def __init__(self, sock, keyfile, certfile, ca_certs, do_handshake_on_connect, server_side): self.sock = sock self.engine = _get_ssl_context(keyfile, certfile, ca_certs).createSSLEngine() self.engine.setUseClientMode(not server_side) self.ssl_handler = SslHandler(self.engine) self.already_handshaked = False self.do_handshake_on_connect = do_handshake_on_connect if self.do_handshake_on_connect and hasattr(self.sock, "connected") and self.sock.connected: self.already_handshaked = True print "Adding SSL handler to pipeline..." self.sock.channel.pipeline().addFirst("ssl", self.ssl_handler) self.sock._post_connect() self.sock._notify_selectors() self.sock._unlatch() def handshake_step(x): print "Handshaking result", x if not hasattr(self.sock, "activity_latch"): # need a better discriminant self.sock._post_connect() self.sock._notify_selectors() self.ssl_handler.handshakeFuture().addListener(handshake_step)
class SSLSocket(object): def __init__(self, sock, keyfile, certfile, ca_certs, do_handshake_on_connect, server_side): self.sock = sock self.engine = _get_ssl_context(keyfile, certfile, ca_certs).createSSLEngine() self.engine.setUseClientMode(not server_side) self.ssl_handler = SslHandler(self.engine) self.already_handshaked = False self.do_handshake_on_connect = do_handshake_on_connect if self.do_handshake_on_connect and hasattr(self.sock, "connected") and self.sock.connected: self.already_handshaked = True print "Adding SSL handler to pipeline..." self.sock.channel.pipeline().addFirst("ssl", self.ssl_handler) self.sock._post_connect() self.sock._notify_selectors() self.sock._unlatch() def handshake_step(x): print "Handshaking result", x if not hasattr(self.sock, "activity_latch"): # need a better discriminant self.sock._post_connect() self.sock._notify_selectors() self.ssl_handler.handshakeFuture().addListener(handshake_step) def connect(self, addr): print "SSL connect", self.do_handshake_on_connect self.sock._connect(addr) if self.do_handshake_on_connect: self.already_handshaked = True if self.sock.connected: print "Adding SSL handler to pipeline..." self.sock.channel.pipeline().addFirst("ssl", self.ssl_handler) else: print "Adding connect handlers to setup..." self.sock.connect_handlers.append(SSLInitializer(self.ssl_handler)) def send(self, data): return self.sock.send(data) def recv(self, bufsize, flags=0): return self.sock.recv(bufsize, flags) def close(self): # should this also ssl unwrap the channel? self.sock.close() def shutdown(self, how): self.sock.shutdown(how) def _readable(self): return self.sock._readable() def _writable(self): return self.sock._writable() def _register_selector(self, selector): self.sock._register_selector(selector) def _unregister_selector(self, selector): return self.sock._unregister_selector(selector) def _notify_selectors(self): self.sock._notify_selectors() def do_handshake(self): if not self.already_handshaked: print "Not handshaked, so adding SSL handler" self.already_handshaked = True self.sock.channel.pipeline().addFirst("ssl", self.ssl_handler) def getpeername(self): return self.sock.getpeername() def fileno(self): return self.sock
def initChannel(self, ch): pipeline = ch.pipeline() engine = SSLContext.getDefault().createSSLEngine() engine.setUseClientMode(True); pipeline.addLast("ssl", SslHandler(engine))