Fixed test_socket_ssl failures.
This commit is contained in:
Ryan Williams
@@ -4,6 +4,7 @@ for var in __socket.__all__:
|
|||||||
_fileobject = __socket._fileobject
|
_fileobject = __socket._fileobject
|
||||||
|
|
||||||
from eventlet.api import get_hub
|
from eventlet.api import get_hub
|
||||||
|
from eventlet.util import wrap_ssl_obj
|
||||||
from eventlet.greenio import GreenSocket as socket
|
from eventlet.greenio import GreenSocket as socket
|
||||||
from eventlet.greenio import GreenSSL as _GreenSSL
|
from eventlet.greenio import GreenSSL as _GreenSSL
|
||||||
from eventlet.greenio import GreenSSLObject as _GreenSSLObject
|
from eventlet.greenio import GreenSSLObject as _GreenSSLObject
|
||||||
@@ -70,15 +71,4 @@ def create_connection(address, timeout=_GLOBAL_DEFAULT_TIMEOUT):
|
|||||||
|
|
||||||
|
|
||||||
def ssl(sock, certificate=None, private_key=None):
|
def ssl(sock, certificate=None, private_key=None):
|
||||||
from OpenSSL import SSL
|
return wrap_ssl_obj(sock, certificate, private_key)
|
||||||
context = SSL.Context(SSL.SSLv23_METHOD)
|
|
||||||
if certificate is not None:
|
|
||||||
context.use_certificate_file(certificate)
|
|
||||||
if private_key is not None:
|
|
||||||
context.use_privatekey_file(private_key)
|
|
||||||
context.set_verify(SSL.VERIFY_NONE, lambda *x: True)
|
|
||||||
|
|
||||||
## TODO only do this on client sockets? how?
|
|
||||||
connection = SSL.Connection(context, sock)
|
|
||||||
connection.set_connect_state()
|
|
||||||
return _GreenSSLObject(_GreenSSL(connection))
|
|
||||||
|
|||||||
@@ -710,6 +710,10 @@ class GreenSSL(GreenSocket):
|
|||||||
return fn(*args, **kw)
|
return fn(*args, **kw)
|
||||||
|
|
||||||
|
|
||||||
|
def _convert_to_sslerror(ex):
|
||||||
|
""" Transliterates SSL.SysCallErrors to socket.sslerrors"""
|
||||||
|
return socket.sslerror((ex[0], ex[1]))
|
||||||
|
|
||||||
class GreenSSLObject(object):
|
class GreenSSLObject(object):
|
||||||
""" Wrapper object around the SSLObjects returned by socket.ssl, which have a
|
""" Wrapper object around the SSLObjects returned by socket.ssl, which have a
|
||||||
slightly different interface from SSL.Connection objects. """
|
slightly different interface from SSL.Connection objects. """
|
||||||
@@ -717,6 +721,10 @@ class GreenSSLObject(object):
|
|||||||
""" Should only be called by a 'green' socket.ssl """
|
""" Should only be called by a 'green' socket.ssl """
|
||||||
assert(isinstance(green_ssl_obj, GreenSSL))
|
assert(isinstance(green_ssl_obj, GreenSSL))
|
||||||
self.connection = green_ssl_obj
|
self.connection = green_ssl_obj
|
||||||
|
try:
|
||||||
|
self.connection.do_handshake()
|
||||||
|
except SSL.SysCallError, e:
|
||||||
|
raise _convert_to_sslerror(e)
|
||||||
|
|
||||||
def read(self, n=None):
|
def read(self, n=None):
|
||||||
"""If n is provided, read n bytes from the SSL connection, otherwise read
|
"""If n is provided, read n bytes from the SSL connection, otherwise read
|
||||||
@@ -726,28 +734,31 @@ class GreenSSLObject(object):
|
|||||||
raise NotImplementedError("GreenSSLObject does not support "\
|
raise NotImplementedError("GreenSSLObject does not support "\
|
||||||
" unlimited reads until we hear of someone needing to use them.")
|
" unlimited reads until we hear of someone needing to use them.")
