Fixed test_socket_ssl failures.

2009-07-19 13:22:58 -07:00
parent 05baf71d99
commit b741076db4
3 changed files with 28 additions and 23 deletions
--- a/eventlet/green/socket.py
+++ b/eventlet/green/socket.py
@@ -4,6 +4,7 @@ for var in __socket.__all__:
 _fileobject = __socket._fileobject

 from eventlet.api import get_hub
+from eventlet.util import wrap_ssl_obj
 from eventlet.greenio import GreenSocket as socket
 from eventlet.greenio import GreenSSL as _GreenSSL
 from eventlet.greenio import GreenSSLObject as _GreenSSLObject
@@ -70,15 +71,4 @@ def create_connection(address, timeout=_GLOBAL_DEFAULT_TIMEOUT):


 def ssl(sock, certificate=None, private_key=None):
-    from OpenSSL import SSL
-    context = SSL.Context(SSL.SSLv23_METHOD)
-    if certificate is not None:
-        context.use_certificate_file(certificate)
-    if private_key is not None:
-        context.use_privatekey_file(private_key)
-    context.set_verify(SSL.VERIFY_NONE, lambda *x: True)
-
-    ## TODO only do this on client sockets? how?
-    connection = SSL.Connection(context, sock)
-    connection.set_connect_state()
-    return _GreenSSLObject(_GreenSSL(connection))
+    return wrap_ssl_obj(sock, certificate, private_key)
--- a/eventlet/greenio.py
+++ b/eventlet/greenio.py
@@ -710,6 +710,10 @@ class GreenSSL(GreenSocket):
        return fn(*args, **kw)
        
        
+def _convert_to_sslerror(ex):
+    """ Transliterates SSL.SysCallErrors to socket.sslerrors"""
+    return socket.sslerror((ex[0], ex[1]))
+        
 class GreenSSLObject(object):
    """ Wrapper object around the SSLObjects returned by socket.ssl, which have a 
    slightly different interface from SSL.Connection objects. """
@@ -717,6 +721,10 @@ class GreenSSLObject(object):
        """ Should only be called by a 'green' socket.ssl """
        assert(isinstance(green_ssl_obj, GreenSSL))
        self.connection = green_ssl_obj
+        try:
+            self.connection.do_handshake()
+        except SSL.SysCallError, e:
+            raise _convert_to_sslerror(e)
        
    def read(self, n=None):
        """If n is provided, read n bytes from the SSL connection, otherwise read
@@ -726,28 +734,31 @@ class GreenSSLObject(object):
            raise NotImplementedError("GreenSSLObject does not support "\
            " unlimited reads until we hear of someone needing to use them.")
        else:
-            return self.connection.read(n)
+            try:
+                return self.connection.read(n)
+            except SSL.SysCallError, e:
+                raise _convert_to_sslerror(e)
            
    def write(self, s):
        """Writes the string s to the on the object's SSL connection. 
        The return value is the number of bytes written. """
-        return self.connection.write(s)
+        try:
+            return self.connection.write(s)
+        except SSL.SysCallError, e:
+            raise _convert_to_sslerror(e)

    def server(self):
        """ Returns a string describing the server's certificate. Useful for debugging
        purposes; do not parse the content of this string because its format can't be
        parsed unambiguously. """
-        # NOTE: probably not the same as the real SSLObject, but, if someone actually
-        # uses this then we can fix it.
-        return str(self.connection.get_peer_certificate())
+        return str(self.connection.get_peer_certificate().get_subject())
        
    def issuer(self):
        """Returns a string describing the issuer of the server's certificate. Useful
        for debugging purposes; do not parse the content of this string because its 
        format can't be parsed unambiguously."""
-        # NOTE: probably not the same as the real SSLObject, but, if someone actually
-        # uses this then we can fix it.
        return str(self.connection.get_peer_certificate().get_issuer())
+        
                

 def socketpair(*args):
--- a/eventlet/util.py
+++ b/eventlet/util.py
@@ -74,6 +74,13 @@ def wrap_ssl(sock, certificate=None, private_key=None):
    return greenio.GreenSSL(connection)


+def wrap_ssl_obj(sock, certificate=None, private_key=None):
+    """ For 100% compatibility with the socket module, this wraps and handshakes an 
+    open connection, returning a SSLObject."""
+    from eventlet import greenio
+    wrapped = wrap_ssl(sock, certificate, private_key)
+    return greenio.GreenSSLObject(wrapped)
+
 socket_already_wrapped = False
 def wrap_socket_with_coroutine_socket(use_thread_pool=True):
    global socket_already_wrapped
@@ -86,10 +93,7 @@ def wrap_socket_with_coroutine_socket(use_thread_pool=True):
    socket.socket = new_socket

    # for 100% compatibility, return a GreenSSLObject
-    def new_ssl(sock, certificate=None, private_key=None):
-        wrapped = wrap_ssl(sock, certificate, private_key)
-        return greenio.GreenSSLObject(wrapped)
-    socket.ssl = new_ssl
+    socket.ssl = wrap_ssl_obj

    if use_thread_pool:
        from eventlet import tpool