def _handleHandshakeTimeout(self): # If we are here, we failed to do the handshake before the timeout. # We close the connection and raise an ReqlTimeoutError in the # wait_for_handshake deferred. self._open = False self.transport.loseConnection() self.wait_for_handshake.errback(ReqlTimeoutError())
def connect(self, timeout): factory = DatabaseProtoFactory(timeout, self._handleResponse, self._parent.handshake) # We connect to the server, and send the handshake payload. pConnection = None try: pConnection = yield self._connectTimeout(factory, timeout) except Exception as e: raise ReqlDriverError( 'Could not connect to {p.host}:{p.port}. Error: {exc}'.format( p=self._parent, exc=str(e))) # Now, we need to wait for the handshake. try: yield pConnection.wait_for_handshake except ReqlAuthError as e: raise except ReqlTimeoutError as e: raise ReqlTimeoutError(self._parent.host, self._parent.port) except Exception as e: raise ReqlDriverError( 'Connection interrupted during handshake with {p.host}:{p.port}. Error: {exc}' .format(p=self._parent, exc=str(e))) self._connection = pConnection returnValue(self._parent)
def with_absolute_timeout(deadline, generator, **kwargs): if deadline is None: res = yield generator else: try: res = yield gen.with_timeout(deadline, generator, **kwargs) except gen.TimeoutError: raise ReqlTimeoutError() raise gen.Return(res)
def _connectTimeout(self, factory, timeout): try: # TODO: use ssl options # TODO: this doesn't work for literal IPv6 addresses like '::1' args = "tcp:%s:%d" % (self._parent.host, self._parent.port) if timeout is not None: args = args + (":timeout=%d" % timeout) endpoint = clientFromString(reactor, args) p = yield endpoint.connect(factory) returnValue(p) except TimeoutError: raise ReqlTimeoutError()
def recvall(self, length, deadline): res = b'' if self._read_buffer is None else self._read_buffer timeout = None if deadline is None else max(0, deadline - time.time()) self._socket.settimeout(timeout) while len(res) < length: while True: try: chunk = self._socket.recv(length - len(res)) self._socket.settimeout(None) break except socket.timeout: self._read_buffer = res self._socket.settimeout(None) raise ReqlTimeoutError(self.host, self.port) except IOError as ex: if ex.errno == errno.ECONNRESET: self.close() raise ReqlDriverError("Connection is closed.") elif ex.errno == errno.EWOULDBLOCK: self.close() # This should only happen with a timeout of 0 raise ReqlTimeoutError(self.host, self.port) elif ex.errno != errno.EINTR: raise ReqlDriverError(('Connection interrupted ' + 'receiving from %s:%s - %s') % (self.host, self.port, str(ex))) except Exception as ex: self.close() raise ReqlDriverError('Error receiving from %s:%s - %s' % (self.host, self.port, str(ex))) if len(chunk) == 0: self.close() raise ReqlDriverError("Connection is closed.") res += chunk return res
def connect(self, timeout): deadline = None if timeout is None else self._io_loop.time() + timeout try: if len(self._parent.ssl) > 0: ssl_options = {} if self._parent.ssl["ca_certs"]: ssl_options['ca_certs'] = self._parent.ssl["ca_certs"] ssl_options['cert_reqs'] = 2 # ssl.CERT_REQUIRED stream_future = TCPClient().connect(self._parent.host, self._parent.port, ssl_options=ssl_options) else: stream_future = TCPClient().connect(self._parent.host, self._parent.port) self._stream = yield with_absolute_timeout( deadline, stream_future, io_loop=self._io_loop, quiet_exceptions=(iostream.StreamClosedError)) except Exception as err: raise ReqlDriverError( 'Could not connect to %s:%s. Error: %s' % (self._parent.host, self._parent.port, str(err))) self._stream.socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) self._stream.socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) try: self._parent.handshake.reset() response = None while True: request = self._parent.handshake.next_message(response) if request is None: break # This may happen in the `V1_0` protocol where we send two requests as # an optimization, then need to read each