22 18:38:16 -0400 | [diff] [blame] | 484 | #if PY_VERSION_HEX >= 0x02060000 |
Jean-Paul Calderone | 691e6c9 | 2011-01-21 22:04:35 -0500 | [diff] [blame] | 485 | Py_buffer pbuf; |
| 486 | |
| 487 | if (!PyArg_ParseTuple(args, "s*|i:sendall", &pbuf, &flags)) |
| 488 | return NULL; |
| 489 | |
| 490 | buf = pbuf.buf; |
| 491 | len = pbuf.len; |
| 492 | #else |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 493 | if (!PyArg_ParseTuple(args, "s#|i:sendall", &buf, &len, &flags)) |
| 494 | return NULL; |
Jean-Paul Calderone | 691e6c9 | 2011-01-21 22:04:35 -0500 | [diff] [blame] | 495 | #endif |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 496 | |
| 497 | do { |
| 498 | MY_BEGIN_ALLOW_THREADS(self->tstate) |
| 499 | ret = SSL_write(self->ssl, buf, len); |
| 500 | MY_END_ALLOW_THREADS(self->tstate) |
| 501 | if (PyErr_Occurred()) |
| 502 | { |
| 503 | flush_error_queue(); |
| 504 | pyret = NULL; |
| 505 | break; |
| 506 | } |
| 507 | err = SSL_get_error(self->ssl, ret); |
| 508 | if (err == SSL_ERROR_NONE) |
| 509 | { |
| 510 | buf += ret; |
| 511 | len -= ret; |
| 512 | } |
| 513 | else if (err == SSL_ERROR_SSL || err == SSL_ERROR_SYSCALL || |
| 514 | err == SSL_ERROR_ZERO_RETURN) |
| 515 | { |
| 516 | handle_ssl_errors(self->ssl, err, ret); |
| 517 | pyret = NULL; |
| 518 | break; |
Jean-Paul Calderone | 691e6c9 | 2011-01-21 22:04:35 -0500 | [diff] [blame] | 519 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 520 | } while (len > 0); |
| 521 | |
Jean-Paul Calderone | 5163f57 | 2011-04-22 18:38:16 -0400 | [diff] [blame] | 522 | #if PY_VERSION_HEX >= 0x02060000 |
Jean-Paul Calderone | 691e6c9 | 2011-01-21 22:04:35 -0500 | [diff] [blame] | 523 | PyBuffer_Release(&pbuf); |
| 524 | #endif |
| 525 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 526 | Py_XINCREF(pyret); |
| 527 | return pyret; |
| 528 | } |
| 529 | |
| 530 | static char ssl_Connection_recv_doc[] = "\n\ |
| 531 | Receive data on the connection. NOTE: If you get one of the WantRead,\n\ |
| 532 | WantWrite or WantX509Lookup exceptions on this, you have to call the\n\ |
| 533 | method again with the SAME buffer.\n\ |
| 534 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 535 | @param bufsiz: The maximum number of bytes to read\n\ |
Jean-Paul Calderone | 40b32a2 | 2010-01-27 16:56:44 -0500 | [diff] [blame] | 536 | @param flags: (optional) Included for compatibility with the socket\n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 537 | API, the value is ignored\n\ |
| 538 | @return: The string read from the Connection\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 539 | "; |
| 540 | static PyObject * |
| 541 | ssl_Connection_recv(ssl_ConnectionObj *self, PyObject *args) |
| 542 | { |
| 543 | int bufsiz, ret, err, flags; |
| 544 | PyObject *buf; |
| 545 | |
| 546 | if (!PyArg_ParseTuple(args, "i|i:recv", &bufsiz, &flags)) |
| 547 | return NULL; |
| 548 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 549 | buf = PyBytes_FromStringAndSize(NULL, bufsiz); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 550 | if (buf == NULL) |
| 551 | return NULL; |
| 552 | |
| 553 | MY_BEGIN_ALLOW_THREADS(self->tstate) |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 554 | ret = SSL_read(self->ssl, PyBytes_AsString(buf), bufsiz); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 555 | MY_END_ALLOW_THREADS(self->tstate) |
| 556 | |
| 557 | if (PyErr_Occurred()) |
| 558 | { |
| 559 | Py_DECREF(buf); |
| 560 | flush_error_queue(); |
| 561 | return NULL; |
| 562 | } |
| 563 | |
| 564 | err = SSL_get_error(self->ssl, ret); |
| 565 | if (err == SSL_ERROR_NONE) |
| 566 | { |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 567 | if (ret != bufsiz && _PyBytes_Resize(&buf, ret) < 0) |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 568 | return NULL; |
| 569 | return buf; |
| 570 | } |
| 571 | else |
| 572 | { |
| 573 | handle_ssl_errors(self->ssl, err, ret); |
| 574 | Py_DECREF(buf); |
| 575 | return NULL; |
| 576 | } |
| 577 | } |
| 578 | |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 579 | static char ssl_Connection_bio_read_doc[] = "\n\ |
| 580 | When using non-socket connections this function reads\n\ |
| 581 | the \"dirty\" data that would have traveled away on the network.\n\ |
| 582 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 583 | @param bufsiz: The maximum number of bytes to read\n\ |
| 584 | @return: The string read.\n\ |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 585 | "; |
| 586 | static PyObject * |
| 587 | ssl_Connection_bio_read(ssl_ConnectionObj *self, PyObject *args) |
| 588 | { |
Jean-Paul Calderone | aff0fc4 | 2009-04-27 17:13:34 -0400 | [diff] [blame] | 589 | int bufsiz, ret; |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 590 | PyObject *buf; |
| 591 | |
Jean-Paul Calderone | 07acf3f | 2009-05-05 13:23:28 -0400 | [diff] [blame] | 592 | if (self->from_ssl == NULL) |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 593 | { |
| 594 | PyErr_SetString(PyExc_TypeError, "Connection sock was not None"); |
| 595 | return NULL; |
| 596 | } |
| 597 | |
| 598 | if (!PyArg_ParseTuple(args, "i:bio_read", &bufsiz)) |
| 599 | return NULL; |
| 600 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 601 | buf = PyBytes_FromStringAndSize(NULL, bufsiz); |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 602 | if (buf == NULL) |
| 603 | return NULL; |
| 604 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 605 | ret = BIO_read(self->from_ssl, PyBytes_AsString(buf), bufsiz); |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 606 | |
| 607 | if (PyErr_Occurred()) |
| 608 | { |
| 609 | Py_DECREF(buf); |
| 610 | flush_error_queue(); |
| 611 | return NULL; |
| 612 | } |
| 613 | |
Jean-Paul Calderone | aff0fc4 | 2009-04-27 17:13:34 -0400 | [diff] [blame] | 614 | if (ret <= 0) { |
| 615 | /* |
| 616 | * There was a problem with the BIO_read of some sort. |
| 617 | */ |
| 618 | handle_bio_errors(self->from_ssl, ret); |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 619 | Py_DECREF(buf); |
| 620 | return NULL; |
| 621 | } |
Jean-Paul Calderone | aff0fc4 | 2009-04-27 17:13:34 -0400 | [diff] [blame] | 622 | |
| 623 | /* |
| 624 | * Shrink the string to match the number of bytes we actually read. |
