def __init__(oSelf, oServerBaseURL, u0zMaxNumberOfConnectionsToServer=zNotProvided, o0SSLContext=None): oSelf.__oServerBaseURL = oServerBaseURL oSelf.__u0MaxNumberOfConnectionsToServer = fxGetFirstProvidedValue( u0zMaxNumberOfConnectionsToServer, gu0DefaultMaxNumberOfConnectionsToServer) oSelf.__o0SSLContext = o0SSLContext oSelf.__oConnectionsPropertyLock = cLock( "%s.__oConnectionsPropertyLock" % oSelf.__class__.__name__, n0DeadlockTimeoutInSeconds=gnDeadlockTimeoutInSeconds) oSelf.__aoConnections = [] oSelf.__uPendingConnects = 0 oSelf.__bStopping = False oSelf.__oTerminatedPropertyLock = cLock( "%s.__oTerminatedEventFiredLock" % oSelf.__class__.__name__, n0DeadlockTimeoutInSeconds=gnDeadlockTimeoutInSeconds) oSelf.__oTerminatedLock = cLock("%s.__oTerminatedLock" % oSelf.__class__.__name__, bLocked=True) oSelf.fAddEvents("connect failed", "new connection", "request sent", "response received", "request sent and response received", "connection terminated", "terminated")
def __init__(oSelf, oPythonSocket, o0SecurePythonSocket=None, o0SSLContext=None, szRemoteHostname=zNotProvided, bCreatedLocally=False): # The initial python socket is not secure. We can "wrap" the socket with SSL # to secure it repeatedly to "tunnel" multiple SSL connections. Each time # a new SSL connection is tunneled through the existing connection, a new # "wrapped" socket is created that can be used to communicate through this # SSL tunnel. We will keep a list of the python sockets corresponding to # these tunnels, in order: oSelf.__aoPythonSockets = [ o0 for o0 in [oPythonSocket, o0SecurePythonSocket] if o0 ] # We also keep a list of the SSL contexts for the tunneled secured # connections. This list is in the same order but does not have an entry # for the first socket, as it is not secure. oSelf.__aoSSLContexts = [o0 for o0 in [o0SSLContext] if o0] oSelf.__bCreatedLocally = bCreatedLocally oSelf.uReadChunkSize = oSelf.uDefaultReadChunkSize # We will create a lock that will be released as soon as we detect that the # socket is disconnected to implement fbWait() oSelf.__oTerminatedLock = cLock("%s.__oTerminatedLock" % oSelf.__class__.__name__, bLocked=True) # When we detect a disconnect, we need a way to check if this is the first # time that we detect it, so we can be sure we release the oConnectedLock # only once. This requires exclusive acccess to the "connected" property # to prevent race conditions where the lock is freed twice in two threads: oSelf.__oConnectedPropertyAccessLock = cLock( "%s.__oConnectedPropertyAccessLock" % oSelf.__class__.__name__, n0DeadlockTimeoutInSeconds=gnDeadlockTimeoutInSeconds) # We will also keep track of the fact that "fStop" of "fTerminate" has been called. oSelf.__bStopping = False oSelf.__bShouldAllowReading = True oSelf.__bShouldAllowWriting = True oSelf.txLocalAddress = ( oSelf.sLocalHostname, oSelf.uLocalPort) = oSelf.__oPythonSocket.getsockname() oSelf.sLocalAddress = "localhost:%d" % oSelf.uLocalPort oSelf.txRemoteAddress = ( oSelf.sRemoteHostname, oSelf.uRemotePort) = oSelf.__oPythonSocket.getpeername() if fbIsProvided(szRemoteHostname): oSelf.sRemoteHostname = szRemoteHostname oSelf.sRemoteAddress = "%s:%d" % (oSelf.sRemoteHostname, oSelf.uRemotePort) oSelf.fAddEvents("bytes read", "bytes written", "shutdown for reading", "shutdown for writing", "shutdown", "terminated")
