2015-01-13 19:19:09 -04:00
|
|
|
import collections
|
2015-01-29 12:50:58 -04:00
|
|
|
import warnings
|
2015-01-13 19:19:09 -04:00
|
|
|
try:
|
|
|
|
import ssl
|
|
|
|
except ImportError: # pragma: no cover
|
|
|
|
ssl = None
|
|
|
|
|
2016-06-28 11:55:36 -03:00
|
|
|
from . import base_events
|
2017-12-19 15:45:42 -04:00
|
|
|
from . import constants
|
2015-01-13 19:19:09 -04:00
|
|
|
from . import protocols
|
|
|
|
from . import transports
|
|
|
|
from .log import logger
|
|
|
|
|
|
|
|
|
|
|
|
def _create_transport_context(server_side, server_hostname):
|
|
|
|
if server_side:
|
|
|
|
raise ValueError('Server side SSL needs a valid SSLContext')
|
|
|
|
|
|
|
|
# Client side may pass ssl=True to use a default
|
|
|
|
# context; in that case the sslcontext passed is None.
|
|
|
|
# The default is secure for client connections.
|
2017-11-18 12:54:05 -04:00
|
|
|
# Python 3.4+: use up-to-date strong settings.
|
|
|
|
sslcontext = ssl.create_default_context()
|
|
|
|
if not server_hostname:
|
|
|
|
sslcontext.check_hostname = False
|
2015-01-13 19:19:09 -04:00
|
|
|
return sslcontext
|
|
|
|
|
|
|
|
|
|
|
|
# States of an _SSLPipe.
|
|
|
|
_UNWRAPPED = "UNWRAPPED"
|
|
|
|
_DO_HANDSHAKE = "DO_HANDSHAKE"
|
|
|
|
_WRAPPED = "WRAPPED"
|
|
|
|
_SHUTDOWN = "SHUTDOWN"
|
|
|
|
|
|
|
|
|
|
|
|
class _SSLPipe(object):
|
|
|
|
"""An SSL "Pipe".
|
|
|
|
|
|
|
|
An SSL pipe allows you to communicate with an SSL/TLS protocol instance
|
|
|
|
through memory buffers. It can be used to implement a security layer for an
|
|
|
|
existing connection where you don't have access to the connection's file
|
|
|
|
descriptor, or for some reason you don't want to use it.
|
|
|
|
|
|
|
|
An SSL pipe can be in "wrapped" and "unwrapped" mode. In unwrapped mode,
|
|
|
|
data is passed through untransformed. In wrapped mode, application level
|
|
|
|
data is encrypted to SSL record level data and vice versa. The SSL record
|
|
|
|
level is the lowest level in the SSL protocol suite and is what travels
|
|
|
|
as-is over the wire.
|
|
|
|
|
|
|
|
An SslPipe initially is in "unwrapped" mode. To start SSL, call
|
|
|
|
do_handshake(). To shutdown SSL again, call unwrap().
|
|
|
|
"""
|
|
|
|
|
|
|
|
max_size = 256 * 1024 # Buffer size passed to read()
|
|
|
|
|
|
|
|
def __init__(self, context, server_side, server_hostname=None):
|
|
|
|
"""
|
|
|
|
The *context* argument specifies the ssl.SSLContext to use.
|
|
|
|
|
|
|
|
The *server_side* argument indicates whether this is a server side or
|
|
|
|
client side transport.
|
|
|
|
|
|
|
|
The optional *server_hostname* argument can be used to specify the
|
|
|
|
hostname you are connecting to. You may only specify this parameter if
|
|
|
|
the _ssl module supports Server Name Indication (SNI).
|
|
|
|
"""
|
|
|
|
self._context = context
|
|
|
|
self._server_side = server_side
|
|
|
|
self._server_hostname = server_hostname
|
|
|
|
self._state = _UNWRAPPED
|
|
|
|
self._incoming = ssl.MemoryBIO()
|
|
|
|
self._outgoing = ssl.MemoryBIO()
|
|
|
|
self._sslobj = None
|
|
|
|
self._need_ssldata = False
|
|
|
|
self._handshake_cb = None
|
|
|
|
self._shutdown_cb = None
|
|
|
|
|
|
|
|
@property
|
|
|
|
def context(self):
|
|
|
|
"""The SSL context passed to the constructor."""
|
|
|
|
return self._context
|
|
|
|
|
|
|
|
@property
|
|
|
|
def ssl_object(self):
|
|
|
|
"""The internal ssl.SSLObject instance.
|
|
|
|
|
|
|
|
Return None if the pipe is not wrapped.
|
|
|
|
"""
|
|
|
|
return self._sslobj
|
|
|
|
|
|
|
|
@property
|
|
|
|
def need_ssldata(self):
|
|
|
|
"""Whether more record level data is needed to complete a handshake
|
|
|
|
that is currently in progress."""
|
|
|
|
return self._need_ssldata
|
|
|
|
|
|
|
|
@property
|
|
|
|
def wrapped(self):
|
|
|
|
"""
|
|
|
|
Whether a security layer is currently in effect.
|
|
|
|
|
|
|
|
Return False during handshake.
