1 /* SSL socket module
2
3 SSL support based on patches by Brian E Gallew and Laszlo Kovacs.
4 Re-worked a bit by Bill Janssen to add server-side support and
5 certificate decoding. Chris Stawarz contributed some non-blocking
6 patches.
7
8 This module is imported by ssl.py. It should *not* be used
9 directly.
10
11 XXX should partial writes be enabled, SSL_MODE_ENABLE_PARTIAL_WRITE?
12
13 XXX integrate several "shutdown modes" as suggested in
14 http://bugs.python.org/issue8108#msg102867 ?
15 */
16
17 #define PY_SSIZE_T_CLEAN
18
19 #include "Python.h"
20
21 #include "pythread.h"
22
23 /* Redefined below for Windows debug builds after important #includes */
24 #define _PySSL_FIX_ERRNO
25
26 #define PySSL_BEGIN_ALLOW_THREADS_S(save) \
27 do { if (_ssl_locks_count>0) { (save) = PyEval_SaveThread(); } } while (0)
28 #define PySSL_END_ALLOW_THREADS_S(save) \
29 do { if (_ssl_locks_count>0) { PyEval_RestoreThread(save); } _PySSL_FIX_ERRNO; } while (0)
30 #define PySSL_BEGIN_ALLOW_THREADS { \
31 PyThreadState *_save = NULL; \
32 PySSL_BEGIN_ALLOW_THREADS_S(_save);
33 #define PySSL_BLOCK_THREADS PySSL_END_ALLOW_THREADS_S(_save);
34 #define PySSL_UNBLOCK_THREADS PySSL_BEGIN_ALLOW_THREADS_S(_save);
35 #define PySSL_END_ALLOW_THREADS PySSL_END_ALLOW_THREADS_S(_save); }
36
37 /* Include symbols from _socket module */
38 #include "socketmodule.h"
39
40 static PySocketModule_APIObject PySocketModule;
41
42 #if defined(HAVE_POLL_H)
43 #include <poll.h>
44 #elif defined(HAVE_SYS_POLL_H)
45 #include <sys/poll.h>
46 #endif
47
48 /* Don't warn about deprecated functions */
49 #ifdef __GNUC__
50 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
51 #endif
52 #ifdef __clang__
53 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
54 #endif
55
56 /* Include OpenSSL header files */
57 #include "openssl/rsa.h"
58 #include "openssl/crypto.h"
59 #include "openssl/x509.h"
60 #include "openssl/x509v3.h"
61 #include "openssl/pem.h"
62 #include "openssl/ssl.h"
63 #include "openssl/err.h"
64 #include "openssl/rand.h"
65 #include "openssl/bio.h"
66 #include "openssl/dh.h"
67
68 #ifndef HAVE_X509_VERIFY_PARAM_SET1_HOST
69 # ifdef LIBRESSL_VERSION_NUMBER
70 # error "LibreSSL is missing X509_VERIFY_PARAM_set1_host(), see https://github.com/libressl-portable/portable/issues/381"
71 # elif OPENSSL_VERSION_NUMBER > 0x1000200fL
72 # define HAVE_X509_VERIFY_PARAM_SET1_HOST
73 # else
74 # error "libssl is too old and does not support X509_VERIFY_PARAM_set1_host()"
75 # endif
76 #endif
77
78 /* SSL error object */
79 static PyObject *PySSLErrorObject;
80 static PyObject *PySSLCertVerificationErrorObject;
81 static PyObject *PySSLZeroReturnErrorObject;
82 static PyObject *PySSLWantReadErrorObject;
83 static PyObject *PySSLWantWriteErrorObject;
84 static PyObject *PySSLSyscallErrorObject;
85 static PyObject *PySSLEOFErrorObject;
86
87 /* Error mappings */
88 static PyObject *err_codes_to_names;
89 static PyObject *err_names_to_codes;
90 static PyObject *lib_codes_to_names;
91
92 struct py_ssl_error_code {
93 const char *mnemonic;
94 int library, reason;
95 };
96 struct py_ssl_library_code {
97 const char *library;
98 int code;
99 };
100
101 #if defined(MS_WINDOWS) && defined(Py_DEBUG)
102 /* Debug builds on Windows rely on getting errno directly from OpenSSL.
103 * However, because it uses a different CRT, we need to transfer the
104 * value of errno from OpenSSL into our debug CRT.
105 *
106 * Don't be fooled - this is horribly ugly code. The only reasonable
107 * alternative is to do both debug and release builds of OpenSSL, which
108 * requires much uglier code to transform their automatically generated
109 * makefile. This is the lesser of all the evils.
110 */
111
_PySSLFixErrno(void)112 static void _PySSLFixErrno(void) {
113 HMODULE ucrtbase = GetModuleHandleW(L"ucrtbase.dll");
114 if (!ucrtbase) {
115 /* If ucrtbase.dll is not loaded but the SSL DLLs are, we likely
116 * have a catastrophic failure, but this function is not the
117 * place to raise it. */
118 return;
119 }
120
121 typedef int *(__stdcall *errno_func)(void);
122 errno_func ssl_errno = (errno_func)GetProcAddress(ucrtbase, "_errno");
123 if (ssl_errno) {
124 errno = *ssl_errno();
125 *ssl_errno() = 0;
126 } else {
127 errno = ENOTRECOVERABLE;
128 }
129 }
130
131 #undef _PySSL_FIX_ERRNO
132 #define _PySSL_FIX_ERRNO _PySSLFixErrno()
133 #endif
134
135 /* Include generated data (error codes) */
136 #include "_ssl_data.h"
137
138 #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER)
139 # define OPENSSL_VERSION_1_1 1
140 # define PY_OPENSSL_1_1_API 1
141 #endif
142
143 /* LibreSSL 2.7.0 provides necessary OpenSSL 1.1.0 APIs */
144 #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL
145 # define PY_OPENSSL_1_1_API 1
146 #endif
147
148 /* Openssl comes with TLSv1.1 and TLSv1.2 between 1.0.0h and 1.0.1
149 http://www.openssl.org/news/changelog.html
150 */
151 #if OPENSSL_VERSION_NUMBER >= 0x10001000L
152 # define HAVE_TLSv1_2 1
153 #else
154 # define HAVE_TLSv1_2 0
155 #endif
156
157 /* SNI support (client- and server-side) appeared in OpenSSL 1.0.0 and 0.9.8f
158 * This includes the SSL_set_SSL_CTX() function.
159 */
160 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
161 # define HAVE_SNI 1
162 #else
163 # define HAVE_SNI 0
164 #endif
165
166 #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
167 # define HAVE_ALPN 1
168 #else
169 # define HAVE_ALPN 0
170 #endif
171
172 /* We cannot rely on OPENSSL_NO_NEXTPROTONEG because LibreSSL 2.6.1 dropped
173 * NPN support but did not set OPENSSL_NO_NEXTPROTONEG for compatibility
174 * reasons. The check for TLSEXT_TYPE_next_proto_neg works with
175 * OpenSSL 1.0.1+ and LibreSSL.
176 * OpenSSL 1.1.1-pre1 dropped NPN but still has TLSEXT_TYPE_next_proto_neg.
177 */
178 #ifdef OPENSSL_NO_NEXTPROTONEG
179 # define HAVE_NPN 0
180 #elif (OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(LIBRESSL_VERSION_NUMBER)
181 # define HAVE_NPN 0
182 #elif defined(TLSEXT_TYPE_next_proto_neg)
183 # define HAVE_NPN 1
184 #else
185 # define HAVE_NPN 0
186 #endif
187
188 #ifndef INVALID_SOCKET /* MS defines this */
189 #define INVALID_SOCKET (-1)
190 #endif
191
192 /* OpenSSL 1.0.2 and LibreSSL needs extra code for locking */
193 #ifndef OPENSSL_VERSION_1_1
194 #define HAVE_OPENSSL_CRYPTO_LOCK
195 #endif
196
197 #if defined(OPENSSL_VERSION_1_1) && !defined(OPENSSL_NO_SSL2)
198 #define OPENSSL_NO_SSL2
199 #endif
200
201 #ifndef PY_OPENSSL_1_1_API
202 /* OpenSSL 1.1 API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7.0 */
203
204 #define TLS_method SSLv23_method
205 #define TLS_client_method SSLv23_client_method
206 #define TLS_server_method SSLv23_server_method
207
X509_NAME_ENTRY_set(const X509_NAME_ENTRY * ne)208 static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne)
209 {
210 return ne->set;
211 }
212
213 #ifndef OPENSSL_NO_COMP
214 /* LCOV_EXCL_START */
COMP_get_type(const COMP_METHOD * meth)215 static int COMP_get_type(const COMP_METHOD *meth)
216 {
217 return meth->type;
218 }
219 /* LCOV_EXCL_STOP */
220 #endif
221
SSL_CTX_get_default_passwd_cb(SSL_CTX * ctx)222 static pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
223 {
224 return ctx->default_passwd_callback;
225 }
226
SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX * ctx)227 static void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
228 {
229 return ctx->default_passwd_callback_userdata;
230 }
231
X509_OBJECT_get_type(X509_OBJECT * x)232 static int X509_OBJECT_get_type(X509_OBJECT *x)
233 {
234 return x->type;
235 }
236
X509_OBJECT_get0_X509(X509_OBJECT * x)237 static X509 *X509_OBJECT_get0_X509(X509_OBJECT *x)
238 {
239 return x->data.x509;
240 }
241
BIO_up_ref(BIO * b)242 static int BIO_up_ref(BIO *b)
243 {
244 CRYPTO_add(&b->references, 1, CRYPTO_LOCK_BIO);
245 return 1;
246 }
247
STACK_OF(X509_OBJECT)248 static STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *store) {
249 return store->objs;
250 }
251
252 static int
SSL_SESSION_has_ticket(const SSL_SESSION * s)253 SSL_SESSION_has_ticket(const SSL_SESSION *s)
254 {
255 return (s->tlsext_ticklen > 0) ? 1 : 0;
256 }
257
258 static unsigned long
SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION * s)259 SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
260 {
261 return s->tlsext_tick_lifetime_hint;
262 }
263
264 #endif /* OpenSSL < 1.1.0 or LibreSSL < 2.7.0 */
265
266 /* Default cipher suites */
267 #ifndef PY_SSL_DEFAULT_CIPHERS
268 #define PY_SSL_DEFAULT_CIPHERS 1
269 #endif
270
271 #if PY_SSL_DEFAULT_CIPHERS == 0
272 #ifndef PY_SSL_DEFAULT_CIPHER_STRING
273 #error "Py_SSL_DEFAULT_CIPHERS 0 needs Py_SSL_DEFAULT_CIPHER_STRING"
274 #endif
275 #elif PY_SSL_DEFAULT_CIPHERS == 1
276 /* Python custom selection of sensible cipher suites
277 * DEFAULT: OpenSSL's default cipher list. Since 1.0.2 the list is in sensible order.
278 * !aNULL:!eNULL: really no NULL ciphers
279 * !MD5:!3DES:!DES:!RC4:!IDEA:!SEED: no weak or broken algorithms on old OpenSSL versions.
280 * !aDSS: no authentication with discrete logarithm DSA algorithm
281 * !SRP:!PSK: no secure remote password or pre-shared key authentication
282 */
283 #define PY_SSL_DEFAULT_CIPHER_STRING "DEFAULT:!aNULL:!eNULL:!MD5:!3DES:!DES:!RC4:!IDEA:!SEED:!aDSS:!SRP:!PSK"
284 #elif PY_SSL_DEFAULT_CIPHERS == 2
285 /* Ignored in SSLContext constructor, only used to as _ssl.DEFAULT_CIPHER_STRING */
286 #define PY_SSL_DEFAULT_CIPHER_STRING SSL_DEFAULT_CIPHER_LIST
287 #else
288 #error "Unsupported PY_SSL_DEFAULT_CIPHERS"
289 #endif
290
291
292 enum py_ssl_error {
293 /* these mirror ssl.h */
294 PY_SSL_ERROR_NONE,
295 PY_SSL_ERROR_SSL,
296 PY_SSL_ERROR_WANT_READ,
297 PY_SSL_ERROR_WANT_WRITE,
298 PY_SSL_ERROR_WANT_X509_LOOKUP,
299 PY_SSL_ERROR_SYSCALL, /* look at error stack/return value/errno */
300 PY_SSL_ERROR_ZERO_RETURN,
301 PY_SSL_ERROR_WANT_CONNECT,
302 /* start of non ssl.h errorcodes */
303 PY_SSL_ERROR_EOF, /* special case of SSL_ERROR_SYSCALL */
304 PY_SSL_ERROR_NO_SOCKET, /* socket has been GC'd */
305 PY_SSL_ERROR_INVALID_ERROR_CODE
306 };
307
308 enum py_ssl_server_or_client {
309 PY_SSL_CLIENT,
310 PY_SSL_SERVER
311 };
312
313 enum py_ssl_cert_requirements {
314 PY_SSL_CERT_NONE,
315 PY_SSL_CERT_OPTIONAL,
316 PY_SSL_CERT_REQUIRED
317 };
318
319 enum py_ssl_version {
320 PY_SSL_VERSION_SSL2,
321 PY_SSL_VERSION_SSL3=1,
322 PY_SSL_VERSION_TLS, /* SSLv23 */
323 #if HAVE_TLSv1_2
324 PY_SSL_VERSION_TLS1,
325 PY_SSL_VERSION_TLS1_1,
326 PY_SSL_VERSION_TLS1_2,
327 #else
328 PY_SSL_VERSION_TLS1,
329 #endif
330 PY_SSL_VERSION_TLS_CLIENT=0x10,
331 PY_SSL_VERSION_TLS_SERVER,
332 };
333
334 enum py_proto_version {
335 PY_PROTO_MINIMUM_SUPPORTED = -2,
336 PY_PROTO_SSLv3 = SSL3_VERSION,
337 PY_PROTO_TLSv1 = TLS1_VERSION,
338 PY_PROTO_TLSv1_1 = TLS1_1_VERSION,
339 PY_PROTO_TLSv1_2 = TLS1_2_VERSION,
340 #ifdef TLS1_3_VERSION
341 PY_PROTO_TLSv1_3 = TLS1_3_VERSION,
342 #else
343 PY_PROTO_TLSv1_3 = 0x304,
344 #endif
345 PY_PROTO_MAXIMUM_SUPPORTED = -1,
346
347 /* OpenSSL has no dedicated API to set the minimum version to the maximum
348 * available version, and the other way around. We have to figure out the
349 * minimum and maximum available version on our own and hope for the best.
350 */
351 #if defined(SSL3_VERSION) && !defined(OPENSSL_NO_SSL3)
352 PY_PROTO_MINIMUM_AVAILABLE = PY_PROTO_SSLv3,
353 #elif defined(TLS1_VERSION) && !defined(OPENSSL_NO_TLS1)
354 PY_PROTO_MINIMUM_AVAILABLE = PY_PROTO_TLSv1,
355 #elif defined(TLS1_1_VERSION) && !defined(OPENSSL_NO_TLS1_1)
356 PY_PROTO_MINIMUM_AVAILABLE = PY_PROTO_TLSv1_1,
357 #elif defined(TLS1_2_VERSION) && !defined(OPENSSL_NO_TLS1_2)
358 PY_PROTO_MINIMUM_AVAILABLE = PY_PROTO_TLSv1_2,
359 #elif defined(TLS1_3_VERSION) && !defined(OPENSSL_NO_TLS1_3)
360 PY_PROTO_MINIMUM_AVAILABLE = PY_PROTO_TLSv1_3,
361 #else
362 #error "PY_PROTO_MINIMUM_AVAILABLE not found"
363 #endif
364
365 #if defined(TLS1_3_VERSION) && !defined(OPENSSL_NO_TLS1_3)
366 PY_PROTO_MAXIMUM_AVAILABLE = PY_PROTO_TLSv1_3,
367 #elif defined(TLS1_2_VERSION) && !defined(OPENSSL_NO_TLS1_2)
368 PY_PROTO_MAXIMUM_AVAILABLE = PY_PROTO_TLSv1_2,
369 #elif defined(TLS1_1_VERSION) && !defined(OPENSSL_NO_TLS1_1)
370 PY_PROTO_MAXIMUM_AVAILABLE = PY_PROTO_TLSv1_1,
371 #elif defined(TLS1_VERSION) && !defined(OPENSSL_NO_TLS1)
372 PY_PROTO_MAXIMUM_AVAILABLE = PY_PROTO_TLSv1,
373 #elif defined(SSL3_VERSION) && !defined(OPENSSL_NO_SSL3)
374 PY_PROTO_MAXIMUM_AVAILABLE = PY_PROTO_SSLv3,
375 #else
376 #error "PY_PROTO_MAXIMUM_AVAILABLE not found"
377 #endif
378 };
379
380
381 /* serves as a flag to see whether we've initialized the SSL thread support. */
382 /* 0 means no, greater than 0 means yes */
383
384 static unsigned int _ssl_locks_count = 0;
385
386 /* SSL socket object */
387
388 #define X509_NAME_MAXLEN 256
389
390 /* SSL_CTX_clear_options() and SSL_clear_options() were first added in
391 * OpenSSL 0.9.8m but do not appear in some 0.9.9-dev versions such the
392 * 0.9.9 from "May 2008" that NetBSD 5.0 uses. */
393 #if OPENSSL_VERSION_NUMBER >= 0x009080dfL && OPENSSL_VERSION_NUMBER != 0x00909000L
394 # define HAVE_SSL_CTX_CLEAR_OPTIONS
395 #else
396 # undef HAVE_SSL_CTX_CLEAR_OPTIONS
397 #endif
398
399 /* In case of 'tls-unique' it will be 12 bytes for TLS, 36 bytes for
400 * older SSL, but let's be safe */
401 #define PySSL_CB_MAXLEN 128
402
403
404 typedef struct {
405 PyObject_HEAD
406 SSL_CTX *ctx;
407 #if HAVE_NPN
408 unsigned char *npn_protocols;
409 int npn_protocols_len;
410 #endif
411 #if HAVE_ALPN
412 unsigned char *alpn_protocols;
413 unsigned int alpn_protocols_len;
414 #endif
415 #ifndef OPENSSL_NO_TLSEXT
416 PyObject *set_sni_cb;
417 #endif
418 int check_hostname;
419 /* OpenSSL has no API to get hostflags from X509_VERIFY_PARAM* struct.
420 * We have to maintain our own copy. OpenSSL's hostflags default to 0.
421 */
422 unsigned int hostflags;
423 int protocol;
424 #ifdef TLS1_3_VERSION
425 int post_handshake_auth;
426 #endif
427 } PySSLContext;
428
429 typedef struct {
430 int ssl; /* last seen error from SSL */
431 int c; /* last seen error from libc */
432 #ifdef MS_WINDOWS
433 int ws; /* last seen error from winsock */
434 #endif
435 } _PySSLError;
436
437 typedef struct {
438 PyObject_HEAD
439 PyObject *Socket; /* weakref to socket on which we're layered */
440 SSL *ssl;
441 PySSLContext *ctx; /* weakref to SSL context */
442 char shutdown_seen_zero;
443 enum py_ssl_server_or_client socket_type;
444 PyObject *owner; /* Python level "owner" passed to servername callback */
445 PyObject *server_hostname;
446 _PySSLError err; /* last seen error from various sources */
447 } PySSLSocket;
448
449 typedef struct {
450 PyObject_HEAD
451 BIO *bio;
452 int eof_written;
453 } PySSLMemoryBIO;
454
455 typedef struct {
456 PyObject_HEAD
457 SSL_SESSION *session;
458 PySSLContext *ctx;
459 } PySSLSession;
460
461 static PyTypeObject PySSLContext_Type;
462 static PyTypeObject PySSLSocket_Type;
463 static PyTypeObject PySSLMemoryBIO_Type;
464 static PyTypeObject PySSLSession_Type;
465
_PySSL_errno(int failed,const SSL * ssl,int retcode)466 static inline _PySSLError _PySSL_errno(int failed, const SSL *ssl, int retcode)
467 {
468 _PySSLError err = { 0 };
469 if (failed) {
470 #ifdef MS_WINDOWS
471 err.ws = WSAGetLastError();
472 _PySSL_FIX_ERRNO;
473 #endif
474 err.c = errno;
475 err.ssl = SSL_get_error(ssl, retcode);
476 }
477 return err;
478 }
479
480 /*[clinic input]
481 module _ssl
482 class _ssl._SSLContext "PySSLContext *" "&PySSLContext_Type"
483 class _ssl._SSLSocket "PySSLSocket *" "&PySSLSocket_Type"
484 class _ssl.MemoryBIO "PySSLMemoryBIO *" "&PySSLMemoryBIO_Type"
485 class _ssl.SSLSession "PySSLSession *" "&PySSLSession_Type"
486 [clinic start generated code]*/
487 /*[clinic end generated code: output=da39a3ee5e6b4b0d input=bdc67fafeeaa8109]*/
488
489 #include "clinic/_ssl.c.h"
490
491 static int PySSL_select(PySocketSockObject *s, int writing, _PyTime_t timeout);
492
493 static int PySSL_set_owner(PySSLSocket *, PyObject *, void *);
494 static int PySSL_set_session(PySSLSocket *, PyObject *, void *);
495 #define PySSLSocket_Check(v) (Py_TYPE(v) == &PySSLSocket_Type)
496 #define PySSLMemoryBIO_Check(v) (Py_TYPE(v) == &PySSLMemoryBIO_Type)
497 #define PySSLSession_Check(v) (Py_TYPE(v) == &PySSLSession_Type)
498
499 typedef enum {
500 SOCKET_IS_NONBLOCKING,
501 SOCKET_IS_BLOCKING,
502 SOCKET_HAS_TIMED_OUT,
503 SOCKET_HAS_BEEN_CLOSED,
504 SOCKET_TOO_LARGE_FOR_SELECT,
505 SOCKET_OPERATION_OK
506 } timeout_state;
507
508 /* Wrap error strings with filename and line # */
509 #define ERRSTR1(x,y,z) (x ":" y ": " z)
510 #define ERRSTR(x) ERRSTR1("_ssl.c", Py_STRINGIFY(__LINE__), x)
511
512 /* Get the socket from a PySSLSocket, if it has one */
513 #define GET_SOCKET(obj) ((obj)->Socket ? \
514 (PySocketSockObject *) PyWeakref_GetObject((obj)->Socket) : NULL)
515
516 /* If sock is NULL, use a timeout of 0 second */
517 #define GET_SOCKET_TIMEOUT(sock) \
518 ((sock != NULL) ? (sock)->sock_timeout : 0)
519
520 /*
521 * SSL errors.