def __init__(oSelf, *txArguments, **dxArguments): oSelf.__bStopping = False # A properties lock is used to make sure different threads can perform # multiple read/writes on properties of this instance as a single operation. oSelf.__oPropertiesLock = cLock( "%s.__oPropertiesLock" % oSelf.__class__.__name__, n0DeadlockTimeoutInSeconds=gnDeadlockTimeoutInSeconds) oSelf.__oWaitingUntilSomeStateLock = cLock( "%s.__oWaitingUntilSomeStateLock" % oSelf.__class__.__name__) oSelf.__oTransactionLock = cLock("%s.__oTransactionLock" % oSelf.__class__.__name__) oSelf.__n0TransactionEndTime = None super(cTransactionalBufferedTCPIPConnection, oSelf).__init__(*txArguments, **dxArguments) oSelf.fAddEvents("transaction started", "transaction ended")
def __init__(oSelf, fNewConnectionHandler, szHostname = zNotProvided, uzPort = zNotProvided, o0SSLContext = None, n0zSecureTimeoutInSeconds = zNotProvided): oSelf.__fNewConnectionHandler = fNewConnectionHandler; oSelf.__sHostname = fxGetFirstProvidedValue(szHostname, socket.gethostname()); oSelf.__uPort = fxGetFirstProvidedValue(uzPort, 443 if o0SSLContext else 80); oSelf.__o0SSLContext = o0SSLContext; assert o0SSLContext is None or c0SSLException is not None, \ "Cannot load SSL support"; oSelf.__n0zSecureTimeoutInSeconds = n0zSecureTimeoutInSeconds; oSelf.__bStopping = False; oSelf.__oTerminatedLock = cLock( "%s.__oTerminatedLock" % oSelf.__class__.__name__, bLocked = True ); oSelf.__oPythonSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0); oSelf.__oPythonSocket.settimeout(None); oSelf.__oPythonSocket.bind((oSelf.__sHostname, oSelf.__uPort)); oSelf.__oPythonSocket.listen(1); oSelf.__oMainThread = cThread(oSelf.__fMain); oSelf.__oMainThread.fStart(bVital = False); oSelf.fAddEvents( "new connection", # Fired first for both secure and nonsecure connections "new nonsecure connection", # Fired for nonsecure connections only. "new secure connection", # Fired after SSL negotiation has completed successfully. "connection cannot be secured", # Fired if SSL negotiation failed to complete successfully and before timeout. "terminated" # Fired when the acceptor stops accepting connections. );
def __init__( oSelf, o0zCertificateStore=zNotProvided, u0zMaxNumberOfConnectionsToServer=zNotProvided, n0zConnectTimeoutInSeconds=zNotProvided, n0zSecureTimeoutInSeconds=zNotProvided, n0zTransactionTimeoutInSeconds=zNotProvided, bAllowUnverifiableCertificates=False, bCheckHostname=True, ): oSelf.__o0CertificateStore = ( o0zCertificateStore if fbIsProvided(o0zCertificateStore) else c0CertificateStore() if c0CertificateStore else None) oSelf.__u0zMaxNumberOfConnectionsToServer = fxGetFirstProvidedValue( u0zMaxNumberOfConnectionsToServer, oSelf.u0zDefaultMaxNumberOfConnectionsToServer) # Timeouts can be provided through class default, instance defaults, or method call arguments. oSelf.__n0zConnectTimeoutInSeconds = fxzGetFirstProvidedValueIfAny( n0zConnectTimeoutInSeconds, oSelf.n0zDefaultConnectTimeoutInSeconds) oSelf.__n0zSecureTimeoutInSeconds = fxzGetFirstProvidedValueIfAny( n0zSecureTimeoutInSeconds, oSelf.n0zDefaultSecureTimeoutInSeconds) oSelf.__n0zTransactionTimeoutInSeconds = fxzGetFirstProvidedValueIfAny( n0zTransactionTimeoutInSeconds, oSelf.n0zDefaultTransactionTimeoutInSeconds) oSelf.__bAllowUnverifiableCertificates = bAllowUnverifiableCertificates oSelf.__bCheckHostname = bCheckHostname oSelf.__oPropertyAccessTransactionLock = cLock( "%s.__oPropertyAccessTransactionLock" % oSelf.__class__.__name__, n0DeadlockTimeoutInSeconds=gnDeadlockTimeoutInSeconds) oSelf.__doConnectionsToServerPool_by_sProtocolHostPort = {} oSelf.__bStopping = False oSelf.__oTerminatedLock = cLock("%s.__oTerminatedLock" % oSelf.__class__.__name__, bLocked=True) oSelf.fAddEvents( "connect failed", "new connection", "request sent", "response received", "request sent and response received", "connection terminated", "terminated", )