|
|
|
|
"""
|
|
|
|
return self._state == _WRAPPED
|
|
|
|
|
|
|
|
def do_handshake(self, callback=None):
|
|
|
|
"""Start the SSL handshake.
|
|
|
|
|
|
|
|
Return a list of ssldata. A ssldata element is a list of buffers
|
|
|
|
|
|
|
|
The optional *callback* argument can be used to install a callback that
|
|
|
|
will be called when the handshake is complete. The callback will be
|
|
|
|
called with None if successful, else an exception instance.
|
|
|
|
"""
|
|
|
|
if self._state != _UNWRAPPED:
|
|
|
|
raise RuntimeError('handshake in progress or completed')
|
|
|
|
self._sslobj = self._context.wrap_bio(
|
|
|
|
self._incoming, self._outgoing,
|
|
|
|
server_side=self._server_side,
|
|
|
|
server_hostname=self._server_hostname)
|
|
|
|
self._state = _DO_HANDSHAKE
|
|
|
|
self._handshake_cb = callback
|
|
|
|
ssldata, appdata = self.feed_ssldata(b'', only_handshake=True)
|
|
|
|
assert len(appdata) == 0
|
|
|
|
return ssldata
|
|
|
|
|
|
|
|
def shutdown(self, callback=None):
|
|
|
|
"""Start the SSL shutdown sequence.
|
|
|
|
|
|
|
|
Return a list of ssldata. A ssldata element is a list of buffers
|
|
|
|
|
|
|
|
The optional *callback* argument can be used to install a callback that
|
|
|
|
will be called when the shutdown is complete. The callback will be
|
|
|
|
called without arguments.
|
|
|
|
"""
|
|
|
|
if self._state == _UNWRAPPED:
|
|
|
|
raise RuntimeError('no security layer present')
|
|
|
|
if self._state == _SHUTDOWN:
|
|
|
|
raise RuntimeError('shutdown in progress')
|
|
|
|
assert self._state in (_WRAPPED, _DO_HANDSHAKE)
|
|
|
|
self._state = _SHUTDOWN
|
|
|
|
self._shutdown_cb = callback
|
|
|
|
ssldata, appdata = self.feed_ssldata(b'')
|
|
|
|
assert appdata == [] or appdata == [b'']
|
|
|
|
return ssldata
|
|
|
|
|
|
|
|
def feed_eof(self):
|
|
|
|
"""Send a potentially "ragged" EOF.
|
|
|
|
|
|
|
|
This method will raise an SSL_ERROR_EOF exception if the EOF is
|
|
|
|
unexpected.
|
|
|
|
"""
|
|
|
|
self._incoming.write_eof()
|
|
|
|
ssldata, appdata = self.feed_ssldata(b'')
|
|
|
|
assert appdata == [] or appdata == [b'']
|
|
|
|
|
|
|
|
def feed_ssldata(self, data, only_handshake=False):
|
|
|
|
"""Feed SSL record level data into the pipe.
|
|
|
|
|
|
|
|
The data must be a bytes instance. It is OK to send an empty bytes
|
|
|
|
instance. This can be used to get ssldata for a handshake initiated by
|
|
|
|
this endpoint.
|
|
|
|
|
|
|
|
Return a (ssldata, appdata) tuple. The ssldata element is a list of
|
|
|
|
buffers containing SSL data that needs to be sent to the remote SSL.
|
|
|
|
|
|
|
|
The appdata element is a list of buffers containing plaintext data that
|
|
|
|
needs to be forwarded to the application. The appdata list may contain
|
|
|
|
an empty buffer indicating an SSL "close_notify" alert. This alert must
|
|
|
|
be acknowledged by calling shutdown().
|
|
|
|
"""
|
|
|
|
if self._state == _UNWRAPPED:
|
|
|
|
# If unwrapped, pass plaintext data straight through.
|
|
|
|
if data:
|
|
|
|
appdata = [data]
|
|
|
|
else:
|
|
|
|
appdata = []
|
|
|
|
return ([], appdata)
|
|
|
|
|
|
|
|
self._need_ssldata = False
|
|
|
|
if data:
|
|
|
|
self._incoming.write(data)
|
|
|
|
|
|
|
|
ssldata = []
|
|
|
|
appdata = []
|
|
|
|
try:
|
|
|
|
if self._state == _DO_HANDSHAKE:
|
|
|
|
# Call do_handshake() until it doesn't raise anymore.
|
|
|
|
self._sslobj.do_handshake()
|
|
|
|
self._state = _WRAPPED
|
|
|
|
if self._handshake_cb:
|
|
|
|
self._handshake_cb(None)
|
|
|
|
if only_handshake:
|
|
|
|
return (ssldata, appdata)
|
|
|
|
# Handshake done: execute the wrapped block
|
|
|
|
|
|
|
|
if self._state == _WRAPPED:
|
|
|
|
# Main state: read data from SSL until close_notify
|
|
|
|
while True:
|
|
|
|
chunk = self._sslobj.read(self.max_size)
|
|
|
|
appdata.append(chunk)
|
|
|
|
if not chunk: # close_notify
|
|
|
|
break
|
|
|
|
|
|
|
|
elif self._state == _SHUTDOWN:
