def _sslHandshake( sock, sslContext, reactor, callback=None ) : def doCancel() : acceptOp.cancel() sslAbort( sslConn ) def onSSLAccept( err ) : global logger if err is not None : sslAbort( sslConn ) op.notify( None ) return try : peerCert = sslConn.getPeerCertificate() peerKey = RSAKey() peerKey.fromPKey_PublicKey(peerCert.get_pubkey()) CN = peerCert.get_subject().CN if CN.count('@'): peerName, peerKeyID = CN.split('@') else: peerName, peerKeyID = CN, '' except (SSLError,X509Error,RSAError) : logger.exception('ssl accept error') sslAbort( sslConn ) op.notify( None ) return data = (sslConn,peerKey,peerName,peerKeyID) # logger.info('onSSLAccept SUCCESSFUL with %s' % str(peerName)) op.notify( data ) sslConn = SSLConnection( sslContext, sock ) sslConn.setAcceptState() acceptOp = sslAccept( sslConn, reactor, onSSLAccept ) op = AsyncOp( callback, doCancel ) return op
peerName, peerKeyID = CN.split('@') else: peerName, peerKeyID = CN, '' except (SSLError,X509Error,RSAError), e : logger.exception( 'ssl connect error' ) sslAbort( sslConn ) op.notify( None ) return if peerKey.toDER_PublicKey() != remotePublicKey.toDER_PublicKey() : logger.error( 'ssl connect public key mismatch' ) sslAbort( sslConn ) op.notify( None ) return # logger.info('onSSLConnect SUCCESSFUL with %s' % str(peerName)) op.notify( sslConn ) sslConn = SSLConnection( sslContext, sock ) sslConn.setConnectState() connectOp = sslConnect( sslConn, reactor, onSSLConnect ) op = AsyncOp( callback, doCancel ) return op def _directConnect( sslContext, remotePublicKey, directLocation, reactor, callback=None ) : def onConnect( connector ) : if connector.getError() != 0 : op.notify( None ) return authOp = _authenticateUser( connector.getSock(), sslContext, remotePublicKey, reactor, op.notify ) op.setCanceler( authOp.cancel ) connectOp = tcpConnect( directLocation.addr, reactor, onConnect )