def __init__(oSelf, ftxRequestHandler, szHostname = zNotProvided, uzPort = zNotProvided, o0SSLContext = None, n0zTransactionTimeoutInSeconds = zNotProvided, n0zIdleTimeoutInSeconds = zNotProvided, ): assert not fbIsProvided(szHostname) or isinstance(szHostname, (str, unicode)), \ "Invalid szHostname %s" % repr(szHostname); assert not fbIsProvided(uzPort) or isinstance(uzPort, (int, long)), \ "Invalid uPort %s" % repr(uzPort); oSelf.__ftxRequestHandler = ftxRequestHandler; oSelf.__n0TransactionTimeoutInSeconds = fxGetFirstProvidedValue(n0zTransactionTimeoutInSeconds, oSelf.n0DefaultTransactionTimeoutInSeconds); oSelf.__n0IdleTimeoutInSeconds = fxGetFirstProvidedValue(n0zIdleTimeoutInSeconds, oSelf.n0DefaultIdleTimeoutInSeconds); oSelf.__oPropertyAccessTransactionLock = cLock( "%s.__oPropertyAccessTransactionLock" % oSelf.__class__.__name__, n0DeadlockTimeoutInSeconds = gnDeadlockTimeoutInSeconds ); oSelf.__aoConnections = []; oSelf.__aoConnectionThreads = []; oSelf.__bStopping = False; oSelf.__oTerminatedLock = cLock( "%s.__oTerminatedLock" % oSelf.__class__.__name__, bLocked = True ); oSelf.fAddEvents( "new connection", "idle timeout", "request error", "request received", "response error", "response sent", "request received and response sent", "connection terminated", "terminated" ); oSelf.__oConnectionAcceptor = cHTTPConnectionAcceptor( fNewConnectionHandler = oSelf.__fHandleNewConnection, szHostname = szHostname, uzPort = uzPort, o0SSLContext = o0SSLContext, n0zSecureTimeoutInSeconds = oSelf.__n0TransactionTimeoutInSeconds, ); oSelf.__oConnectionAcceptor.fAddCallback("terminated", oSelf.__HandleTerminatedCallbackFromConnectionAcceptor);
def __init__(oSelf): assert os.path.isdir(oSelf.__sOpenSSLFolderPath), \ "Cannot find OpenSSL folder %s; please download OpenSSL.exe into this folder." % oSelf.__sOpenSSLFolderPath assert os.path.isfile(oSelf.__sOpenSSLBinaryPath), \ "Cannot find OpenSSL binary %s; please download OpenSSL.exe into this folder." % oSelf.__sOpenSSLBinaryPath assert os.path.isdir(oSelf.__sOpenSSLCertificateAuthorityFolderPath), \ "Cannot find OpenSSL Certificate Authority folder %s" % oSelf.__sOpenSSLCertificateAuthorityFolderPath assert os.path.isfile(oSelf.__sOpenSSLIntermediateConfigFilePath), \ "Cannot find OpenSSL intermediate config file %s" % oSelf.__sOpenSSLIntermediateConfigFilePath assert os.path.isfile(oSelf.__sOpenSSLCACertificatesFilePath), \ "Cannot find OpenSSL CA Certificates file %s" % oSelf.__sOpenSSLCACertificatesFilePath oSelf.__oCacheLock = cLock( "%s.__oCacheLock" % oSelf.__class__.__name__, n0DeadlockTimeoutInSeconds=gnDeadlockTimeoutInSeconds) oSelf.__doCachedSSLContext_by_sHostname = {} if not os.path.isdir(oSelf.__sGeneratedCertificatesDatabaseFolderPath): os.mkdir(oSelf.__sGeneratedCertificatesDatabaseFolderPath) oSelf.fReset()
def __init__( oSelf, oProxyServerURL, bAllowUnverifiableCertificatesForProxy=False, bCheckProxyHostname=True, o0zCertificateStore=zNotProvided, u0zMaxNumberOfConnectionsToProxy=zNotProvided, n0zConnectToProxyTimeoutInSeconds=zNotProvided, n0zSecureConnectionToProxyTimeoutInSeconds=zNotProvided, n0zSecureConnectionToServerTimeoutInSeconds=zNotProvided, n0zTransactionTimeoutInSeconds=zNotProvided, bAllowUnverifiableCertificates=False, bCheckHostname=True, ): oSelf.oProxyServerURL = oProxyServerURL oSelf.__bAllowUnverifiableCertificatesForProxy = bAllowUnverifiableCertificatesForProxy oSelf.__bCheckProxyHostname = bCheckProxyHostname oSelf.__o0CertificateStore = ( o0zCertificateStore if fbIsProvided(o0zCertificateStore) else c0CertificateStore() if c0CertificateStore is not None else None) assert not oProxyServerURL.bSecure or oSelf.