|
|
|
|
# Call shutdown() until it doesn't raise anymore.
|
|
|
|
self._sslobj.unwrap()
|
|
|
|
self._sslobj = None
|
|
|
|
self._state = _UNWRAPPED
|
|
|
|
if self._shutdown_cb:
|
|
|
|
self._shutdown_cb()
|
|
|
|
|
|
|
|
elif self._state == _UNWRAPPED:
|
|
|
|
# Drain possible plaintext data after close_notify.
|
|
|
|
appdata.append(self._incoming.read())
|
|
|
|
except (ssl.SSLError, ssl.CertificateError) as exc:
|
2018-06-04 12:32:35 -03:00
|
|
|
exc_errno = getattr(exc, 'errno', None)
|
|
|
|
if exc_errno not in (
|
2015-01-13 19:19:09 -04:00
|
|
|
ssl.SSL_ERROR_WANT_READ, ssl.SSL_ERROR_WANT_WRITE,
|
|
|
|
ssl.SSL_ERROR_SYSCALL):
|
|
|
|
if self._state == _DO_HANDSHAKE and self._handshake_cb:
|
|
|
|
self._handshake_cb(exc)
|
|
|
|
raise
|
2018-06-04 12:32:35 -03:00
|
|
|
self._need_ssldata = (exc_errno == ssl.SSL_ERROR_WANT_READ)
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
# Check for record level data that needs to be sent back.
|
|
|
|
# Happens for the initial handshake and renegotiations.
|
|
|
|
if self._outgoing.pending:
|
|
|
|
ssldata.append(self._outgoing.read())
|
|
|
|
return (ssldata, appdata)
|
|
|
|
|
|
|
|
def feed_appdata(self, data, offset=0):
|
|
|
|
"""Feed plaintext data into the pipe.
|
|
|
|
|
|
|
|
Return an (ssldata, offset) tuple. The ssldata element is a list of
|
|
|
|
buffers containing record level data that needs to be sent to the
|
|
|
|
remote SSL instance. The offset is the number of plaintext bytes that
|
|
|
|
were processed, which may be less than the length of data.
|
|
|
|
|
|
|
|
NOTE: In case of short writes, this call MUST be retried with the SAME
|
|
|
|
buffer passed into the *data* argument (i.e. the id() must be the
|
|
|
|
same). This is an OpenSSL requirement. A further particularity is that
|
|
|
|
a short write will always have offset == 0, because the _ssl module
|
|
|
|
does not enable partial writes. And even though the offset is zero,
|
|
|
|
there will still be encrypted data in ssldata.
|
|
|
|
"""
|
|
|
|
assert 0 <= offset <= len(data)
|
|
|
|
if self._state == _UNWRAPPED:
|
|
|
|
# pass through data in unwrapped mode
|
|
|
|
if offset < len(data):
|
|
|
|
ssldata = [data[offset:]]
|
|
|
|
else:
|
|
|
|
ssldata = []
|
|
|
|
return (ssldata, len(data))
|
|
|
|
|
|
|
|
ssldata = []
|
|
|
|
view = memoryview(data)
|
|
|
|
while True:
|
|
|
|
self._need_ssldata = False
|
|
|
|
try:
|
|
|
|
if offset < len(view):
|
|
|
|
offset += self._sslobj.write(view[offset:])
|
|
|
|
except ssl.SSLError as exc:
|
|
|
|
# It is not allowed to call write() after unwrap() until the
|
|
|
|
# close_notify is acknowledged. We return the condition to the
|
|
|
|
# caller as a short write.
|
2018-06-04 12:32:35 -03:00
|
|
|
exc_errno = getattr(exc, 'errno', None)
|
2015-01-13 19:19:09 -04:00
|
|
|
if exc.reason == 'PROTOCOL_IS_SHUTDOWN':
|
2018-06-04 12:32:35 -03:00
|
|
|
exc_errno = exc.errno = ssl.SSL_ERROR_WANT_READ
|
|
|
|
if exc_errno not in (ssl.SSL_ERROR_WANT_READ,
|
2015-01-13 19:19:09 -04:00
|
|
|
ssl.SSL_ERROR_WANT_WRITE,
|
|
|
|
ssl.SSL_ERROR_SYSCALL):
|
|
|
|
raise
|
2018-06-04 12:32:35 -03:00
|
|
|
self._need_ssldata = (exc_errno == ssl.SSL_ERROR_WANT_READ)
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
# See if there's any record level data back for us.
|
|
|
|
if self._outgoing.pending:
|
|
|
|
ssldata.append(self._outgoing.read())
|
|
|
|
if offset == len(view) or self._need_ssldata:
|
|
|
|
break
|
|
|
|
return (ssldata, offset)
|
|
|
|
|
|
|
|
|
|
|
|
class _SSLProtocolTransport(transports._FlowControlMixin,
|
|
|
|
transports.Transport):
|
|
|
|
|
2018-01-27 15:22:47 -04:00
|
|
|
_sendfile_compatible = constants._SendfileMode.FALLBACK
|
|
|
|
|
2017-10-19 14:49:57 -03:00
|
|
|
def __init__(self, loop, ssl_protocol):
|
2015-01-13 19:19:09 -04:00
|
|
|
self._loop = loop
|
2015-09-21 13:06:17 -03:00
|
|
|
# SSLProtocol instance
|
2015-01-13 19:19:09 -04:00
|
|
|
self._ssl_protocol = ssl_protocol
|
2015-01-29 12:50:58 -04:00
|
|
|
self._closed = False
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
def get_extra_info(self, name, default=None):
|
|
|
|
"""Get optional transport information."""