|
||||||
else:
|
else:
|
||||||
return self.connection.read(n)
|
try:
|
||||||
|
return self.connection.read(n)
|
||||||
|
except SSL.SysCallError, e:
|
||||||
|
raise _convert_to_sslerror(e)
|
||||||
|
|
||||||
def write(self, s):
|
def write(self, s):
|
||||||
"""Writes the string s to the on the object's SSL connection.
|
"""Writes the string s to the on the object's SSL connection.
|
||||||
The return value is the number of bytes written. """
|
The return value is the number of bytes written. """
|
||||||
return self.connection.write(s)
|
try:
|
||||||
|
return self.connection.write(s)
|
||||||
|
except SSL.SysCallError, e:
|
||||||
|
raise _convert_to_sslerror(e)
|
||||||
|
|
||||||
def server(self):
|
def server(self):
|
||||||
""" Returns a string describing the server's certificate. Useful for debugging
|
""" Returns a string describing the server's certificate. Useful for debugging
|
||||||
purposes; do not parse the content of this string because its format can't be
|
purposes; do not parse the content of this string because its format can't be
|
||||||
parsed unambiguously. """
|
parsed unambiguously. """
|
||||||
# NOTE: probably not the same as the real SSLObject, but, if someone actually
|
return str(self.connection.get_peer_certificate().get_subject())
|
||||||
# uses this then we can fix it.
|
|
||||||
return str(self.connection.get_peer_certificate())
|
|
||||||
|
|
||||||
def issuer(self):
|
def issuer(self):
|
||||||
"""Returns a string describing the issuer of the server's certificate. Useful
|
"""Returns a string describing the issuer of the server's certificate. Useful
|
||||||
for debugging purposes; do not parse the content of this string because its
|
for debugging purposes; do not parse the content of this string because its
|
||||||
format can't be parsed unambiguously."""
|
format can't be parsed unambiguously."""
|
||||||
# NOTE: probably not the same as the real SSLObject, but, if someone actually
|
|
||||||
# uses this then we can fix it.
|
|
||||||
return str(self.connection.get_peer_certificate().get_issuer())
|
return str(self.connection.get_peer_certificate().get_issuer())
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
def socketpair(*args):
|
def socketpair(*args):
|
||||||
|
|||||||
@@ -74,6 +74,13 @@ def wrap_ssl(sock, certificate=None, private_key=None):
|
|||||||
return greenio.GreenSSL(connection)
|
return greenio.GreenSSL(connection)
|
||||||
|
|
||||||
|
|
||||||
|
def wrap_ssl_obj(sock, certificate=None, private_key=None):
|
||||||
|
""" For 100% compatibility with the socket module, this wraps and handshakes an
|
||||||
|
open connection, returning a SSLObject."""
|
||||||
|
from eventlet import greenio
|
||||||
|
wrapped = wrap_ssl(sock, certificate, private_key)
|
||||||
|
return greenio.GreenSSLObject(wrapped)
|
||||||
|
|
||||||
socket_already_wrapped = False
|
socket_already_wrapped = False
|
||||||
def wrap_socket_with_coroutine_socket(use_thread_pool=True):
|
def wrap_socket_with_coroutine_socket(use_thread_pool=True):
|
||||||
global socket_already_wrapped
|
global socket_already_wrapped
|
||||||
@@ -86,10 +93,7 @@ def wrap_socket_with_coroutine_socket(use_thread_pool=True):
|
|||||||
socket.socket = new_socket
|
socket.socket = new_socket
|
||||||
|
|
||||||
# for 100% compatibility, return a GreenSSLObject
|
# for 100% compatibility, return a GreenSSLObject
|
||||||
def new_ssl(sock, certificate=None, private_key=None):
|
socket.ssl = wrap_ssl_obj
|
||||||
wrapped = wrap_ssl(sock, certificate, private_key)
|
|
||||||
return greenio.GreenSSLObject(wrapped)
|
|
||||||
socket.ssl = new_ssl
|
|
||||||
|
|
||||||
if use_thread_pool:
|
if use_thread_pool:
|
||||||
from eventlet import tpool
|
from eventlet import tpool
|
||||||
|
|||||||
Reference in New Issue
Block a user