__o0CertificateStore, \ "Cannot use a secure proxy without the mSSL module!" oSelf.__u0MaxNumberOfConnectionsToProxy = fxGetFirstProvidedValue( u0zMaxNumberOfConnectionsToProxy, oSelf.u0DefaultMaxNumberOfConnectionsToProxy) # Timeouts for this instance default to the timeouts specified for the class. oSelf.__n0zConnectToProxyTimeoutInSeconds = fxzGetFirstProvidedValueIfAny( n0zConnectToProxyTimeoutInSeconds, oSelf.n0zDefaultConnectToProxyTimeoutInSeconds) oSelf.__n0zSecureConnectionToProxyTimeoutInSeconds = fxzGetFirstProvidedValueIfAny( n0zSecureConnectionToProxyTimeoutInSeconds, oSelf.n0zDefaultSecureConnectionToProxyTimeoutInSeconds) oSelf.__n0zSecureConnectionToServerTimeoutInSeconds = fxzGetFirstProvidedValueIfAny( n0zSecureConnectionToServerTimeoutInSeconds, oSelf.n0zDefaultSecureConnectionToServerTimeoutInSeconds) oSelf.__n0TransactionTimeoutInSeconds = fxGetFirstProvidedValue( n0zTransactionTimeoutInSeconds, oSelf.n0DefaultTransactionTimeoutInSeconds) oSelf.__bAllowUnverifiableCertificates = bAllowUnverifiableCertificates oSelf.__bCheckHostname = bCheckHostname if not oProxyServerURL.bSecure: oSelf.__o0ProxySSLContext = None else: assert oSelf.__o0CertificateStore, \ "A secure proxy cannot be used if no certificate store is available!" if bAllowUnverifiableCertificatesForProxy: oSelf.__o0ProxySSLContext = oSelf.__o0CertificateStore.foGetClientsideSSLContextWithoutVerification( ) else: oSelf.__o0ProxySSLContext = oSelf.__o0CertificateStore.foGetClientsideSSLContextForHostname( oProxyServerURL.sHostname, oSelf.__bCheckProxyHostname, ) oSelf.__oWaitingForConnectionToBecomeAvailableLock = cLock( "%s.__oWaitingForConnectionToBecomeAvailableLock" % oSelf.__class__.__name__, ) oSelf.__oPropertyAccessTransactionLock = cLock( "%s.__oPropertyAccessTransactionLock" % oSelf.__class__.__name__, n0DeadlockTimeoutInSeconds=gnDeadlockTimeoutInSeconds) oSelf.__aoConnectionsToProxyNotConnectedToAServer = [] oSelf.__doConnectionToProxyUsedForSecureConnectionToServer_by_sProtocolHostPort = {} oSelf.__doSecureConnectionToServerThroughProxy_by_sProtocolHostPort = {} oSelf.__bStopping = False oSelf.__oTerminatedLock = cLock("%s.__oTerminatedLock" % oSelf.__class__.__name__, bLocked=True) oSelf.fAddEvents( "connect failed", "new connection", # connect failed currently does not fire: assertions are triggered instead. "request sent", "response received", "request sent and response received", "secure connection established", "connection terminated", "terminated", )
def __init__( oSelf, szHostname=zNotProvided, uzPort=zNotProvided, o0ServerSSLContext=None, o0zCertificateStore=zNotProvided, o0ChainedProxyURL=None, o0ChainedProxyHTTPClient=None, bAllowUnverifiableCertificatesForChainedProxy=False, bCheckChainedProxyHostname=True, u0zMaxNumberOfConnectionsToChainedProxy=zNotProvided, # Connections to proxy use nzConnectTimeoutInSeconds n0zSecureConnectionToChainedProxyTimeoutInSeconds=zNotProvided, # Connections to proxy use nzTransactionTimeoutInSeconds o0InterceptSSLConnectionsCertificateAuthority=None, n0zConnectTimeoutInSeconds=zNotProvided, n0zSecureTimeoutInSeconds=zNotProvided, n0zTransactionTimeoutInSeconds=zNotProvided, bAllowUnverifiableCertificates=False, bCheckHostname=True, n0zSecureConnectionPipeTotalDurationTimeoutInSeconds=zNotProvided, n0zSecureConnectionPipeIdleTimeoutInSeconds=zNotProvided, u0zMaxNumberOfConnectionsToServer=zNotProvided, ): oSelf.__o0InterceptSSLConnectionsCertificateAuthority = o0InterceptSSLConnectionsCertificateAuthority oSelf.