|
|
|
|
return self._ssl_protocol._get_extra_info(name, default)
|
|
|
|
|
2016-09-11 22:11:02 -03:00
|
|
|
def set_protocol(self, protocol):
|
2018-05-29 06:02:40 -03:00
|
|
|
self._ssl_protocol._set_app_protocol(protocol)
|
2016-09-11 22:11:02 -03:00
|
|
|
|
|
|
|
def get_protocol(self):
|
2017-10-19 14:49:57 -03:00
|
|
|
return self._ssl_protocol._app_protocol
|
2016-09-11 22:11:02 -03:00
|
|
|
|
2015-11-16 13:43:21 -04:00
|
|
|
def is_closing(self):
|
|
|
|
return self._closed
|
|
|
|
|
2015-01-13 19:19:09 -04:00
|
|
|
def close(self):
|
|
|
|
"""Close the transport.
|
|
|
|
|
|
|
|
Buffered data will be flushed asynchronously. No more data
|
|
|
|
will be received. After all buffered data is flushed, the
|
|
|
|
protocol's connection_lost() method will (eventually) called
|
|
|
|
with None as its argument.
|
|
|
|
"""
|
2015-01-29 12:50:58 -04:00
|
|
|
self._closed = True
|
2015-01-13 19:19:09 -04:00
|
|
|
self._ssl_protocol._start_shutdown()
|
|
|
|
|
2019-01-10 06:24:40 -04:00
|
|
|
def __del__(self, _warn=warnings.warn):
|
2017-04-24 22:57:18 -03:00
|
|
|
if not self._closed:
|
2019-01-10 06:24:40 -04:00
|
|
|
_warn(f"unclosed transport {self!r}", ResourceWarning, source=self)
|
2017-04-24 22:57:18 -03:00
|
|
|
self.close()
|
2015-01-29 12:50:58 -04:00
|
|
|
|
2017-12-18 18:03:23 -04:00
|
|
|
def is_reading(self):
|
|
|
|
tr = self._ssl_protocol._transport
|
|
|
|
if tr is None:
|
|
|
|
raise RuntimeError('SSL transport has not been initialized yet')
|
|
|
|
return tr.is_reading()
|
|
|
|
|
2015-01-13 19:19:09 -04:00
|
|
|
def pause_reading(self):
|
|
|
|
"""Pause the receiving end.
|
|
|
|
|
|
|
|
No data will be passed to the protocol's data_received()
|
|
|
|
method until resume_reading() is called.
|
|
|
|
"""
|
|
|
|
self._ssl_protocol._transport.pause_reading()
|
|
|
|
|
|
|
|
def resume_reading(self):
|
|
|
|
"""Resume the receiving end.
|
|
|
|
|
|
|
|
Data received will once again be passed to the protocol's
|
|
|
|
data_received() method.
|
|
|
|
"""
|
|
|
|
self._ssl_protocol._transport.resume_reading()
|
|
|
|
|
|
|
|
def set_write_buffer_limits(self, high=None, low=None):
|
|
|
|
"""Set the high- and low-water limits for write flow control.
|
|
|
|
|
|
|
|
These two values control when to call the protocol's
|
|
|
|
pause_writing() and resume_writing() methods. If specified,
|
|
|
|
the low-water limit must be less than or equal to the
|
|
|
|
high-water limit. Neither value can be negative.
|
|
|
|
|
|
|
|
The defaults are implementation-specific. If only the
|
2015-11-02 08:10:23 -04:00
|
|
|
high-water limit is given, the low-water limit defaults to an
|
2015-01-13 19:19:09 -04:00
|
|
|
implementation-specific value less than or equal to the
|
|
|
|
high-water limit. Setting high to zero forces low to zero as
|
|
|
|
well, and causes pause_writing() to be called whenever the
|
|
|
|
buffer becomes non-empty. Setting low to zero causes
|
|
|
|
resume_writing() to be called only once the buffer is empty.
|
|
|
|
Use of zero for either limit is generally sub-optimal as it
|
|
|
|
reduces opportunities for doing I/O and computation
|
|
|
|
concurrently.
|
|
|
|
"""
|
|
|
|
self._ssl_protocol._transport.set_write_buffer_limits(high, low)
|
|
|
|
|
|
|
|
def get_write_buffer_size(self):
|
|
|
|
"""Return the current size of the write buffer."""