| 625 | */ |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 626 | if (ret != bufsiz && _PyBytes_Resize(&buf, ret) < 0) |
Jean-Paul Calderone | aff0fc4 | 2009-04-27 17:13:34 -0400 | [diff] [blame] | 627 | { |
| 628 | Py_DECREF(buf); |
| 629 | return NULL; |
| 630 | } |
| 631 | return buf; |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 632 | } |
| 633 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 634 | static char ssl_Connection_renegotiate_doc[] = "\n\ |
| 635 | Renegotiate the session\n\ |
| 636 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 637 | @return: True if the renegotiation can be started, false otherwise\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 638 | "; |
| 639 | static PyObject * |
Jean-Paul Calderone | 8ea2252 | 2010-07-29 09:39:39 -0400 | [diff] [blame] | 640 | ssl_Connection_renegotiate(ssl_ConnectionObj *self, PyObject *args) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 641 | int ret; |
| 642 | |
Jean-Paul Calderone | 8ea2252 | 2010-07-29 09:39:39 -0400 | [diff] [blame] | 643 | if (!PyArg_ParseTuple(args, ":renegotiate")) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 644 | return NULL; |
Jean-Paul Calderone | 8ea2252 | 2010-07-29 09:39:39 -0400 | [diff] [blame] | 645 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 646 | |
| 647 | MY_BEGIN_ALLOW_THREADS(self->tstate); |
| 648 | ret = SSL_renegotiate(self->ssl); |
| 649 | MY_END_ALLOW_THREADS(self->tstate); |
| 650 | |
Jean-Paul Calderone | 8ea2252 | 2010-07-29 09:39:39 -0400 | [diff] [blame] | 651 | if (PyErr_Occurred()) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 652 | flush_error_queue(); |
| 653 | return NULL; |
| 654 | } |
| 655 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 656 | return PyLong_FromLong((long)ret); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 657 | } |
| 658 | |
| 659 | static char ssl_Connection_do_handshake_doc[] = "\n\ |
| 660 | Perform an SSL handshake (usually called after renegotiate() or one of\n\ |
| 661 | set_*_state()). This can raise the same exceptions as send and recv.\n\ |
| 662 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 663 | @return: None.\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 664 | "; |
| 665 | static PyObject * |
| 666 | ssl_Connection_do_handshake(ssl_ConnectionObj *self, PyObject *args) |
| 667 | { |
| 668 | int ret, err; |
| 669 | |
| 670 | if (!PyArg_ParseTuple(args, ":do_handshake")) |
| 671 | return NULL; |
| 672 | |
| 673 | MY_BEGIN_ALLOW_THREADS(self->tstate); |
| 674 | ret = SSL_do_handshake(self->ssl); |
| 675 | MY_END_ALLOW_THREADS(self->tstate); |
| 676 | |
| 677 | if (PyErr_Occurred()) |
| 678 | { |
| 679 | flush_error_queue(); |
| 680 | return NULL; |
| 681 | } |
| 682 | |
| 683 | err = SSL_get_error(self->ssl, ret); |
| 684 | if (err == SSL_ERROR_NONE) |
| 685 | { |
| 686 | Py_INCREF(Py_None); |
| 687 | return Py_None; |
| 688 | } |
| 689 | else |
| 690 | { |
| 691 | handle_ssl_errors(self->ssl, err, ret); |
| 692 | return NULL; |
| 693 | } |
| 694 | } |
| 695 | |
| 696 | #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x00907000L |
| 697 | static char ssl_Connection_renegotiate_pending_doc[] = "\n\ |
| 698 | Check if there's a renegotiation in progress, it will return false once\n\ |
| 699 | a renegotiation is finished.\n\ |
| 700 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 701 | @return: Whether there's a renegotiation in progress\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 702 | "; |
| 703 | static PyObject * |
| 704 | ssl_Connection_renegotiate_pending(ssl_ConnectionObj *self, PyObject *args) |
| 705 | { |
| 706 | if (!PyArg_ParseTuple(args, ":renegotiate_pending")) |
| 707 | return NULL; |
| 708 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 709 | return PyLong_FromLong((long)SSL_renegotiate_pending(self->ssl)); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 710 | } |
| 711 | #endif |
| 712 | |
| 713 | static char ssl_Connection_total_renegotiations_doc[] = "\n\ |
| 714 | Find out the total number of renegotiations.\n\ |
| 715 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 716 | @return: The number of renegotiations.\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 717 | "; |
| 718 | static PyObject * |
| 719 | ssl_Connection_total_renegotiations(ssl_ConnectionObj *self, PyObject *args) |
| 720 | { |
| 721 | if (!PyArg_ParseTuple(args, ":total_renegotiations")) |
| 722 | return NULL; |
| 723 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 724 | return PyLong_FromLong(SSL_total_renegotiations(self->ssl)); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 725 | } |
| 726 | |
| 727 | static char ssl_Connection_set_accept_state_doc[] = "\n\ |
| 728 | Set the connection to work in server mode. The handshake will be handled\n\ |
| 729 | automatically by read/write.\n\ |
| 730 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 731 | @return: None\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 732 | "; |
| 733 | static PyObject * |
| 734 | ssl_Connection_set_accept_state(ssl_ConnectionObj *self, PyObject *args) |
| 735 | { |
| 736 | if (!PyArg_ParseTuple(args, ":set_accept_state")) |
| 737 | return NULL; |
| 738 | |
| 739 | SSL_set_accept_state(self->ssl); |
| 740 | |
| 741 | Py_INCREF(Py_None); |
| 742 | return Py_None; |
| 743 | } |
| 744 | |
| 745 | static char ssl_Connection_set_connect_state_doc[] = "\n\ |
| 746 | Set the connection to work in client mode. The handshake will be handled\n\ |
| 747 | automatically by read/write.\n\ |
| 748 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 749 | @return: None\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 750 | "; |
| 751 | static PyObject * |
| 752 | ssl_Connection_set_connect_state(ssl_ConnectionObj *self, PyObject *args) |
| 753 | { |
| 754 | if (!PyArg_ParseTuple(args, ":set_connect_state")) |
| 755 | return NULL; |
| 756 | |
| 757 | SSL_set_connect_state(self->ssl); |
| 758 | |
| 759 | Py_INCREF(Py_None); |
| 760 | return Py_None; |
| 761 | } |
| 762 | |
| 763 | static char ssl_Connection_connect_doc[] = "\n\ |
| 764 | Connect to remote host and set up client-side SSL\n\ |
| 765 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 766 | @param addr: A remote address\n\ |