522 */
523
524 PyDoc_STRVAR(SSLError_doc,
525 "An error occurred in the SSL implementation.");
526
527 PyDoc_STRVAR(SSLCertVerificationError_doc,
528 "A certificate could not be verified.");
529
530 PyDoc_STRVAR(SSLZeroReturnError_doc,
531 "SSL/TLS session closed cleanly.");
532
533 PyDoc_STRVAR(SSLWantReadError_doc,
534 "Non-blocking SSL socket needs to read more data\n"
535 "before the requested operation can be completed.");
536
537 PyDoc_STRVAR(SSLWantWriteError_doc,
538 "Non-blocking SSL socket needs to write more data\n"
539 "before the requested operation can be completed.");
540
541 PyDoc_STRVAR(SSLSyscallError_doc,
542 "System error when attempting SSL operation.");
543
544 PyDoc_STRVAR(SSLEOFError_doc,
545 "SSL/TLS connection terminated abruptly.");
546
547 static PyObject *
SSLError_str(PyOSErrorObject * self)548 SSLError_str(PyOSErrorObject *self)
549 {
550 if (self->strerror != NULL && PyUnicode_Check(self->strerror)) {
551 Py_INCREF(self->strerror);
552 return self->strerror;
553 }
554 else
555 return PyObject_Str(self->args);
556 }
557
558 static PyType_Slot sslerror_type_slots[] = {
559 {Py_tp_base, NULL}, /* Filled out in module init as it's not a constant */
560 {Py_tp_doc, SSLError_doc},
561 {Py_tp_str, SSLError_str},
562 {0, 0},
563 };
564
565 static PyType_Spec sslerror_type_spec = {
566 "ssl.SSLError",
567 sizeof(PyOSErrorObject),
568 0,
569 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,
570 sslerror_type_slots
571 };
572
573 static void
fill_and_set_sslerror(PySSLSocket * sslsock,PyObject * type,int ssl_errno,const char * errstr,int lineno,unsigned long errcode)574 fill_and_set_sslerror(PySSLSocket *sslsock, PyObject *type, int ssl_errno,
575 const char *errstr, int lineno, unsigned long errcode)
576 {
577 PyObject *err_value = NULL, *reason_obj = NULL, *lib_obj = NULL;
578 PyObject *verify_obj = NULL, *verify_code_obj = NULL;
579 PyObject *init_value, *msg, *key;
580 _Py_IDENTIFIER(reason);
581 _Py_IDENTIFIER(library);
582 _Py_IDENTIFIER(verify_message);
583 _Py_IDENTIFIER(verify_code);
584
585 if (errcode != 0) {
586 int lib, reason;
587
588 lib = ERR_GET_LIB(errcode);
589 reason = ERR_GET_REASON(errcode);
590 key = Py_BuildValue("ii", lib, reason);
591 if (key == NULL)
592 goto fail;
593 reason_obj = PyDict_GetItem(err_codes_to_names, key);
594 Py_DECREF(key);
595 if (reason_obj == NULL) {
596 /* XXX if reason < 100, it might reflect a library number (!!) */
597 PyErr_Clear();
598 }
599 key = PyLong_FromLong(lib);
600 if (key == NULL)
601 goto fail;
602 lib_obj = PyDict_GetItem(lib_codes_to_names, key);
603 Py_DECREF(key);
604 if (lib_obj == NULL) {
605 PyErr_Clear();
606 }
607 if (errstr == NULL)
608 errstr = ERR_reason_error_string(errcode);
609 }
610 if (errstr == NULL)
611 errstr = "unknown error";
612
613 /* verify code for cert validation error */
614 if ((sslsock != NULL) && (type == PySSLCertVerificationErrorObject)) {
615 const char *verify_str = NULL;
616 long verify_code;
617
618 verify_code = SSL_get_verify_result(sslsock->ssl);
619 verify_code_obj = PyLong_FromLong(verify_code);
620 if (verify_code_obj == NULL) {
621 goto fail;
622 }
623
624 switch (verify_code) {
625 #ifdef X509_V_ERR_HOSTNAME_MISMATCH
626 /* OpenSSL >= 1.0.2, LibreSSL >= 2.5.3 */
627 case X509_V_ERR_HOSTNAME_MISMATCH:
628 verify_obj = PyUnicode_FromFormat(
629 "Hostname mismatch, certificate is not valid for '%S'.",
630 sslsock->server_hostname
631 );
632 break;
633 #endif
634 #ifdef X509_V_ERR_IP_ADDRESS_MISMATCH
635 case X509_V_ERR_IP_ADDRESS_MISMATCH:
636 verify_obj = PyUnicode_FromFormat(
637 "IP address mismatch, certificate is not valid for '%S'.",
638 sslsock->server_hostname
639 );
640 break;
641 #endif
642 default:
643 verify_str = X509_verify_cert_error_string(verify_code);
644 if (verify_str != NULL) {
645 verify_obj = PyUnicode_FromString(verify_str);
646 } else {
647 verify_obj = Py_None;
648 Py_INCREF(verify_obj);
649 }
650 break;
651 }
652 if (verify_obj == NULL) {
653 goto fail;
654 }
655 }
656
657 if (verify_obj && reason_obj && lib_obj)
658 msg = PyUnicode_FromFormat("[%S: %S] %s: %S (_ssl.c:%d)",
659 lib_obj, reason_obj, errstr, verify_obj,
660 lineno);
661 else if (reason_obj && lib_obj)
662 msg = PyUnicode_FromFormat("[%S: %S] %s (_ssl.c:%d)",
663 lib_obj, reason_obj, errstr, lineno);
664 else if (lib_obj)
665 msg = PyUnicode_FromFormat("[%S] %s (_ssl.c:%d)",
666 lib_obj, errstr, lineno);
667 else
668 msg = PyUnicode_FromFormat("%s (_ssl.c:%d)", errstr, lineno);
669 if (msg == NULL)
670 goto fail;
671
672 init_value = Py_BuildValue("iN", ssl_errno, msg);
673 if (init_value == NULL)
674 goto fail;
675
676 err_value = PyObject_CallObject(type, init_value);
677 Py_DECREF(init_value);
678 if (err_value == NULL)
679 goto fail;
680
681 if (reason_obj == NULL)
682 reason_obj = Py_None;
683 if (_PyObject_SetAttrId(err_value, &PyId_reason, reason_obj))
684 goto fail;
685
686 if (lib_obj == NULL)
687 lib_obj = Py_None;
688 if (_PyObject_SetAttrId(err_value, &PyId_library, lib_obj))
689 goto fail;
690
691 if ((sslsock != NULL) && (type == PySSLCertVerificationErrorObject)) {
692 /* Only set verify code / message for SSLCertVerificationError */
693 if (_PyObject_SetAttrId(err_value, &PyId_verify_code,
694 verify_code_obj))
695 goto fail;
696 if (_PyObject_SetAttrId(err_value, &PyId_verify_message, verify_obj))
697 goto fail;
698 }
699
700 PyErr_SetObject(type, err_value);
701 fail:
702 Py_XDECREF(err_value);
703 Py_XDECREF(verify_code_obj);
704 Py_XDECREF(verify_obj);
705 }
706
707 static PyObject *
PySSL_SetError(PySSLSocket * sslsock,int ret,const char * filename,int lineno)708 PySSL_SetError(PySSLSocket *sslsock, int ret, const char *filename, int lineno)
709 {
710 PyObject *type = PySSLErrorObject;
711 char *errstr = NULL;
712 _PySSLError err;
713 enum py_ssl_error p = PY_SSL_ERROR_NONE;
714 unsigned long e = 0;
715
716 assert(ret <= 0);
717 e = ERR_peek_last_error();
718
719 if (sslsock->ssl != NULL) {
720 err = sslsock->err;
721
722 switch (err.ssl) {
723 case SSL_ERROR_ZERO_RETURN:
724 errstr = "TLS/SSL connection has been closed (EOF)";
725 type = PySSLZeroReturnErrorObject;
726 p = PY_SSL_ERROR_ZERO_RETURN;
727 break;
728 case SSL_ERROR_WANT_READ:
729 errstr = "The operation did not complete (read)";
730 type = PySSLWantReadErrorObject;
731 p = PY_SSL_ERROR_WANT_READ;
732 break;
733 case SSL_ERROR_WANT_WRITE:
734 p = PY_SSL_ERROR_WANT_WRITE;
735 type = PySSLWantWriteErrorObject;
736 errstr = "The operation did not complete (write)";
737 break;
738 case SSL_ERROR_WANT_X509_LOOKUP:
739 p = PY_SSL_ERROR_WANT_X509_LOOKUP;
740 errstr = "The operation did not complete (X509 lookup)";
741 break;
742 case SSL_ERROR_WANT_CONNECT:
743 p = PY_SSL_ERROR_WANT_CONNECT;
744 errstr = "The operation did not complete (connect)";
745 break;
746 case SSL_ERROR_SYSCALL:
747 {
748 if (e == 0) {
749 PySocketSockObject *s = GET_SOCKET(sslsock);
750 if (ret == 0 || (((PyObject *)s) == Py_None)) {
751 p = PY_SSL_ERROR_EOF;
752 type = PySSLEOFErrorObject;
753 errstr = "EOF occurred in violation of protocol";
754 } else if (s && ret == -1) {
755 /* underlying BIO reported an I/O error */
756 ERR_clear_error();
757 #ifdef MS_WINDOWS
758 if (err.ws) {
759 return PyErr_SetFromWindowsErr(err.ws);
760 }
761 #endif
762 if (err.c) {
763 errno = err.c;
764 return PyErr_SetFromErrno(PyExc_OSError);
765 }
766 Py_INCREF(s);
767 s->errorhandler();
768 Py_DECREF(s);
769 return NULL;
770 } else { /* possible? */
771 p = PY_SSL_ERROR_SYSCALL;
772 type = PySSLSyscallErrorObject;
773 errstr = "Some I/O error occurred";
774 }
775 } else {
776 p = PY_SSL_ERROR_SYSCALL;
777 }
778 break;
779 }
780 case SSL_ERROR_SSL:
781 {
782 p = PY_SSL_ERROR_SSL;
783 if (e == 0) {
784 /* possible? */
785 errstr = "A failure in the SSL library occurred";
786 }
787 if (ERR_GET_LIB(e) == ERR_LIB_SSL &&
788 ERR_GET_REASON(e) == SSL_R_CERTIFICATE_VERIFY_FAILED) {
789 type = PySSLCertVerificationErrorObject;
790 }
791 break;
792 }
793 default:
794 p = PY_SSL_ERROR_INVALID_ERROR_CODE;
795 errstr = "Invalid error code";
796 }
797 }
798 fill_and_set_sslerror(sslsock, type, p, errstr, lineno, e);
799 ERR_clear_error();
800 return NULL;
801 }
802
803 static PyObject *
_setSSLError(const char * errstr,int errcode,const char * filename,int lineno)804 _setSSLError (const char *errstr, int errcode, const char *filename, int lineno) {
805
806 if (errstr == NULL)
807 errcode = ERR_peek_last_error();
808 else
809 errcode = 0;
810 fill_and_set_sslerror(NULL, PySSLErrorObject, errcode, errstr, lineno, errcode);
811 ERR_clear_error();
812 return NULL;
813 }
814
815 /*
816 * SSL objects
817 */
818
819 static int
_ssl_configure_hostname(PySSLSocket * self,const char * server_hostname)820 _ssl_configure_hostname(PySSLSocket *self, const char* server_hostname)
821 {
822 int retval = -1;
823 ASN1_OCTET_STRING *ip;
824 PyObject *hostname;
825 size_t len;
826
827 assert(server_hostname);
828
829 /* Disable OpenSSL's special mode with leading dot in hostname:
830 * When name starts with a dot (e.g ".example.com"), it will be
831 * matched by a certificate valid for any sub-domain of name.
832 */
833 len = strlen(server_hostname);
834 if (len == 0 || *server_hostname == '.') {
835 PyErr_SetString(
836 PyExc_ValueError,
837 "server_hostname cannot be an empty string or start with a "
838 "leading dot.");
839 return retval;
840 }
841
842 /* inet_pton is not available on all platforms. */
843 ip = a2i_IPADDRESS(server_hostname);
844 if (ip == NULL) {
845 ERR_clear_error();
846 }
847
848 hostname = PyUnicode_Decode(server_hostname, len, "ascii", "strict");
849 if (hostname == NULL) {
850 goto error;
851 }
852 self->server_hostname = hostname;
853
854 /* Only send SNI extension for non-IP hostnames */
855 if (ip == NULL) {
856 if (!SSL_set_tlsext_host_name(self->ssl, server_hostname)) {
857 _setSSLError(NULL, 0, __FILE__, __LINE__);
858 }
859 }
860 if (self->ctx->check_hostname) {
861 X509_VERIFY_PARAM *param = SSL_get0_param(self->ssl);
862 if (ip == NULL) {
863 if (!X509_VERIFY_PARAM_set1_host(param, server_hostname,
864 strlen(server_hostname))) {
865 _setSSLError(NULL, 0, __FILE__, __LINE__);
866 goto error;
867 }
868 } else {
869 if (!X509_VERIFY_PARAM_set1_ip(param, ASN1_STRING_data(ip),
870 ASN1_STRING_length(ip))) {
871 _setSSLError(NULL, 0, __FILE__, __LINE__);
872 goto error;
873 }
874 }
875 }
876 retval = 0;
877 error:
878 if (ip != NULL) {
879 ASN1_OCTET_STRING_free(ip);
880 }
881 return retval;
882 }
883
884 static PySSLSocket *
newPySSLSocket(PySSLContext * sslctx,PySocketSockObject * sock,enum py_ssl_server_or_client socket_type,char * server_hostname,PyObject * owner,PyObject * session,PySSLMemoryBIO * inbio,PySSLMemoryBIO * outbio)885 newPySSLSocket(PySSLContext *sslctx, PySocketSockObject *sock,
886 enum py_ssl_server_or_client socket_type,
887 char *server_hostname,
888 PyObject *owner, PyObject *session,
889 PySSLMemoryBIO *inbio, PySSLMemoryBIO *outbio)
890 {
891 PySSLSocket *self;
892 SSL_CTX *ctx = sslctx->ctx;
893 _PySSLError err = { 0 };
894
895 self = PyObject_New(PySSLSocket, &PySSLSocket_Type);
896 if (self == NULL)
897 return NULL;
898
899 self->ssl = NULL;
900 self->Socket = NULL;
901 self->ctx = sslctx;
902 Py_INCREF(sslctx);
903 self->shutdown_seen_zero = 0;
904 self->owner = NULL;
905 self->server_hostname = NULL;
906 self->err = err;
907
908 /* Make sure the SSL error state is initialized */
909 (void) ERR_get_state();
910 ERR_clear_error();
911
912 PySSL_BEGIN_ALLOW_THREADS
913 self->ssl = SSL_new(ctx);
914 PySSL_END_ALLOW_THREADS
915 if (self->ssl == NULL) {
916 Py_DECREF(self);
917 _setSSLError(NULL, 0, __FILE__, __LINE__);
918 return NULL;
919 }
920 SSL_set_app_data(self->ssl, self);
921 if (sock) {
922 SSL_set_fd(self->ssl, Py_SAFE_DOWNCAST(sock->sock_fd, SOCKET_T, int));
923 } else {
924 /* BIOs are reference counted and SSL_set_bio borrows our reference.
925 * To prevent a double free in memory_bio_dealloc() we need to take an
926 * extra reference here. */
927 BIO_up_ref(inbio->bio);
928 BIO_up_ref(outbio->bio);
929 SSL_set_bio(self->ssl, inbio->bio, outbio->bio);
930 }
931 SSL_set_mode(self->ssl,
932 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_AUTO_RETRY);
933
934 if (server_hostname != NULL) {
935 if (_ssl_configure_hostname(self, server_hostname) < 0) {
936 Py_DECREF(self);
937 return NULL;
938 }
939 }
940 /* If the socket is in non-blocking mode or timeout mode, set the BIO
941 * to non-blocking mode (blocking is the default)
942 */
943 if (sock && sock->sock_timeout >= 0) {
944 BIO_set_nbio(SSL_get_rbio(self->ssl), 1);
945 BIO_set_nbio(SSL_get_wbio(self->ssl), 1);
946 }
947
948 PySSL_BEGIN_ALLOW_THREADS
949 if (socket_type == PY_SSL_CLIENT)
950 SSL_set_connect_state(self->ssl);
951 else
952 SSL_set_accept_state(self->ssl);
953 PySSL_END_ALLOW_THREADS
954
955 self->socket_type = socket_type;
956 if (sock != NULL) {
957 self->Socket = PyWeakref_NewRef((PyObject *) sock, NULL);
958 if (self->Socket == NULL) {
959 Py_DECREF(self);
960 return NULL;
961 }
962 }
963 if (owner && owner != Py_None) {
964 if (PySSL_set_owner(self, owner, NULL) == -1) {
965 Py_DECREF(self);
966 return NULL;
967 }
968 }
969 if (session && session != Py_None) {
970 if (PySSL_set_session(self, session, NULL) == -1) {
971 Py_DECREF(self);
972 return NULL;
973 }
974 }
975 return self;
976 }
977
978 /* SSL object methods */
979
980 /*[clinic input]
981 _ssl._SSLSocket.do_handshake
982 [clinic start generated code]*/
983
984 static PyObject *
_ssl__SSLSocket_do_handshake_impl(PySSLSocket * self)985 _ssl__SSLSocket_do_handshake_impl(PySSLSocket *self)
986 /*[clinic end generated code: output=6c0898a8936548f6 input=d2d737de3df018c8]*/
987 {
988 int ret;
989 _PySSLError err;
990 int sockstate, nonblocking;
991 PySocketSockObject *sock = GET_SOCKET(self);
992 _PyTime_t timeout, deadline = 0;
993 int has_timeout;
994
995 if (sock) {
996 if (((PyObject*)sock) == Py_None) {
997 _setSSLError("Underlying socket connection gone",
998 PY_SSL_ERROR_NO_SOCKET, __FILE__, __LINE__);
999 return NULL;
1000 }
1001 Py_INCREF(sock);
1002
1003 /* just in case the blocking state of the socket has been changed */
1004 nonblocking = (sock->sock_timeout >= 0);
1005 BIO_set_nbio(SSL_get_rbio(self->ssl), nonblocking);
1006 BIO_set_nbio(SSL_get_wbio(self->ssl), nonblocking);
1007 }
1008
1009 timeout = GET_SOCKET_TIMEOUT(sock);
1010 has_timeout = (timeout > 0);
1011 if (has_timeout)
1012 deadline = _PyTime_GetMonotonicClock() + timeout;
1013
1014 /* Actually negotiate SSL connection */
1015 /* XXX If SSL_do_handshake() returns 0, it's also a failure. */
1016 do {
1017 PySSL_BEGIN_ALLOW_THREADS
1018 ret = SSL_do_handshake(self->ssl);
1019 err = _PySSL_errno(ret < 1, self->ssl, ret);
1020 PySSL_END_ALLOW_THREADS
1021 self->err = err;
1022
1023 if (PyErr_CheckSignals())
1024 goto error;
1025
1026 if (has_timeout)
1027 timeout = deadline - _PyTime_GetMonotonicClock();
1028
1029 if (err.ssl == SSL_ERROR_WANT_READ) {
1030 sockstate = PySSL_select(sock, 0, timeout);
1031 } else if (err.ssl == SSL_ERROR_WANT_WRITE) {
1032 sockstate = PySSL_select(sock, 1, timeout);
1033 } else {
1034 sockstate = SOCKET_OPERATION_OK;
1035 }
1036
1037 if (sockstate == SOCKET_HAS_TIMED_OUT) {
1038 PyErr_SetString(PySocketModule.timeout_error,
1039 ERRSTR("The handshake operation timed out"));
1040 goto error;
1041 } else if (sockstate == SOCKET_HAS_BEEN_CLOSED) {
1042 PyErr_SetString(PySSLErrorObject,
1043 ERRSTR("Underlying socket has been closed."));
1044 goto error;
1045 } else if (sockstate == SOCKET_TOO_LARGE_FOR_SELECT) {
1046 PyErr_SetString(PySSLErrorObject,
1047 ERRSTR("Underlying socket too large for select()."));
1048 goto error;
1049 } else if (sockstate == SOCKET_IS_NONBLOCKING) {
1050 break;
1051 }
1052 } while (err.ssl == SSL_ERROR_WANT_READ ||
1053 err.ssl == SSL_ERROR_WANT_WRITE);
1054 Py_XDECREF(sock);
1055 if (ret < 1)
1056 return PySSL_SetError(self, ret, __FILE__, __LINE__);
1057
1058 Py_RETURN_NONE;
1059
1060 error:
1061 Py_XDECREF(sock);
1062 return NULL;
1063 }
1064
1065 static PyObject *
_asn1obj2py(const ASN1_OBJECT * name,int no_name)1066 _asn1obj2py(const ASN1_OBJECT *name, int no_name)
1067 {
1068 char buf[X509_NAME_MAXLEN];
1069 char *namebuf = buf;
1070 int buflen;
1071 PyObject *name_obj = NULL;
1072
1073 buflen = OBJ_obj2txt(namebuf, X509_NAME_MAXLEN, name, no_name);
1074 if (buflen < 0) {
1075 _setSSLError(NULL, 0, __FILE__, __LINE__);
1076 return NULL;
1077 }
1078 /* initial buffer is too small for oid + terminating null byte */
1079 if (buflen > X509_NAME_MAXLEN - 1) {
1080 /* make OBJ_obj2txt() calculate the required buflen */
1081 buflen = OBJ_obj2txt(NULL, 0, name, no_name);
1082 /* allocate len + 1 for terminating NULL byte */
1083 namebuf = PyMem_Malloc(buflen + 1);
1084 if (namebuf == NULL) {
1085 PyErr_NoMemory();
1086 return NULL;
1087 }
1088 buflen = OBJ_obj2txt(namebuf, buflen + 1, name, no_name);
1089 if (buflen < 0) {
1090 _setSSLError(NULL, 0, __FILE__, __LINE__);
1091 goto done;
1092 }
1093 }
1094 if (!buflen && no_name) {
1095 Py_INCREF(Py_None);
1096 name_obj = Py_None;
1097 }
1098 else {
1099 name_obj = PyUnicode_FromStringAndSize(namebuf, buflen);
1100 }
1101
1102 done:
1103 if (buf != namebuf) {
1104 PyMem_Free(namebuf);
1105 }
1106 return name_obj;
1107 }
1108
1109 static PyObject *
_create_tuple_for_attribute(ASN1_OBJECT * name,ASN1_STRING * value)1110 _create_tuple_for_attribute(ASN1_OBJECT *name, ASN1_STRING *value)
1111 {
1112 Py_ssize_t buflen;
1113 unsigned char *valuebuf = NULL;
1114 PyObject *attr;
1115
1116 buflen = ASN1_STRING_to_UTF8(&valuebuf, value);
1117 if (buflen < 0) {
1118 _setSSLError(NULL, 0, __FILE__, __LINE__);
1119 return NULL;
1120 }