|
|
|
|
return self._ssl_protocol._transport.get_write_buffer_size()
|
|
|
|
|
2018-01-27 15:22:47 -04:00
|
|
|
@property
|
|
|
|
def _protocol_paused(self):
|
|
|
|
# Required for sendfile fallback pause_writing/resume_writing logic
|
|
|
|
return self._ssl_protocol._transport._protocol_paused
|
|
|
|
|
2015-01-13 19:19:09 -04:00
|
|
|
def write(self, data):
|
|
|
|
"""Write some data bytes to the transport.
|
|
|
|
|
|
|
|
This does not block; it buffers the data and arranges for it
|
|
|
|
to be sent out asynchronously.
|
|
|
|
"""
|
|
|
|
if not isinstance(data, (bytes, bytearray, memoryview)):
|
2017-12-10 19:36:12 -04:00
|
|
|
raise TypeError(f"data: expecting a bytes-like instance, "
|
|
|
|
f"got {type(data).__name__}")
|
2015-01-13 19:19:09 -04:00
|
|
|
if not data:
|
|
|
|
return
|
|
|
|
self._ssl_protocol._write_appdata(data)
|
|
|
|
|
|
|
|
def can_write_eof(self):
|
|
|
|
"""Return True if this transport supports write_eof(), False if not."""
|
|
|
|
return False
|
|
|
|
|
|
|
|
def abort(self):
|
|
|
|
"""Close the transport immediately.
|
|
|
|
|
|
|
|
Buffered data will be lost. No more data will be received.
|
|
|
|
The protocol's connection_lost() method will (eventually) be
|
|
|
|
called with None as its argument.
|
|
|
|
"""
|
|
|
|
self._ssl_protocol._abort()
|
2018-06-05 09:59:58 -03:00
|
|
|
self._closed = True
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
|
|
|
|
class SSLProtocol(protocols.Protocol):
|
|
|
|
"""SSL protocol.
|
|
|
|
|
|
|
|
Implementation of SSL on top of a socket using incoming and outgoing
|
|
|
|
buffers which are ssl.MemoryBIO objects.
|
|
|
|
"""
|
|
|
|
|
|
|
|
def __init__(self, loop, app_protocol, sslcontext, waiter,
|
2016-10-05 20:39:54 -03:00
|
|
|
server_side=False, server_hostname=None,
|
2017-12-19 15:45:42 -04:00
|
|
|
call_connection_made=True,
|
2017-12-20 14:24:43 -04:00
|
|
|
ssl_handshake_timeout=None):
|
2015-01-13 19:19:09 -04:00
|
|
|
if ssl is None:
|
|
|
|
raise RuntimeError('stdlib ssl module not available')
|
|
|
|
|
2017-12-20 14:24:43 -04:00
|
|
|
if ssl_handshake_timeout is None:
|
|
|
|
ssl_handshake_timeout = constants.SSL_HANDSHAKE_TIMEOUT
|
|
|
|
elif ssl_handshake_timeout <= 0:
|
|
|
|
raise ValueError(
|
|
|
|
f"ssl_handshake_timeout should be a positive number, "
|
|
|
|
f"got {ssl_handshake_timeout}")
|
|
|
|
|
2015-01-13 19:19:09 -04:00
|
|
|
if not sslcontext:
|
2017-12-10 19:36:12 -04:00
|
|
|
sslcontext = _create_transport_context(
|
|
|
|
server_side, server_hostname)
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
self._server_side = server_side
|
|
|
|
if server_hostname and not server_side:
|
|
|
|
self._server_hostname = server_hostname
|
|
|
|
else:
|
|
|
|
self._server_hostname = None
|
|
|
|
self._sslcontext = sslcontext
|
|
|
|
# SSL-specific extra info. More info are set when the handshake
|
|
|
|
# completes.
|
|
|
|
self._extra = dict(sslcontext=sslcontext)
|
|
|
|
|
|
|
|
# App data write buffering
|
|
|
|
self._write_backlog = collections.deque()
|
|
|
|
self._write_buffer_size = 0
|
|
|
|
|
|
|
|
self._waiter = waiter
|
|
|
|
self._loop = loop
|
2018-05-29 06:02:40 -03:00
|
|
|
self._set_app_protocol(app_protocol)
|
2017-10-19 14:49:57 -03:00
|
|
|
self._app_transport = _SSLProtocolTransport(self._loop, self)
|
2015-09-21 13:06:17 -03:00
|
|
|
# _SSLPipe instance (None until the connection is made)
|
2015-01-13 19:19:09 -04:00
|
|
|
self._sslpipe = None
|
|
|
|
self._session_established = False
|
|
|
|
self._in_handshake = False
|
|
|
|
self._in_shutdown = False
|
2015-09-21 13:06:17 -03:00
|
|
|
# transport, ex: SelectorSocketTransport
|
2015-01-15 08:16:27 -04:00
|
|
|
self._transport = None
|
2016-10-05 20:39:54 -03:00
|
|
|
self._call_connection_made = call_connection_made
|
2017-12-19 15:45:42 -04:00
|
|
|
self._ssl_handshake_timeout = ssl_handshake_timeout
|
2015-01-13 19:19:09 -04:00
|
|
|
|
2018-05-29 06:02:40 -03:00
|
|
|
def _set_app_protocol(self, app_protocol):
|
|
|
|
self._app_protocol = app_protocol
|
|
|
|
self._app_protocol_is_buffer = \
|
|
|
|
isinstance(app_protocol, protocols.BufferedProtocol)
|
|
|
|
|
2015-01-28 19:36:35 -04:00
|
|
|
def _wakeup_waiter(self, exc=None):
|
|
|
|
if self._waiter is None:
|
|
|
|
return
|
|
|
|
if not self._waiter.cancelled():
|
|
|
|
if exc is not None:
|
|
|
|
self._waiter.set_exception(exc)
|
|
|
|
else:
|
|
|
|
self._waiter.set_result(None)
|
|
|
|
self._waiter = None
|
|
|
|
|
2015-01-13 19:19:09 -04:00
|
|
|
def connection_made(self, transport):
|
|
|
|
"""Called when the low-level connection is made.
