def connectionMade(self): self._secure = interfaces.ISSLTransport(self.transport, None) is not None address = self.transport.getHost() self._host = _cachedGetHostByAddr(address.host) self.setTimeout(self.inputTimeOut) self.factory.addConnectedChannel(self)
def isSecure(self): if self._forceSSL: return True transport = getattr(getattr(self, 'channel', None), 'transport', None) if interfaces.ISSLTransport(transport, default=None) is not None: return True return False
def _login(self, caps, username, password): """ Continue the process of logging in to the server. This callback function runs after the server capabilities are received. If the server provided a challenge in the greeting, proceed with an APOP login. Otherwise, if the server and the transport support encrypted communication, try to switch to TLS and then complete the login process with the L{_loginTLS} callback function. Otherwise, if insecure authentication is allowed, do a plaintext login. Otherwise, fail with an L{InsecureAuthenticationDisallowed} error. @type caps: L{dict} mapping L{bytes} to L{list} of L{bytes} and/or L{bytes} to L{None} @param caps: The server capabilities. @type username: L{bytes} @param username: The username with which to log in. @type password: L{bytes} @param password: The password with which to log in. @rtype: L{Deferred <defer.Deferred>} which successfully fires with L{bytes} @return: A deferred which fires when the login process is complete. On a successful login, it returns the server's response minus the status indicator. """ if self.serverChallenge is not None: return self._apop(username, password, self.serverChallenge) tryTLS = b"STLS" in caps # If our transport supports switching to TLS, we might want to # try to switch to TLS. tlsableTransport = interfaces.ITLSTransport(self.transport, None) is not None # If our transport is not already using TLS, we might want to # try to switch to TLS. nontlsTransport = interfaces.ISSLTransport(self.transport, None) is None if not self.startedTLS and tryTLS and tlsableTransport and nontlsTransport: d = self.startTLS() d.addCallback(self._loginTLS, username, password) return d elif self.startedTLS or not nontlsTransport or self.allowInsecureLogin: return self._plaintext(username, password) else: return defer.fail(InsecureAuthenticationDisallowed())
def isSecure(self): """ Return True if this request is using a secure transport. Normally this method returns True if this request's HTTPChannel instance is using a transport that implements ISSLTransport. This will also return True if setHost() has been called with ssl=True. @returns: True if this request is secure @rtype: C{bool} """ if self._forceSSL: return True transport = getattr(getattr(self, 'channel', None), 'transport', None) if interfaces.ISSLTransport(transport, None) is not None: return True return False
def _login(self, caps, username, password): if self.serverChallenge is not None: return self._apop(username, password, self.serverChallenge) tryTLS = 'STLS' in caps #If our transport supports switching to TLS, we might want to try to switch to TLS. tlsableTransport = interfaces.ITLSTransport(self.transport, None) is not None # If our transport is not already using TLS, we might want to try to switch to TLS. nontlsTransport = interfaces.ISSLTransport(self.transport, None) is None if not self.startedTLS and tryTLS and tlsableTransport and nontlsTransport: d = self.startTLS() d.addCallback(self._loginTLS, username, password) return d elif self.startedTLS or not nontlsTransport or self.allowInsecureLogin: return self._plaintext(username, password) else: return defer.fail(InsecureAuthenticationDisallowed())
def getHostInfo(self): t = self.channel.transport secure = interfaces.ISSLTransport(t, None) is not None host = t.getHost() host.host = _cachedGetHostByAddr(host.host) return host, secure