| 767 | @return: What the socket's connect method returns\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 768 | "; |
| 769 | static PyObject * |
| 770 | ssl_Connection_connect(ssl_ConnectionObj *self, PyObject *args) |
| 771 | { |
| 772 | PyObject *meth, *ret; |
| 773 | |
| 774 | if ((meth = PyObject_GetAttrString(self->socket, "connect")) == NULL) |
| 775 | return NULL; |
| 776 | |
| 777 | SSL_set_connect_state(self->ssl); |
| 778 | |
| 779 | ret = PyEval_CallObject(meth, args); |
| 780 | Py_DECREF(meth); |
| 781 | if (ret == NULL) |
| 782 | return NULL; |
| 783 | |
| 784 | return ret; |
| 785 | } |
| 786 | |
| 787 | static char ssl_Connection_connect_ex_doc[] = "\n\ |
| 788 | Connect to remote host and set up client-side SSL. Note that if the socket's\n\ |
| 789 | connect_ex method doesn't return 0, SSL won't be initialized.\n\ |
| 790 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 791 | @param addr: A remove address\n\ |
| 792 | @return: What the socket's connect_ex method returns\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 793 | "; |
| 794 | static PyObject * |
| 795 | ssl_Connection_connect_ex(ssl_ConnectionObj *self, PyObject *args) |
| 796 | { |
| 797 | PyObject *meth, *ret; |
| 798 | |
| 799 | if ((meth = PyObject_GetAttrString(self->socket, "connect_ex")) == NULL) |
| 800 | return NULL; |
| 801 | |
| 802 | SSL_set_connect_state(self->ssl); |
| 803 | |
| 804 | ret = PyEval_CallObject(meth, args); |
| 805 | Py_DECREF(meth); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 806 | return ret; |
| 807 | } |
| 808 | |
| 809 | static char ssl_Connection_accept_doc[] = "\n\ |
| 810 | Accept incoming connection and set up SSL on it\n\ |
| 811 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 812 | @return: A (conn,addr) pair where conn is a Connection and addr is an\n\ |
| 813 | address\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 814 | "; |
| 815 | static PyObject * |
| 816 | ssl_Connection_accept(ssl_ConnectionObj *self, PyObject *args) |
| 817 | { |
| 818 | PyObject *tuple, *socket, *address, *meth; |
| 819 | ssl_ConnectionObj *conn; |
| 820 | |
| 821 | if ((meth = PyObject_GetAttrString(self->socket, "accept")) == NULL) |
| 822 | return NULL; |
| 823 | tuple = PyEval_CallObject(meth, args); |
| 824 | Py_DECREF(meth); |
| 825 | if (tuple == NULL) |
| 826 | return NULL; |
| 827 | |
| 828 | socket = PyTuple_GetItem(tuple, 0); |
| 829 | Py_INCREF(socket); |
| 830 | address = PyTuple_GetItem(tuple, 1); |
| 831 | Py_INCREF(address); |
| 832 | Py_DECREF(tuple); |
| 833 | |
| 834 | conn = ssl_Connection_New(self->context, socket); |
| 835 | Py_DECREF(socket); |
| 836 | if (conn == NULL) |
| 837 | { |
| 838 | Py_DECREF(address); |
| 839 | return NULL; |
| 840 | } |
| 841 | |
| 842 | SSL_set_accept_state(conn->ssl); |
| 843 | |
| 844 | tuple = Py_BuildValue("(OO)", conn, address); |
| 845 | |
| 846 | Py_DECREF(conn); |
| 847 | Py_DECREF(address); |
| 848 | |
| 849 | return tuple; |
| 850 | } |
| 851 | |
Jean-Paul Calderone | 3ad85d4 | 2009-04-30 20:24:35 -0400 | [diff] [blame] | 852 | static char ssl_Connection_bio_shutdown_doc[] = "\n\ |
| 853 | When using non-socket connections this function signals end of\n\ |
| 854 | data on the input for this connection.\n\ |
| 855 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 856 | @return: None\n\ |
Jean-Paul Calderone | 3ad85d4 | 2009-04-30 20:24:35 -0400 | [diff] [blame] | 857 | "; |
| 858 | |
| 859 | static PyObject * |
| 860 | ssl_Connection_bio_shutdown(ssl_ConnectionObj *self, PyObject *args) |
| 861 | { |
Jean-Paul Calderone | 07acf3f | 2009-05-05 13:23:28 -0400 | [diff] [blame] | 862 | if (self->from_ssl == NULL) |
| 863 | { |
| 864 | PyErr_SetString(PyExc_TypeError, "Connection sock was not None"); |
| 865 | return NULL; |
| 866 | } |
| 867 | |
Jean-Paul Calderone | 3ad85d4 | 2009-04-30 20:24:35 -0400 | [diff] [blame] | 868 | BIO_set_mem_eof_return(self->into_ssl, 0); |
| 869 | Py_INCREF(Py_None); |
| 870 | return Py_None; |
| 871 | } |
| 872 | |
| 873 | |
| 874 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 875 | static char ssl_Connection_shutdown_doc[] = "\n\ |
| 876 | Send closure alert\n\ |
| 877 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 878 | @return: True if the shutdown completed successfully (i.e. both sides\n\ |
| 879 | have sent closure alerts), false otherwise (i.e. you have to\n\ |
| 880 | wait for a ZeroReturnError on a recv() method call\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 881 | "; |
| 882 | static PyObject * |
| 883 | ssl_Connection_shutdown(ssl_ConnectionObj *self, PyObject *args) |
| 884 | { |
| 885 | int ret; |
| 886 | |
| 887 | if (!PyArg_ParseTuple(args, ":shutdown")) |
| 888 | return NULL; |
| 889 | |
| 890 | MY_BEGIN_ALLOW_THREADS(self->tstate) |
| 891 | ret = SSL_shutdown(self->ssl); |
| 892 | MY_END_ALLOW_THREADS(self->tstate) |
| 893 | |
| 894 | if (PyErr_Occurred()) |
| 895 | { |
| 896 | flush_error_queue(); |
| 897 | return NULL; |
| 898 | } |
| 899 | |
| 900 | if (ret < 0) |
| 901 | { |
Rick Dean | d369c93 | 2009-07-08 11:48:33 -0500 | [diff] [blame] | 902 | exception_from_error_queue(ssl_Error); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 903 | return NULL; |
| 904 | } |
| 905 | else if (ret > 0) |
| 906 | { |
| 907 | Py_INCREF(Py_True); |
| 908 | return Py_True; |
| 909 | } |
| 910 | else |
| 911 | { |
| 912 | Py_INCREF(Py_False); |
| 913 | return Py_False; |
| 914 | } |
| 915 | } |
| 916 | |
| 917 | static char ssl_Connection_get_cipher_list_doc[] = "\n\ |
| 918 | Get the session cipher list\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 919 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 920 | @return: A list of cipher strings\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 921 | "; |
| 922 | static PyObject * |
| 923 | ssl_Connection_get_cipher_list(ssl_ConnectionObj *self, PyObject *args) |
| 924 | { |
| 925 | int idx = 0; |
| 926 | const char *ret; |
| 927 | PyObject *lst, *item; |
| 928 | |
| 929 | if (!PyArg_ParseTuple(args, ":get_cipher_list")) |
| 930 | return NULL; |
| 931 | |
| 932 | lst = PyList_New(0); |
| 933 | while ((ret = SSL_get_cipher_list(self->ssl, idx)) != NULL) |
| 934 | { |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 935 | item = PyText_FromString(ret); |