1121 attr = Py_BuildValue("Ns#", _asn1obj2py(name, 0), valuebuf, buflen);
1122 OPENSSL_free(valuebuf);
1123 return attr;
1124 }
1125
1126 static PyObject *
_create_tuple_for_X509_NAME(X509_NAME * xname)1127 _create_tuple_for_X509_NAME (X509_NAME *xname)
1128 {
1129 PyObject *dn = NULL; /* tuple which represents the "distinguished name" */
1130 PyObject *rdn = NULL; /* tuple to hold a "relative distinguished name" */
1131 PyObject *rdnt;
1132 PyObject *attr = NULL; /* tuple to hold an attribute */
1133 int entry_count = X509_NAME_entry_count(xname);
1134 X509_NAME_ENTRY *entry;
1135 ASN1_OBJECT *name;
1136 ASN1_STRING *value;
1137 int index_counter;
1138 int rdn_level = -1;
1139 int retcode;
1140
1141 dn = PyList_New(0);
1142 if (dn == NULL)
1143 return NULL;
1144 /* now create another tuple to hold the top-level RDN */
1145 rdn = PyList_New(0);
1146 if (rdn == NULL)
1147 goto fail0;
1148
1149 for (index_counter = 0;
1150 index_counter < entry_count;
1151 index_counter++)
1152 {
1153 entry = X509_NAME_get_entry(xname, index_counter);
1154
1155 /* check to see if we've gotten to a new RDN */
1156 if (rdn_level >= 0) {
1157 if (rdn_level != X509_NAME_ENTRY_set(entry)) {
1158 /* yes, new RDN */
1159 /* add old RDN to DN */
1160 rdnt = PyList_AsTuple(rdn);
1161 Py_DECREF(rdn);
1162 if (rdnt == NULL)
1163 goto fail0;
1164 retcode = PyList_Append(dn, rdnt);
1165 Py_DECREF(rdnt);
1166 if (retcode < 0)
1167 goto fail0;
1168 /* create new RDN */
1169 rdn = PyList_New(0);
1170 if (rdn == NULL)
1171 goto fail0;
1172 }
1173 }
1174 rdn_level = X509_NAME_ENTRY_set(entry);
1175
1176 /* now add this attribute to the current RDN */
1177 name = X509_NAME_ENTRY_get_object(entry);
1178 value = X509_NAME_ENTRY_get_data(entry);
1179 attr = _create_tuple_for_attribute(name, value);
1180 /*
1181 fprintf(stderr, "RDN level %d, attribute %s: %s\n",
1182 entry->set,
1183 PyBytes_AS_STRING(PyTuple_GET_ITEM(attr, 0)),
1184 PyBytes_AS_STRING(PyTuple_GET_ITEM(attr, 1)));
1185 */
1186 if (attr == NULL)
1187 goto fail1;
1188 retcode = PyList_Append(rdn, attr);
1189 Py_DECREF(attr);
1190 if (retcode < 0)
1191 goto fail1;
1192 }
1193 /* now, there's typically a dangling RDN */
1194 if (rdn != NULL) {
1195 if (PyList_GET_SIZE(rdn) > 0) {
1196 rdnt = PyList_AsTuple(rdn);
1197 Py_DECREF(rdn);
1198 if (rdnt == NULL)
1199 goto fail0;
1200 retcode = PyList_Append(dn, rdnt);
1201 Py_DECREF(rdnt);
1202 if (retcode < 0)
1203 goto fail0;
1204 }
1205 else {
1206 Py_DECREF(rdn);
1207 }
1208 }
1209
1210 /* convert list to tuple */
1211 rdnt = PyList_AsTuple(dn);
1212 Py_DECREF(dn);
1213 if (rdnt == NULL)
1214 return NULL;
1215 return rdnt;
1216
1217 fail1:
1218 Py_XDECREF(rdn);
1219
1220 fail0:
1221 Py_XDECREF(dn);
1222 return NULL;
1223 }
1224
1225 static PyObject *
_get_peer_alt_names(X509 * certificate)1226 _get_peer_alt_names (X509 *certificate) {
1227
1228 /* this code follows the procedure outlined in
1229 OpenSSL's crypto/x509v3/v3_prn.c:X509v3_EXT_print()
1230 function to extract the STACK_OF(GENERAL_NAME),
1231 then iterates through the stack to add the
1232 names. */
1233
1234 int j;
1235 PyObject *peer_alt_names = Py_None;
1236 PyObject *v = NULL, *t;
1237 GENERAL_NAMES *names = NULL;
1238 GENERAL_NAME *name;
1239 BIO *biobuf = NULL;
1240 char buf[2048];
1241 char *vptr;
1242 int len;
1243
1244 if (certificate == NULL)
1245 return peer_alt_names;
1246
1247 /* get a memory buffer */
1248 biobuf = BIO_new(BIO_s_mem());
1249 if (biobuf == NULL) {
1250 PyErr_SetString(PySSLErrorObject, "failed to allocate BIO");
1251 return NULL;
1252 }
1253
1254 names = (GENERAL_NAMES *)X509_get_ext_d2i(
1255 certificate, NID_subject_alt_name, NULL, NULL);
1256 if (names != NULL) {
1257 if (peer_alt_names == Py_None) {
1258 peer_alt_names = PyList_New(0);
1259 if (peer_alt_names == NULL)
1260 goto fail;
1261 }
1262
1263 for(j = 0; j < sk_GENERAL_NAME_num(names); j++) {
1264 /* get a rendering of each name in the set of names */
1265 int gntype;
1266 ASN1_STRING *as = NULL;
1267
1268 name = sk_GENERAL_NAME_value(names, j);
1269 gntype = name->type;
1270 switch (gntype) {
1271 case GEN_DIRNAME:
1272 /* we special-case DirName as a tuple of
1273 tuples of attributes */
1274
1275 t = PyTuple_New(2);
1276 if (t == NULL) {
1277 goto fail;
1278 }
1279
1280 v = PyUnicode_FromString("DirName");
1281 if (v == NULL) {
1282 Py_DECREF(t);
1283 goto fail;
1284 }
1285 PyTuple_SET_ITEM(t, 0, v);
1286
1287 v = _create_tuple_for_X509_NAME (name->d.dirn);
1288 if (v == NULL) {
1289 Py_DECREF(t);
1290 goto fail;
1291 }
1292 PyTuple_SET_ITEM(t, 1, v);
1293 break;
1294
1295 case GEN_EMAIL:
1296 case GEN_DNS:
1297 case GEN_URI:
1298 /* GENERAL_NAME_print() doesn't handle NULL bytes in ASN1_string
1299 correctly, CVE-2013-4238 */
1300 t = PyTuple_New(2);
1301 if (t == NULL)
1302 goto fail;
1303 switch (gntype) {
1304 case GEN_EMAIL:
1305 v = PyUnicode_FromString("email");
1306 as = name->d.rfc822Name;
1307 break;
1308 case GEN_DNS:
1309 v = PyUnicode_FromString("DNS");
1310 as = name->d.dNSName;
1311 break;
1312 case GEN_URI:
1313 v = PyUnicode_FromString("URI");
1314 as = name->d.uniformResourceIdentifier;
1315 break;
1316 }
1317 if (v == NULL) {
1318 Py_DECREF(t);
1319 goto fail;
1320 }
1321 PyTuple_SET_ITEM(t, 0, v);
1322 v = PyUnicode_FromStringAndSize((char *)ASN1_STRING_data(as),
1323 ASN1_STRING_length(as));
1324 if (v == NULL) {
1325 Py_DECREF(t);
1326 goto fail;
1327 }
1328 PyTuple_SET_ITEM(t, 1, v);
1329 break;
1330
1331 case GEN_RID:
1332 t = PyTuple_New(2);
1333 if (t == NULL)
1334 goto fail;
1335
1336 v = PyUnicode_FromString("Registered ID");
1337 if (v == NULL) {
1338 Py_DECREF(t);
1339 goto fail;
1340 }
1341 PyTuple_SET_ITEM(t, 0, v);
1342
1343 len = i2t_ASN1_OBJECT(buf, sizeof(buf)-1, name->d.rid);
1344 if (len < 0) {
1345 Py_DECREF(t);
1346 _setSSLError(NULL, 0, __FILE__, __LINE__);
1347 goto fail;
1348 } else if (len >= (int)sizeof(buf)) {
1349 v = PyUnicode_FromString("<INVALID>");
1350 } else {
1351 v = PyUnicode_FromStringAndSize(buf, len);
1352 }
1353 if (v == NULL) {
1354 Py_DECREF(t);
1355 goto fail;
1356 }
1357 PyTuple_SET_ITEM(t, 1, v);
1358 break;
1359
1360 default:
1361 /* for everything else, we use the OpenSSL print form */
1362 switch (gntype) {
1363 /* check for new general name type */
1364 case GEN_OTHERNAME:
1365 case GEN_X400:
1366 case GEN_EDIPARTY:
1367 case GEN_IPADD:
1368 case GEN_RID:
1369 break;
1370 default:
1371 if (PyErr_WarnFormat(PyExc_RuntimeWarning, 1,
1372 "Unknown general name type %d",
1373 gntype) == -1) {
1374 goto fail;
1375 }
1376 break;
1377 }
1378 (void) BIO_reset(biobuf);
1379 GENERAL_NAME_print(biobuf, name);
1380 len = BIO_gets(biobuf, buf, sizeof(buf)-1);
1381 if (len < 0) {
1382 _setSSLError(NULL, 0, __FILE__, __LINE__);
1383 goto fail;
1384 }
1385 vptr = strchr(buf, ':');
1386 if (vptr == NULL) {
1387 PyErr_Format(PyExc_ValueError,
1388 "Invalid value %.200s",
1389 buf);
1390 goto fail;
1391 }
1392 t = PyTuple_New(2);
1393 if (t == NULL)
1394 goto fail;
1395 v = PyUnicode_FromStringAndSize(buf, (vptr - buf));
1396 if (v == NULL) {
1397 Py_DECREF(t);
1398 goto fail;
1399 }
1400 PyTuple_SET_ITEM(t, 0, v);
1401 v = PyUnicode_FromStringAndSize((vptr + 1),
1402 (len - (vptr - buf + 1)));
1403 if (v == NULL) {
1404 Py_DECREF(t);
1405 goto fail;
1406 }
1407 PyTuple_SET_ITEM(t, 1, v);
1408 break;
1409 }
1410
1411 /* and add that rendering to the list */
1412
1413 if (PyList_Append(peer_alt_names, t) < 0) {
1414 Py_DECREF(t);
1415 goto fail;
1416 }
1417 Py_DECREF(t);
1418 }
1419 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
1420 }
1421 BIO_free(biobuf);
1422 if (peer_alt_names != Py_None) {
1423 v = PyList_AsTuple(peer_alt_names);
1424 Py_DECREF(peer_alt_names);
1425 return v;
1426 } else {
1427 return peer_alt_names;
1428 }
1429
1430
1431 fail:
1432 if (biobuf != NULL)
1433 BIO_free(biobuf);
1434
1435 if (peer_alt_names != Py_None) {
1436 Py_XDECREF(peer_alt_names);
1437 }
1438
1439 return NULL;
1440 }
1441
1442 static PyObject *
_get_aia_uri(X509 * certificate,int nid)1443 _get_aia_uri(X509 *certificate, int nid) {
1444 PyObject *lst = NULL, *ostr = NULL;
1445 int i, result;
1446 AUTHORITY_INFO_ACCESS *info;
1447
1448 info = X509_get_ext_d2i(certificate, NID_info_access, NULL, NULL);
1449 if (info == NULL)
1450 return Py_None;
1451 if (sk_ACCESS_DESCRIPTION_num(info) == 0) {
1452 AUTHORITY_INFO_ACCESS_free(info);
1453 return Py_None;
1454 }
1455
1456 if ((lst = PyList_New(0)) == NULL) {
1457 goto fail;
1458 }
1459
1460 for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {
1461 ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
1462 ASN1_IA5STRING *uri;
1463
1464 if ((OBJ_obj2nid(ad->method) != nid) ||
1465 (ad->location->type != GEN_URI)) {
1466 continue;
1467 }
1468 uri = ad->location->d.uniformResourceIdentifier;
1469 ostr = PyUnicode_FromStringAndSize((char *)uri->data,
1470 uri->length);
1471 if (ostr == NULL) {
1472 goto fail;
1473 }
1474 result = PyList_Append(lst, ostr);
1475 Py_DECREF(ostr);
1476 if (result < 0) {
1477 goto fail;
1478 }
1479 }
1480 AUTHORITY_INFO_ACCESS_free(info);
1481
1482 /* convert to tuple or None */
1483 if (PyList_Size(lst) == 0) {
1484 Py_DECREF(lst);
1485 return Py_None;
1486 } else {
1487 PyObject *tup;
1488 tup = PyList_AsTuple(lst);
1489 Py_DECREF(lst);
1490 return tup;
1491 }
1492
1493 fail:
1494 AUTHORITY_INFO_ACCESS_free(info);
1495 Py_XDECREF(lst);
1496 return NULL;
1497 }
1498
1499 static PyObject *
_get_crl_dp(X509 * certificate)1500 _get_crl_dp(X509 *certificate) {
1501 STACK_OF(DIST_POINT) *dps;
1502 int i, j;
1503 PyObject *lst, *res = NULL;
1504
1505 dps = X509_get_ext_d2i(certificate, NID_crl_distribution_points, NULL, NULL);
1506
1507 if (dps == NULL)
1508 return Py_None;
1509
1510 lst = PyList_New(0);
1511 if (lst == NULL)
1512 goto done;
1513
1514 for (i=0; i < sk_DIST_POINT_num(dps); i++) {
1515 DIST_POINT *dp;
1516 STACK_OF(GENERAL_NAME) *gns;
1517
1518 dp = sk_DIST_POINT_value(dps, i);
1519 if (dp->distpoint == NULL) {
1520 /* Ignore empty DP value, CVE-2019-5010 */
1521 continue;
1522 }
1523 gns = dp->distpoint->name.fullname;
1524
1525 for (j=0; j < sk_GENERAL_NAME_num(gns); j++) {
1526 GENERAL_NAME *gn;
1527 ASN1_IA5STRING *uri;
1528 PyObject *ouri;
1529 int err;
1530
1531 gn = sk_GENERAL_NAME_value(gns, j);
1532 if (gn->type != GEN_URI) {
1533 continue;
1534 }
1535 uri = gn->d.uniformResourceIdentifier;
1536 ouri = PyUnicode_FromStringAndSize((char *)uri->data,
1537 uri->length);
1538 if (ouri == NULL)
1539 goto done;
1540
1541 err = PyList_Append(lst, ouri);
1542 Py_DECREF(ouri);
1543 if (err < 0)
1544 goto done;
1545 }
1546 }
1547
1548 /* Convert to tuple. */
1549 res = (PyList_GET_SIZE(lst) > 0) ? PyList_AsTuple(lst) : Py_None;
1550
1551 done:
1552 Py_XDECREF(lst);
1553 CRL_DIST_POINTS_free(dps);
1554 return res;
1555 }
1556
1557 static PyObject *
_decode_certificate(X509 * certificate)1558 _decode_certificate(X509 *certificate) {
1559
1560 PyObject *retval = NULL;
1561 BIO *biobuf = NULL;
1562 PyObject *peer;
1563 PyObject *peer_alt_names = NULL;
1564 PyObject *issuer;
1565 PyObject *version;
1566 PyObject *sn_obj;
1567 PyObject *obj;
1568 ASN1_INTEGER *serialNumber;
1569 char buf[2048];
1570 int len, result;
1571 ASN1_TIME *notBefore, *notAfter;
1572 PyObject *pnotBefore, *pnotAfter;
1573
1574 retval = PyDict_New();
1575 if (retval == NULL)
1576 return NULL;
1577
1578 peer = _create_tuple_for_X509_NAME(
1579 X509_get_subject_name(certificate));
1580 if (peer == NULL)
1581 goto fail0;
1582 if (PyDict_SetItemString(retval, (const char *) "subject", peer) < 0) {
1583 Py_DECREF(peer);
1584 goto fail0;
1585 }
1586 Py_DECREF(peer);
1587
1588 issuer = _create_tuple_for_X509_NAME(
1589 X509_get_issuer_name(certificate));
1590 if (issuer == NULL)
1591 goto fail0;
1592 if (PyDict_SetItemString(retval, (const char *)"issuer", issuer) < 0) {
1593 Py_DECREF(issuer);
1594 goto fail0;
1595 }
1596 Py_DECREF(issuer);
1597
1598 version = PyLong_FromLong(X509_get_version(certificate) + 1);
1599 if (version == NULL)
1600 goto fail0;
1601 if (PyDict_SetItemString(retval, "version", version) < 0) {
1602 Py_DECREF(version);
1603 goto fail0;
1604 }
1605 Py_DECREF(version);
1606
1607 /* get a memory buffer */
1608 biobuf = BIO_new(BIO_s_mem());
1609 if (biobuf == NULL) {
1610 PyErr_SetString(PySSLErrorObject, "failed to allocate BIO");
1611 goto fail0;
1612 }
1613
1614 (void) BIO_reset(biobuf);
1615 serialNumber = X509_get_serialNumber(certificate);
1616 /* should not exceed 20 octets, 160 bits, so buf is big enough */
1617 i2a_ASN1_INTEGER(biobuf, serialNumber);
1618 len = BIO_gets(biobuf, buf, sizeof(buf)-1);
1619 if (len < 0) {
1620 _setSSLError(NULL, 0, __FILE__, __LINE__);
1621 goto fail1;
1622 }
1623 sn_obj = PyUnicode_FromStringAndSize(buf, len);
1624 if (sn_obj == NULL)
1625 goto fail1;
1626 if (PyDict_SetItemString(retval, "serialNumber", sn_obj) < 0) {
1627 Py_DECREF(sn_obj);
1628 goto fail1;
1629 }
1630 Py_DECREF(sn_obj);
1631
1632 (void) BIO_reset(biobuf);
1633 notBefore = X509_get_notBefore(certificate);
1634 ASN1_TIME_print(biobuf, notBefore);
1635 len = BIO_gets(biobuf, buf, sizeof(buf)-1);
1636 if (len < 0) {
1637 _setSSLError(NULL, 0, __FILE__, __LINE__);
1638 goto fail1;
1639 }
1640 pnotBefore = PyUnicode_FromStringAndSize(buf, len);
1641 if (pnotBefore == NULL)
1642 goto fail1;
1643 if (PyDict_SetItemString(retval, "notBefore", pnotBefore) < 0) {
1644 Py_DECREF(pnotBefore);
1645 goto fail1;
1646 }
1647 Py_DECREF(pnotBefore);
1648
1649 (void) BIO_reset(biobuf);
1650 notAfter = X509_get_notAfter(certificate);
1651 ASN1_TIME_print(biobuf, notAfter);
1652 len = BIO_gets(biobuf, buf, sizeof(buf)-1);
1653 if (len < 0) {
1654 _setSSLError(NULL, 0, __FILE__, __LINE__);
1655 goto fail1;
1656 }
1657 pnotAfter = PyUnicode_FromStringAndSize(buf, len);
1658 if (pnotAfter == NULL)
1659 goto fail1;
1660 if (PyDict_SetItemString(retval, "notAfter", pnotAfter) < 0) {
1661 Py_DECREF(pnotAfter);
1662 goto fail1;
1663 }
1664 Py_DECREF(pnotAfter);
1665
1666 /* Now look for subjectAltName */
1667
1668 peer_alt_names = _get_peer_alt_names(certificate);
1669 if (peer_alt_names == NULL)
1670 goto fail1;
1671 else if (peer_alt_names != Py_None) {
1672 if (PyDict_SetItemString(retval, "subjectAltName",
1673 peer_alt_names) < 0) {
1674 Py_DECREF(peer_alt_names);
1675 goto fail1;
1676 }
1677 Py_DECREF(peer_alt_names);
1678 }
1679
1680 /* Authority Information Access: OCSP URIs */
1681 obj = _get_aia_uri(certificate, NID_ad_OCSP);
1682 if (obj == NULL) {
1683 goto fail1;
1684 } else if (obj != Py_None) {
1685 result = PyDict_SetItemString(retval, "OCSP", obj);
1686 Py_DECREF(obj);
1687 if (result < 0) {
1688 goto fail1;
1689 }
1690 }
1691
1692 obj = _get_aia_uri(certificate, NID_ad_ca_issuers);
1693 if (obj == NULL) {
1694 goto fail1;
1695 } else if (obj != Py_None) {
1696 result = PyDict_SetItemString(retval, "caIssuers", obj);
1697 Py_DECREF(obj);
1698 if (result < 0) {
1699 goto fail1;
1700 }
1701 }
1702
1703 /* CDP (CRL distribution points) */
1704 obj = _get_crl_dp(certificate);
1705 if (obj == NULL) {
1706 goto fail1;
1707 } else if (obj != Py_None) {
1708 result = PyDict_SetItemString(retval, "crlDistributionPoints", obj);
1709 Py_DECREF(obj);
1710 if (result < 0) {
1711 goto fail1;
1712 }
1713 }
1714
1715 BIO_free(biobuf);
1716 return retval;
1717
1718 fail1:
1719 if (biobuf != NULL)
1720 BIO_free(biobuf);
1721 fail0:
1722 Py_XDECREF(retval);
1723 return NULL;
1724 }
1725
1726 static PyObject *
_certificate_to_der(X509 * certificate)1727 _certificate_to_der(X509 *certificate)
1728 {
1729 unsigned char *bytes_buf = NULL;
1730 int len;
1731 PyObject *retval;
1732
1733 bytes_buf = NULL;
1734 len = i2d_X509(certificate, &bytes_buf);
1735 if (len < 0) {
1736 _setSSLError(NULL, 0, __FILE__, __LINE__);
1737 return NULL;
1738 }
1739 /* this is actually an immutable bytes sequence */
1740 retval = PyBytes_FromStringAndSize((const char *) bytes_buf, len);
1741 OPENSSL_free(bytes_buf);
1742 return retval;
1743 }
1744
1745 /*[clinic input]
1746 _ssl._test_decode_cert
1747 path: object(converter="PyUnicode_FSConverter")
1748 /
1749
1750 [clinic start generated code]*/
1751
1752 static PyObject *
_ssl__test_decode_cert_impl(PyObject * module,PyObject * path)1753 _ssl__test_decode_cert_impl(PyObject *module, PyObject *path)
1754 /*[clinic end generated code: output=96becb9abb23c091 input=cdeaaf02d4346628]*/
1755 {
1756 PyObject *retval = NULL;
1757 X509 *x=NULL;
1758 BIO *cert;
1759
1760 if ((cert=BIO_new(BIO_s_file())) == NULL) {
1761 PyErr_SetString(PySSLErrorObject,
1762 "Can't malloc memory to read file");
1763 goto fail0;
1764 }
1765
1766 if (BIO_read_filename(cert, PyBytes_AsString(path)) <= 0) {
1767 PyErr_SetString(PySSLErrorObject,
1768 "Can't open file");
1769 goto fail0;
1770 }
1771
1772 x = PEM_read_bio_X509_AUX(cert,NULL, NULL, NULL);
1773 if (x == NULL) {
1774 PyErr_SetString(PySSLErrorObject,
1775 "Error decoding PEM-encoded file");
1776 goto fail0;
1777 }
1778
1779 retval = _decode_certificate(x);
1780 X509_free(x);
1781
1782 fail0:
1783 Py_DECREF(path);
1784 if (cert != NULL) BIO_free(cert);
1785 return retval;
1786 }
1787
1788
1789 /*[clinic input]
1790 _ssl._SSLSocket.getpeercert
1791 der as binary_mode: bool = False
1792 /
1793
1794 Returns the certificate for the peer.
1795
1796 If no certificate was provided, returns None. If a certificate was
1797 provided, but not validated, returns an empty dictionary. Otherwise
1798 returns a dict containing information about the peer certificate.
1799
1800 If the optional argument is True, returns a DER-encoded copy of the
1801 peer certificate, or None if no certificate was provided. This will
1802 return the certificate even if it wasn't validated.