__n0zConnectTimeoutInSeconds = n0zConnectTimeoutInSeconds oSelf.__n0zSecureTimeoutInSeconds = fxzGetFirstProvidedValueIfAny( n0zSecureTimeoutInSeconds, oSelf.n0DefaultSecureTimeoutInSeconds) oSelf.__n0zTransactionTimeoutInSeconds = fxzGetFirstProvidedValueIfAny( n0zTransactionTimeoutInSeconds, oSelf.n0DefaultTransactionTimeoutInSeconds) oSelf.__bAllowUnverifiableCertificates = bAllowUnverifiableCertificates oSelf.__bCheckHostname = bCheckHostname oSelf.__n0SecureConnectionPipeTotalDurationTimeoutInSeconds = fxGetFirstProvidedValue( \ n0zSecureConnectionPipeTotalDurationTimeoutInSeconds, oSelf.n0DefaultSecureConnectionPipeTotalDurationTimeoutInSeconds) oSelf.__n0SecureConnectionPipeIdleTimeoutInSeconds = fxGetFirstProvidedValue( \ n0zSecureConnectionPipeIdleTimeoutInSeconds, oSelf.n0DefaultSecureConnectionPipeIdleTimeoutInSeconds) oSelf.__oPropertyAccessTransactionLock = cLock( "%s.__oPropertyAccessTransactionLock" % oSelf.__class__.__name__, n0DeadlockTimeoutInSeconds=gnDeadlockTimeoutInSeconds) oSelf.__aoSecureConnectionsFromClient = [] oSelf.__aoSecureConnectionThreads = [] oSelf.__bStopping = False oSelf.__oTerminatedLock = cLock("%s.__oTerminatedLock" % oSelf.__class__.__name__, bLocked=True) oSelf.fAddEvents( "new connection from client", "connect to server failed", "new connection to server", "request received from client", "request sent to server", "connection piped between client and server", "connection intercepted between client and server", "response received from server", "response sent to client", "request sent to and response received from server", "request received from and response sent to client", "connection to server terminated", "connection from client terminated", "client terminated", "server terminated", "terminated") # Create client if o0ChainedProxyHTTPClient: assert not o0ChainedProxyURL, \ "Cannot provide both a chained proxy URL (%s) and HTTP client (%s)" % \ (o0ChainedProxyURL, o0ChainedProxyHTTPClient) # Ideally, we want to check the caller did not provide any unapplicable arguments here, but that's a lot of # work, so I've pushed this out until it makes sense to add these checks oSelf.oHTTPClient = o0ChainedProxyHTTPClient oSelf.__bUsingChainedProxy = True elif o0ChainedProxyURL: # Ideally, we want to check the caller did not provide any unapplicable arguments here, but that's a lot of # work, so I've pushed this out until it makes sense to add these checks oSelf.oHTTPClient = cHTTPClientUsingProxyServer( oProxyServerURL = o0ChainedProxyURL, bAllowUnverifiableCertificatesForProxy = bAllowUnverifiableCertificatesForChainedProxy, bCheckProxyHostname = bCheckChainedProxyHostname, o0zCertificateStore = o0zCertificateStore, u0zMaxNumberOfConnectionsToProxy = fxGetFirstProvidedValue( \ u0zMaxNumberOfConnectionsToChainedProxy, oSelf.u0DefaultMaxNumberOfConnectionsToChainedProxy), n0zConnectToProxyTimeoutInSeconds = n0zConnectTimeoutInSeconds, n0zSecureConnectionToProxyTimeoutInSeconds = fxGetFirstProvidedValue( \ n0zSecureConnectionToChainedProxyTimeoutInSeconds, oSelf.n0DefaultSecureConnectionToChainedProxyTimeoutInSeconds), n0zSecureConnectionToServerTimeoutInSeconds = oSelf.__n0zSecureTimeoutInSeconds, n0zTransactionTimeoutInSeconds = oSelf.__n0zTransactionTimeoutInSeconds, bAllowUnverifiableCertificates = bAllowUnverifiableCertificates, bCheckHostname = bCheckHostname, ) oSelf.__bUsingChainedProxy = True else: # Ideally, we want to check the caller did not provide any unapplicable arguments here, but that's a lot of # work, so I've pushed this out until it makes sense to add these checks oSelf.oHTTPClient = cHTTPClient( o0zCertificateStore=o0zCertificateStore, u0zMaxNumberOfConnectionsToServer= u0zMaxNumberOfConnectionsToServer, n0zConnectTimeoutInSeconds=n0zConnectTimeoutInSeconds, n0zSecureTimeoutInSeconds=oSelf.