Ziga Seilnacht | fdeadb1 | 2009-09-01 16:35:50 +0200 | [diff] [blame] | 936 | PyList_Append(lst, item); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 937 | Py_DECREF(item); |
| 938 | idx++; |
| 939 | } |
| 940 | return lst; |
| 941 | } |
| 942 | |
Ziga Seilnacht | f93bf10 | 2009-10-23 09:51:07 +0200 | [diff] [blame] | 943 | static char ssl_Connection_get_client_ca_list_doc[] = "\n\ |
Ziga Seilnacht | 679c426 | 2009-09-01 01:32:29 +0200 | [diff] [blame] | 944 | Get CAs whose certificates are suggested for client authentication.\n\ |
| 945 | \n\ |
Jean-Paul Calderone | 3578890 | 2009-10-24 13:48:08 -0400 | [diff] [blame] | 946 | @return: If this is a server connection, a list of X509Names representing\n\ |
| 947 | the acceptable CAs as set by L{OpenSSL.SSL.Context.set_client_ca_list} or\n\ |
| 948 | L{OpenSSL.SSL.Context.add_client_ca}. If this is a client connection,\n\ |
| 949 | the list of such X509Names sent by the server, or an empty list if that\n\ |
| 950 | has not yet happened.\n\ |
Ziga Seilnacht | 679c426 | 2009-09-01 01:32:29 +0200 | [diff] [blame] | 951 | "; |
| 952 | |
| 953 | static PyObject * |
Jean-Paul Calderone | 6e2b685 | 2009-10-24 14:04:30 -0400 | [diff] [blame] | 954 | ssl_Connection_get_client_ca_list(ssl_ConnectionObj *self, PyObject *args) { |
Ziga Seilnacht | 679c426 | 2009-09-01 01:32:29 +0200 | [diff] [blame] | 955 | STACK_OF(X509_NAME) *CANames; |
| 956 | PyObject *CAList; |
| 957 | int i, n; |
| 958 | |
Ziga Seilnacht | f93bf10 | 2009-10-23 09:51:07 +0200 | [diff] [blame] | 959 | if (!PyArg_ParseTuple(args, ":get_client_ca_list")) { |
Ziga Seilnacht | 679c426 | 2009-09-01 01:32:29 +0200 | [diff] [blame] | 960 | return NULL; |
| 961 | } |
| 962 | CANames = SSL_get_client_CA_list(self->ssl); |
| 963 | if (CANames == NULL) { |
| 964 | return PyList_New(0); |
| 965 | } |
| 966 | n = sk_X509_NAME_num(CANames); |
| 967 | CAList = PyList_New(n); |
| 968 | if (CAList == NULL) { |
| 969 | return NULL; |
| 970 | } |
| 971 | for (i = 0; i < n; i++) { |
| 972 | X509_NAME *CAName; |
| 973 | PyObject *CA; |
| 974 | |
| 975 | CAName = X509_NAME_dup(sk_X509_NAME_value(CANames, i)); |
| 976 | if (CAName == NULL) { |
| 977 | Py_DECREF(CAList); |
| 978 | exception_from_error_queue(ssl_Error); |
| 979 | return NULL; |
| 980 | } |
Jean-Paul Calderone | 305626a | 2010-10-31 20:51:17 -0400 | [diff] [blame] | 981 | CA = (PyObject *)new_x509name(CAName, 1); |
Ziga Seilnacht | 679c426 | 2009-09-01 01:32:29 +0200 | [diff] [blame] | 982 | if (CA == NULL) { |
| 983 | X509_NAME_free(CAName); |
| 984 | Py_DECREF(CAList); |
| 985 | return NULL; |
| 986 | } |
| 987 | if (PyList_SetItem(CAList, i, CA)) { |
| 988 | Py_DECREF(CA); |
| 989 | Py_DECREF(CAList); |
| 990 | return NULL; |
| 991 | } |
| 992 | } |
| 993 | return CAList; |
| 994 | } |
| 995 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 996 | static char ssl_Connection_makefile_doc[] = "\n\ |
| 997 | The makefile() method is not implemented, since there is no dup semantics\n\ |
| 998 | for SSL connections\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 999 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1000 | @raise NotImplementedError\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1001 | "; |
| 1002 | static PyObject * |
| 1003 | ssl_Connection_makefile(ssl_ConnectionObj *self, PyObject *args) |
| 1004 | { |
| 1005 | PyErr_SetString(PyExc_NotImplementedError, "Cannot make file object of SSL.Connection"); |
| 1006 | return NULL; |
| 1007 | } |
| 1008 | |
| 1009 | static char ssl_Connection_get_app_data_doc[] = "\n\ |
| 1010 | Get application data\n\ |
| 1011 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1012 | @return: The application data\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1013 | "; |
| 1014 | static PyObject * |
| 1015 | ssl_Connection_get_app_data(ssl_ConnectionObj *self, PyObject *args) |
| 1016 | { |
| 1017 | if (!PyArg_ParseTuple(args, ":get_app_data")) |
| 1018 | return NULL; |
| 1019 | |
| 1020 | Py_INCREF(self->app_data); |
| 1021 | return self->app_data; |
| 1022 | } |
| 1023 | |
| 1024 | static char ssl_Connection_set_app_data_doc[] = "\n\ |
| 1025 | Set application data\n\ |
| 1026 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1027 | @param data - The application data\n\ |
| 1028 | @return: None\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1029 | "; |
| 1030 | static PyObject * |
| 1031 | ssl_Connection_set_app_data(ssl_ConnectionObj *self, PyObject *args) |
| 1032 | { |
| 1033 | PyObject *data; |
| 1034 | |
| 1035 | if (!PyArg_ParseTuple(args, "O:set_app_data", &data)) |
| 1036 | return NULL; |
| 1037 | |
| 1038 | Py_DECREF(self->app_data); |
| 1039 | Py_INCREF(data); |
| 1040 | self->app_data = data; |
| 1041 | |
| 1042 | Py_INCREF(Py_None); |
| 1043 | return Py_None; |
| 1044 | } |
| 1045 | |
Jean-Paul Calderone | 72b8f0f | 2008-02-21 23:57:40 -0500 | [diff] [blame] | 1046 | static char ssl_Connection_get_shutdown_doc[] = "\n\ |
| 1047 | Get shutdown state\n\ |
| 1048 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1049 | @return: The shutdown state, a bitvector of SENT_SHUTDOWN, RECEIVED_SHUTDOWN.\n\ |
Jean-Paul Calderone | 72b8f0f | 2008-02-21 23:57:40 -0500 | [diff] [blame] | 1050 | "; |
| 1051 | static PyObject * |
| 1052 | ssl_Connection_get_shutdown(ssl_ConnectionObj *self, PyObject *args) |
| 1053 | { |
| 1054 | if (!PyArg_ParseTuple(args, ":get_shutdown")) |
| 1055 | return NULL; |
| 1056 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 1057 | return PyLong_FromLong((long)SSL_get_shutdown(self->ssl)); |
Jean-Paul Calderone | 72b8f0f | 2008-02-21 23:57:40 -0500 | [diff] [blame] | 1058 | } |
| 1059 | |
| 1060 | static char ssl_Connection_set_shutdown_doc[] = "\n\ |
| 1061 | Set shutdown state\n\ |
| 1062 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1063 | @param state - bitvector of SENT_SHUTDOWN, RECEIVED_SHUTDOWN.\n\ |
| 1064 | @return: None\n\ |
Jean-Paul Calderone | 72b8f0f | 2008-02-21 23:57:40 -0500 | [diff] [blame] | 1065 | "; |
| 1066 | static PyObject * |
| 1067 | ssl_Connection_set_shutdown(ssl_ConnectionObj *self, PyObject *args) |
| 1068 | { |
| 1069 | int shutdown; |
| 1070 | |
| 1071 | if (!PyArg_ParseTuple(args, "i:set_shutdown", &shutdown)) |
