def connectionMade(self):
self._secure = interfaces.ISSLTransport(self.transport,
None) is not None
address = self.transport.getHost()
self._host = _cachedGetHostByAddr(address.host)
self.setTimeout(self.inputTimeOut)
self.factory.addConnectedChannel(self)
def isSecure(self):
if self._forceSSL:
return True
transport = getattr(getattr(self, 'channel', None), 'transport', None)
if interfaces.ISSLTransport(transport, default=None) is not None:
return True
return False
def _login(self, caps, username, password):
"""
Continue the process of logging in to the server.
This callback function runs after the server capabilities are received.
If the server provided a challenge in the greeting, proceed with an
APOP login. Otherwise, if the server and the transport support
encrypted communication, try to switch to TLS and then complete
the login process with the L{_loginTLS} callback function. Otherwise,
if insecure authentication is allowed, do a plaintext login.
Otherwise, fail with an L{InsecureAuthenticationDisallowed} error.
@type caps: L{dict} mapping L{bytes} to L{list} of L{bytes} and/or
L{bytes} to L{None}
@param caps: The server capabilities.
@type username: L{bytes}
@param username: The username with which to log in.
@type password: L{bytes}
@param password: The password with which to log in.
@rtype: L{Deferred <defer.Deferred>} which successfully fires with
L{bytes}
@return: A deferred which fires when the login process is complete.
On a successful login, it returns the server's response minus the
status indicator.
"""
if self.serverChallenge is not None:
return self._apop(username, password, self.serverChallenge)
tryTLS = b"STLS" in caps
# If our transport supports switching to TLS, we might want to
# try to switch to TLS.
tlsableTransport = interfaces.ITLSTransport(self.transport,
None) is not None
# If our transport is not already using TLS, we might want to
# try to switch to TLS.
nontlsTransport = interfaces.ISSLTransport(self.transport,
None) is None
if not self.startedTLS and tryTLS and tlsableTransport and nontlsTransport:
d = self.startTLS()
d.addCallback(self._loginTLS, username, password)
return d
elif self.startedTLS or not nontlsTransport or self.allowInsecureLogin:
return self._plaintext(username, password)
else:
return defer.fail(InsecureAuthenticationDisallowed())
def isSecure(self):
"""
Return True if this request is using a secure transport.
Normally this method returns True if this request's HTTPChannel
instance is using a transport that implements ISSLTransport.
This will also return True if setHost() has been called
with ssl=True.
@returns: True if this request is secure
@rtype: C{bool}
"""
if self._forceSSL:
return True
transport = getattr(getattr(self, 'channel', None), 'transport', None)
if interfaces.ISSLTransport(transport, None) is not None:
return True
return False
def _login(self, caps, username, password):
if self.serverChallenge is not None:
return self._apop(username, password, self.serverChallenge)
tryTLS = 'STLS' in caps
#If our transport supports switching to TLS, we might want to try to switch to TLS.
tlsableTransport = interfaces.ITLSTransport(self.transport, None) is not None
# If our transport is not already using TLS, we might want to try to switch to TLS.
nontlsTransport = interfaces.ISSLTransport(self.transport, None) is None
if not self.startedTLS and tryTLS and tlsableTransport and nontlsTransport:
d = self.startTLS()
d.addCallback(self._loginTLS, username, password)
return d
elif self.startedTLS or not nontlsTransport or self.allowInsecureLogin:
return self._plaintext(username, password)
else:
return defer.fail(InsecureAuthenticationDisallowed())
def getHostInfo(self):
t = self.channel.transport
secure = interfaces.ISSLTransport(t, None) is not None
host = t.getHost()
host.host = _cachedGetHostByAddr(host.host)
return host, secure