|
|
|
|
|
|
|
|
Start the SSL handshake.
|
|
|
|
"""
|
|
|
|
self._transport = transport
|
|
|
|
self._sslpipe = _SSLPipe(self._sslcontext,
|
|
|
|
self._server_side,
|
|
|
|
self._server_hostname)
|
|
|
|
self._start_handshake()
|
|
|
|
|
|
|
|
def connection_lost(self, exc):
|
|
|
|
"""Called when the low-level connection is lost or closed.
|
|
|
|
|
|
|
|
The argument is an exception object or None (the latter
|
|
|
|
meaning a regular EOF is received or the connection was
|
|
|
|
aborted or closed).
|
|
|
|
"""
|
|
|
|
if self._session_established:
|
|
|
|
self._session_established = False
|
|
|
|
self._loop.call_soon(self._app_protocol.connection_lost, exc)
|
2018-06-04 12:32:35 -03:00
|
|
|
else:
|
|
|
|
# Most likely an exception occurred while in SSL handshake.
|
|
|
|
# Just mark the app transport as closed so that its __del__
|
|
|
|
# doesn't complain.
|
|
|
|
if self._app_transport is not None:
|
|
|
|
self._app_transport._closed = True
|
2015-01-13 19:19:09 -04:00
|
|
|
self._transport = None
|
|
|
|
self._app_transport = None
|
2019-03-17 19:51:10 -03:00
|
|
|
if getattr(self, '_handshake_timeout_handle', None):
|
|
|
|
self._handshake_timeout_handle.cancel()
|
2016-12-16 12:50:41 -04:00
|
|
|
self._wakeup_waiter(exc)
|
2019-03-17 19:51:10 -03:00
|
|
|
self._app_protocol = None
|
|
|
|
self._sslpipe = None
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
def pause_writing(self):
|
|
|
|
"""Called when the low-level transport's buffer goes over
|
|
|
|
the high-water mark.
|
|
|
|
"""
|
|
|
|
self._app_protocol.pause_writing()
|
|
|
|
|
|
|
|
def resume_writing(self):
|
|
|
|
"""Called when the low-level transport's buffer drains below
|
|
|
|
the low-water mark.
|
|
|
|
"""
|
|
|
|
self._app_protocol.resume_writing()
|
|
|
|
|
|
|
|
def data_received(self, data):
|
|
|
|
"""Called when some SSL data is received.
|
|
|
|
|
|
|
|
The argument is a bytes object.
|
|
|
|
"""
|
2018-03-10 11:48:35 -04:00
|
|
|
if self._sslpipe is None:
|
|
|
|
# transport closing, sslpipe is destroyed
|
|
|
|
return
|
|
|
|
|
2015-01-13 19:19:09 -04:00
|
|
|
try:
|
|
|
|
ssldata, appdata = self._sslpipe.feed_ssldata(data)
|
2019-05-27 09:45:12 -03:00
|
|
|
except (SystemExit, KeyboardInterrupt):
|
|
|
|
raise
|
|
|
|
except BaseException as e:
|
2018-06-04 12:32:35 -03:00
|
|
|
self._fatal_error(e, 'SSL error in data received')
|
2015-01-13 19:19:09 -04:00
|
|
|
return
|
|
|
|
|
|
|
|
for chunk in ssldata:
|
|
|
|
self._transport.write(chunk)
|
|
|
|
|
|
|
|
for chunk in appdata:
|
|
|
|
if chunk:
|
2018-05-28 15:31:28 -03:00
|
|
|
try:
|
|
|
|
if self._app_protocol_is_buffer:
|
2018-06-08 05:32:06 -03:00
|
|
|
protocols._feed_data_to_buffered_proto(
|
2018-05-28 15:31:28 -03:00
|
|
|
self._app_protocol, chunk)
|
|
|
|
else:
|
|
|
|
self._app_protocol.data_received(chunk)
|
2019-05-27 09:45:12 -03:00
|
|
|
except (SystemExit, KeyboardInterrupt):
|
|
|
|
raise
|
|
|
|
except BaseException as ex:
|
2018-05-28 15:31:28 -03:00
|
|
|
self._fatal_error(
|
|
|
|
ex, 'application protocol failed to receive SSL data')
|
|
|
|
return
|
2015-01-13 19:19:09 -04:00
|
|
|
else:
|
|
|
|
self._start_shutdown()
|
|
|
|
break
|
|
|
|
|
|
|
|
def eof_received(self):
|
|
|
|
"""Called when the other end of the low-level stream
|
|
|
|
is half-closed.