| 1072 | return NULL; |
| 1073 | |
| 1074 | SSL_set_shutdown(self->ssl, shutdown); |
| 1075 | Py_INCREF(Py_None); |
| 1076 | return Py_None; |
| 1077 | } |
| 1078 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1079 | static char ssl_Connection_state_string_doc[] = "\n\ |
| 1080 | Get a verbose state description\n\ |
| 1081 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1082 | @return: A string representing the state\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1083 | "; |
| 1084 | static PyObject * |
| 1085 | ssl_Connection_state_string(ssl_ConnectionObj *self, PyObject *args) |
| 1086 | { |
| 1087 | if (!PyArg_ParseTuple(args, ":state_string")) |
| 1088 | return NULL; |
| 1089 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 1090 | return PyText_FromString(SSL_state_string_long(self->ssl)); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1091 | } |
| 1092 | |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1093 | static char ssl_Connection_client_random_doc[] = "\n\ |
| 1094 | Get a copy of the client hello nonce.\n\ |
| 1095 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1096 | @return: A string representing the state\n\ |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1097 | "; |
| 1098 | static PyObject * |
| 1099 | ssl_Connection_client_random(ssl_ConnectionObj *self, PyObject *args) |
| 1100 | { |
| 1101 | if (!PyArg_ParseTuple(args, ":client_random")) |
| 1102 | return NULL; |
| 1103 | |
Jean-Paul Calderone | 07acf3f | 2009-05-05 13:23:28 -0400 | [diff] [blame] | 1104 | if (self->ssl->session == NULL) { |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1105 | Py_INCREF(Py_None); |
| 1106 | return Py_None; |
| 1107 | } |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 1108 | return PyBytes_FromStringAndSize( (const char *) self->ssl->s3->client_random, SSL3_RANDOM_SIZE); |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1109 | } |
| 1110 | |
| 1111 | static char ssl_Connection_server_random_doc[] = "\n\ |
| 1112 | Get a copy of the server hello nonce.\n\ |
| 1113 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1114 | @return: A string representing the state\n\ |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1115 | "; |
| 1116 | static PyObject * |
| 1117 | ssl_Connection_server_random(ssl_ConnectionObj *self, PyObject *args) |
| 1118 | { |
| 1119 | if (!PyArg_ParseTuple(args, ":server_random")) |
| 1120 | return NULL; |
| 1121 | |
Jean-Paul Calderone | 07acf3f | 2009-05-05 13:23:28 -0400 | [diff] [blame] | 1122 | if (self->ssl->session == NULL) { |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1123 | Py_INCREF(Py_None); |
| 1124 | return Py_None; |
| 1125 | } |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 1126 | return PyBytes_FromStringAndSize( (const char *) self->ssl->s3->server_random, SSL3_RANDOM_SIZE); |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1127 | } |
| 1128 | |
| 1129 | static char ssl_Connection_master_key_doc[] = "\n\ |
| 1130 | Get a copy of the master key.\n\ |
| 1131 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1132 | @return: A string representing the state\n\ |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1133 | "; |
| 1134 | static PyObject * |
| 1135 | ssl_Connection_master_key(ssl_ConnectionObj *self, PyObject *args) |
| 1136 | { |
| 1137 | if (!PyArg_ParseTuple(args, ":master_key")) |
| 1138 | return NULL; |
| 1139 | |
Jean-Paul Calderone | 07acf3f | 2009-05-05 13:23:28 -0400 | [diff] [blame] | 1140 | if (self->ssl->session == NULL) { |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1141 | Py_INCREF(Py_None); |
| 1142 | return Py_None; |
| 1143 | } |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 1144 | return PyBytes_FromStringAndSize( (const char *) self->ssl->session->master_key, self->ssl->session->master_key_length); |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1145 | } |
| 1146 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1147 | static char ssl_Connection_sock_shutdown_doc[] = "\n\ |
| 1148 | See shutdown(2)\n\ |
| 1149 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1150 | @return: What the socket's shutdown() method returns\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1151 | "; |
| 1152 | static PyObject * |
| 1153 | ssl_Connection_sock_shutdown(ssl_ConnectionObj *self, PyObject *args) |
| 1154 | { |
| 1155 | PyObject *meth, *ret; |
| 1156 | |
| 1157 | if ((meth = PyObject_GetAttrString(self->socket, "shutdown")) == NULL) |
| 1158 | return NULL; |
| 1159 | ret = PyEval_CallObject(meth, args); |
| 1160 | Py_DECREF(meth); |
| 1161 | return ret; |
| 1162 | } |
| 1163 | |
| 1164 | static char ssl_Connection_get_peer_certificate_doc[] = "\n\ |
| 1165 | Retrieve the other side's certificate (if any)\n\ |
| 1166 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1167 | @return: The peer's certificate\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1168 | "; |
| 1169 | static PyObject * |
| 1170 | ssl_Connection_get_peer_certificate(ssl_ConnectionObj *self, PyObject *args) |
| 1171 | { |
| 1172 | X509 *cert; |
| 1173 | |
| 1174 | if (!PyArg_ParseTuple(args, ":get_peer_certificate")) |
| 1175 | return NULL; |
| 1176 | |
| 1177 | cert = SSL_get_peer_certificate(self->ssl); |
| 1178 | if (cert != NULL) |
| 1179 | { |
Jean-Paul Calderone | 5c0f1f6 | 2010-10-31 21:36:43 -0400 | [diff] [blame] | 1180 | return (PyObject *)new_x509(cert, 1); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1181 | } |
| 1182 | else |
| 1183 | { |
| 1184 | Py_INCREF(Py_None); |
| 1185 | return Py_None; |
| 1186 | } |
| 1187 | } |
| 1188 | |
Jean-Paul Calderone | 95b92c7 | 2011-05-17 15:45:21 -0400 | [diff] [blame] | 1189 | static char ssl_Connection_get_peer_cert_chain_doc[] = "\n\ |
| 1190 | Retrieve the other side's certificate (if any)\n\ |
| 1191 | \n\ |
Jean-Paul Calderone | 0a7e06a | 2011-05-19 18:49:35 -0400 | [diff] [blame] | 1192 | @return: A list of X509 instances giving the peer's certificate chain,\n\ |
| 1193 | or None if it does not have one.\n\ |
Jean-Paul Calderone | 95b92c7 | 2011-05-17 15:45:21 -0400 | [diff] [blame] | 1194 | "; |
| 1195 | static PyObject * |
Jean-Paul Calderone | fcced2a | 2011-05-19 18:02:11 -0400 | [diff] [blame] | 1196 | ssl_Connection_get_peer_cert_chain(ssl_ConnectionObj *self, PyObject *args) { |