1803 [clinic start generated code]*/
1804
1805 static PyObject *
_ssl__SSLSocket_getpeercert_impl(PySSLSocket * self,int binary_mode)1806 _ssl__SSLSocket_getpeercert_impl(PySSLSocket *self, int binary_mode)
1807 /*[clinic end generated code: output=1f0ab66dfb693c88 input=c0fbe802e57629b7]*/
1808 {
1809 int verification;
1810 X509 *peer_cert;
1811 PyObject *result;
1812
1813 if (!SSL_is_init_finished(self->ssl)) {
1814 PyErr_SetString(PyExc_ValueError,
1815 "handshake not done yet");
1816 return NULL;
1817 }
1818 peer_cert = SSL_get_peer_certificate(self->ssl);
1819 if (peer_cert == NULL)
1820 Py_RETURN_NONE;
1821
1822 if (binary_mode) {
1823 /* return cert in DER-encoded format */
1824 result = _certificate_to_der(peer_cert);
1825 } else {
1826 verification = SSL_CTX_get_verify_mode(SSL_get_SSL_CTX(self->ssl));
1827 if ((verification & SSL_VERIFY_PEER) == 0)
1828 result = PyDict_New();
1829 else
1830 result = _decode_certificate(peer_cert);
1831 }
1832 X509_free(peer_cert);
1833 return result;
1834 }
1835
1836 static PyObject *
cipher_to_tuple(const SSL_CIPHER * cipher)1837 cipher_to_tuple(const SSL_CIPHER *cipher)
1838 {
1839 const char *cipher_name, *cipher_protocol;
1840 PyObject *v, *retval = PyTuple_New(3);
1841 if (retval == NULL)
1842 return NULL;
1843
1844 cipher_name = SSL_CIPHER_get_name(cipher);
1845 if (cipher_name == NULL) {
1846 Py_INCREF(Py_None);
1847 PyTuple_SET_ITEM(retval, 0, Py_None);
1848 } else {
1849 v = PyUnicode_FromString(cipher_name);
1850 if (v == NULL)
1851 goto fail;
1852 PyTuple_SET_ITEM(retval, 0, v);
1853 }
1854
1855 cipher_protocol = SSL_CIPHER_get_version(cipher);
1856 if (cipher_protocol == NULL) {
1857 Py_INCREF(Py_None);
1858 PyTuple_SET_ITEM(retval, 1, Py_None);
1859 } else {
1860 v = PyUnicode_FromString(cipher_protocol);
1861 if (v == NULL)
1862 goto fail;
1863 PyTuple_SET_ITEM(retval, 1, v);
1864 }
1865
1866 v = PyLong_FromLong(SSL_CIPHER_get_bits(cipher, NULL));
1867 if (v == NULL)
1868 goto fail;
1869 PyTuple_SET_ITEM(retval, 2, v);
1870
1871 return retval;
1872
1873 fail:
1874 Py_DECREF(retval);
1875 return NULL;
1876 }
1877
1878 #if OPENSSL_VERSION_NUMBER >= 0x10002000UL
1879 static PyObject *
cipher_to_dict(const SSL_CIPHER * cipher)1880 cipher_to_dict(const SSL_CIPHER *cipher)
1881 {
1882 const char *cipher_name, *cipher_protocol;
1883
1884 unsigned long cipher_id;
1885 int alg_bits, strength_bits, len;
1886 char buf[512] = {0};
1887 #if OPENSSL_VERSION_1_1
1888 int aead, nid;
1889 const char *skcipher = NULL, *digest = NULL, *kx = NULL, *auth = NULL;
1890 #endif
1891
1892 /* can be NULL */
1893 cipher_name = SSL_CIPHER_get_name(cipher);
1894 cipher_protocol = SSL_CIPHER_get_version(cipher);
1895 cipher_id = SSL_CIPHER_get_id(cipher);
1896 SSL_CIPHER_description(cipher, buf, sizeof(buf) - 1);
1897 /* Downcast to avoid a warning. Safe since buf is always 512 bytes */
1898 len = (int)strlen(buf);
1899 if (len > 1 && buf[len-1] == '\n')
1900 buf[len-1] = '\0';
1901 strength_bits = SSL_CIPHER_get_bits(cipher, &alg_bits);
1902
1903 #if OPENSSL_VERSION_1_1
1904 aead = SSL_CIPHER_is_aead(cipher);
1905 nid = SSL_CIPHER_get_cipher_nid(cipher);
1906 skcipher = nid != NID_undef ? OBJ_nid2ln(nid) : NULL;
1907 nid = SSL_CIPHER_get_digest_nid(cipher);
1908 digest = nid != NID_undef ? OBJ_nid2ln(nid) : NULL;
1909 nid = SSL_CIPHER_get_kx_nid(cipher);
1910 kx = nid != NID_undef ? OBJ_nid2ln(nid) : NULL;
1911 nid = SSL_CIPHER_get_auth_nid(cipher);
1912 auth = nid != NID_undef ? OBJ_nid2ln(nid) : NULL;
1913 #endif
1914
1915 return Py_BuildValue(
1916 "{sksssssssisi"
1917 #if OPENSSL_VERSION_1_1
1918 "sOssssssss"
1919 #endif
1920 "}",
1921 "id", cipher_id,
1922 "name", cipher_name,
1923 "protocol", cipher_protocol,
1924 "description", buf,
1925 "strength_bits", strength_bits,
1926 "alg_bits", alg_bits
1927 #if OPENSSL_VERSION_1_1
1928 ,"aead", aead ? Py_True : Py_False,
1929 "symmetric", skcipher,
1930 "digest", digest,
1931 "kea", kx,
1932 "auth", auth
1933 #endif
1934 );
1935 }
1936 #endif
1937
1938 /*[clinic input]
1939 _ssl._SSLSocket.shared_ciphers
1940 [clinic start generated code]*/
1941
1942 static PyObject *
_ssl__SSLSocket_shared_ciphers_impl(PySSLSocket * self)1943 _ssl__SSLSocket_shared_ciphers_impl(PySSLSocket *self)
1944 /*[clinic end generated code: output=3d174ead2e42c4fd input=0bfe149da8fe6306]*/
1945 {
1946 STACK_OF(SSL_CIPHER) *ciphers;
1947 int i;
1948 PyObject *res;
1949
1950 ciphers = SSL_get_ciphers(self->ssl);
1951 if (!ciphers)
1952 Py_RETURN_NONE;
1953 res = PyList_New(sk_SSL_CIPHER_num(ciphers));
1954 if (!res)
1955 return NULL;
1956 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
1957 PyObject *tup = cipher_to_tuple(sk_SSL_CIPHER_value(ciphers, i));
1958 if (!tup) {
1959 Py_DECREF(res);
1960 return NULL;
1961 }
1962 PyList_SET_ITEM(res, i, tup);
1963 }
1964 return res;
1965 }
1966
1967 /*[clinic input]
1968 _ssl._SSLSocket.cipher
1969 [clinic start generated code]*/
1970
1971 static PyObject *
_ssl__SSLSocket_cipher_impl(PySSLSocket * self)1972 _ssl__SSLSocket_cipher_impl(PySSLSocket *self)
1973 /*[clinic end generated code: output=376417c16d0e5815 input=548fb0e27243796d]*/
1974 {
1975 const SSL_CIPHER *current;
1976
1977 if (self->ssl == NULL)
1978 Py_RETURN_NONE;
1979 current = SSL_get_current_cipher(self->ssl);
1980 if (current == NULL)
1981 Py_RETURN_NONE;
1982 return cipher_to_tuple(current);
1983 }
1984
1985 /*[clinic input]
1986 _ssl._SSLSocket.version
1987 [clinic start generated code]*/
1988
1989 static PyObject *
_ssl__SSLSocket_version_impl(PySSLSocket * self)1990 _ssl__SSLSocket_version_impl(PySSLSocket *self)
1991 /*[clinic end generated code: output=178aed33193b2cdb input=900186a503436fd6]*/
1992 {
1993 const char *version;
1994
1995 if (self->ssl == NULL)
1996 Py_RETURN_NONE;
1997 if (!SSL_is_init_finished(self->ssl)) {
1998 /* handshake not finished */
1999 Py_RETURN_NONE;
2000 }
2001 version = SSL_get_version(self->ssl);
2002 if (!strcmp(version, "unknown"))
2003 Py_RETURN_NONE;
2004 return PyUnicode_FromString(version);
2005 }
2006
2007 #if HAVE_NPN
2008 /*[clinic input]
2009 _ssl._SSLSocket.selected_npn_protocol
2010 [clinic start generated code]*/
2011
2012 static PyObject *
_ssl__SSLSocket_selected_npn_protocol_impl(PySSLSocket * self)2013 _ssl__SSLSocket_selected_npn_protocol_impl(PySSLSocket *self)
2014 /*[clinic end generated code: output=b91d494cd207ecf6 input=c28fde139204b826]*/
2015 {
2016 const unsigned char *out;
2017 unsigned int outlen;
2018
2019 SSL_get0_next_proto_negotiated(self->ssl,
2020 &out, &outlen);
2021
2022 if (out == NULL)
2023 Py_RETURN_NONE;
2024 return PyUnicode_FromStringAndSize((char *)out, outlen);
2025 }
2026 #endif
2027
2028 #if HAVE_ALPN
2029 /*[clinic input]
2030 _ssl._SSLSocket.selected_alpn_protocol
2031 [clinic start generated code]*/
2032
2033 static PyObject *
_ssl__SSLSocket_selected_alpn_protocol_impl(PySSLSocket * self)2034 _ssl__SSLSocket_selected_alpn_protocol_impl(PySSLSocket *self)
2035 /*[clinic end generated code: output=ec33688b303d250f input=442de30e35bc2913]*/
2036 {
2037 const unsigned char *out;
2038 unsigned int outlen;
2039
2040 SSL_get0_alpn_selected(self->ssl, &out, &outlen);
2041
2042 if (out == NULL)
2043 Py_RETURN_NONE;
2044 return PyUnicode_FromStringAndSize((char *)out, outlen);
2045 }
2046 #endif
2047
2048 /*[clinic input]
2049 _ssl._SSLSocket.compression
2050 [clinic start generated code]*/
2051
2052 static PyObject *
_ssl__SSLSocket_compression_impl(PySSLSocket * self)2053 _ssl__SSLSocket_compression_impl(PySSLSocket *self)
2054 /*[clinic end generated code: output=bd16cb1bb4646ae7 input=5d059d0a2bbc32c8]*/
2055 {
2056 #ifdef OPENSSL_NO_COMP
2057 Py_RETURN_NONE;
2058 #else
2059 const COMP_METHOD *comp_method;
2060 const char *short_name;
2061
2062 if (self->ssl == NULL)
2063 Py_RETURN_NONE;
2064 comp_method = SSL_get_current_compression(self->ssl);
2065 if (comp_method == NULL || COMP_get_type(comp_method) == NID_undef)
2066 Py_RETURN_NONE;
2067 short_name = OBJ_nid2sn(COMP_get_type(comp_method));
2068 if (short_name == NULL)
2069 Py_RETURN_NONE;
2070 return PyUnicode_DecodeFSDefault(short_name);
2071 #endif
2072 }
2073
PySSL_get_context(PySSLSocket * self,void * closure)2074 static PySSLContext *PySSL_get_context(PySSLSocket *self, void *closure) {
2075 Py_INCREF(self->ctx);
2076 return self->ctx;
2077 }
2078
PySSL_set_context(PySSLSocket * self,PyObject * value,void * closure)2079 static int PySSL_set_context(PySSLSocket *self, PyObject *value,
2080 void *closure) {
2081
2082 if (PyObject_TypeCheck(value, &PySSLContext_Type)) {
2083 #if !HAVE_SNI
2084 PyErr_SetString(PyExc_NotImplementedError, "setting a socket's "
2085 "context is not supported by your OpenSSL library");
2086 return -1;
2087 #else
2088 Py_INCREF(value);
2089 Py_SETREF(self->ctx, (PySSLContext *)value);
2090 SSL_set_SSL_CTX(self->ssl, self->ctx->ctx);
2091 #endif
2092 } else {
2093 PyErr_SetString(PyExc_TypeError, "The value must be a SSLContext");
2094 return -1;
2095 }
2096
2097 return 0;
2098 }
2099
2100 PyDoc_STRVAR(PySSL_set_context_doc,
2101 "_setter_context(ctx)\n\
2102 \
2103 This changes the context associated with the SSLSocket. This is typically\n\
2104 used from within a callback function set by the sni_callback\n\
2105 on the SSLContext to change the certificate information associated with the\n\
2106 SSLSocket before the cryptographic exchange handshake messages\n");
2107
2108
2109 static PyObject *
PySSL_get_server_side(PySSLSocket * self,void * c)2110 PySSL_get_server_side(PySSLSocket *self, void *c)
2111 {
2112 return PyBool_FromLong(self->socket_type == PY_SSL_SERVER);
2113 }
2114
2115 PyDoc_STRVAR(PySSL_get_server_side_doc,
2116 "Whether this is a server-side socket.");
2117
2118 static PyObject *
PySSL_get_server_hostname(PySSLSocket * self,void * c)2119 PySSL_get_server_hostname(PySSLSocket *self, void *c)
2120 {
2121 if (self->server_hostname == NULL)
2122 Py_RETURN_NONE;
2123 Py_INCREF(self->server_hostname);
2124 return self->server_hostname;
2125 }
2126
2127 PyDoc_STRVAR(PySSL_get_server_hostname_doc,
2128 "The currently set server hostname (for SNI).");
2129
2130 static PyObject *
PySSL_get_owner(PySSLSocket * self,void * c)2131 PySSL_get_owner(PySSLSocket *self, void *c)
2132 {
2133 PyObject *owner;
2134
2135 if (self->owner == NULL)
2136 Py_RETURN_NONE;
2137
2138 owner = PyWeakref_GetObject(self->owner);
2139 Py_INCREF(owner);
2140 return owner;
2141 }
2142
2143 static int
PySSL_set_owner(PySSLSocket * self,PyObject * value,void * c)2144 PySSL_set_owner(PySSLSocket *self, PyObject *value, void *c)
2145 {
2146 Py_XSETREF(self->owner, PyWeakref_NewRef(value, NULL));
2147 if (self->owner == NULL)
2148 return -1;
2149 return 0;
2150 }
2151
2152 PyDoc_STRVAR(PySSL_get_owner_doc,
2153 "The Python-level owner of this object.\
2154 Passed as \"self\" in servername callback.");
2155
2156
PySSL_dealloc(PySSLSocket * self)2157 static void PySSL_dealloc(PySSLSocket *self)
2158 {
2159 if (self->ssl)
2160 SSL_free(self->ssl);
2161 Py_XDECREF(self->Socket);
2162 Py_XDECREF(self->ctx);
2163 Py_XDECREF(self->server_hostname);
2164 Py_XDECREF(self->owner);
2165 PyObject_Del(self);
2166 }
2167
2168 /* If the socket has a timeout, do a select()/poll() on the socket.
2169 The argument writing indicates the direction.
2170 Returns one of the possibilities in the timeout_state enum (above).
2171 */
2172
2173 static int
PySSL_select(PySocketSockObject * s,int writing,_PyTime_t timeout)2174 PySSL_select(PySocketSockObject *s, int writing, _PyTime_t timeout)
2175 {
2176 int rc;
2177 #ifdef HAVE_POLL
2178 struct pollfd pollfd;
2179 _PyTime_t ms;
2180 #else
2181 int nfds;
2182 fd_set fds;
2183 struct timeval tv;
2184 #endif
2185
2186 /* Nothing to do unless we're in timeout mode (not non-blocking) */
2187 if ((s == NULL) || (timeout == 0))
2188 return SOCKET_IS_NONBLOCKING;
2189 else if (timeout < 0) {
2190 if (s->sock_timeout > 0)
2191 return SOCKET_HAS_TIMED_OUT;
2192 else
2193 return SOCKET_IS_BLOCKING;
2194 }
2195
2196 /* Guard against closed socket */
2197 if (s->sock_fd == INVALID_SOCKET)
2198 return SOCKET_HAS_BEEN_CLOSED;
2199
2200 /* Prefer poll, if available, since you can poll() any fd
2201 * which can't be done with select(). */
2202 #ifdef HAVE_POLL
2203 pollfd.fd = s->sock_fd;
2204 pollfd.events = writing ? POLLOUT : POLLIN;
2205
2206 /* timeout is in seconds, poll() uses milliseconds */
2207 ms = (int)_PyTime_AsMilliseconds(timeout, _PyTime_ROUND_CEILING);
2208 assert(ms <= INT_MAX);
2209
2210 PySSL_BEGIN_ALLOW_THREADS
2211 rc = poll(&pollfd, 1, (int)ms);
2212 PySSL_END_ALLOW_THREADS
2213 #else
2214 /* Guard against socket too large for select*/
2215 if (!_PyIsSelectable_fd(s->sock_fd))
2216 return SOCKET_TOO_LARGE_FOR_SELECT;
2217
2218 _PyTime_AsTimeval_noraise(timeout, &tv, _PyTime_ROUND_CEILING);
2219
2220 FD_ZERO(&fds);
2221 FD_SET(s->sock_fd, &fds);
2222
2223 /* Wait until the socket becomes ready */
2224 PySSL_BEGIN_ALLOW_THREADS
2225 nfds = Py_SAFE_DOWNCAST(s->sock_fd+1, SOCKET_T, int);
2226 if (writing)
2227 rc = select(nfds, NULL, &fds, NULL, &tv);
2228 else
2229 rc = select(nfds, &fds, NULL, NULL, &tv);
2230 PySSL_END_ALLOW_THREADS
2231 #endif
2232
2233 /* Return SOCKET_TIMED_OUT on timeout, SOCKET_OPERATION_OK otherwise
2234 (when we are able to write or when there's something to read) */
2235 return rc == 0 ? SOCKET_HAS_TIMED_OUT : SOCKET_OPERATION_OK;
2236 }
2237
2238 /*[clinic input]
2239 _ssl._SSLSocket.write
2240 b: Py_buffer
2241 /
2242
2243 Writes the bytes-like object b into the SSL object.
2244
2245 Returns the number of bytes written.
2246 [clinic start generated code]*/
2247
2248 static PyObject *
_ssl__SSLSocket_write_impl(PySSLSocket * self,Py_buffer * b)2249 _ssl__SSLSocket_write_impl(PySSLSocket *self, Py_buffer *b)
2250 /*[clinic end generated code: output=aa7a6be5527358d8 input=77262d994fe5100a]*/
2251 {
2252 int len;
2253 int sockstate;
2254 _PySSLError err;
2255 int nonblocking;
2256 PySocketSockObject *sock = GET_SOCKET(self);
2257 _PyTime_t timeout, deadline = 0;
2258 int has_timeout;
2259
2260 if (sock != NULL) {
2261 if (((PyObject*)sock) == Py_None) {
2262 _setSSLError("Underlying socket connection gone",
2263 PY_SSL_ERROR_NO_SOCKET, __FILE__, __LINE__);
2264 return NULL;
2265 }
2266 Py_INCREF(sock);
2267 }
2268
2269 if (b->len > INT_MAX) {
2270 PyErr_Format(PyExc_OverflowError,
2271 "string longer than %d bytes", INT_MAX);
2272 goto error;
2273 }
2274
2275 if (sock != NULL) {
2276 /* just in case the blocking state of the socket has been changed */
2277 nonblocking = (sock->sock_timeout >= 0);
2278 BIO_set_nbio(SSL_get_rbio(self->ssl), nonblocking);
2279 BIO_set_nbio(SSL_get_wbio(self->ssl), nonblocking);
2280 }
2281
2282 timeout = GET_SOCKET_TIMEOUT(sock);
2283 has_timeout = (timeout > 0);
2284 if (has_timeout)
2285 deadline = _PyTime_GetMonotonicClock() + timeout;
2286
2287 sockstate = PySSL_select(sock, 1, timeout);
2288 if (sockstate == SOCKET_HAS_TIMED_OUT) {
2289 PyErr_SetString(PySocketModule.timeout_error,
2290 "The write operation timed out");
2291 goto error;
2292 } else if (sockstate == SOCKET_HAS_BEEN_CLOSED) {
2293 PyErr_SetString(PySSLErrorObject,
2294 "Underlying socket has been closed.");
2295 goto error;
2296 } else if (sockstate == SOCKET_TOO_LARGE_FOR_SELECT) {
2297 PyErr_SetString(PySSLErrorObject,
2298 "Underlying socket too large for select().");
2299 goto error;
2300 }
2301
2302 do {
2303 PySSL_BEGIN_ALLOW_THREADS
2304 len = SSL_write(self->ssl, b->buf, (int)b->len);
2305 err = _PySSL_errno(len <= 0, self->ssl, len);
2306 PySSL_END_ALLOW_THREADS
2307 self->err = err;
2308
2309 if (PyErr_CheckSignals())
2310 goto error;
2311
2312 if (has_timeout)
2313 timeout = deadline - _PyTime_GetMonotonicClock();
2314
2315 if (err.ssl == SSL_ERROR_WANT_READ) {
2316 sockstate = PySSL_select(sock, 0, timeout);
2317 } else if (err.ssl == SSL_ERROR_WANT_WRITE) {
2318 sockstate = PySSL_select(sock, 1, timeout);
2319 } else {
2320 sockstate = SOCKET_OPERATION_OK;
2321 }
2322
2323 if (sockstate == SOCKET_HAS_TIMED_OUT) {
2324 PyErr_SetString(PySocketModule.timeout_error,
2325 "The write operation timed out");
2326 goto error;
2327 } else if (sockstate == SOCKET_HAS_BEEN_CLOSED) {
2328 PyErr_SetString(PySSLErrorObject,
2329 "Underlying socket has been closed.");
2330 goto error;
2331 } else if (sockstate == SOCKET_IS_NONBLOCKING) {
2332 break;
2333 }
2334 } while (err.ssl == SSL_ERROR_WANT_READ ||
2335 err.ssl == SSL_ERROR_WANT_WRITE);
2336
2337 Py_XDECREF(sock);
2338 if (len > 0)
2339 return PyLong_FromLong(len);
2340 else
2341 return PySSL_SetError(self, len, __FILE__, __LINE__);
2342
2343 error:
2344 Py_XDECREF(sock);
2345 return NULL;
2346 }
2347
2348 /*[clinic input]
2349 _ssl._SSLSocket.pending
2350
2351 Returns the number of already decrypted bytes available for read, pending on the connection.
2352 [clinic start generated code]*/
2353
2354 static PyObject *
_ssl__SSLSocket_pending_impl(PySSLSocket * self)2355 _ssl__SSLSocket_pending_impl(PySSLSocket *self)
2356 /*[clinic end generated code: output=983d9fecdc308a83 input=2b77487d6dfd597f]*/
2357 {
2358 int count = 0;
2359 _PySSLError err;
2360
2361 PySSL_BEGIN_ALLOW_THREADS
2362 count = SSL_pending(self->ssl);
2363 err = _PySSL_errno(count < 0, self->ssl, count);
2364 PySSL_END_ALLOW_THREADS
2365 self->err = err;
2366
2367 if (count < 0)
2368 return PySSL_SetError(self, count, __FILE__, __LINE__);
2369 else
2370 return PyLong_FromLong(count);
2371 }
2372
2373 /*[clinic input]
2374 _ssl._SSLSocket.read
2375 size as len: int
2376 [
2377 buffer: Py_buffer(accept={rwbuffer})
2378 ]
