def __init__(self, callback): self._problems = [] @wraps(callback) def wrapper(ok, store_ctx): cert = X509.__new__(X509) cert._x509 = _lib.X509_STORE_CTX_get_current_cert(store_ctx) error_number = _lib.X509_STORE_CTX_get_error(store_ctx) error_depth = _lib.X509_STORE_CTX_get_error_depth(store_ctx) index = _lib.SSL_get_ex_data_X509_STORE_CTX_idx() ssl = _lib.X509_STORE_CTX_get_ex_data(store_ctx, index) connection = Connection._reverse_mapping[ssl] try: result = callback(connection, cert, error_number, error_depth, ok) except Exception as e: self._problems.append(e) return 0 else: if result: _lib.X509_STORE_CTX_set_error(store_ctx, _lib.X509_V_OK) return 1 else: return 0 self.callback = _ffi.callback( "int (*)(int, X509_STORE_CTX *)", wrapper)
def set_npn_select_callback(self, callback): """ Specify a callback function that will be called when a server offers Next Protocol Negotiation options. :param callback: The callback function. It will be invoked with two arguments: the Connection, and a list of offered protocols as length-prefixed strings in a bytestring, e.g. b'\\x08http/1.1\\x06spdy/2'. It should return one of those bytestrings, the chosen protocol. """ @wraps(callback) def wrapper(ssl, out, outlen, in_, inlen, arg): outstr = callback( Connection._reverse_mapping[ssl], _ffi.string(in_)) self._npn_select_callback_args = [ _ffi.new("unsigned char *", len(outstr)), _ffi.new("unsigned char[]", outstr), ] outlen[0] = self._npn_select_callback_args[0][0] out[0] = self._npn_select_callback_args[1] return 0 self._npn_select_callback = _ffi.callback( "int (*)(SSL *, unsigned char **, unsigned char *, " "const unsigned char *, unsigned int, void *)", wrapper) _lib.SSL_CTX_set_next_proto_select_cb( self._context, self._npn_select_callback, _ffi.NULL)
def set_npn_advertise_callback(self, callback): """ Specify a callback function that will be called when offering Next Protocol Negotiation. :param callback: The callback function. It will be invoked with one argument, the Connection instance. It should return a Python bytestring, like b'\\x08http/1.1\\x06spdy/2'. """ @wraps(callback) def wrapper(ssl, out, outlen, arg): outstr = callback(Connection._reverse_mapping[ssl]) self._npn_advertise_callback_args = [ _ffi.new("unsigned int *", len(outstr)), _ffi.new("unsigned char[]", outstr), ] outlen[0] = self._npn_advertise_callback_args[0][0] out[0] = self._npn_advertise_callback_args[1] return 0 self._npn_advertise_callback = _ffi.callback( "int (*)(SSL *, const unsigned char **, unsigned int *, void *)", wrapper) _lib.SSL_CTX_set_next_protos_advertised_cb( self._context, self._npn_advertise_callback, _ffi.NULL)
def __init__(self, connection, callback): self._problems = [] @wraps(callback) def wrapper(ok, store_ctx): cert = X509.__new__(X509) cert._x509 = _lib.X509_STORE_CTX_get_current_cert(store_ctx) error_number = _lib.X509_STORE_CTX_get_error(store_ctx) error_depth = _lib.X509_STORE_CTX_get_error_depth(store_ctx) try: result = callback(connection, cert, error_number, error_depth, ok) except Exception as e: self._problems.append(e) return 0 else: if result: _lib.X509_STORE_CTX_set_error(store_ctx, _lib.X509_V_OK) return 1 else: return 0 self.callback = _ffi.callback("int (*)(int, X509_STORE_CTX *)", wrapper)
def set_info_callback(self, callback): """ Set the info callback :param callback: The Python callback to use :return: None """ @wraps(callback) def wrapper(ssl, where, return_code): callback(Connection._reverse_mapping[ssl], where, return_code) self._info_callback = _ffi.callback( "void (*)(const SSL *, int, int)", wrapper) _lib.SSL_CTX_set_info_callback(self._context, self._info_callback)
def set_info_callback(self, callback): """ Set the info callback :param callback: The Python callback to use :return: None """ @wraps(callback) def wrapper(ssl, where, return_code): callback(Connection._reverse_mapping[ssl], where, return_code) self._info_callback = _ffi.callback( "void (*)(const SSL *, int, int)", wrapper) _lib.SSL_CTX_set_info_callback(self._context, self._info_callback)
def set_tlsext_servername_callback(self, callback): """ Specify a callback function to be called when clients specify a server name. :param callback: The callback function. It will be invoked with one argument, the Connection instance. """ @wraps(callback) def wrapper(ssl, alert, arg): callback(Connection._reverse_mapping[ssl]) return 0 self._tlsext_servername_callback = _ffi.callback( "int (*)(const SSL *, int *, void *)", wrapper) _lib.SSL_CTX_set_tlsext_servername_callback( self._context, self._tlsext_servername_callback)
def set_tlsext_servername_callback(self, callback): """ Specify a callback function to be called when clients specify a server name. :param callback: The callback function. It will be invoked with one argument, the Connection instance. """ @wraps(callback) def wrapper(ssl, alert, arg): callback(Connection._reverse_mapping[ssl]) return 0 self._tlsext_servername_callback = _ffi.callback( "int (*)(const SSL *, int *, void *)", wrapper) _lib.SSL_CTX_set_tlsext_servername_callback( self._context, self._tlsext_servername_callback)