Jean-Paul Calderone | 95b92c7 | 2011-05-17 15:45:21 -0400 | [diff] [blame] | 1197 | STACK_OF(X509) *sk; |
Jean-Paul Calderone | 0a7e06a | 2011-05-19 18:49:35 -0400 | [diff] [blame] | 1198 | PyObject *chain; |
| 1199 | crypto_X509Obj *cert; |
Jean-Paul Calderone | 95b92c7 | 2011-05-17 15:45:21 -0400 | [diff] [blame] | 1200 | Py_ssize_t i; |
| 1201 | |
Jean-Paul Calderone | fcced2a | 2011-05-19 18:02:11 -0400 | [diff] [blame] | 1202 | if (!PyArg_ParseTuple(args, ":get_peer_cert_chain")) { |
Jean-Paul Calderone | 95b92c7 | 2011-05-17 15:45:21 -0400 | [diff] [blame] | 1203 | return NULL; |
Jean-Paul Calderone | fcced2a | 2011-05-19 18:02:11 -0400 | [diff] [blame] | 1204 | } |
Jean-Paul Calderone | 95b92c7 | 2011-05-17 15:45:21 -0400 | [diff] [blame] | 1205 | |
| 1206 | sk = SSL_get_peer_cert_chain(self->ssl); |
Jean-Paul Calderone | fcced2a | 2011-05-19 18:02:11 -0400 | [diff] [blame] | 1207 | if (sk != NULL) { |
Jean-Paul Calderone | 0a7e06a | 2011-05-19 18:49:35 -0400 | [diff] [blame] | 1208 | chain = PyList_New(sk_X509_num(sk)); |
Jean-Paul Calderone | fcced2a | 2011-05-19 18:02:11 -0400 | [diff] [blame] | 1209 | for (i = 0; i < sk_X509_num(sk); i++) { |
Jean-Paul Calderone | 13d190b | 2011-05-20 19:14:50 -0400 | [diff] [blame] | 1210 | cert = new_x509(sk_X509_value(sk, i), 1); |
Jean-Paul Calderone | 0a7e06a | 2011-05-19 18:49:35 -0400 | [diff] [blame] | 1211 | if (!cert) { |
| 1212 | /* XXX Untested */ |
| 1213 | Py_DECREF(chain); |
| 1214 | return NULL; |
| 1215 | } |
| 1216 | CRYPTO_add(&cert->x509->references, 1, CRYPTO_LOCK_X509); |
| 1217 | PyList_SET_ITEM(chain, i, (PyObject *)cert); |
Jean-Paul Calderone | 95b92c7 | 2011-05-17 15:45:21 -0400 | [diff] [blame] | 1218 | } |
Jean-Paul Calderone | 0a7e06a | 2011-05-19 18:49:35 -0400 | [diff] [blame] | 1219 | return chain; |
Jean-Paul Calderone | fcced2a | 2011-05-19 18:02:11 -0400 | [diff] [blame] | 1220 | } else { |
Jean-Paul Calderone | 95b92c7 | 2011-05-17 15:45:21 -0400 | [diff] [blame] | 1221 | Py_INCREF(Py_None); |
| 1222 | return Py_None; |
| 1223 | } |
| 1224 | |
| 1225 | } |
| 1226 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1227 | static char ssl_Connection_want_read_doc[] = "\n\ |
| 1228 | Checks if more data has to be read from the transport layer to complete an\n\ |
| 1229 | operation.\n\ |
| 1230 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1231 | @return: True iff more data has to be read\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1232 | "; |
| 1233 | static PyObject * |
| 1234 | ssl_Connection_want_read(ssl_ConnectionObj *self, PyObject *args) |
| 1235 | { |
| 1236 | if (!PyArg_ParseTuple(args, ":want_read")) |
| 1237 | return NULL; |
| 1238 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 1239 | return PyLong_FromLong((long)SSL_want_read(self->ssl)); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1240 | } |
| 1241 | |
| 1242 | static char ssl_Connection_want_write_doc[] = "\n\ |
| 1243 | Checks if there is data to write to the transport layer to complete an\n\ |
| 1244 | operation.\n\ |
| 1245 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 1246 | @return: True iff there is data to write\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1247 | "; |
| 1248 | static PyObject * |
| 1249 | ssl_Connection_want_write(ssl_ConnectionObj *self, PyObject *args) |
| 1250 | { |
| 1251 | if (!PyArg_ParseTuple(args, ":want_write")) |
| 1252 | return NULL; |
| 1253 | |
Jean-Paul Calderone | 83dbcfd | 2010-08-11 20:20:57 -0400 | [diff] [blame] | 1254 | return PyLong_FromLong((long)SSL_want_write(self->ssl)); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1255 | } |
| 1256 | |
| 1257 | /* |
| 1258 | * Member methods in the Connection object |
| 1259 | * ADD_METHOD(name) expands to a correct PyMethodDef declaration |
| 1260 | * { 'name', (PyCFunction)ssl_Connection_name, METH_VARARGS } |
| 1261 | * for convenience |
| 1262 | * ADD_ALIAS(name,real) creates an "alias" of the ssl_Connection_real |
| 1263 | * function with the name 'name' |
| 1264 | */ |
| 1265 | #define ADD_METHOD(name) \ |
| 1266 | { #name, (PyCFunction)ssl_Connection_##name, METH_VARARGS, ssl_Connection_##name##_doc } |
| 1267 | #define ADD_ALIAS(name,real) \ |
| 1268 | { #name, (PyCFunction)ssl_Connection_##real, METH_VARARGS, ssl_Connection_##real##_doc } |
| 1269 | static PyMethodDef ssl_Connection_methods[] = |
| 1270 | { |
| 1271 | ADD_METHOD(get_context), |
Jean-Paul Calderone | 95613b7 | 2011-05-25 22:30:21 -0400 | [diff] [blame] | 1272 | ADD_METHOD(set_context), |
Jean-Paul Calderone | c4cb658 | 2011-05-26 18:47:00 -0400 | [diff] [blame] | 1273 | ADD_METHOD(get_servername), |
| 1274 | ADD_METHOD(set_tlsext_host_name), |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1275 | ADD_METHOD(pending), |
| 1276 | ADD_METHOD(send), |
| 1277 | ADD_ALIAS (write, send), |
| 1278 | ADD_METHOD(sendall), |
| 1279 | ADD_METHOD(recv), |
| 1280 | ADD_ALIAS (read, recv), |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1281 | ADD_METHOD(bio_read), |
| 1282 | ADD_METHOD(bio_write), |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1283 | ADD_METHOD(renegotiate), |
| 1284 | ADD_METHOD(do_handshake), |
| 1285 | #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x00907000L |
| 1286 | ADD_METHOD(renegotiate_pending), |
| 1287 | #endif |
| 1288 | ADD_METHOD(total_renegotiations), |
| 1289 | ADD_METHOD(connect), |
| 1290 | ADD_METHOD(connect_ex), |
| 1291 | ADD_METHOD(accept), |
Jean-Paul Calderone | 3ad85d4 | 2009-04-30 20:24:35 -0400 | [diff] [blame] | 1292 | ADD_METHOD(bio_shutdown), |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1293 | ADD_METHOD(shutdown), |
| 1294 | ADD_METHOD(get_cipher_list), |
Ziga Seilnacht | f93bf10 | 2009-10-23 09:51:07 +0200 | [diff] [blame] | 1295 | ADD_METHOD(get_client_ca_list), |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1296 | ADD_METHOD(makefile), |
| 1297 | ADD_METHOD(get_app_data), |
| 1298 | ADD_METHOD(set_app_data), |
Jean-Paul Calderone | 72b8f0f | 2008-02-21 23:57:40 -0500 | [diff] [blame] | 1299 | ADD_METHOD(get_shutdown), |
| 1300 | ADD_METHOD(set_shutdown), |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1301 | ADD_METHOD(state_string), |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1302 | ADD_METHOD(server_random), |