2379 /
2380
2381 Read up to size bytes from the SSL socket.
2382 [clinic start generated code]*/
2383
2384 static PyObject *
_ssl__SSLSocket_read_impl(PySSLSocket * self,int len,int group_right_1,Py_buffer * buffer)2385 _ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1,
2386 Py_buffer *buffer)
2387 /*[clinic end generated code: output=00097776cec2a0af input=ff157eb918d0905b]*/
2388 {
2389 PyObject *dest = NULL;
2390 char *mem;
2391 int count;
2392 int sockstate;
2393 _PySSLError err;
2394 int nonblocking;
2395 PySocketSockObject *sock = GET_SOCKET(self);
2396 _PyTime_t timeout, deadline = 0;
2397 int has_timeout;
2398
2399 if (!group_right_1 && len < 0) {
2400 PyErr_SetString(PyExc_ValueError, "size should not be negative");
2401 return NULL;
2402 }
2403
2404 if (sock != NULL) {
2405 if (((PyObject*)sock) == Py_None) {
2406 _setSSLError("Underlying socket connection gone",
2407 PY_SSL_ERROR_NO_SOCKET, __FILE__, __LINE__);
2408 return NULL;
2409 }
2410 Py_INCREF(sock);
2411 }
2412
2413 if (!group_right_1) {
2414 dest = PyBytes_FromStringAndSize(NULL, len);
2415 if (dest == NULL)
2416 goto error;
2417 if (len == 0) {
2418 Py_XDECREF(sock);
2419 return dest;
2420 }
2421 mem = PyBytes_AS_STRING(dest);
2422 }
2423 else {
2424 mem = buffer->buf;
2425 if (len <= 0 || len > buffer->len) {
2426 len = (int) buffer->len;
2427 if (buffer->len != len) {
2428 PyErr_SetString(PyExc_OverflowError,
2429 "maximum length can't fit in a C 'int'");
2430 goto error;
2431 }
2432 if (len == 0) {
2433 count = 0;
2434 goto done;
2435 }
2436 }
2437 }
2438
2439 if (sock != NULL) {
2440 /* just in case the blocking state of the socket has been changed */
2441 nonblocking = (sock->sock_timeout >= 0);
2442 BIO_set_nbio(SSL_get_rbio(self->ssl), nonblocking);
2443 BIO_set_nbio(SSL_get_wbio(self->ssl), nonblocking);
2444 }
2445
2446 timeout = GET_SOCKET_TIMEOUT(sock);
2447 has_timeout = (timeout > 0);
2448 if (has_timeout)
2449 deadline = _PyTime_GetMonotonicClock() + timeout;
2450
2451 do {
2452 PySSL_BEGIN_ALLOW_THREADS
2453 count = SSL_read(self->ssl, mem, len);
2454 err = _PySSL_errno(count <= 0, self->ssl, count);
2455 PySSL_END_ALLOW_THREADS
2456 self->err = err;
2457
2458 if (PyErr_CheckSignals())
2459 goto error;
2460
2461 if (has_timeout)
2462 timeout = deadline - _PyTime_GetMonotonicClock();
2463
2464 if (err.ssl == SSL_ERROR_WANT_READ) {
2465 sockstate = PySSL_select(sock, 0, timeout);
2466 } else if (err.ssl == SSL_ERROR_WANT_WRITE) {
2467 sockstate = PySSL_select(sock, 1, timeout);
2468 } else if (err.ssl == SSL_ERROR_ZERO_RETURN &&
2469 SSL_get_shutdown(self->ssl) == SSL_RECEIVED_SHUTDOWN)
2470 {
2471 count = 0;
2472 goto done;
2473 }
2474 else
2475 sockstate = SOCKET_OPERATION_OK;
2476
2477 if (sockstate == SOCKET_HAS_TIMED_OUT) {
2478 PyErr_SetString(PySocketModule.timeout_error,
2479 "The read operation timed out");
2480 goto error;
2481 } else if (sockstate == SOCKET_IS_NONBLOCKING) {
2482 break;
2483 }
2484 } while (err.ssl == SSL_ERROR_WANT_READ ||
2485 err.ssl == SSL_ERROR_WANT_WRITE);
2486
2487 if (count <= 0) {
2488 PySSL_SetError(self, count, __FILE__, __LINE__);
2489 goto error;
2490 }
2491
2492 done:
2493 Py_XDECREF(sock);
2494 if (!group_right_1) {
2495 _PyBytes_Resize(&dest, count);
2496 return dest;
2497 }
2498 else {
2499 return PyLong_FromLong(count);
2500 }
2501
2502 error:
2503 Py_XDECREF(sock);
2504 if (!group_right_1)
2505 Py_XDECREF(dest);
2506 return NULL;
2507 }
2508
2509 /*[clinic input]
2510 _ssl._SSLSocket.shutdown
2511
2512 Does the SSL shutdown handshake with the remote end.
2513 [clinic start generated code]*/
2514
2515 static PyObject *
_ssl__SSLSocket_shutdown_impl(PySSLSocket * self)2516 _ssl__SSLSocket_shutdown_impl(PySSLSocket *self)
2517 /*[clinic end generated code: output=ca1aa7ed9d25ca42 input=11d39e69b0a2bf4a]*/
2518 {
2519 _PySSLError err;
2520 int sockstate, nonblocking, ret;
2521 int zeros = 0;
2522 PySocketSockObject *sock = GET_SOCKET(self);
2523 _PyTime_t timeout, deadline = 0;
2524 int has_timeout;
2525
2526 if (sock != NULL) {
2527 /* Guard against closed socket */
2528 if ((((PyObject*)sock) == Py_None) || (sock->sock_fd == INVALID_SOCKET)) {
2529 _setSSLError("Underlying socket connection gone",
2530 PY_SSL_ERROR_NO_SOCKET, __FILE__, __LINE__);
2531 return NULL;
2532 }
2533 Py_INCREF(sock);
2534
2535 /* Just in case the blocking state of the socket has been changed */
2536 nonblocking = (sock->sock_timeout >= 0);
2537 BIO_set_nbio(SSL_get_rbio(self->ssl), nonblocking);
2538 BIO_set_nbio(SSL_get_wbio(self->ssl), nonblocking);
2539 }
2540
2541 timeout = GET_SOCKET_TIMEOUT(sock);
2542 has_timeout = (timeout > 0);
2543 if (has_timeout)
2544 deadline = _PyTime_GetMonotonicClock() + timeout;
2545
2546 while (1) {
2547 PySSL_BEGIN_ALLOW_THREADS
2548 /* Disable read-ahead so that unwrap can work correctly.
2549 * Otherwise OpenSSL might read in too much data,
2550 * eating clear text data that happens to be
2551 * transmitted after the SSL shutdown.
2552 * Should be safe to call repeatedly every time this
2553 * function is used and the shutdown_seen_zero != 0
2554 * condition is met.
2555 */
2556 if (self->shutdown_seen_zero)
2557 SSL_set_read_ahead(self->ssl, 0);
2558 ret = SSL_shutdown(self->ssl);
2559 err = _PySSL_errno(ret < 0, self->ssl, ret);
2560 PySSL_END_ALLOW_THREADS
2561 self->err = err;
2562
2563 /* If err == 1, a secure shutdown with SSL_shutdown() is complete */
2564 if (ret > 0)
2565 break;
2566 if (ret == 0) {
2567 /* Don't loop endlessly; instead preserve legacy
2568 behaviour of trying SSL_shutdown() only twice.
2569 This looks necessary for OpenSSL < 0.9.8m */
2570 if (++zeros > 1)
2571 break;
2572 /* Shutdown was sent, now try receiving */
2573 self->shutdown_seen_zero = 1;
2574 continue;
2575 }
2576
2577 if (has_timeout)
2578 timeout = deadline - _PyTime_GetMonotonicClock();
2579
2580 /* Possibly retry shutdown until timeout or failure */
2581 if (err.ssl == SSL_ERROR_WANT_READ)
2582 sockstate = PySSL_select(sock, 0, timeout);
2583 else if (err.ssl == SSL_ERROR_WANT_WRITE)
2584 sockstate = PySSL_select(sock, 1, timeout);
2585 else
2586 break;
2587
2588 if (sockstate == SOCKET_HAS_TIMED_OUT) {
2589 if (err.ssl == SSL_ERROR_WANT_READ)
2590 PyErr_SetString(PySocketModule.timeout_error,
2591 "The read operation timed out");
2592 else
2593 PyErr_SetString(PySocketModule.timeout_error,
2594 "The write operation timed out");
2595 goto error;
2596 }
2597 else if (sockstate == SOCKET_TOO_LARGE_FOR_SELECT) {
2598 PyErr_SetString(PySSLErrorObject,
2599 "Underlying socket too large for select().");
2600 goto error;
2601 }
2602 else if (sockstate != SOCKET_OPERATION_OK)
2603 /* Retain the SSL error code */
2604 break;
2605 }
2606
2607 if (ret < 0) {
2608 Py_XDECREF(sock);
2609 return PySSL_SetError(self, ret, __FILE__, __LINE__);
2610 }
2611 if (sock)
2612 /* It's already INCREF'ed */
2613 return (PyObject *) sock;
2614 else
2615 Py_RETURN_NONE;
2616
2617 error:
2618 Py_XDECREF(sock);
2619 return NULL;
2620 }
2621
2622 /*[clinic input]
2623 _ssl._SSLSocket.get_channel_binding
2624 cb_type: str = "tls-unique"
2625
2626 Get channel binding data for current connection.
2627
2628 Raise ValueError if the requested `cb_type` is not supported. Return bytes
2629 of the data or None if the data is not available (e.g. before the handshake).
2630 Only 'tls-unique' channel binding data from RFC 5929 is supported.
2631 [clinic start generated code]*/
2632
2633 static PyObject *
_ssl__SSLSocket_get_channel_binding_impl(PySSLSocket * self,const char * cb_type)2634 _ssl__SSLSocket_get_channel_binding_impl(PySSLSocket *self,
2635 const char *cb_type)
2636 /*[clinic end generated code: output=34bac9acb6a61d31 input=08b7e43b99c17d41]*/
2637 {
2638 char buf[PySSL_CB_MAXLEN];
2639 size_t len;
2640
2641 if (strcmp(cb_type, "tls-unique") == 0) {
2642 if (SSL_session_reused(self->ssl) ^ !self->socket_type) {
2643 /* if session is resumed XOR we are the client */
2644 len = SSL_get_finished(self->ssl, buf, PySSL_CB_MAXLEN);
2645 }
2646 else {
2647 /* if a new session XOR we are the server */
2648 len = SSL_get_peer_finished(self->ssl, buf, PySSL_CB_MAXLEN);
2649 }
2650 }
2651 else {
2652 PyErr_Format(
2653 PyExc_ValueError,
2654 "'%s' channel binding type not implemented",
2655 cb_type
2656 );
2657 return NULL;
2658 }
2659
2660 /* It cannot be negative in current OpenSSL version as of July 2011 */
2661 if (len == 0)
2662 Py_RETURN_NONE;
2663
2664 return PyBytes_FromStringAndSize(buf, len);
2665 }
2666
2667 /*[clinic input]
2668 _ssl._SSLSocket.verify_client_post_handshake
2669
2670 Initiate TLS 1.3 post-handshake authentication
2671 [clinic start generated code]*/
2672
2673 static PyObject *
_ssl__SSLSocket_verify_client_post_handshake_impl(PySSLSocket * self)2674 _ssl__SSLSocket_verify_client_post_handshake_impl(PySSLSocket *self)
2675 /*[clinic end generated code: output=532147f3b1341425 input=6bfa874810a3d889]*/
2676 {
2677 #ifdef TLS1_3_VERSION
2678 int err = SSL_verify_client_post_handshake(self->ssl);
2679 if (err == 0)
2680 return _setSSLError(NULL, 0, __FILE__, __LINE__);
2681 else
2682 Py_RETURN_NONE;
2683 #else
2684 PyErr_SetString(PyExc_NotImplementedError,
2685 "Post-handshake auth is not supported by your "
2686 "OpenSSL version.");
2687 return NULL;
2688 #endif
2689 }
2690
2691 #ifdef OPENSSL_VERSION_1_1
2692
2693 static SSL_SESSION*
_ssl_session_dup(SSL_SESSION * session)2694 _ssl_session_dup(SSL_SESSION *session) {
2695 SSL_SESSION *newsession = NULL;
2696 int slen;
2697 unsigned char *senc = NULL, *p;
2698 const unsigned char *const_p;
2699
2700 if (session == NULL) {
2701 PyErr_SetString(PyExc_ValueError, "Invalid session");
2702 goto error;
2703 }
2704
2705 /* get length */
2706 slen = i2d_SSL_SESSION(session, NULL);
2707 if (slen == 0 || slen > 0xFF00) {
2708 PyErr_SetString(PyExc_ValueError, "i2d() failed.");
2709 goto error;
2710 }
2711 if ((senc = PyMem_Malloc(slen)) == NULL) {
2712 PyErr_NoMemory();
2713 goto error;
2714 }
2715 p = senc;
2716 if (!i2d_SSL_SESSION(session, &p)) {
2717 PyErr_SetString(PyExc_ValueError, "i2d() failed.");
2718 goto error;
2719 }
2720 const_p = senc;
2721 newsession = d2i_SSL_SESSION(NULL, &const_p, slen);
2722 if (session == NULL) {
2723 goto error;
2724 }
2725 PyMem_Free(senc);
2726 return newsession;
2727 error:
2728 if (senc != NULL) {
2729 PyMem_Free(senc);
2730 }
2731 return NULL;
2732 }
2733 #endif
2734
2735 static PyObject *
PySSL_get_session(PySSLSocket * self,void * closure)2736 PySSL_get_session(PySSLSocket *self, void *closure) {
2737 /* get_session can return sessions from a server-side connection,
2738 * it does not check for handshake done or client socket. */
2739 PySSLSession *pysess;
2740 SSL_SESSION *session;
2741
2742 #ifdef OPENSSL_VERSION_1_1
2743 /* duplicate session as workaround for session bug in OpenSSL 1.1.0,
2744 * https://github.com/openssl/openssl/issues/1550 */
2745 session = SSL_get0_session(self->ssl); /* borrowed reference */
2746 if (session == NULL) {
2747 Py_RETURN_NONE;
2748 }
2749 if ((session = _ssl_session_dup(session)) == NULL) {
2750 return NULL;
2751 }
2752 #else
2753 session = SSL_get1_session(self->ssl);
2754 if (session == NULL) {
2755 Py_RETURN_NONE;
2756 }
2757 #endif
2758 pysess = PyObject_GC_New(PySSLSession, &PySSLSession_Type);
2759 if (pysess == NULL) {
2760 SSL_SESSION_free(session);
2761 return NULL;
2762 }
2763
2764 assert(self->ctx);
2765 pysess->ctx = self->ctx;
2766 Py_INCREF(pysess->ctx);
2767 pysess->session = session;
2768 PyObject_GC_Track(pysess);
2769 return (PyObject *)pysess;
2770 }
2771
PySSL_set_session(PySSLSocket * self,PyObject * value,void * closure)2772 static int PySSL_set_session(PySSLSocket *self, PyObject *value,
2773 void *closure)
2774 {
2775 PySSLSession *pysess;
2776 #ifdef OPENSSL_VERSION_1_1
2777 SSL_SESSION *session;
2778 #endif
2779 int result;
2780
2781 if (!PySSLSession_Check(value)) {
2782 PyErr_SetString(PyExc_TypeError, "Value is not a SSLSession.");
2783 return -1;
2784 }
2785 pysess = (PySSLSession *)value;
2786
2787 if (self->ctx->ctx != pysess->ctx->ctx) {
2788 PyErr_SetString(PyExc_ValueError,
2789 "Session refers to a different SSLContext.");
2790 return -1;
2791 }
2792 if (self->socket_type != PY_SSL_CLIENT) {
2793 PyErr_SetString(PyExc_ValueError,
2794 "Cannot set session for server-side SSLSocket.");
2795 return -1;
2796 }
2797 if (SSL_is_init_finished(self->ssl)) {
2798 PyErr_SetString(PyExc_ValueError,
2799 "Cannot set session after handshake.");
2800 return -1;
2801 }
2802 #ifdef OPENSSL_VERSION_1_1
2803 /* duplicate session */
2804 if ((session = _ssl_session_dup(pysess->session)) == NULL) {
2805 return -1;
2806 }
2807 result = SSL_set_session(self->ssl, session);
2808 /* free duplicate, SSL_set_session() bumps ref count */
2809 SSL_SESSION_free(session);
2810 #else
2811 result = SSL_set_session(self->ssl, pysess->session);
2812 #endif
2813 if (result == 0) {
2814 _setSSLError(NULL, 0, __FILE__, __LINE__);
2815 return -1;
2816 }
2817 return 0;
2818 }
2819
2820 PyDoc_STRVAR(PySSL_set_session_doc,
2821 "_setter_session(session)\n\
2822 \
2823 Get / set SSLSession.");
2824
2825 static PyObject *
PySSL_get_session_reused(PySSLSocket * self,void * closure)2826 PySSL_get_session_reused(PySSLSocket *self, void *closure) {
2827 if (SSL_session_reused(self->ssl)) {
2828 Py_RETURN_TRUE;
2829 } else {
2830 Py_RETURN_FALSE;
2831 }
2832 }
2833
2834 PyDoc_STRVAR(PySSL_get_session_reused_doc,
2835 "Was the client session reused during handshake?");
2836
2837 static PyGetSetDef ssl_getsetlist[] = {
2838 {"context", (getter) PySSL_get_context,
2839 (setter) PySSL_set_context, PySSL_set_context_doc},
2840 {"server_side", (getter) PySSL_get_server_side, NULL,
2841 PySSL_get_server_side_doc},
2842 {"server_hostname", (getter) PySSL_get_server_hostname, NULL,
2843 PySSL_get_server_hostname_doc},
2844 {"owner", (getter) PySSL_get_owner, (setter) PySSL_set_owner,
2845 PySSL_get_owner_doc},
2846 {"session", (getter) PySSL_get_session,
2847 (setter) PySSL_set_session, PySSL_set_session_doc},
2848 {"session_reused", (getter) PySSL_get_session_reused, NULL,
2849 PySSL_get_session_reused_doc},
2850 {NULL}, /* sentinel */
2851 };
2852
2853 static PyMethodDef PySSLMethods[] = {
2854 _SSL__SSLSOCKET_DO_HANDSHAKE_METHODDEF
2855 _SSL__SSLSOCKET_WRITE_METHODDEF
2856 _SSL__SSLSOCKET_READ_METHODDEF
2857 _SSL__SSLSOCKET_PENDING_METHODDEF
2858 _SSL__SSLSOCKET_GETPEERCERT_METHODDEF
2859 _SSL__SSLSOCKET_GET_CHANNEL_BINDING_METHODDEF
2860 _SSL__SSLSOCKET_CIPHER_METHODDEF
2861 _SSL__SSLSOCKET_SHARED_CIPHERS_METHODDEF
2862 _SSL__SSLSOCKET_VERSION_METHODDEF
2863 _SSL__SSLSOCKET_SELECTED_NPN_PROTOCOL_METHODDEF
2864 _SSL__SSLSOCKET_SELECTED_ALPN_PROTOCOL_METHODDEF
2865 _SSL__SSLSOCKET_COMPRESSION_METHODDEF
2866 _SSL__SSLSOCKET_SHUTDOWN_METHODDEF
2867 _SSL__SSLSOCKET_VERIFY_CLIENT_POST_HANDSHAKE_METHODDEF
2868 {NULL, NULL}
2869 };
2870
2871 static PyTypeObject PySSLSocket_Type = {
2872 PyVarObject_HEAD_INIT(NULL, 0)
2873 "_ssl._SSLSocket", /*tp_name*/
2874 sizeof(PySSLSocket), /*tp_basicsize*/
2875 0, /*tp_itemsize*/
2876 /* methods */
2877 (destructor)PySSL_dealloc, /*tp_dealloc*/
2878 0, /*tp_print*/
2879 0, /*tp_getattr*/
2880 0, /*tp_setattr*/
2881 0, /*tp_reserved*/
2882 0, /*tp_repr*/
2883 0, /*tp_as_number*/
2884 0, /*tp_as_sequence*/
2885 0, /*tp_as_mapping*/
2886 0, /*tp_hash*/
2887 0, /*tp_call*/
2888 0, /*tp_str*/
2889 0, /*tp_getattro*/
2890 0, /*tp_setattro*/
2891 0, /*tp_as_buffer*/
2892 Py_TPFLAGS_DEFAULT, /*tp_flags*/
2893 0, /*tp_doc*/
2894 0, /*tp_traverse*/
2895 0, /*tp_clear*/
2896 0, /*tp_richcompare*/
2897 0, /*tp_weaklistoffset*/
2898 0, /*tp_iter*/
2899 0, /*tp_iternext*/
2900 PySSLMethods, /*tp_methods*/
2901 0, /*tp_members*/
2902 ssl_getsetlist, /*tp_getset*/
2903 };
2904
2905
2906 /*
2907 * _SSLContext objects
2908 */
2909
2910 static int
_set_verify_mode(PySSLContext * self,enum py_ssl_cert_requirements n)2911 _set_verify_mode(PySSLContext *self, enum py_ssl_cert_requirements n)
2912 {
2913 int mode;
2914 int (*verify_cb)(int, X509_STORE_CTX *) = NULL;
2915
2916 switch(n) {
2917 case PY_SSL_CERT_NONE:
2918 mode = SSL_VERIFY_NONE;
2919 break;
2920 case PY_SSL_CERT_OPTIONAL:
2921 mode = SSL_VERIFY_PEER;
2922 break;
2923 case PY_SSL_CERT_REQUIRED:
2924 mode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
2925 break;
2926 default:
2927 PyErr_SetString(PyExc_ValueError,
2928 "invalid value for verify_mode");
2929 return -1;
2930 }
2931 #ifdef TLS1_3_VERSION
2932 if (self->post_handshake_auth)
2933 mode |= SSL_VERIFY_POST_HANDSHAKE;
2934 #endif
2935 /* keep current verify cb */
2936 verify_cb = SSL_CTX_get_verify_callback(self->ctx);
2937 SSL_CTX_set_verify(self->ctx, mode, verify_cb);
2938 return 0;
2939 }
2940
2941 /*[clinic input]
2942 @classmethod
2943 _ssl._SSLContext.__new__
2944 protocol as proto_version: int
2945 /
2946 [clinic start generated code]*/
2947
2948 static PyObject *
_ssl__SSLContext_impl(PyTypeObject * type,int proto_version)2949 _ssl__SSLContext_impl(PyTypeObject *type, int proto_version)
2950 /*[clinic end generated code: output=2cf0d7a0741b6bd1 input=8d58a805b95fc534]*/
2951 {
2952 PySSLContext *self;
2953 long options;
2954 SSL_CTX *ctx = NULL;
2955 X509_VERIFY_PARAM *params;
2956 int result;
2957 #if defined(SSL_MODE_RELEASE_BUFFERS)
2958 unsigned long libver;
2959 #endif
2960
2961 PySSL_BEGIN_ALLOW_THREADS
2962 if (proto_version == PY_SSL_VERSION_TLS1)
2963 ctx = SSL_CTX_new(TLSv1_method());
2964 #if HAVE_TLSv1_2
2965 else if (proto_version == PY_SSL_VERSION_TLS1_1)
2966 ctx = SSL_CTX_new(TLSv1_1_method());
2967 else if (proto_version == PY_SSL_VERSION_TLS1_2)
2968 ctx = SSL_CTX_new(TLSv1_2_method());
2969 #endif
2970 #ifndef OPENSSL_NO_SSL3
2971 else if (proto_version == PY_SSL_VERSION_SSL3)
2972 ctx = SSL_CTX_new(SSLv3_method());
2973 #endif
2974 #ifndef OPENSSL_NO_SSL2
2975 else if (proto_version == PY_SSL_VERSION_SSL2)
2976 ctx = SSL_CTX_new(SSLv2_method());
2977 #endif
2978 else if (proto_version == PY_SSL_VERSION_TLS) /* SSLv23 */
2979 ctx = SSL_CTX_new(TLS_method());
2980 else if (proto_version == PY_SSL_VERSION_TLS_CLIENT)
2981 ctx = SSL_CTX_new(TLS_client_method());
2982 else if (proto_version == PY_SSL_VERSION_TLS_SERVER)
2983 ctx = SSL_CTX_new(TLS_server_method());
2984 else
2985 proto_version = -1;
2986 PySSL_END_ALLOW_THREADS
2987
2988 if (proto_version == -1) {
2989 PyErr_SetString(PyExc_ValueError,
2990 "invalid protocol version");
2991 return NULL;
2992 }
2993 if (ctx == NULL) {
2994 _setSSLError(NULL, 0, __FILE__, __LINE__);
2995 return NULL;
2996 }
2997
2998 assert(type != NULL && type->tp_alloc != NULL);
2999 self = (PySSLContext *) type->tp_alloc(type, 0);
3000 if (self == NULL) {
3001 SSL_CTX_free(ctx);
3002 return NULL;
3003 }
3004 self->ctx = ctx;
3005 self->hostflags = X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS;
3006 self->protocol = proto_version;
3007 #if HAVE_NPN
3008 self->npn_protocols = NULL;
3009 #endif
3010 #if HAVE_ALPN
3011 self->alpn_protocols = NULL;
3012 #endif
3013 #ifndef OPENSSL_NO_TLSEXT
3014 self->set_sni_cb = NULL;
3015 #endif
3016 /* Don't check host name by default */
3017 if (proto_version == PY_SSL_VERSION_TLS_CLIENT) {
3018 self->check_hostname = 1;
3019 if (_set_verify_mode(self, PY_SSL_CERT_REQUIRED) == -1) {
3020 Py_DECREF(self);
3021 return NULL;
3022 }
3023 } else {
3024 self->check_hostname = 0;
3025 if (_set_verify_mode(self, PY_SSL_CERT_NONE) == -1) {
3026 Py_DECREF(self);
3027 return NULL;
3028 }
3029 }
3030 /* Defaults */
3031 options = SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
3032 if (proto_version != PY_SSL_VERSION_SSL2)
3033 options |= SSL_OP_NO_SSLv2;
3034 if (proto_version != PY_SSL_VERSION_SSL3)
3035 options |= SSL_OP_NO_SSLv3;
3036 /* Minimal security flags for server and client side context.
