def _do_ssl_handshake(self): try: self._handshake_reading = False self._handshake_writing = False if not self._done_setup: self.socket.setup_ssl() # This server_side was added when creating the Connection # it is not a standard attribute if self.socket.server_side: self.socket.set_accept_state() else: self.socket.set_connect_state() self._done_setup = True # Actual accept/connect logic if self.socket.server_side: res = self.socket.accept_ssl() else: res = self.socket.connect_ssl() if res == 0: # TODO: We should somehow get SSL_WANT_READ/WRITE here # and then set the correct flag, although it does # work as long as one of them gets set self._handshake_reading = True #self._handshake_writing = True return if res < 0: err_num = self.socket.ssl_get_error(res) gen_log.error("Err: %s" % err_num) gen_log.error("Err Str: %s" % Err.get_error_reason(err_num)) return self.close() except SSL.SSLError as e: raise except socket.error as err: gen_log.error("Socket error!") # Some port scans (e.g. nmap in -sT mode) have been known # to cause do_handshake to raise EBADF and ENOTCONN, so make # those errors quiet as well. # https://groups.google.com/forum/?fromgroups#!topic/python-tornado/ApucKJat1_0 if (self._is_connreset(err) or err.args[0] in (errno.EBADF, errno.ENOTCONN)): return self.close(exc_info=err) raise except AttributeError as err: # On Linux, if the connection was reset before the call to # wrap_socket, do_handshake will fail with an # AttributeError. return self.close(exc_info=err) else: self._ssl_accepting = False if not self._verify_cert(self.socket.get_peer_cert()): gen_log.error("VALIDATION FAILED!") self.close() return gen_log.debug("Connect complete! (Sever: %s)!" % self.socket.server_side) self._run_ssl_connect_callback()
def test_no_error(self): # Protection against gl#m2crypto/m2crypto#258 self.assertEqual(Err.get_error_reason(0), '')