|
|
|
|
|
|
|
|
If this returns a false value (including None), the transport
|
|
|
|
will close itself. If it returns a true value, closing the
|
|
|
|
transport is up to the protocol.
|
|
|
|
"""
|
|
|
|
try:
|
|
|
|
if self._loop.get_debug():
|
|
|
|
logger.debug("%r received EOF", self)
|
2015-01-28 19:35:56 -04:00
|
|
|
|
2015-01-28 19:36:35 -04:00
|
|
|
self._wakeup_waiter(ConnectionResetError)
|
2015-01-28 19:35:56 -04:00
|
|
|
|
2015-01-13 19:19:09 -04:00
|
|
|
if not self._in_handshake:
|
|
|
|
keep_open = self._app_protocol.eof_received()
|
|
|
|
if keep_open:
|
|
|
|
logger.warning('returning true from eof_received() '
|
|
|
|
'has no effect when using ssl')
|
|
|
|
finally:
|
|
|
|
self._transport.close()
|
|
|
|
|
|
|
|
def _get_extra_info(self, name, default=None):
|
|
|
|
if name in self._extra:
|
|
|
|
return self._extra[name]
|
2017-03-12 16:23:30 -03:00
|
|
|
elif self._transport is not None:
|
2015-01-13 19:19:09 -04:00
|
|
|
return self._transport.get_extra_info(name, default)
|
2017-03-12 16:23:30 -03:00
|
|
|
else:
|
|
|
|
return default
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
def _start_shutdown(self):
|
|
|
|
if self._in_shutdown:
|
|
|
|
return
|
2017-06-09 18:46:14 -03:00
|
|
|
if self._in_handshake:
|
|
|
|
self._abort()
|
|
|
|
else:
|
|
|
|
self._in_shutdown = True
|
|
|
|
self._write_appdata(b'')
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
def _write_appdata(self, data):
|
|
|
|
self._write_backlog.append((data, 0))
|
|
|
|
self._write_buffer_size += len(data)
|
|
|
|
self._process_write_backlog()
|
|
|
|
|
|
|
|
def _start_handshake(self):
|
|
|
|
if self._loop.get_debug():
|
|
|
|
logger.debug("%r starts SSL handshake", self)
|
|
|
|
self._handshake_start_time = self._loop.time()
|
|
|
|
else:
|
|
|
|
self._handshake_start_time = None
|
|
|
|
self._in_handshake = True
|
|
|
|
# (b'', 1) is a special value in _process_write_backlog() to do
|
|
|
|
# the SSL handshake
|
|
|
|
self._write_backlog.append((b'', 1))
|
2017-12-19 15:45:42 -04:00
|
|
|
self._handshake_timeout_handle = \
|
|
|
|
self._loop.call_later(self._ssl_handshake_timeout,
|
|
|
|
self._check_handshake_timeout)
|
2018-05-28 20:33:35 -03:00
|
|
|
self._process_write_backlog()
|
2017-12-19 15:45:42 -04:00
|
|
|
|
|
|
|
def _check_handshake_timeout(self):
|
|
|
|
if self._in_handshake is True:
|
2018-06-04 12:32:35 -03:00
|
|
|
msg = (
|
|
|
|
f"SSL handshake is taking longer than "
|
|
|
|
f"{self._ssl_handshake_timeout} seconds: "
|
|
|
|
f"aborting the connection"
|
|
|
|
)
|
|
|
|
self._fatal_error(ConnectionAbortedError(msg))
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
def _on_handshake_complete(self, handshake_exc):
|
|
|
|
self._in_handshake = False
|
2017-12-19 15:45:42 -04:00
|
|
|
self._handshake_timeout_handle.cancel()
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
sslobj = self._sslpipe.ssl_object
|
|
|
|
try:
|
|
|
|
if handshake_exc is not None:
|
|
|
|
raise handshake_exc
|
2015-01-14 11:56:20 -04:00
|
|
|
|
|
|
|
peercert = sslobj.getpeercert()
|
2019-05-27 09:45:12 -03:00
|
|
|
except (SystemExit, KeyboardInterrupt):
|
|
|
|
raise
|
|
|
|
except BaseException as exc:
|
2018-06-04 12:32:35 -03:00
|
|
|
if isinstance(exc, ssl.CertificateError):
|
|
|
|
msg = 'SSL handshake failed on verifying the certificate'
|
2015-01-13 19:19:09 -04:00
|
|
|
else:
|
2018-06-04 12:32:35 -03:00
|
|
|
msg = 'SSL handshake failed'
|
|
|
|
self._fatal_error(exc, msg)
|
|
|
|
return
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
if self._loop.get_debug():
|
|
|
|
dt = self._loop.time() - self._handshake_start_time
|
|
|
|
logger.debug("%r: SSL handshake took %.1f ms", self, dt * 1e3)