3037 * Client sockets ignore server-side parameters. */
3038 #ifdef SSL_OP_NO_COMPRESSION
3039 options |= SSL_OP_NO_COMPRESSION;
3040 #endif
3041 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
3042 options |= SSL_OP_CIPHER_SERVER_PREFERENCE;
3043 #endif
3044 #ifdef SSL_OP_SINGLE_DH_USE
3045 options |= SSL_OP_SINGLE_DH_USE;
3046 #endif
3047 #ifdef SSL_OP_SINGLE_ECDH_USE
3048 options |= SSL_OP_SINGLE_ECDH_USE;
3049 #endif
3050 SSL_CTX_set_options(self->ctx, options);
3051
3052 /* A bare minimum cipher list without completely broken cipher suites.
3053 * It's far from perfect but gives users a better head start. */
3054 if (proto_version != PY_SSL_VERSION_SSL2) {
3055 #if PY_SSL_DEFAULT_CIPHERS == 2
3056 /* stick to OpenSSL's default settings */
3057 result = 1;
3058 #else
3059 result = SSL_CTX_set_cipher_list(ctx, PY_SSL_DEFAULT_CIPHER_STRING);
3060 #endif
3061 } else {
3062 /* SSLv2 needs MD5 */
3063 result = SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!eNULL");
3064 }
3065 if (result == 0) {
3066 Py_DECREF(self);
3067 ERR_clear_error();
3068 PyErr_SetString(PySSLErrorObject,
3069 "No cipher can be selected.");
3070 return NULL;
3071 }
3072
3073 #if defined(SSL_MODE_RELEASE_BUFFERS)
3074 /* Set SSL_MODE_RELEASE_BUFFERS. This potentially greatly reduces memory
3075 usage for no cost at all. However, don't do this for OpenSSL versions
3076 between 1.0.1 and 1.0.1h or 1.0.0 and 1.0.0m, which are affected by CVE
3077 2014-0198. I can't find exactly which beta fixed this CVE, so be
3078 conservative and assume it wasn't fixed until release. We do this check
3079 at runtime to avoid problems from the dynamic linker.
3080 See #25672 for more on this. */
3081 libver = SSLeay();
3082 if (!(libver >= 0x10001000UL && libver < 0x1000108fUL) &&
3083 !(libver >= 0x10000000UL && libver < 0x100000dfUL)) {
3084 SSL_CTX_set_mode(self->ctx, SSL_MODE_RELEASE_BUFFERS);
3085 }
3086 #endif
3087
3088
3089 #if !defined(OPENSSL_NO_ECDH) && !defined(OPENSSL_VERSION_1_1)
3090 /* Allow automatic ECDH curve selection (on OpenSSL 1.0.2+), or use
3091 prime256v1 by default. This is Apache mod_ssl's initialization
3092 policy, so we should be safe. OpenSSL 1.1 has it enabled by default.
3093 */
3094 #if defined(SSL_CTX_set_ecdh_auto)
3095 SSL_CTX_set_ecdh_auto(self->ctx, 1);
3096 #else
3097 {
3098 EC_KEY *key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
3099 SSL_CTX_set_tmp_ecdh(self->ctx, key);
3100 EC_KEY_free(key);
3101 }
3102 #endif
3103 #endif
3104
3105 #define SID_CTX "Python"
3106 SSL_CTX_set_session_id_context(self->ctx, (const unsigned char *) SID_CTX,
3107 sizeof(SID_CTX));
3108 #undef SID_CTX
3109
3110 params = SSL_CTX_get0_param(self->ctx);
3111 #ifdef X509_V_FLAG_TRUSTED_FIRST
3112 /* Improve trust chain building when cross-signed intermediate
3113 certificates are present. See https://bugs.python.org/issue23476. */
3114 X509_VERIFY_PARAM_set_flags(params, X509_V_FLAG_TRUSTED_FIRST);
3115 #endif
3116 X509_VERIFY_PARAM_set_hostflags(params, self->hostflags);
3117
3118 #ifdef TLS1_3_VERSION
3119 self->post_handshake_auth = 0;
3120 SSL_CTX_set_post_handshake_auth(self->ctx, self->post_handshake_auth);
3121 #endif
3122
3123 return (PyObject *)self;
3124 }
3125
3126 static int
context_traverse(PySSLContext * self,visitproc visit,void * arg)3127 context_traverse(PySSLContext *self, visitproc visit, void *arg)
3128 {
3129 #ifndef OPENSSL_NO_TLSEXT
3130 Py_VISIT(self->set_sni_cb);
3131 #endif
3132 return 0;
3133 }
3134
3135 static int
context_clear(PySSLContext * self)3136 context_clear(PySSLContext *self)
3137 {
3138 #ifndef OPENSSL_NO_TLSEXT
3139 Py_CLEAR(self->set_sni_cb);
3140 #endif
3141 return 0;
3142 }
3143
3144 static void
context_dealloc(PySSLContext * self)3145 context_dealloc(PySSLContext *self)
3146 {
3147 /* bpo-31095: UnTrack is needed before calling any callbacks */
3148 PyObject_GC_UnTrack(self);
3149 context_clear(self);
3150 SSL_CTX_free(self->ctx);
3151 #if HAVE_NPN
3152 PyMem_FREE(self->npn_protocols);
3153 #endif
3154 #if HAVE_ALPN
3155 PyMem_FREE(self->alpn_protocols);
3156 #endif
3157 Py_TYPE(self)->tp_free(self);
3158 }
3159
3160 /*[clinic input]
3161 _ssl._SSLContext.set_ciphers
3162 cipherlist: str
3163 /
3164 [clinic start generated code]*/
3165
3166 static PyObject *
_ssl__SSLContext_set_ciphers_impl(PySSLContext * self,const char * cipherlist)3167 _ssl__SSLContext_set_ciphers_impl(PySSLContext *self, const char *cipherlist)
3168 /*[clinic end generated code: output=3a3162f3557c0f3f input=a7ac931b9f3ca7fc]*/
3169 {
3170 int ret = SSL_CTX_set_cipher_list(self->ctx, cipherlist);
3171 if (ret == 0) {
3172 /* Clearing the error queue is necessary on some OpenSSL versions,
3173 otherwise the error will be reported again when another SSL call
3174 is done. */
3175 ERR_clear_error();
3176 PyErr_SetString(PySSLErrorObject,
3177 "No cipher can be selected.");
3178 return NULL;
3179 }
3180 Py_RETURN_NONE;
3181 }
3182
3183 #if OPENSSL_VERSION_NUMBER >= 0x10002000UL
3184 /*[clinic input]
3185 _ssl._SSLContext.get_ciphers
3186 [clinic start generated code]*/
3187
3188 static PyObject *
_ssl__SSLContext_get_ciphers_impl(PySSLContext * self)3189 _ssl__SSLContext_get_ciphers_impl(PySSLContext *self)
3190 /*[clinic end generated code: output=a56e4d68a406dfc4 input=a2aadc9af89b79c5]*/
3191 {
3192 SSL *ssl = NULL;
3193 STACK_OF(SSL_CIPHER) *sk = NULL;
3194 const SSL_CIPHER *cipher;
3195 int i=0;
3196 PyObject *result = NULL, *dct;
3197
3198 ssl = SSL_new(self->ctx);
3199 if (ssl == NULL) {
3200 _setSSLError(NULL, 0, __FILE__, __LINE__);
3201 goto exit;
3202 }
3203 sk = SSL_get_ciphers(ssl);
3204
3205 result = PyList_New(sk_SSL_CIPHER_num(sk));
3206 if (result == NULL) {
3207 goto exit;
3208 }
3209
3210 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
3211 cipher = sk_SSL_CIPHER_value(sk, i);
3212 dct = cipher_to_dict(cipher);
3213 if (dct == NULL) {
3214 Py_CLEAR(result);
3215 goto exit;
3216 }
3217 PyList_SET_ITEM(result, i, dct);
3218 }
3219
3220 exit:
3221 if (ssl != NULL)
3222 SSL_free(ssl);
3223 return result;
3224
3225 }
3226 #endif
3227
3228
3229 #if HAVE_NPN || HAVE_ALPN
3230 static int
do_protocol_selection(int alpn,unsigned char ** out,unsigned char * outlen,const unsigned char * server_protocols,unsigned int server_protocols_len,const unsigned char * client_protocols,unsigned int client_protocols_len)3231 do_protocol_selection(int alpn, unsigned char **out, unsigned char *outlen,
3232 const unsigned char *server_protocols, unsigned int server_protocols_len,
3233 const unsigned char *client_protocols, unsigned int client_protocols_len)
3234 {
3235 int ret;
3236 if (client_protocols == NULL) {
3237 client_protocols = (unsigned char *)"";
3238 client_protocols_len = 0;
3239 }
3240 if (server_protocols == NULL) {
3241 server_protocols = (unsigned char *)"";
3242 server_protocols_len = 0;
3243 }
3244
3245 ret = SSL_select_next_proto(out, outlen,
3246 server_protocols, server_protocols_len,
3247 client_protocols, client_protocols_len);
3248 if (alpn && ret != OPENSSL_NPN_NEGOTIATED)
3249 return SSL_TLSEXT_ERR_NOACK;
3250
3251 return SSL_TLSEXT_ERR_OK;
3252 }
3253 #endif
3254
3255 #if HAVE_NPN
3256 /* this callback gets passed to SSL_CTX_set_next_protos_advertise_cb */
3257 static int
_advertiseNPN_cb(SSL * s,const unsigned char ** data,unsigned int * len,void * args)3258 _advertiseNPN_cb(SSL *s,
3259 const unsigned char **data, unsigned int *len,
3260 void *args)
3261 {
3262 PySSLContext *ssl_ctx = (PySSLContext *) args;
3263
3264 if (ssl_ctx->npn_protocols == NULL) {
3265 *data = (unsigned char *)"";
3266 *len = 0;
3267 } else {
3268 *data = ssl_ctx->npn_protocols;
3269 *len = ssl_ctx->npn_protocols_len;
3270 }
3271
3272 return SSL_TLSEXT_ERR_OK;
3273 }
3274 /* this callback gets passed to SSL_CTX_set_next_proto_select_cb */
3275 static int
_selectNPN_cb(SSL * s,unsigned char ** out,unsigned char * outlen,const unsigned char * server,unsigned int server_len,void * args)3276 _selectNPN_cb(SSL *s,
3277 unsigned char **out, unsigned char *outlen,
3278 const unsigned char *server, unsigned int server_len,
3279 void *args)
3280 {
3281 PySSLContext *ctx = (PySSLContext *)args;
3282 return do_protocol_selection(0, out, outlen, server, server_len,
3283 ctx->npn_protocols, ctx->npn_protocols_len);
3284 }
3285 #endif
3286
3287 /*[clinic input]
3288 _ssl._SSLContext._set_npn_protocols
3289 protos: Py_buffer
3290 /
3291 [clinic start generated code]*/
3292
3293 static PyObject *
_ssl__SSLContext__set_npn_protocols_impl(PySSLContext * self,Py_buffer * protos)3294 _ssl__SSLContext__set_npn_protocols_impl(PySSLContext *self,
3295 Py_buffer *protos)
3296 /*[clinic end generated code: output=72b002c3324390c6 input=319fcb66abf95bd7]*/
3297 {
3298 #if HAVE_NPN
3299 PyMem_Free(self->npn_protocols);
3300 self->npn_protocols = PyMem_Malloc(protos->len);
3301 if (self->npn_protocols == NULL)
3302 return PyErr_NoMemory();
3303 memcpy(self->npn_protocols, protos->buf, protos->len);
3304 self->npn_protocols_len = (int) protos->len;
3305
3306 /* set both server and client callbacks, because the context can
3307 * be used to create both types of sockets */
3308 SSL_CTX_set_next_protos_advertised_cb(self->ctx,
3309 _advertiseNPN_cb,
3310 self);
3311 SSL_CTX_set_next_proto_select_cb(self->ctx,
3312 _selectNPN_cb,
3313 self);
3314
3315 Py_RETURN_NONE;
3316 #else
3317 PyErr_SetString(PyExc_NotImplementedError,
3318 "The NPN extension requires OpenSSL 1.0.1 or later.");
3319 return NULL;
3320 #endif
3321 }
3322
3323 #if HAVE_ALPN
3324 static int
_selectALPN_cb(SSL * s,const unsigned char ** out,unsigned char * outlen,const unsigned char * client_protocols,unsigned int client_protocols_len,void * args)3325 _selectALPN_cb(SSL *s,
3326 const unsigned char **out, unsigned char *outlen,
3327 const unsigned char *client_protocols, unsigned int client_protocols_len,
3328 void *args)
3329 {
3330 PySSLContext *ctx = (PySSLContext *)args;
3331 return do_protocol_selection(1, (unsigned char **)out, outlen,
3332 ctx->alpn_protocols, ctx->alpn_protocols_len,
3333 client_protocols, client_protocols_len);
3334 }
3335 #endif
3336
3337 /*[clinic input]
3338 _ssl._SSLContext._set_alpn_protocols
3339 protos: Py_buffer
3340 /
3341 [clinic start generated code]*/
3342
3343 static PyObject *
_ssl__SSLContext__set_alpn_protocols_impl(PySSLContext * self,Py_buffer * protos)3344 _ssl__SSLContext__set_alpn_protocols_impl(PySSLContext *self,
3345 Py_buffer *protos)
3346 /*[clinic end generated code: output=87599a7f76651a9b input=9bba964595d519be]*/
3347 {
3348 #if HAVE_ALPN
3349 if ((size_t)protos->len > UINT_MAX) {
3350 PyErr_Format(PyExc_OverflowError,
3351 "protocols longer than %d bytes", UINT_MAX);
3352 return NULL;
3353 }
3354
3355 PyMem_FREE(self->alpn_protocols);
3356 self->alpn_protocols = PyMem_Malloc(protos->len);
3357 if (!self->alpn_protocols)
3358 return PyErr_NoMemory();
3359 memcpy(self->alpn_protocols, protos->buf, protos->len);
3360 self->alpn_protocols_len = (unsigned int)protos->len;
3361
3362 if (SSL_CTX_set_alpn_protos(self->ctx, self->alpn_protocols, self->alpn_protocols_len))
3363 return PyErr_NoMemory();
3364 SSL_CTX_set_alpn_select_cb(self->ctx, _selectALPN_cb, self);
3365
3366 Py_RETURN_NONE;
3367 #else
3368 PyErr_SetString(PyExc_NotImplementedError,
3369 "The ALPN extension requires OpenSSL 1.0.2 or later.");
3370 return NULL;
3371 #endif
3372 }
3373
3374 static PyObject *
get_verify_mode(PySSLContext * self,void * c)3375 get_verify_mode(PySSLContext *self, void *c)
3376 {
3377 /* ignore SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE */
3378 int mask = (SSL_VERIFY_NONE | SSL_VERIFY_PEER |
3379 SSL_VERIFY_FAIL_IF_NO_PEER_CERT);
3380 switch (SSL_CTX_get_verify_mode(self->ctx) & mask) {
3381 case SSL_VERIFY_NONE:
3382 return PyLong_FromLong(PY_SSL_CERT_NONE);
3383 case SSL_VERIFY_PEER:
3384 return PyLong_FromLong(PY_SSL_CERT_OPTIONAL);
3385 case SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT:
3386 return PyLong_FromLong(PY_SSL_CERT_REQUIRED);
3387 }
3388 PyErr_SetString(PySSLErrorObject,
3389 "invalid return value from SSL_CTX_get_verify_mode");
3390 return NULL;
3391 }
3392
3393 static int
set_verify_mode(PySSLContext * self,PyObject * arg,void * c)3394 set_verify_mode(PySSLContext *self, PyObject *arg, void *c)
3395 {
3396 int n;
3397 if (!PyArg_Parse(arg, "i", &n))
3398 return -1;
3399 if (n == PY_SSL_CERT_NONE && self->check_hostname) {
3400 PyErr_SetString(PyExc_ValueError,
3401 "Cannot set verify_mode to CERT_NONE when "
3402 "check_hostname is enabled.");
3403 return -1;
3404 }
3405 return _set_verify_mode(self, n);
3406 }
3407
3408 static PyObject *
get_verify_flags(PySSLContext * self,void * c)3409 get_verify_flags(PySSLContext *self, void *c)
3410 {
3411 X509_VERIFY_PARAM *param;
3412 unsigned long flags;
3413
3414 param = SSL_CTX_get0_param(self->ctx);
3415 flags = X509_VERIFY_PARAM_get_flags(param);
3416 return PyLong_FromUnsignedLong(flags);
3417 }
3418
3419 static int
set_verify_flags(PySSLContext * self,PyObject * arg,void * c)3420 set_verify_flags(PySSLContext *self, PyObject *arg, void *c)
3421 {
3422 X509_VERIFY_PARAM *param;
3423 unsigned long new_flags, flags, set, clear;
3424
3425 if (!PyArg_Parse(arg, "k", &new_flags))
3426 return -1;
3427 param = SSL_CTX_get0_param(self->ctx);
3428 flags = X509_VERIFY_PARAM_get_flags(param);
3429 clear = flags & ~new_flags;
3430 set = ~flags & new_flags;
3431 if (clear) {
3432 if (!X509_VERIFY_PARAM_clear_flags(param, clear)) {
3433 _setSSLError(NULL, 0, __FILE__, __LINE__);
3434 return -1;
3435 }
3436 }
3437 if (set) {
3438 if (!X509_VERIFY_PARAM_set_flags(param, set)) {
3439 _setSSLError(NULL, 0, __FILE__, __LINE__);
3440 return -1;
3441 }
3442 }
3443 return 0;
3444 }
3445
3446 /* Getter and setter for protocol version */
3447 #if defined(SSL_CTRL_GET_MAX_PROTO_VERSION)
3448
3449
3450 static int
set_min_max_proto_version(PySSLContext * self,PyObject * arg,int what)3451 set_min_max_proto_version(PySSLContext *self, PyObject *arg, int what)
3452 {
3453 long v;
3454 int result;
3455
3456 if (!PyArg_Parse(arg, "l", &v))
3457 return -1;
3458 if (v > INT_MAX) {
3459 PyErr_SetString(PyExc_OverflowError, "Option is too long");
3460 return -1;
3461 }
3462
3463 switch(self->protocol) {
3464 case PY_SSL_VERSION_TLS_CLIENT: /* fall through */
3465 case PY_SSL_VERSION_TLS_SERVER: /* fall through */
3466 case PY_SSL_VERSION_TLS:
3467 break;
3468 default:
3469 PyErr_SetString(
3470 PyExc_ValueError,
3471 "The context's protocol doesn't support modification of "
3472 "highest and lowest version."