separately if request is not "": self._stream.write(request) response = yield with_absolute_timeout( deadline, self._stream.read_until(b'\0'), io_loop=self._io_loop, quiet_exceptions=(iostream.StreamClosedError)) response = response[:-1] except ReqlAuthError: try: self._stream.close() except iostream.StreamClosedError: pass raise except ReqlTimeoutError: try: self._stream.close() except iostream.StreamClosedError: pass raise ReqlTimeoutError(self._parent.host, self._parent.port) except Exception as err: try: self._stream.close() except iostream.StreamClosedError: pass raise ReqlDriverError( 'Connection interrupted during handshake with %s:%s. Error: %s' % (self._parent.host, self._parent.port, str(err))) # Start a parallel function to perform reads self._io_loop.add_callback(self._reader) raise gen.Return(self._parent)
def translate_timeout_errors(): try: yield except asyncio.TimeoutError: raise ReqlTimeoutError()
def __init__(self, parent, timeout): self.host = parent._parent.host self.port = parent._parent.port self._read_buffer = None self._socket = None self.ssl = parent._parent.ssl deadline = time.time() + timeout try: self._socket = socket.create_connection((self.host, self.port), timeout) self._socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) if len(self.ssl) > 0: try: if hasattr(ssl, 'SSLContext'): # Python2.7 and 3.2+, or backports.ssl ssl_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) if hasattr(ssl_context, "options"): ssl_context.options |= getattr(ssl, "OP_NO_SSLv2", 0) ssl_context.options |= getattr(ssl, "OP_NO_SSLv3", 0) ssl_context.verify_mode = ssl.CERT_REQUIRED ssl_context.check_hostname = True # redundant with match_hostname ssl_context.load_verify_locations(self.ssl["ca_certs"]) self._socket = ssl_context.wrap_socket(self._socket, server_hostname=self.host) else: # this does not disable SSLv2 or SSLv3 self._socket = ssl.wrap_socket( self._socket, cert_reqs=ssl.CERT_REQUIRED, ssl_version=ssl.PROTOCOL_SSLv23, ca_certs=self.ssl["ca_certs"]) except IOError as err: self._socket.close() if 'EOF occurred in violation of protocol' in str( err) or 'sslv3 alert handshake failure' in str(err): # probably on an older version of OpenSSL raise ReqlDriverError( "SSL handshake failed, likely because Python is linked against an old version of OpenSSL " "that does not support either TLSv1.2 or any of the allowed ciphers. This can be worked " "around by lowering the security setting on the server with the options " "`--tls-min-protocol TLSv1 --tls-ciphers " "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:AES256-SHA` (see server log for more " "information): %s" % str(err) ) else: raise ReqlDriverError( "SSL handshake failed (see server log for more information): %s" % str(err)) try: match_hostname(self._socket.getpeercert(), hostname=self.host) except CertificateError: self._socket.close() raise parent._parent.handshake.reset() response = None while True: request = parent._parent.handshake.next_message(response) if request is None: break # This may happen in the `V1_0` protocol where we send two requests as # an optimization, then need to read each separately if request is not "": self.sendall(request) # The response from the server is a null-terminated string response = b'' while True: char = self.recvall(1, deadline) if char == b'\0': break response += char except (ReqlAuthError, ReqlTimeoutError): self.close() raise except ReqlDriverError as ex: self.close() error = str(ex)\ .replace('receiving from', 'during handshake with')\ .replace('sending to', 'during handshake with') raise ReqlDriverError(error) except socket.timeout as ex: self.close() raise ReqlTimeoutError(self.host, self.port) except Exception as ex: self.close() raise ReqlDriverError("Could not connect to %s:%s. Error: %s" % (self.host, self.port, str(ex)))
def raise_timeout(errback): if isinstance(errback.value, CancelledError): raise ReqlTimeoutError() else: raise errback.value
def wait_canceller(d): d.errback(ReqlTimeoutError())