| 1303 | ADD_METHOD(client_random), |
| 1304 | ADD_METHOD(master_key), |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1305 | ADD_METHOD(sock_shutdown), |
| 1306 | ADD_METHOD(get_peer_certificate), |
Jean-Paul Calderone | 95b92c7 | 2011-05-17 15:45:21 -0400 | [diff] [blame] | 1307 | ADD_METHOD(get_peer_cert_chain), |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1308 | ADD_METHOD(want_read), |
| 1309 | ADD_METHOD(want_write), |
| 1310 | ADD_METHOD(set_accept_state), |
| 1311 | ADD_METHOD(set_connect_state), |
| 1312 | { NULL, NULL } |
| 1313 | }; |
| 1314 | #undef ADD_ALIAS |
| 1315 | #undef ADD_METHOD |
| 1316 | |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1317 | static char ssl_Connection_doc[] = "\n\ |
| 1318 | Connection(context, socket) -> Connection instance\n\ |
| 1319 | \n\ |
| 1320 | Create a new Connection object, using the given OpenSSL.SSL.Context instance\n\ |
| 1321 | and socket.\n\ |
| 1322 | \n\ |
| 1323 | @param context: An SSL Context to use for this connection\n\ |
| 1324 | @param socket: The socket to use for transport layer\n\ |
| 1325 | "; |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1326 | |
| 1327 | /* |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1328 | * Initializer used by ssl_Connection_new and ssl_Connection_New. *Not* |
| 1329 | * tp_init. This takes an already allocated ssl_ConnectionObj, a context, and |
| 1330 | * a optionally a socket, and glues them all together. |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1331 | */ |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1332 | static ssl_ConnectionObj* |
| 1333 | ssl_Connection_init(ssl_ConnectionObj *self, ssl_ContextObj *ctx, PyObject *sock) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1334 | int fd; |
| 1335 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1336 | Py_INCREF(ctx); |
| 1337 | self->context = ctx; |
| 1338 | |
| 1339 | Py_INCREF(sock); |
| 1340 | self->socket = sock; |
| 1341 | |
| 1342 | self->ssl = NULL; |
Jean-Paul Calderone | fc4ed0f | 2009-04-27 11:51:27 -0400 | [diff] [blame] | 1343 | self->from_ssl = NULL; |
| 1344 | self->into_ssl = NULL; |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1345 | |
| 1346 | Py_INCREF(Py_None); |
| 1347 | self->app_data = Py_None; |
| 1348 | |
| 1349 | self->tstate = NULL; |
| 1350 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1351 | self->ssl = SSL_new(self->context->ctx); |
| 1352 | SSL_set_app_data(self->ssl, self); |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1353 | |
Jean-Paul Calderone | 07acf3f | 2009-05-05 13:23:28 -0400 | [diff] [blame] | 1354 | if (self->socket == Py_None) |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1355 | { |
| 1356 | /* If it's not a socket or file, treat it like a memory buffer, |
| 1357 | * so crazy people can do things like EAP-TLS. */ |
| 1358 | self->into_ssl = BIO_new(BIO_s_mem()); |
| 1359 | self->from_ssl = BIO_new(BIO_s_mem()); |
Jean-Paul Calderone | 07acf3f | 2009-05-05 13:23:28 -0400 | [diff] [blame] | 1360 | if (self->into_ssl == NULL || self->from_ssl == NULL) |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1361 | goto error; |
| 1362 | SSL_set_bio(self->ssl, self->into_ssl, self->from_ssl); |
| 1363 | } |
| 1364 | else |
| 1365 | { |
| 1366 | fd = PyObject_AsFileDescriptor(self->socket); |
| 1367 | if (fd < 0) |
| 1368 | { |
| 1369 | Py_DECREF(self); |
| 1370 | return NULL; |
| 1371 | } |
| 1372 | else |
| 1373 | { |
| 1374 | SSL_set_fd(self->ssl, (SOCKET_T)fd); |
| 1375 | } |
| 1376 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1377 | return self; |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1378 | |
| 1379 | error: |
| 1380 | BIO_free(self->into_ssl); /* NULL safe */ |
| 1381 | BIO_free(self->from_ssl); /* NULL safe */ |
| 1382 | Py_DECREF(self); |
| 1383 | return NULL; |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1384 | } |
| 1385 | |
| 1386 | /* |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1387 | * Constructor for Connection objects |
| 1388 | * |
| 1389 | * Arguments: ctx - An SSL Context to use for this connection |
| 1390 | * sock - The socket to use for transport layer |
| 1391 | * Returns: The newly created Connection object |
| 1392 | */ |
| 1393 | ssl_ConnectionObj * |
| 1394 | ssl_Connection_New(ssl_ContextObj *ctx, PyObject *sock) { |
| 1395 | ssl_ConnectionObj *self; |
| 1396 | |
| 1397 | self = PyObject_GC_New(ssl_ConnectionObj, &ssl_Connection_Type); |
| 1398 | if (self == NULL) { |
| 1399 | return NULL; |
| 1400 | } |
| 1401 | self = ssl_Connection_init(self, ctx, sock); |
| 1402 | if (self == NULL) { |
| 1403 | return NULL; |
| 1404 | } |
| 1405 | PyObject_GC_Track((PyObject *)self); |
| 1406 | return self; |
| 1407 | } |
| 1408 | |
| 1409 | static PyObject* |
| 1410 | ssl_Connection_new(PyTypeObject *subtype, PyObject *args, PyObject *kwargs) { |
| 1411 | ssl_ConnectionObj *self; |
| 1412 | ssl_ContextObj *ctx; |
| 1413 | PyObject *sock; |
| 1414 | static char *kwlist[] = {"context", "socket", NULL}; |
| 1415 | |
| 1416 | if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O!O:Connection", kwlist, |
| 1417 | &ssl_Context_Type, &ctx, &sock)) { |
| 1418 | return NULL; |
| 1419 | } |
| 1420 | |
| 1421 | self = (ssl_ConnectionObj *)subtype->tp_alloc(subtype, 1); |
| 1422 | if (self == NULL) { |
| 1423 | return NULL; |
| 1424 | } |
| 1425 | |
| 1426 | return (PyObject *)ssl_Connection_init(self, ctx, sock); |
| 1427 | } |
| 1428 | |
| 1429 | /* |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1430 | * Find attribute |
| 1431 | * |
| 1432 | * Arguments: self - The Connection object |
| 1433 | * name - The attribute name |
| 1434 | * Returns: A Python object for the attribute, or NULL if something went |
| 1435 | * wrong |
| 1436 | */ |
| 1437 | static PyObject * |
Jean-Paul Calderone | 997be7e | 2010-08-11 22:40:07 -0400 | [diff] [blame] | 1438 | ssl_Connection_getattro(ssl_ConnectionObj *self, PyObject *nameobj) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1439 | PyObject *meth; |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1440 | |
Jean-Paul Calderone | 997be7e | 2010-08-11 22:40:07 -0400 | [diff] [blame] | 1441 | meth = PyObject_GenericGetAttr((PyObject*)self, nameobj); |