3473 );
3474 return -1;
3475 }
3476
3477 if (what == 0) {
3478 switch(v) {
3479 case PY_PROTO_MINIMUM_SUPPORTED:
3480 v = 0;
3481 break;
3482 case PY_PROTO_MAXIMUM_SUPPORTED:
3483 /* Emulate max for set_min_proto_version */
3484 v = PY_PROTO_MAXIMUM_AVAILABLE;
3485 break;
3486 default:
3487 break;
3488 }
3489 result = SSL_CTX_set_min_proto_version(self->ctx, v);
3490 }
3491 else {
3492 switch(v) {
3493 case PY_PROTO_MAXIMUM_SUPPORTED:
3494 v = 0;
3495 break;
3496 case PY_PROTO_MINIMUM_SUPPORTED:
3497 /* Emulate max for set_min_proto_version */
3498 v = PY_PROTO_MINIMUM_AVAILABLE;
3499 break;
3500 default:
3501 break;
3502 }
3503 result = SSL_CTX_set_max_proto_version(self->ctx, v);
3504 }
3505 if (result == 0) {
3506 PyErr_Format(PyExc_ValueError,
3507 "Unsupported protocol version 0x%x", v);
3508 return -1;
3509 }
3510 return 0;
3511 }
3512
3513 static PyObject *
get_minimum_version(PySSLContext * self,void * c)3514 get_minimum_version(PySSLContext *self, void *c)
3515 {
3516 int v = SSL_CTX_ctrl(self->ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL);
3517 if (v == 0) {
3518 v = PY_PROTO_MINIMUM_SUPPORTED;
3519 }
3520 return PyLong_FromLong(v);
3521 }
3522
3523 static int
set_minimum_version(PySSLContext * self,PyObject * arg,void * c)3524 set_minimum_version(PySSLContext *self, PyObject *arg, void *c)
3525 {
3526 return set_min_max_proto_version(self, arg, 0);
3527 }
3528
3529 static PyObject *
get_maximum_version(PySSLContext * self,void * c)3530 get_maximum_version(PySSLContext *self, void *c)
3531 {
3532 int v = SSL_CTX_ctrl(self->ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL);
3533 if (v == 0) {
3534 v = PY_PROTO_MAXIMUM_SUPPORTED;
3535 }
3536 return PyLong_FromLong(v);
3537 }
3538
3539 static int
set_maximum_version(PySSLContext * self,PyObject * arg,void * c)3540 set_maximum_version(PySSLContext *self, PyObject *arg, void *c)
3541 {
3542 return set_min_max_proto_version(self, arg, 1);
3543 }
3544 #endif /* SSL_CTRL_GET_MAX_PROTO_VERSION */
3545
3546 static PyObject *
get_options(PySSLContext * self,void * c)3547 get_options(PySSLContext *self, void *c)
3548 {
3549 return PyLong_FromLong(SSL_CTX_get_options(self->ctx));
3550 }
3551
3552 static int
set_options(PySSLContext * self,PyObject * arg,void * c)3553 set_options(PySSLContext *self, PyObject *arg, void *c)
3554 {
3555 long new_opts, opts, set, clear;
3556 if (!PyArg_Parse(arg, "l", &new_opts))
3557 return -1;
3558 opts = SSL_CTX_get_options(self->ctx);
3559 clear = opts & ~new_opts;
3560 set = ~opts & new_opts;
3561 if (clear) {
3562 #ifdef HAVE_SSL_CTX_CLEAR_OPTIONS
3563 SSL_CTX_clear_options(self->ctx, clear);
3564 #else
3565 PyErr_SetString(PyExc_ValueError,
3566 "can't clear options before OpenSSL 0.9.8m");
3567 return -1;
3568 #endif
3569 }
3570 if (set)
3571 SSL_CTX_set_options(self->ctx, set);
3572 return 0;
3573 }
3574
3575 static PyObject *
get_host_flags(PySSLContext * self,void * c)3576 get_host_flags(PySSLContext *self, void *c)
3577 {
3578 return PyLong_FromUnsignedLong(self->hostflags);
3579 }
3580
3581 static int
set_host_flags(PySSLContext * self,PyObject * arg,void * c)3582 set_host_flags(PySSLContext *self, PyObject *arg, void *c)
3583 {
3584 X509_VERIFY_PARAM *param;
3585 unsigned int new_flags = 0;
3586
3587 if (!PyArg_Parse(arg, "I", &new_flags))
3588 return -1;
3589
3590 param = SSL_CTX_get0_param(self->ctx);
3591 self->hostflags = new_flags;
3592 X509_VERIFY_PARAM_set_hostflags(param, new_flags);
3593 return 0;
3594 }
3595
3596 static PyObject *
get_check_hostname(PySSLContext * self,void * c)3597 get_check_hostname(PySSLContext *self, void *c)
3598 {
3599 return PyBool_FromLong(self->check_hostname);
3600 }
3601
3602 static int
set_check_hostname(PySSLContext * self,PyObject * arg,void * c)3603 set_check_hostname(PySSLContext *self, PyObject *arg, void *c)
3604 {
3605 int check_hostname;
3606 if (!PyArg_Parse(arg, "p", &check_hostname))
3607 return -1;
3608 if (check_hostname &&
3609 SSL_CTX_get_verify_mode(self->ctx) == SSL_VERIFY_NONE) {
3610 /* check_hostname = True sets verify_mode = CERT_REQUIRED */
3611 if (_set_verify_mode(self, PY_SSL_CERT_REQUIRED) == -1) {
3612 return -1;
3613 }
3614 }
3615 self->check_hostname = check_hostname;
3616 return 0;
3617 }
3618
3619 static PyObject *
get_post_handshake_auth(PySSLContext * self,void * c)3620 get_post_handshake_auth(PySSLContext *self, void *c) {
3621 #if TLS1_3_VERSION
3622 return PyBool_FromLong(self->post_handshake_auth);
3623 #else
3624 Py_RETURN_NONE;
3625 #endif
3626 }
3627
3628 #if TLS1_3_VERSION
3629 static int
set_post_handshake_auth(PySSLContext * self,PyObject * arg,void * c)3630 set_post_handshake_auth(PySSLContext *self, PyObject *arg, void *c) {
3631 int (*verify_cb)(int, X509_STORE_CTX *) = NULL;
3632 int mode = SSL_CTX_get_verify_mode(self->ctx);
3633 if (arg == NULL) {
3634 PyErr_SetString(PyExc_AttributeError, "cannot delete attribute");
3635 return -1;
3636 }
3637 int pha = PyObject_IsTrue(arg);
3638
3639 if (pha == -1) {
3640 return -1;
3641 }
3642 self->post_handshake_auth = pha;
3643
3644 /* client-side socket setting, ignored by server-side */
3645 SSL_CTX_set_post_handshake_auth(self->ctx, pha);
3646
3647 /* server-side socket setting, ignored by client-side */
3648 verify_cb = SSL_CTX_get_verify_callback(self->ctx);
3649 if (pha) {
3650 mode |= SSL_VERIFY_POST_HANDSHAKE;
3651 } else {
3652 mode ^= SSL_VERIFY_POST_HANDSHAKE;
3653 }
3654 SSL_CTX_set_verify(self->ctx, mode, verify_cb);
3655
3656 return 0;
3657 }
3658 #endif
3659
3660 static PyObject *
get_protocol(PySSLContext * self,void * c)3661 get_protocol(PySSLContext *self, void *c) {
3662 return PyLong_FromLong(self->protocol);
3663 }
3664
3665 typedef struct {
3666 PyThreadState *thread_state;
3667 PyObject *callable;
3668 char *password;
3669 int size;
3670 int error;
3671 } _PySSLPasswordInfo;
3672
3673 static int
_pwinfo_set(_PySSLPasswordInfo * pw_info,PyObject * password,const char * bad_type_error)3674 _pwinfo_set(_PySSLPasswordInfo *pw_info, PyObject* password,
3675 const char *bad_type_error)
3676 {
3677 /* Set the password and size fields of a _PySSLPasswordInfo struct
3678 from a unicode, bytes, or byte array object.
3679 The password field will be dynamically allocated and must be freed
3680 by the caller */
3681 PyObject *password_bytes = NULL;
3682 const char *data = NULL;
3683 Py_ssize_t size;
3684
3685 if (PyUnicode_Check(password)) {
3686 password_bytes = PyUnicode_AsEncodedString(password, NULL, NULL);
3687 if (!password_bytes) {
3688 goto error;
3689 }
3690 data = PyBytes_AS_STRING(password_bytes);
3691 size = PyBytes_GET_SIZE(password_bytes);
3692 } else if (PyBytes_Check(password)) {
3693 data = PyBytes_AS_STRING(password);
3694 size = PyBytes_GET_SIZE(password);
3695 } else if (PyByteArray_Check(password)) {
3696 data = PyByteArray_AS_STRING(password);
3697 size = PyByteArray_GET_SIZE(password);
3698 } else {
3699 PyErr_SetString(PyExc_TypeError, bad_type_error);
3700 goto error;
3701 }
3702
3703 if (size > (Py_ssize_t)INT_MAX) {
3704 PyErr_Format(PyExc_ValueError,
3705 "password cannot be longer than %d bytes", INT_MAX);
3706 goto error;
3707 }
3708
3709 PyMem_Free(pw_info->password);
3710 pw_info->password = PyMem_Malloc(size);
3711 if (!pw_info->password) {
3712 PyErr_SetString(PyExc_MemoryError,
3713 "unable to allocate password buffer");
3714 goto error;
3715 }
3716 memcpy(pw_info->password, data, size);
3717 pw_info->size = (int)size;
3718
3719 Py_XDECREF(password_bytes);
3720 return 1;
3721
3722 error:
3723 Py_XDECREF(password_bytes);
3724 return 0;
3725 }
3726
3727 static int
_password_callback(char * buf,int size,int rwflag,void * userdata)3728 _password_callback(char *buf, int size, int rwflag, void *userdata)
3729 {
3730 _PySSLPasswordInfo *pw_info = (_PySSLPasswordInfo*) userdata;
3731 PyObject *fn_ret = NULL;
3732
3733 PySSL_END_ALLOW_THREADS_S(pw_info->thread_state);
3734
3735 if (pw_info->callable) {
3736 fn_ret = _PyObject_CallNoArg(pw_info->callable);
3737 if (!fn_ret) {
3738 /* TODO: It would be nice to move _ctypes_add_traceback() into the
3739 core python API, so we could use it to add a frame here */
3740 goto error;
3741 }
3742
3743 if (!_pwinfo_set(pw_info, fn_ret,
3744 "password callback must return a string")) {
3745 goto error;
3746 }
3747 Py_CLEAR(fn_ret);
3748 }
3749
3750 if (pw_info->size > size) {
3751 PyErr_Format(PyExc_ValueError,
3752 "password cannot be longer than %d bytes", size);
3753 goto error;
3754 }
3755
3756 PySSL_BEGIN_ALLOW_THREADS_S(pw_info->thread_state);
3757 memcpy(buf, pw_info->password, pw_info->size);
3758 return pw_info->size;
3759
3760 error:
3761 Py_XDECREF(fn_ret);
3762 PySSL_BEGIN_ALLOW_THREADS_S(pw_info->thread_state);
3763 pw_info->error = 1;
3764 return -1;
3765 }
3766
3767 /*[clinic input]
3768 _ssl._SSLContext.load_cert_chain
3769 certfile: object
3770 keyfile: object = NULL
3771 password: object = NULL
3772
3773 [clinic start generated code]*/
3774
3775 static PyObject *
_ssl__SSLContext_load_cert_chain_impl(PySSLContext * self,PyObject * certfile,PyObject * keyfile,PyObject * password)3776 _ssl__SSLContext_load_cert_chain_impl(PySSLContext *self, PyObject *certfile,
3777 PyObject *keyfile, PyObject *password)
3778 /*[clinic end generated code: output=9480bc1c380e2095 input=7cf9ac673cbee6fc]*/
3779 {
3780 PyObject *certfile_bytes = NULL, *keyfile_bytes = NULL;
3781 pem_password_cb *orig_passwd_cb = SSL_CTX_get_default_passwd_cb(self->ctx);
3782 void *orig_passwd_userdata = SSL_CTX_get_default_passwd_cb_userdata(self->ctx);
3783 _PySSLPasswordInfo pw_info = { NULL, NULL, NULL, 0, 0 };
3784 int r;
3785
3786 errno = 0;
3787 ERR_clear_error();
3788 if (keyfile == Py_None)
3789 keyfile = NULL;
3790 if (!PyUnicode_FSConverter(certfile, &certfile_bytes)) {
3791 PyErr_SetString(PyExc_TypeError,
3792 "certfile should be a valid filesystem path");
3793 return NULL;
3794 }
3795 if (keyfile && !PyUnicode_FSConverter(keyfile, &keyfile_bytes)) {
3796 PyErr_SetString(PyExc_TypeError,
3797 "keyfile should be a valid filesystem path");
3798 goto error;
3799 }
3800 if (password && password != Py_None) {
3801 if (PyCallable_Check(password)) {
3802 pw_info.callable = password;
3803 } else if (!_pwinfo_set(&pw_info, password,
3804 "password should be a string or callable")) {
3805 goto error;
3806 }
3807 SSL_CTX_set_default_passwd_cb(self->ctx, _password_callback);
3808 SSL_CTX_set_default_passwd_cb_userdata(self->ctx, &pw_info);
3809 }
3810 PySSL_BEGIN_ALLOW_THREADS_S(pw_info.thread_state);
3811 r = SSL_CTX_use_certificate_chain_file(self->ctx,
3812 PyBytes_AS_STRING(certfile_bytes));
3813 PySSL_END_ALLOW_THREADS_S(pw_info.thread_state);
3814 if (r != 1) {
3815 if (pw_info.error) {
3816 ERR_clear_error();
3817 /* the password callback has already set the error information */
3818 }
3819 else if (errno != 0) {
3820 ERR_clear_error();
3821 PyErr_SetFromErrno(PyExc_OSError);
3822 }
3823 else {
3824 _setSSLError(NULL, 0, __FILE__, __LINE__);
3825 }
3826 goto error;
3827 }
3828 PySSL_BEGIN_ALLOW_THREADS_S(pw_info.thread_state);
3829 r = SSL_CTX_use_PrivateKey_file(self->ctx,
3830 PyBytes_AS_STRING(keyfile ? keyfile_bytes : certfile_bytes),
3831 SSL_FILETYPE_PEM);
3832 PySSL_END_ALLOW_THREADS_S(pw_info.thread_state);
3833 Py_CLEAR(keyfile_bytes);
3834 Py_CLEAR(certfile_bytes);
3835 if (r != 1) {
3836 if (pw_info.error) {
3837 ERR_clear_error();
3838 /* the password callback has already set the error information */
3839 }
3840 else if (errno != 0) {
3841 ERR_clear_error();
3842 PyErr_SetFromErrno(PyExc_OSError);
3843 }
3844 else {
3845 _setSSLError(NULL, 0, __FILE__, __LINE__);
3846 }
3847 goto error;
3848 }
3849 PySSL_BEGIN_ALLOW_THREADS_S(pw_info.thread_state);
3850 r = SSL_CTX_check_private_key(self->ctx);
3851 PySSL_END_ALLOW_THREADS_S(pw_info.thread_state);
3852 if (r != 1) {
3853 _setSSLError(NULL, 0, __FILE__, __LINE__);
3854 goto error;
3855 }
3856 SSL_CTX_set_default_passwd_cb(self->ctx, orig_passwd_cb);
3857 SSL_CTX_set_default_passwd_cb_userdata(self->ctx, orig_passwd_userdata);
3858 PyMem_Free(pw_info.password);
3859 Py_RETURN_NONE;
3860
3861 error:
3862 SSL_CTX_set_default_passwd_cb(self->ctx, orig_passwd_cb);
3863 SSL_CTX_set_default_passwd_cb_userdata(self->ctx, orig_passwd_userdata);
3864 PyMem_Free(pw_info.password);
3865 Py_XDECREF(keyfile_bytes);
3866 Py_XDECREF(certfile_bytes);
3867 return NULL;
3868 }
3869
3870 /* internal helper function, returns -1 on error
3871 */
3872 static int
_add_ca_certs(PySSLContext * self,void * data,Py_ssize_t len,int filetype)3873 _add_ca_certs(PySSLContext *self, void *data, Py_ssize_t len,
3874 int filetype)
3875 {
3876 BIO *biobuf = NULL;
3877 X509_STORE *store;
3878 int retval = 0, err, loaded = 0;
3879
3880 assert(filetype == SSL_FILETYPE_ASN1 || filetype == SSL_FILETYPE_PEM);
3881
3882 if (len <= 0) {
3883 PyErr_SetString(PyExc_ValueError,
3884 "Empty certificate data");
3885 return -1;
3886 } else if (len > INT_MAX) {
3887 PyErr_SetString(PyExc_OverflowError,
3888 "Certificate data is too long.");
3889 return -1;
3890 }
3891
3892 biobuf = BIO_new_mem_buf(data, (int)len);
3893 if (biobuf == NULL) {
3894 _setSSLError("Can't allocate buffer", 0, __FILE__, __LINE__);
3895 return -1;
3896 }
3897
3898 store = SSL_CTX_get_cert_store(self->ctx);
3899 assert(store != NULL);
3900
3901 while (1) {
3902 X509 *cert = NULL;
3903 int r;
3904
3905 if (filetype == SSL_FILETYPE_ASN1) {
3906 cert = d2i_X509_bio(biobuf, NULL);
3907 } else {
3908 cert = PEM_read_bio_X509(biobuf, NULL,
3909 SSL_CTX_get_default_passwd_cb(self->ctx),
3910 SSL_CTX_get_default_passwd_cb_userdata(self->ctx)
3911 );
3912 }
3913 if (cert == NULL) {
3914 break;
3915 }
3916 r = X509_STORE_add_cert(store, cert);
3917 X509_free(cert);
3918 if (!r) {
3919 err = ERR_peek_last_error();
3920 if ((ERR_GET_LIB(err) == ERR_LIB_X509) &&
3921 (ERR_GET_REASON(err) == X509_R_CERT_ALREADY_IN_HASH_TABLE)) {
3922 /* cert already in hash table, not an error */
3923 ERR_clear_error();
3924 } else {
3925 break;
3926 }
3927 }
3928 loaded++;
3929 }
3930
3931 err = ERR_peek_last_error();
3932 if ((filetype == SSL_FILETYPE_ASN1) &&
3933 (loaded > 0) &&
3934 (ERR_GET_LIB(err) == ERR_LIB_ASN1) &&
3935 (ERR_GET_REASON(err) == ASN1_R_HEADER_TOO_LONG)) {
3936 /* EOF ASN1 file, not an error */
3937 ERR_clear_error();
3938 retval = 0;
3939 } else if ((filetype == SSL_FILETYPE_PEM) &&
3940 (loaded > 0) &&
3941 (ERR_GET_LIB(err) == ERR_LIB_PEM) &&
3942 (ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) {
3943 /* EOF PEM file, not an error */
3944 ERR_clear_error();
3945 retval = 0;
3946 } else {
3947 _setSSLError(NULL, 0, __FILE__, __LINE__);
3948 retval = -1;
3949 }
3950
3951 BIO_free(biobuf);
3952 return retval;
3953 }
3954
3955
3956 /*[clinic input]
3957 _ssl._SSLContext.load_verify_locations
3958 cafile: object = NULL
3959 capath: object = NULL
3960 cadata: object = NULL
3961
3962 [clinic start generated code]*/
3963
3964 static PyObject *
_ssl__SSLContext_load_verify_locations_impl(PySSLContext * self,PyObject * cafile,PyObject * capath,PyObject * cadata)3965 _ssl__SSLContext_load_verify_locations_impl(PySSLContext *self,
3966 PyObject *cafile,
3967 PyObject *capath,
3968 PyObject *cadata)
3969 /*[clinic end generated code: output=454c7e41230ca551 input=997f1fb3a784ef88]*/
3970 {
3971 PyObject *cafile_bytes = NULL, *capath_bytes = NULL;
3972 const char *cafile_buf = NULL, *capath_buf = NULL;
3973 int r = 0, ok = 1;
3974
3975 errno = 0;
3976 if (cafile == Py_None)
3977 cafile = NULL;
3978 if (capath == Py_None)
3979 capath = NULL;
3980 if (cadata == Py_None)
3981 cadata = NULL;
3982
3983 if (cafile == NULL && capath == NULL && cadata == NULL) {
3984 PyErr_SetString(PyExc_TypeError,
3985 "cafile, capath and cadata cannot be all omitted");
3986 goto error;
3987 }
3988 if (cafile && !PyUnicode_FSConverter(cafile, &cafile_bytes)) {
3989 PyErr_SetString(PyExc_TypeError,
3990 "cafile should be a valid filesystem path");
3991 goto error;
3992 }
3993 if (capath && !PyUnicode_FSConverter(capath, &capath_bytes)) {
3994 PyErr_SetString(PyExc_TypeError,
3995 "capath should be a valid filesystem path");
3996 goto error;
3997 }
3998
3999 /* validata cadata type and load cadata */
4000 if (cadata) {
4001 Py_buffer buf;
4002 PyObject *cadata_ascii = NULL;
4003
4004 if (PyObject_GetBuffer(cadata, &buf, PyBUF_SIMPLE) == 0) {
4005 if (!PyBuffer_IsContiguous(&buf, 'C') || buf.ndim > 1) {
4006 PyBuffer_Release(&buf);
4007 PyErr_SetString(PyExc_TypeError,
4008 "cadata should be a contiguous buffer with "
4009 "a single dimension");
4010 goto error;
4011 }
4012 r = _add_ca_certs(self, buf.buf, buf.len, SSL_FILETYPE_ASN1);
4013 PyBuffer_Release(&buf);
4014 if (r == -1) {
4015 goto error;
4016 }
4017 } else {
4018 PyErr_Clear();
4019 cadata_ascii = PyUnicode_AsASCIIString(cadata);
4020 if (cadata_ascii == NULL) {
4021 PyErr_SetString(PyExc_TypeError,
4022 "cadata should be an ASCII string or a "
4023 "bytes-like object");
4024 goto error;
4025 }
4026 r = _add_ca_certs(self,
4027 PyBytes_AS_STRING(cadata_ascii),
4028 PyBytes_GET_SIZE(cadata_ascii),
4029 SSL_FILETYPE_PEM);
4030 Py_DECREF(cadata_ascii);
4031 if (r == -1) {
4032 goto error;
4033 }
4034 }
4035 }
4036
4037 /* load cafile or capath */
4038 if (cafile || capath) {
4039 if (cafile)
4040 cafile_buf = PyBytes_AS_STRING(cafile_bytes);
4041 if (capath)
4042 capath_buf = PyBytes_AS_STRING(capath_bytes);
4043 PySSL_BEGIN_ALLOW_THREADS
4044 r = SSL_CTX_load_verify_locations(self->ctx, cafile_buf, capath_buf);
4045 PySSL_END_ALLOW_THREADS
4046 if (r != 1) {
4047 ok = 0;
4048 if (errno != 0) {
4049 ERR_clear_error();
4050 PyErr_SetFromErrno(PyExc_OSError);
4051 }
4052 else {
4053 _setSSLError(NULL, 0, __FILE__, __LINE__);
4054 }
4055 goto error;
4056 }
4057 }
4058 goto end;
4059
4060 error:
4061 ok = 0;
4062 end:
4063 Py_XDECREF(cafile_bytes);
4064 Py_XDECREF(capath_bytes);
4065 if (ok) {
4066 Py_RETURN_NONE;
4067 } else {
4068 return NULL;
4069 }
4070 }
4071
4072 /*[clinic input]
4073 _ssl._SSLContext.load_dh_params
4074 path as filepath: object
4075 /
4076
4077 [clinic start generated code]*/
4078
4079 static PyObject *
_ssl__SSLContext_load_dh_params(PySSLContext * self,PyObject * filepath)4080 _ssl__SSLContext_load_dh_params(PySSLContext *self, PyObject *filepath)
4081 /*[clinic end generated code: output=1c8e57a38e055af0 input=c8871f3c796ae1d6]*/
4082 {
4083 FILE *f;
4084 DH *dh;
4085
4086 f = _Py_fopen_obj(filepath, "rb");
4087 if (f == NULL)
4088 return NULL;
4089
4090 errno = 0;
4091 PySSL_BEGIN_ALLOW_THREADS
4092 dh = PEM_read_DHparams(f, NULL, NULL, NULL);
4093 fclose(f);
4094 PySSL_END_ALLOW_THREADS
4095 if (dh == NULL) {
4096 if (errno != 0) {
4097 ERR_clear_error();
4098 PyErr_SetFromErrnoWithFilenameObject(PyExc_OSError, filepath);
4099 }
4100 else {
4101 _setSSLError(NULL, 0, __FILE__, __LINE__);
4102 }
4103 return NULL;
4104 }
4105 if (SSL_CTX_set_tmp_dh(self->ctx, dh) == 0)