__n0zSecureTimeoutInSeconds, n0zTransactionTimeoutInSeconds=oSelf. __n0zTransactionTimeoutInSeconds, bAllowUnverifiableCertificates=bAllowUnverifiableCertificates, bCheckHostname=bCheckHostname, ) oSelf.__bUsingChainedProxy = False # Create server oSelf.oHTTPServer = cHTTPServer( ftxRequestHandler=oSelf.__ftxRequestHandler, szHostname=szHostname, uzPort=uzPort, o0SSLContext=o0ServerSSLContext, ) # Forward events from client oSelf.oHTTPClient.fAddCallback( "connect failed", lambda oHTTPServer, sHostname, uPort, oException: oSelf.fFireCallbacks( "connect to server failed", sHostname, uPort, oException)) oSelf.oHTTPClient.fAddCallback( "new connection", lambda oHTTPServer, oConnection: oSelf.fFireCallbacks( "new connection to server", oConnection)) oSelf.oHTTPClient.fAddCallback( "request sent", lambda oHTTPServer, oConnection, oRequest: oSelf.fFireCallbacks( "request sent to server", oConnection, oRequest)) oSelf.oHTTPClient.fAddCallback( "response received", lambda oHTTPServer, oConnection, oResponse: oSelf.fFireCallbacks( "response received from server", oConnection, oResponse)) oSelf.oHTTPClient.fAddCallback( "request sent and response received", lambda oHTTPServer, oConnection, oRequest, oResponse: oSelf. fFireCallbacks("request sent to and response received from server", oConnection, oRequest, oResponse)) oSelf.oHTTPClient.fAddCallback( "connection terminated", lambda oHTTPServer, oConnection: oSelf.fFireCallbacks( "connection to server terminated", oConnection)) oSelf.oHTTPClient.fAddCallback( "terminated", oSelf.__fHandleTerminatedCallbackFromClient) # Forward events from server oSelf.oHTTPServer.fAddCallback( "new connection", lambda oHTTPServer, oConnection: oSelf.fFireCallbacks( "new connection from client", oConnection)) oSelf.oHTTPServer.fAddCallback( "request received", lambda oHTTPServer, oConnection, oRequest: oSelf.fFireCallbacks( "request received from client", oConnection, oRequest)) oSelf.oHTTPServer.fAddCallback( "response sent", lambda oHTTPServer, oConnection, oResponse: oSelf.fFireCallbacks( "response sent to client", oConnection, oResponse)) oSelf.oHTTPServer.fAddCallback( "request received and response sent", lambda oHTTPServer, oConnection, oRequest, oResponse: oSelf. fFireCallbacks("request received from and response sent to client", oConnection, oRequest, oResponse)) oSelf.oHTTPServer.fAddCallback( "connection terminated", lambda oHTTPServer, oConnection: oSelf.fFireCallbacks( "connection from client terminated", oConnection)) oSelf.oHTTPServer.fAddCallback( "terminated", oSelf.__fHandleTerminatedCallbackFromServer)
def __init__(oSelf, oConsole, sHostname, uPort, sName, bListen=True, bAccept=True, u0MinRequestBytes=None, u0MaxRequestBytes=None, s0Response=None, bShutdownForReading=False, bShutdownForWriting=False, bDisconnect=False): oSelf.oConsole = oConsole # not imported but passed as an argument because it may not be available, in which case a stub is used. oSelf.sHostname = sHostname oSelf.uPort = uPort oSelf.sName = sName oSelf.oServerSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) # oSelf.oServerSocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1); # Do not go to TIME_WAIT after close. oSelf.oConsole.fOutput( DIM, "* ", oSelf.sName, " test server: binding to %s:%d..." % (sHostname, uPort)) oSelf.oServerSocket.bind((sHostname, uPort)) oSelf.bListening = bListen oSelf.bAccepting = bListen and bAccept oSelf.oTerminatedLock = cLock("Terminated lock", bLocked=True) if not bListen: oSelf.oConsole.fOutput(DIM, "* ", oSelf.sName, " test server: closing server socket...") oSelf.oServerSocket.close() else: oSelf.bStopping = False # If we are accepting connections, allow the next connection to be queued while we're handling the current # connection (see below) oSelf.oConsole.fOutput(DIM, "* ", oSelf.sName, " test server: listening...") oSelf.oServerSocket.listen(1 if bAccept else 0) oSelf.u0MinRequestBytes = u0MinRequestBytes if u0MinRequestBytes is not None: assert bAccept, "Cannot have `bAccept is False` and `u0MinRequestBytes is not None`!" assert u0MaxRequestBytes is not None, "Cannot have `u0MinRequestBytes is not None` if `u0MaxRequestBytes is None`!" oSelf.uMaxRequestBytes = u0MaxRequestBytes assert bAccept or s0Response is None, "Cannot have `bAccept is False` and `s0Response is not None`!" oSelf.s0Response = s0Response assert bAccept or not bShutdownForReading, "Cannot have `bAccept is False` and `bShutdownForReading is True`!" oSelf.bShutdownForReading = bShutdownForReading assert bAccept or not bShutdownForWriting, "Cannot have `bAccept is False` and `bShutdownForWriting is True`!" oSelf.bShutdownForWriting = bShutdownForWriting assert bAccept or not bShutdownForWriting, "Cannot have `bAccept is False` and `bDisconnect is True`!" oSelf.bDisconnect = bDisconnect if not bAccept: # If we are NOT accepting connections, make a connection to the server but we do not # accept it. Further connections cannot be made until it is accepted but will be queued # This is because we've told the socket not to queue additional connections (see above). oSelf.oHelperClientSocket = socket.socket( socket.AF_INET, socket.SOCK_STREAM, 0) oSelf.oHelperClientSocket.connect((sHostname, uPort)) oSelf.oConsole.fOutput( DIM, "* ", oSelf.sName, " test server: NOT accepting connections...") else: oSelf.oServerThreadStartedLock = cLock( "Server thread started lock", bLocked=True) oSelf.oServerThread = cThread(oSelf.fServerThread) oSelf.oServerThread.fStart(bVital=False) oSelf.oServerThreadStartedLock.fWait()
def __init__(oSelf, o0zCertificateStore = zNotProvided, bAllowUnverifiableCertificatesForProxy = False, bCheckProxyHostname = True, u0zMaxNumberOfConnectionsToServerWithoutProxy = zNotProvided, u0zMaxNumberOfConnectionsToProxy = zNotProvided, n0zConnectTimeoutInSeconds = zNotProvided, n0zSecureTimeoutInSeconds = zNotProvided, n0zTransactionTimeoutInSeconds = zNotProvided, n0zConnectToProxyTimeoutInSeconds = zNotProvided, n0zSecureConnectionToProxyTimeoutInSeconds = zNotProvided, n0zSecureConnectionToServerTimeoutInSeconds = zNotProvided, bAllowUnverifiableCertificates = False, bCheckHostname = True, ): oSelf.__hInternet = oWinHTTPDLL.WinHttpOpen( LPCWSTR("User-Agent"), # LPCWSTR pszAgentW WINHTTP_ACCESS_TYPE_AUTOMATIC_PROXY, # DWORD dwAccessType WINHTTP_NO_PROXY_NAME, # LPCWSTR pszProxyW WINHTTP_NO_PROXY_BYPASS, # LPCWSTR pszProxyBypassW NULL, # DWORD dwFlags ); if oSelf.__hInternet == NULL: oKernel32 = foLoadKernel32DLL(); odwLastError = oKernel32.GetLastError(); raise AssertionError("Cannot initialize WinHTTP: error 0x%X" % (odwLastError.value,)); # This code will instantiate other classes to make requests. A single certificate store instance is used by all # these instances. oSelf.__o0CertificateStore = ( o0zCertificateStore if fbIsProvided(o0zCertificateStore) else c0CertificateStore() if c0CertificateStore else None ); oSelf.__bAllowUnverifiableCertificatesForProxy = bAllowUnverifiableCertificatesForProxy; oSelf.