| 1442 | if (PyErr_Occurred() && PyErr_ExceptionMatches(PyExc_AttributeError)) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1443 | PyErr_Clear(); |
| 1444 | /* Try looking it up in the "socket" instead. */ |
Jean-Paul Calderone | 997be7e | 2010-08-11 22:40:07 -0400 | [diff] [blame] | 1445 | meth = PyObject_GenericGetAttr(self->socket, nameobj); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1446 | } |
| 1447 | |
| 1448 | return meth; |
| 1449 | } |
| 1450 | |
| 1451 | /* |
| 1452 | * Call the visitproc on all contained objects. |
| 1453 | * |
| 1454 | * Arguments: self - The Connection object |
| 1455 | * visit - Function to call |
| 1456 | * arg - Extra argument to visit |
| 1457 | * Returns: 0 if all goes well, otherwise the return code from the first |
| 1458 | * call that gave non-zero result. |
| 1459 | */ |
| 1460 | static int |
| 1461 | ssl_Connection_traverse(ssl_ConnectionObj *self, visitproc visit, void *arg) |
| 1462 | { |
| 1463 | int ret = 0; |
| 1464 | |
| 1465 | if (ret == 0 && self->context != NULL) |
| 1466 | ret = visit((PyObject *)self->context, arg); |
| 1467 | if (ret == 0 && self->socket != NULL) |
| 1468 | ret = visit(self->socket, arg); |
| 1469 | if (ret == 0 && self->app_data != NULL) |
| 1470 | ret = visit(self->app_data, arg); |
| 1471 | return ret; |
| 1472 | } |
| 1473 | |
| 1474 | /* |
| 1475 | * Decref all contained objects and zero the pointers. |
| 1476 | * |
| 1477 | * Arguments: self - The Connection object |
| 1478 | * Returns: Always 0. |
| 1479 | */ |
| 1480 | static int |
| 1481 | ssl_Connection_clear(ssl_ConnectionObj *self) |
| 1482 | { |
| 1483 | Py_XDECREF(self->context); |
| 1484 | self->context = NULL; |
| 1485 | Py_XDECREF(self->socket); |
| 1486 | self->socket = NULL; |
| 1487 | Py_XDECREF(self->app_data); |
| 1488 | self->app_data = NULL; |
Rick Dean | b71c0d2 | 2009-04-01 14:09:23 -0500 | [diff] [blame] | 1489 | self->into_ssl = NULL; /* was cleaned up by SSL_free() */ |
| 1490 | self->from_ssl = NULL; /* was cleaned up by SSL_free() */ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1491 | return 0; |
| 1492 | } |
| 1493 | |
| 1494 | /* |
| 1495 | * Deallocate the memory used by the Connection object |
| 1496 | * |
| 1497 | * Arguments: self - The Connection object |
| 1498 | * Returns: None |
| 1499 | */ |
| 1500 | static void |
| 1501 | ssl_Connection_dealloc(ssl_ConnectionObj *self) |
| 1502 | { |
| 1503 | PyObject_GC_UnTrack(self); |
| 1504 | if (self->ssl != NULL) |
| 1505 | SSL_free(self->ssl); |
| 1506 | ssl_Connection_clear(self); |
| 1507 | PyObject_GC_Del(self); |
| 1508 | } |
| 1509 | |
| 1510 | PyTypeObject ssl_Connection_Type = { |
Jean-Paul Calderone | b6d7525 | 2010-08-11 23:55:45 -0400 | [diff] [blame] | 1511 | PyOpenSSL_HEAD_INIT(&PyType_Type, 0) |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1512 | "OpenSSL.SSL.Connection", |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1513 | sizeof(ssl_ConnectionObj), |
| 1514 | 0, |
| 1515 | (destructor)ssl_Connection_dealloc, |
| 1516 | NULL, /* print */ |
Jean-Paul Calderone | 997be7e | 2010-08-11 22:40:07 -0400 | [diff] [blame] | 1517 | NULL, /* tp_getattr */ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1518 | NULL, /* setattr */ |
| 1519 | NULL, /* compare */ |
| 1520 | NULL, /* repr */ |
| 1521 | NULL, /* as_number */ |
| 1522 | NULL, /* as_sequence */ |
| 1523 | NULL, /* as_mapping */ |
| 1524 | NULL, /* hash */ |
| 1525 | NULL, /* call */ |
| 1526 | NULL, /* str */ |
Jean-Paul Calderone | 997be7e | 2010-08-11 22:40:07 -0400 | [diff] [blame] | 1527 | (getattrofunc)ssl_Connection_getattro, /* getattro */ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1528 | NULL, /* setattro */ |
| 1529 | NULL, /* as_buffer */ |
| 1530 | Py_TPFLAGS_DEFAULT | Py_TPFLAGS_HAVE_GC, |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1531 | ssl_Connection_doc, /* doc */ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1532 | (traverseproc)ssl_Connection_traverse, |
| 1533 | (inquiry)ssl_Connection_clear, |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1534 | NULL, /* tp_richcompare */ |
| 1535 | 0, /* tp_weaklistoffset */ |
| 1536 | NULL, /* tp_iter */ |
| 1537 | NULL, /* tp_iternext */ |
| 1538 | ssl_Connection_methods, /* tp_methods */ |
| 1539 | NULL, /* tp_members */ |
| 1540 | NULL, /* tp_getset */ |
| 1541 | NULL, /* tp_base */ |
| 1542 | NULL, /* tp_dict */ |
| 1543 | NULL, /* tp_descr_get */ |
| 1544 | NULL, /* tp_descr_set */ |
| 1545 | 0, /* tp_dictoffset */ |
| 1546 | NULL, /* tp_init */ |
| 1547 | NULL, /* tp_alloc */ |
| 1548 | ssl_Connection_new, /* tp_new */ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1549 | }; |
| 1550 | |
| 1551 | |
| 1552 | /* |
| 1553 | * Initiailze the Connection part of the SSL sub module |
| 1554 | * |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1555 | * Arguments: dict - The OpenSSL.SSL module |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1556 | * Returns: 1 for success, 0 otherwise |
| 1557 | */ |
| 1558 | int |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1559 | init_ssl_connection(PyObject *module) { |
| 1560 | |
| 1561 | if (PyType_Ready(&ssl_Connection_Type) < 0) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1562 | return 0; |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1563 | } |
| 1564 | |
Jean-Paul Calderone | 86ad711 | 2010-05-11 16:08:45 -0400 | [diff] [blame] | 1565 | /* PyModule_AddObject steals a reference. |
| 1566 | */ |
| 1567 | Py_INCREF((PyObject *)&ssl_Connection_Type); |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1568 | if (PyModule_AddObject(module, "Connection", (PyObject *)&ssl_Connection_Type) != 0) { |
| 1569 | return 0; |
| 1570 | } |
| 1571 | |
Jean-Paul Calderone | aed2358 | 2011-03-12 22:45:02 -0500 | [diff] [blame] | 1572 | /* PyModule_AddObject steals a reference. |
| 1573 | */ |
| 1574 | Py_INCREF((PyObject *)&ssl_Connection_Type); |
Jean-Paul Calderone | 1bd11fa | 2009-05-27 17:09:15 -0400 | [diff] [blame] | 1575 | if (PyModule_AddObject(module, "ConnectionType", (PyObject *)&ssl_Connection_Type) != 0) { |
| 1576 | return 0; |
| 1577 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1578 | |
| 1579 | return 1; |
| 1580 | } |
| 1581 | |