Python CertificateSecurityError示例

示例#1

文件： dispatcher.py 项目： shnoppel/mediaproxy

 def connectionMade(self):
     if DispatcherConfig.management_use_tls and DispatcherConfig.management_passport is not None:
         peer_cert = self.transport.getPeerCertificate()
         if not DispatcherConfig.management_passport.accept(peer_cert):
             self.transport.loseConnection(
                 CertificateSecurityError('peer certificate not accepted'))
             return

示例#2

文件： relay.py 项目： wzugang/mediaproxy

 def connectionMade(self):
     peer = self.transport.getPeer()
     log.debug("Connected to dispatcher at %s:%d" % (peer.host, peer.port))
     if RelayConfig.passport is not None:
         peer_cert = self.transport.getPeerCertificate()
         if not RelayConfig.passport.accept(peer_cert):
             self.transport.loseConnection(CertificateSecurityError('peer certificate not accepted'))
     self._connection_watcher = RecurrentCall(RelayConfig.keepalive_interval, self._send_keepalive)

示例#3

文件： dispatcher.py 项目： shnoppel/mediaproxy

 def connectionMade(self):
     if DispatcherConfig.passport is not None:
         peer_cert = self.transport.getPeerCertificate()
         if not DispatcherConfig.passport.accept(peer_cert):
             self.transport.loseConnection(
                 CertificateSecurityError('peer certificate not accepted'))
             return
     self.authenticated = True
     self.factory.new_relay(self)

示例#4

文件： connection.py 项目： uuip/python3-gnutls

 def verify_peer(self):
     status = c_uint()
     gnutls_certificate_verify_peers2(self._c_object, byref(status))
     status = status.value
     if status & GNUTLS_CERT_SIGNER_NOT_FOUND:
         raise CertificateAuthorityError(
             "peer certificate signer not found", self.peer_certificate,
             self.context)
     elif status & GNUTLS_CERT_SIGNER_NOT_CA:
         raise CertificateAuthorityError(
             "peer certificate signer is not a CA", self.peer_certificate,
             self.context)
     elif status & GNUTLS_CERT_INVALID:
         raise CertificateError("peer certificate invalid",
                                self.peer_certificate, self.context)
     elif status & GNUTLS_CERT_INSECURE_ALGORITHM:
         raise CertificateSecurityError(
             "peer certificate uses an insecure algorithm ",
             self.peer_certificate, self.context)
     elif status & GNUTLS_CERT_REVOKED:
         raise CertificateRevokedError("peer certificate was revoked",
                                       self.peer_certificate, self.context)

示例#5

文件： errors.py 项目： uuip/python3-gnutls

 def check_status(cls, retcode, function, args):
     if retcode >= 0:
         return retcode
     elif retcode == -1:
         raise GNUTLSError(
             getattr(function, "errmsg", None) or ErrorMessage(retcode))
     elif retcode == GNUTLS_E_AGAIN:
         raise OperationWouldBlock(gnutls_strerror(retcode))
     elif retcode == GNUTLS_E_INTERRUPTED:
         raise OperationInterrupted(gnutls_strerror(retcode))
     elif retcode in (GNUTLS_E_MEMORY_ERROR, GNUTLS_E_SHORT_MEMORY_BUFFER):
         raise MemoryError(ErrorMessage(retcode))
     elif retcode == GNUTLS_E_NO_CERTIFICATE_FOUND:
         raise CertificateSecurityError(gnutls_strerror(retcode))
     elif retcode == GNUTLS_E_FATAL_ALERT_RECEIVED:
         exception = cls.alert_map.get(gnutls_alert_get(args[0]))
         raise exception and exception.__class__(
             *exception.args) or GNUTLSError(ErrorMessage(retcode))
     elif retcode == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE:
         raise RequestedDataNotAvailable(gnutls_strerror(retcode))
     else:
         raise GNUTLSError(ErrorMessage(retcode))

示例#6

文件： errors.py 项目： uuip/python3-gnutls

class ErrorHandler(object):
    alert_map = {
        GNUTLS_A_BAD_CERTIFICATE:
        CertificateError("peer rejected our certificate as invalid"),
        GNUTLS_A_UNKNOWN_CA:
        CertificateAuthorityError(
            "peer does not trust our certificate authority"),
        GNUTLS_A_INSUFFICIENT_SECURITY:
        CertificateSecurityError("peer rejected us on insufficient security"),
        GNUTLS_A_CERTIFICATE_EXPIRED:
        CertificateExpiredError("peer rejected our certificate as expired"),
        GNUTLS_A_CERTIFICATE_REVOKED:
        CertificateRevokedError("peer rejected our certificate as revoked"),
    }

    @classmethod
    def check_status(cls, retcode, function, args):
        if retcode >= 0:
            return retcode
        elif retcode == -1:
            raise GNUTLSError(
                getattr(function, "errmsg", None) or ErrorMessage(retcode))
        elif retcode == GNUTLS_E_AGAIN:
            raise OperationWouldBlock(gnutls_strerror(retcode))
        elif retcode == GNUTLS_E_INTERRUPTED:
            raise OperationInterrupted(gnutls_strerror(retcode))
        elif retcode in (GNUTLS_E_MEMORY_ERROR, GNUTLS_E_SHORT_MEMORY_BUFFER):
            raise MemoryError(ErrorMessage(retcode))
        elif retcode == GNUTLS_E_NO_CERTIFICATE_FOUND:
            raise CertificateSecurityError(gnutls_strerror(retcode))
        elif retcode == GNUTLS_E_FATAL_ALERT_RECEIVED:
            exception = cls.alert_map.get(gnutls_alert_get(args[0]))
            raise exception and exception.__class__(
                *exception.args) or GNUTLSError(ErrorMessage(retcode))
        elif retcode == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE:
            raise RequestedDataNotAvailable(gnutls_strerror(retcode))
        else:
            raise GNUTLSError(ErrorMessage(retcode))