|
|
|
|
|
|
|
|
# Add extra info that becomes available after handshake.
|
|
|
|
self._extra.update(peercert=peercert,
|
|
|
|
cipher=sslobj.cipher(),
|
|
|
|
compression=sslobj.compression(),
|
2015-09-21 13:06:17 -03:00
|
|
|
ssl_object=sslobj,
|
2015-01-13 19:19:09 -04:00
|
|
|
)
|
2016-10-05 20:39:54 -03:00
|
|
|
if self._call_connection_made:
|
|
|
|
self._app_protocol.connection_made(self._app_transport)
|
2015-01-28 19:36:35 -04:00
|
|
|
self._wakeup_waiter()
|
2015-01-13 19:19:09 -04:00
|
|
|
self._session_established = True
|
2015-01-15 04:41:48 -04:00
|
|
|
# In case transport.write() was already called. Don't call
|
2016-05-26 02:35:26 -03:00
|
|
|
# immediately _process_write_backlog(), but schedule it:
|
2015-01-15 04:41:48 -04:00
|
|
|
# _on_handshake_complete() can be called indirectly from
|
|
|
|
# _process_write_backlog(), and _process_write_backlog() is not
|
|
|
|
# reentrant.
|
2015-01-15 04:44:13 -04:00
|
|
|
self._loop.call_soon(self._process_write_backlog)
|
2015-01-13 19:19:09 -04:00
|
|
|
|
|
|
|
def _process_write_backlog(self):
|
|
|
|
# Try to make progress on the write backlog.
|
2018-03-10 11:48:35 -04:00
|
|
|
if self._transport is None or self._sslpipe is None:
|
2015-01-13 19:19:09 -04:00
|
|
|
return
|
|
|
|
|
|
|
|
try:
|
|
|
|
for i in range(len(self._write_backlog)):
|
|
|
|
data, offset = self._write_backlog[0]
|
|
|
|
if data:
|
|
|
|
ssldata, offset = self._sslpipe.feed_appdata(data, offset)
|
|
|
|
elif offset:
|
2015-08-05 15:06:23 -03:00
|
|
|
ssldata = self._sslpipe.do_handshake(
|
|
|
|
self._on_handshake_complete)
|
2015-01-13 19:19:09 -04:00
|
|
|
offset = 1
|
|
|
|
else:
|
|
|
|
ssldata = self._sslpipe.shutdown(self._finalize)
|
|
|
|
offset = 1
|
|
|
|
|
|
|
|
for chunk in ssldata:
|
|
|
|
self._transport.write(chunk)
|
|
|
|
|
|
|
|
if offset < len(data):
|
|
|
|
self._write_backlog[0] = (data, offset)
|
|
|
|
# A short write means that a write is blocked on a read
|
|
|
|
# We need to enable reading if it is paused!
|
|
|
|
assert self._sslpipe.need_ssldata
|
|
|
|
if self._transport._paused:
|
|
|
|
self._transport.resume_reading()
|
|
|
|
break
|
|
|
|
|
|
|
|
# An entire chunk from the backlog was processed. We can
|
|
|
|
# delete it and reduce the outstanding buffer size.
|
|
|
|
del self._write_backlog[0]
|
|
|
|
self._write_buffer_size -= len(data)
|
2019-05-27 09:45:12 -03:00
|
|
|
except (SystemExit, KeyboardInterrupt):
|
|
|
|
raise
|
|
|
|
except BaseException as exc:
|
2015-01-13 19:19:09 -04:00
|
|
|
if self._in_handshake:
|
2018-06-04 12:32:35 -03:00
|
|
|
# Exceptions will be re-raised in _on_handshake_complete.
|
2015-01-13 19:19:09 -04:00
|
|
|
self._on_handshake_complete(exc)
|
|
|
|
else:
|
|
|
|
self._fatal_error(exc, 'Fatal error on SSL transport')
|
|
|
|
|
|
|
|
def _fatal_error(self, exc, message='Fatal error on transport'):
|
2019-05-27 10:28:34 -03:00
|
|
|
if isinstance(exc, OSError):
|
2015-01-13 19:19:09 -04:00
|
|
|
if self._loop.get_debug():
|
|
|
|
logger.debug("%r: %s", self, message, exc_info=True)
|
|
|
|
else:
|
|
|
|
self._loop.call_exception_handler({
|
|
|
|
'message': message,
|
|
|
|
'exception': exc,
|
|
|
|
'transport': self._transport,
|
|
|
|
'protocol': self,
|
|
|
|
})
|
|
|
|
if self._transport:
|
|
|
|
self._transport._force_close(exc)
|
|
|
|
|
|
|
|
def _finalize(self):
|
2017-06-09 19:29:46 -03:00
|
|
|
self._sslpipe = None
|
|
|
|
|
2015-01-13 19:19:09 -04:00
|
|
|
if self._transport is not None:
|
|
|
|
self._transport.close()
|
|
|
|
|
|
|
|
def _abort(self):
|
2017-06-09 19:29:46 -03:00
|
|
|
try:
|
|
|
|
if self._transport is not None:
|
2015-01-13 19:19:09 -04:00
|
|
|
self._transport.abort()
|
2017-06-09 19:29:46 -03:00
|
|
|
finally:
|
|
|
|
self._finalize()
|