__bCheckProxyHostname = bCheckProxyHostname; # oSelf.__u0zMaxNumberOfConnectionsToServerWithoutProxy = fxzGetFirstProvidedValueIfAny(u0zMaxNumberOfConnectionsToServerWithoutProxy, oSelf.u0zDefaultMaxNumberOfConnectionsToServerWithoutProxy); # oSelf.__u0zMaxNumberOfConnectionsToProxy = fxzGetFirstProvidedValueIfAny(u0zMaxNumberOfConnectionsToProxy, oSelf.u0zDefaultMaxNumberOfConnectionsToProxy); # Timeouts can be provided through class default, instance defaults, or method call arguments. oSelf.__n0zConnectTimeoutInSeconds = fxzGetFirstProvidedValueIfAny(n0zConnectTimeoutInSeconds, oSelf.n0zDefaultConnectTimeoutInSeconds); oSelf.__n0zSecureTimeoutInSeconds = fxzGetFirstProvidedValueIfAny(n0zSecureTimeoutInSeconds, oSelf.n0zDefaultSecureTimeoutInSeconds); oSelf.__n0zTransactionTimeoutInSeconds = fxzGetFirstProvidedValueIfAny(n0zTransactionTimeoutInSeconds, oSelf.n0zDefaultTransactionTimeoutInSeconds); # oSelf.__n0zConnectToProxyTimeoutInSeconds = fxzGetFirstProvidedValueIfAny(n0zConnectToProxyTimeoutInSeconds, oSelf.n0zDefaultConnectToProxyTimeoutInSeconds); oSelf.__n0zSecureConnectionToProxyTimeoutInSeconds = fxzGetFirstProvidedValueIfAny(n0zSecureConnectionToProxyTimeoutInSeconds, oSelf.n0zDefaultSecureConnectionToProxyTimeoutInSeconds); # oSelf.__n0zSecureConnectionToServerTimeoutInSeconds = fxzGetFirstProvidedValueIfAny(n0zSecureConnectionToServerTimeoutInSeconds, oSelf.n0zDefaultSecureConnectionToServerTimeoutInSeconds); # oSelf.__bAllowUnverifiableCertificates = bAllowUnverifiableCertificates; oSelf.__bCheckHostname = bCheckHostname; ############################# oSelf.__oPropertyAccessTransactionLock = cLock( "%s.__oPropertyAccessTransactionLock" % oSelf.__class__.__name__, n0DeadlockTimeoutInSeconds = gnDeadlockTimeoutInSeconds ); oSelf.__oDirectHTTPClient = None; oSelf.__doHTTPClientUsingProxyServer_by_sLowerProxyServerURL = {}; oSelf.__bStopping = False; oSelf.__oTerminatedLock = cLock("%s.__oTerminatedLock" % oSelf.__class__.__name__, bLocked = True); oSelf.fAddEvents( "proxy selected", "new direct client", "new client using proxy server", "connect failed", "new connection", "request sent", "response received", "request sent and response received", "secure connection established", "connection terminated", "direct client terminated", "client using proxy server terminated", "terminated", );
from .cSSLContext import cSSLContext from mMultiThreading import cLock gsMainFolderPath = os.path.dirname(__file__) # To turn access to data store in multiple variables into a single transaction, we will create locks. # These locks should only ever be locked for a short time; if it is locked for too long, it is considered a "deadlock" # bug, where "too long" is defined by the following value: gnDeadlockTimeoutInSeconds = 30 # We will be accessing files and executing code, so this should suffice. # Since we can generate these files, we need a lock to prevent race conditions when # two files want to generate a certificate for the same hostname. goCertificateFilesLock = cLock( "cCertificateAuthority.py/goCertificateFilesLock", # If this lock is held for a long enough time while another thread is attempting to acquire it, report an error: n0DeadlockTimeoutInSeconds=gnDeadlockTimeoutInSeconds, ) dGeneratedCertificatesDatabaseFile_sResetContent_by_sName = { "intermediate-database": "", "intermediate-serial": "0000", } class cCertificateAuthority(object): __sOpenSSLFolderPath = os.path.join(gsMainFolderPath, "OpenSSL") __sOpenSSLBinaryPath = os.path.join(__sOpenSSLFolderPath, "OpenSSL.exe") __sOpenSSLCertificateAuthorityFolderPath = os.path.join( gsMainFolderPath, "CA")