4106 _setSSLError(NULL, 0, __FILE__, __LINE__);
4107 DH_free(dh);
4108 Py_RETURN_NONE;
4109 }
4110
4111 /*[clinic input]
4112 _ssl._SSLContext._wrap_socket
4113 sock: object(subclass_of="PySocketModule.Sock_Type")
4114 server_side: int
4115 server_hostname as hostname_obj: object = None
4116 *
4117 owner: object = None
4118 session: object = None
4119
4120 [clinic start generated code]*/
4121
4122 static PyObject *
_ssl__SSLContext__wrap_socket_impl(PySSLContext * self,PyObject * sock,int server_side,PyObject * hostname_obj,PyObject * owner,PyObject * session)4123 _ssl__SSLContext__wrap_socket_impl(PySSLContext *self, PyObject *sock,
4124 int server_side, PyObject *hostname_obj,
4125 PyObject *owner, PyObject *session)
4126 /*[clinic end generated code: output=f103f238633940b4 input=957d5006183d1894]*/
4127 {
4128 char *hostname = NULL;
4129 PyObject *res;
4130
4131 /* server_hostname is either None (or absent), or to be encoded
4132 as IDN A-label (ASCII str) without NULL bytes. */
4133 if (hostname_obj != Py_None) {
4134 if (!PyArg_Parse(hostname_obj, "es", "ascii", &hostname))
4135 return NULL;
4136 }
4137
4138 res = (PyObject *) newPySSLSocket(self, (PySocketSockObject *)sock,
4139 server_side, hostname,
4140 owner, session,
4141 NULL, NULL);
4142 if (hostname != NULL)
4143 PyMem_Free(hostname);
4144 return res;
4145 }
4146
4147 /*[clinic input]
4148 _ssl._SSLContext._wrap_bio
4149 incoming: object(subclass_of="&PySSLMemoryBIO_Type", type="PySSLMemoryBIO *")
4150 outgoing: object(subclass_of="&PySSLMemoryBIO_Type", type="PySSLMemoryBIO *")
4151 server_side: int
4152 server_hostname as hostname_obj: object = None
4153 *
4154 owner: object = None
4155 session: object = None
4156
4157 [clinic start generated code]*/
4158
4159 static PyObject *
_ssl__SSLContext__wrap_bio_impl(PySSLContext * self,PySSLMemoryBIO * incoming,PySSLMemoryBIO * outgoing,int server_side,PyObject * hostname_obj,PyObject * owner,PyObject * session)4160 _ssl__SSLContext__wrap_bio_impl(PySSLContext *self, PySSLMemoryBIO *incoming,
4161 PySSLMemoryBIO *outgoing, int server_side,
4162 PyObject *hostname_obj, PyObject *owner,
4163 PyObject *session)
4164 /*[clinic end generated code: output=5c5d6d9b41f99332 input=8cf22f4d586ac56a]*/
4165 {
4166 char *hostname = NULL;
4167 PyObject *res;
4168
4169 /* server_hostname is either None (or absent), or to be encoded
4170 as IDN A-label (ASCII str) without NULL bytes. */
4171 if (hostname_obj != Py_None) {
4172 if (!PyArg_Parse(hostname_obj, "es", "ascii", &hostname))
4173 return NULL;
4174 }
4175
4176 res = (PyObject *) newPySSLSocket(self, NULL, server_side, hostname,
4177 owner, session,
4178 incoming, outgoing);
4179
4180 PyMem_Free(hostname);
4181 return res;
4182 }
4183
4184 /*[clinic input]
4185 _ssl._SSLContext.session_stats
4186 [clinic start generated code]*/
4187
4188 static PyObject *
_ssl__SSLContext_session_stats_impl(PySSLContext * self)4189 _ssl__SSLContext_session_stats_impl(PySSLContext *self)
4190 /*[clinic end generated code: output=0d96411c42893bfb input=7e0a81fb11102c8b]*/
4191 {
4192 int r;
4193 PyObject *value, *stats = PyDict_New();
4194 if (!stats)
4195 return NULL;
4196
4197 #define ADD_STATS(SSL_NAME, KEY_NAME) \
4198 value = PyLong_FromLong(SSL_CTX_sess_ ## SSL_NAME (self->ctx)); \
4199 if (value == NULL) \
4200 goto error; \
4201 r = PyDict_SetItemString(stats, KEY_NAME, value); \
4202 Py_DECREF(value); \
4203 if (r < 0) \
4204 goto error;
4205
4206 ADD_STATS(number, "number");
4207 ADD_STATS(connect, "connect");
4208 ADD_STATS(connect_good, "connect_good");
4209 ADD_STATS(connect_renegotiate, "connect_renegotiate");
4210 ADD_STATS(accept, "accept");
4211 ADD_STATS(accept_good, "accept_good");
4212 ADD_STATS(accept_renegotiate, "accept_renegotiate");
4213 ADD_STATS(accept, "accept");
4214 ADD_STATS(hits, "hits");
4215 ADD_STATS(misses, "misses");
4216 ADD_STATS(timeouts, "timeouts");
4217 ADD_STATS(cache_full, "cache_full");
4218
4219 #undef ADD_STATS
4220
4221 return stats;
4222
4223 error:
4224 Py_DECREF(stats);
4225 return NULL;
4226 }
4227
4228 /*[clinic input]
4229 _ssl._SSLContext.set_default_verify_paths
4230 [clinic start generated code]*/
4231
4232 static PyObject *
_ssl__SSLContext_set_default_verify_paths_impl(PySSLContext * self)4233 _ssl__SSLContext_set_default_verify_paths_impl(PySSLContext *self)
4234 /*[clinic end generated code: output=0bee74e6e09deaaa input=35f3408021463d74]*/
4235 {
4236 if (!SSL_CTX_set_default_verify_paths(self->ctx)) {
4237 _setSSLError(NULL, 0, __FILE__, __LINE__);
4238 return NULL;
4239 }
4240 Py_RETURN_NONE;
4241 }
4242
4243 #ifndef OPENSSL_NO_ECDH
4244 /*[clinic input]
4245 _ssl._SSLContext.set_ecdh_curve
4246 name: object
4247 /
4248
4249 [clinic start generated code]*/
4250
4251 static PyObject *
_ssl__SSLContext_set_ecdh_curve(PySSLContext * self,PyObject * name)4252 _ssl__SSLContext_set_ecdh_curve(PySSLContext *self, PyObject *name)
4253 /*[clinic end generated code: output=23022c196e40d7d2 input=c2bafb6f6e34726b]*/
4254 {
4255 PyObject *name_bytes;
4256 int nid;
4257 EC_KEY *key;
4258
4259 if (!PyUnicode_FSConverter(name, &name_bytes))
4260 return NULL;
4261 assert(PyBytes_Check(name_bytes));
4262 nid = OBJ_sn2nid(PyBytes_AS_STRING(name_bytes));
4263 Py_DECREF(name_bytes);
4264 if (nid == 0) {
4265 PyErr_Format(PyExc_ValueError,
4266 "unknown elliptic curve name %R", name);
4267 return NULL;
4268 }
4269 key = EC_KEY_new_by_curve_name(nid);
4270 if (key == NULL) {
4271 _setSSLError(NULL, 0, __FILE__, __LINE__);
4272 return NULL;
4273 }
4274 SSL_CTX_set_tmp_ecdh(self->ctx, key);
4275 EC_KEY_free(key);
4276 Py_RETURN_NONE;
4277 }
4278 #endif
4279
4280 #if HAVE_SNI && !defined(OPENSSL_NO_TLSEXT)
4281 static int
_servername_callback(SSL * s,int * al,void * args)4282 _servername_callback(SSL *s, int *al, void *args)
4283 {
4284 int ret;
4285 PySSLContext *ssl_ctx = (PySSLContext *) args;
4286 PySSLSocket *ssl;
4287 PyObject *result;
4288 /* The high-level ssl.SSLSocket object */
4289 PyObject *ssl_socket;
4290 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
4291 PyGILState_STATE gstate = PyGILState_Ensure();
4292
4293 if (ssl_ctx->set_sni_cb == NULL) {
4294 /* remove race condition in this the call back while if removing the
4295 * callback is in progress */
4296 PyGILState_Release(gstate);
4297 return SSL_TLSEXT_ERR_OK;
4298 }
4299
4300 ssl = SSL_get_app_data(s);
4301 assert(PySSLSocket_Check(ssl));
4302
4303 /* The servername callback expects an argument that represents the current
4304 * SSL connection and that has a .context attribute that can be changed to
4305 * identify the requested hostname. Since the official API is the Python
4306 * level API we want to pass the callback a Python level object rather than
4307 * a _ssl.SSLSocket instance. If there's an "owner" (typically an
4308 * SSLObject) that will be passed. Otherwise if there's a socket then that
4309 * will be passed. If both do not exist only then the C-level object is
4310 * passed. */
4311 if (ssl->owner)
4312 ssl_socket = PyWeakref_GetObject(ssl->owner);
4313 else if (ssl->Socket)
4314 ssl_socket = PyWeakref_GetObject(ssl->Socket);
4315 else
4316 ssl_socket = (PyObject *) ssl;
4317
4318 Py_INCREF(ssl_socket);
4319 if (ssl_socket == Py_None)
4320 goto error;
4321
4322 if (servername == NULL) {
4323 result = PyObject_CallFunctionObjArgs(ssl_ctx->set_sni_cb, ssl_socket,
4324 Py_None, ssl_ctx, NULL);
4325 }
4326 else {
4327 PyObject *servername_bytes;
4328 PyObject *servername_str;
4329
4330 servername_bytes = PyBytes_FromString(servername);
4331 if (servername_bytes == NULL) {
4332 PyErr_WriteUnraisable((PyObject *) ssl_ctx);
4333 goto error;
4334 }
4335 /* server_hostname was encoded to an A-label by our caller; put it
4336 * back into a str object, but still as an A-label (bpo-28414)
4337 */
4338 servername_str = PyUnicode_FromEncodedObject(servername_bytes, "ascii", NULL);
4339 Py_DECREF(servername_bytes);
4340 if (servername_str == NULL) {
4341 PyErr_WriteUnraisable(servername_bytes);
4342 goto error;
4343 }
4344 result = PyObject_CallFunctionObjArgs(
4345 ssl_ctx->set_sni_cb, ssl_socket, servername_str,
4346 ssl_ctx, NULL);
4347 Py_DECREF(servername_str);
4348 }
4349 Py_DECREF(ssl_socket);
4350
4351 if (result == NULL) {
4352 PyErr_WriteUnraisable(ssl_ctx->set_sni_cb);
4353 *al = SSL_AD_HANDSHAKE_FAILURE;
4354 ret = SSL_TLSEXT_ERR_ALERT_FATAL;
4355 }
4356 else {
4357 /* Result may be None, a SSLContext or an integer
4358 * None and SSLContext are OK, integer or other values are an error.
4359 */
4360 if (result == Py_None) {
4361 ret = SSL_TLSEXT_ERR_OK;
4362 } else {
4363 *al = (int) PyLong_AsLong(result);
4364 if (PyErr_Occurred()) {
4365 PyErr_WriteUnraisable(result);
4366 *al = SSL_AD_INTERNAL_ERROR;
4367 }
4368 ret = SSL_TLSEXT_ERR_ALERT_FATAL;
4369 }
4370 Py_DECREF(result);
4371 }
4372
4373 PyGILState_Release(gstate);
4374 return ret;
4375
4376 error:
4377 Py_DECREF(ssl_socket);
4378 *al = SSL_AD_INTERNAL_ERROR;
4379 ret = SSL_TLSEXT_ERR_ALERT_FATAL;
4380 PyGILState_Release(gstate);
4381 return ret;
4382 }
4383 #endif
4384
4385 static PyObject *
get_sni_callback(PySSLContext * self,void * c)4386 get_sni_callback(PySSLContext *self, void *c)
4387 {
4388 PyObject *cb = self->set_sni_cb;
4389 if (cb == NULL) {
4390 Py_RETURN_NONE;
4391 }
4392 Py_INCREF(cb);
4393 return cb;
4394 }
4395
4396 static int
set_sni_callback(PySSLContext * self,PyObject * arg,void * c)4397 set_sni_callback(PySSLContext *self, PyObject *arg, void *c)
4398 {
4399 if (self->protocol == PY_SSL_VERSION_TLS_CLIENT) {
4400 PyErr_SetString(PyExc_ValueError,
4401 "sni_callback cannot be set on TLS_CLIENT context");
4402 return -1;
4403 }
4404 #if HAVE_SNI && !defined(OPENSSL_NO_TLSEXT)
4405 Py_CLEAR(self->set_sni_cb);
4406 if (arg == Py_None) {
4407 SSL_CTX_set_tlsext_servername_callback(self->ctx, NULL);
4408 }
4409 else {
4410 if (!PyCallable_Check(arg)) {
4411 SSL_CTX_set_tlsext_servername_callback(self->ctx, NULL);
4412 PyErr_SetString(PyExc_TypeError,
4413 "not a callable object");
4414 return -1;
4415 }
4416 Py_INCREF(arg);
4417 self->set_sni_cb = arg;
4418 SSL_CTX_set_tlsext_servername_callback(self->ctx, _servername_callback);
4419 SSL_CTX_set_tlsext_servername_arg(self->ctx, self);
4420 }
4421 return 0;
4422 #else
4423 PyErr_SetString(PyExc_NotImplementedError,
4424 "The TLS extension servername callback, "
4425 "SSL_CTX_set_tlsext_servername_callback, "
4426 "is not in the current OpenSSL library.");
4427 return -1;
4428 #endif
4429 }
4430
4431 PyDoc_STRVAR(PySSLContext_sni_callback_doc,
4432 "Set a callback that will be called when a server name is provided by the SSL/TLS client in the SNI extension.\n\
4433 \n\
4434 If the argument is None then the callback is disabled. The method is called\n\
4435 with the SSLSocket, the server name as a string, and the SSLContext object.\n\
4436 See RFC 6066 for details of the SNI extension.");
4437
4438 /*[clinic input]
4439 _ssl._SSLContext.cert_store_stats
4440
4441 Returns quantities of loaded X.509 certificates.
4442
4443 X.509 certificates with a CA extension and certificate revocation lists
4444 inside the context's cert store.
4445
4446 NOTE: Certificates in a capath directory aren't loaded unless they have
4447 been used at least once.
4448 [clinic start generated code]*/
4449
4450 static PyObject *
_ssl__SSLContext_cert_store_stats_impl(PySSLContext * self)4451 _ssl__SSLContext_cert_store_stats_impl(PySSLContext *self)
4452 /*[clinic end generated code: output=5f356f4d9cca874d input=eb40dd0f6d0e40cf]*/
4453 {
4454 X509_STORE *store;
4455 STACK_OF(X509_OBJECT) *objs;
4456 X509_OBJECT *obj;
4457 int x509 = 0, crl = 0, ca = 0, i;
4458
4459 store = SSL_CTX_get_cert_store(self->ctx);
4460 objs = X509_STORE_get0_objects(store);
4461 for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
4462 obj = sk_X509_OBJECT_value(objs, i);
4463 switch (X509_OBJECT_get_type(obj)) {
4464 case X509_LU_X509:
4465 x509++;
4466 if (X509_check_ca(X509_OBJECT_get0_X509(obj))) {
4467 ca++;
4468 }
4469 break;
4470 case X509_LU_CRL:
4471 crl++;
4472 break;
4473 default:
4474 /* Ignore X509_LU_FAIL, X509_LU_RETRY, X509_LU_PKEY.
4475 * As far as I can tell they are internal states and never
4476 * stored in a cert store */
4477 break;
4478 }
4479 }
4480 return Py_BuildValue("{sisisi}", "x509", x509, "crl", crl,
4481 "x509_ca", ca);
4482 }
4483
4484 /*[clinic input]
4485 _ssl._SSLContext.get_ca_certs
4486 binary_form: bool = False
4487
4488 Returns a list of dicts with information of loaded CA certs.
4489
4490 If the optional argument is True, returns a DER-encoded copy of the CA
4491 certificate.
4492
4493 NOTE: Certificates in a capath directory aren't loaded unless they have
4494 been used at least once.
4495 [clinic start generated code]*/
4496
4497 static PyObject *
_ssl__SSLContext_get_ca_certs_impl(PySSLContext * self,int binary_form)4498 _ssl__SSLContext_get_ca_certs_impl(PySSLContext *self, int binary_form)
4499 /*[clinic end generated code: output=0d58f148f37e2938 input=6887b5a09b7f9076]*/
4500 {
4501 X509_STORE *store;
4502 STACK_OF(X509_OBJECT) *objs;
4503 PyObject *ci = NULL, *rlist = NULL;
4504 int i;
4505
4506 if ((rlist = PyList_New(0)) == NULL) {
4507 return NULL;
4508 }
4509
4510 store = SSL_CTX_get_cert_store(self->ctx);
4511 objs = X509_STORE_get0_objects(store);
4512 for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
4513 X509_OBJECT *obj;
4514 X509 *cert;
4515
4516 obj = sk_X509_OBJECT_value(objs, i);
4517 if (X509_OBJECT_get_type(obj) != X509_LU_X509) {
4518 /* not a x509 cert */
4519 continue;
4520 }
4521 /* CA for any purpose */
4522 cert = X509_OBJECT_get0_X509(obj);
4523 if (!X509_check_ca(cert)) {
4524 continue;
4525 }
4526 if (binary_form) {
4527 ci = _certificate_to_der(cert);
4528 } else {
4529 ci = _decode_certificate(cert);
4530 }
4531 if (ci == NULL) {
4532 goto error;
4533 }
4534 if (PyList_Append(rlist, ci) == -1) {
4535 goto error;
4536 }
4537 Py_CLEAR(ci);
4538 }
4539 return rlist;
4540
4541 error:
4542 Py_XDECREF(ci);
4543 Py_XDECREF(rlist);
4544 return NULL;
4545 }
4546
4547
4548 static PyGetSetDef context_getsetlist[] = {
4549 {"check_hostname", (getter) get_check_hostname,
4550 (setter) set_check_hostname, NULL},
4551 {"_host_flags", (getter) get_host_flags,
4552 (setter) set_host_flags, NULL},
4553 #if SSL_CTRL_GET_MAX_PROTO_VERSION
4554 {"minimum_version", (getter) get_minimum_version,
4555 (setter) set_minimum_version, NULL},
4556 {"maximum_version", (getter) get_maximum_version,
4557 (setter) set_maximum_version, NULL},
4558 #endif
4559 {"sni_callback", (getter) get_sni_callback,
4560 (setter) set_sni_callback, PySSLContext_sni_callback_doc},
4561 {"options", (getter) get_options,
4562 (setter) set_options, NULL},
4563 {"post_handshake_auth", (getter) get_post_handshake_auth,
4564 #ifdef TLS1_3_VERSION
4565 (setter) set_post_handshake_auth,
4566 #else
4567 NULL,
4568 #endif
4569 NULL},
4570 {"protocol", (getter) get_protocol,
4571 NULL, NULL},
4572 {"verify_flags", (getter) get_verify_flags,
4573 (setter) set_verify_flags, NULL},
4574 {"verify_mode", (getter) get_verify_mode,
4575 (setter) set_verify_mode, NULL},
4576 {NULL}, /* sentinel */
4577 };
4578
4579 static struct PyMethodDef context_methods[] = {
4580 _SSL__SSLCONTEXT__WRAP_SOCKET_METHODDEF
4581 _SSL__SSLCONTEXT__WRAP_BIO_METHODDEF
4582 _SSL__SSLCONTEXT_SET_CIPHERS_METHODDEF
4583 _SSL__SSLCONTEXT__SET_ALPN_PROTOCOLS_METHODDEF
4584 _SSL__SSLCONTEXT__SET_NPN_PROTOCOLS_METHODDEF
4585 _SSL__SSLCONTEXT_LOAD_CERT_CHAIN_METHODDEF
4586 _SSL__SSLCONTEXT_LOAD_DH_PARAMS_METHODDEF
4587 _SSL__SSLCONTEXT_LOAD_VERIFY_LOCATIONS_METHODDEF
4588 _SSL__SSLCONTEXT_SESSION_STATS_METHODDEF
4589 _SSL__SSLCONTEXT_SET_DEFAULT_VERIFY_PATHS_METHODDEF
4590 _SSL__SSLCONTEXT_SET_ECDH_CURVE_METHODDEF
4591 _SSL__SSLCONTEXT_CERT_STORE_STATS_METHODDEF
4592 _SSL__SSLCONTEXT_GET_CA_CERTS_METHODDEF
4593 _SSL__SSLCONTEXT_GET_CIPHERS_METHODDEF
4594 {NULL, NULL} /* sentinel */
4595 };
4596
4597 static PyTypeObject PySSLContext_Type = {
4598 PyVarObject_HEAD_INIT(NULL, 0)
4599 "_ssl._SSLContext", /*tp_name*/
4600 sizeof(PySSLContext), /*tp_basicsize*/
4601 0, /*tp_itemsize*/
4602 (destructor)context_dealloc, /*tp_dealloc*/
4603 0, /*tp_print*/
4604 0, /*tp_getattr*/
4605 0, /*tp_setattr*/
4606 0, /*tp_reserved*/
4607 0, /*tp_repr*/
4608 0, /*tp_as_number*/
4609 0, /*tp_as_sequence*/
4610 0, /*tp_as_mapping*/
4611 0, /*tp_hash*/
4612 0, /*tp_call*/
4613 0, /*tp_str*/
4614 0, /*tp_getattro*/
4615 0, /*tp_setattro*/
4616 0, /*tp_as_buffer*/
4617 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_HAVE_GC, /*tp_flags*/
4618 0, /*tp_doc*/
4619 (traverseproc) context_traverse, /*tp_traverse*/
4620 (inquiry) context_clear, /*tp_clear*/
4621 0, /*tp_richcompare*/
4622 0, /*tp_weaklistoffset*/
4623 0, /*tp_iter*/
4624 0, /*tp_iternext*/
4625 context_methods, /*tp_methods*/
4626 0, /*tp_members*/
4627 context_getsetlist, /*tp_getset*/
4628 0, /*tp_base*/
4629 0, /*tp_dict*/
4630 0, /*tp_descr_get*/
4631 0, /*tp_descr_set*/
4632 0, /*tp_dictoffset*/
4633 0, /*tp_init*/
4634 0, /*tp_alloc*/
4635 _ssl__SSLContext, /*tp_new*/
4636 };
4637
4638
4639 /*
4640 * MemoryBIO objects
4641 */
4642
4643 /*[clinic input]
4644 @classmethod
4645 _ssl.MemoryBIO.__new__
4646
4647 [clinic start generated code]*/
4648
4649 static PyObject *
_ssl_MemoryBIO_impl(PyTypeObject * type)4650 _ssl_MemoryBIO_impl(PyTypeObject *type)
4651 /*[clinic end generated code: output=8820a58db78330ac input=26d22e4909ecb1b5]*/
4652 {
4653 BIO *bio;
4654 PySSLMemoryBIO *self;
4655
4656 bio = BIO_new(BIO_s_mem());
4657 if (bio == NULL) {
4658 PyErr_SetString(PySSLErrorObject,
4659 "failed to allocate BIO");
4660 return NULL;
4661 }
4662 /* Since our BIO is non-blocking an empty read() does not indicate EOF,
4663 * just that no data is currently available. The SSL routines should retry
4664 * the read, which we can achieve by calling BIO_set_retry_read(). */
4665 BIO_set_retry_read(bio);
4666 BIO_set_mem_eof_return(bio, -1);
4667
4668 assert(type != NULL && type->tp_alloc != NULL);
4669 self = (PySSLMemoryBIO *) type->tp_alloc(type, 0);
4670 if (self == NULL) {
4671 BIO_free(bio);
4672 return NULL;
4673 }
4674 self->bio = bio;
4675 self->eof_written = 0;
4676
4677 return (PyObject *) self;
4678 }
4679
4680 static void
memory_bio_dealloc(PySSLMemoryBIO * self)4681 memory_bio_dealloc(PySSLMemoryBIO *self)
4682 {
4683 BIO_free(self->bio);
4684 Py_TYPE(self)->tp_free(self);
4685 }
4686
4687 static PyObject *
memory_bio_get_pending(PySSLMemoryBIO * self,void * c)4688 memory_bio_get_pending(PySSLMemoryBIO *self, void *c)
4689 {
4690 return PyLong_FromSize_t(BIO_ctrl_pending(self->bio));
4691 }
4692
4693 PyDoc_STRVAR(PySSL_memory_bio_pending_doc,
4694 "The number of bytes pending in the memory BIO.");
4695
4696 static PyObject *
memory_bio_get_eof(PySSLMemoryBIO * self,void * c)4697 memory_bio_get_eof(PySSLMemoryBIO *self, void *c)
4698 {
4699 return PyBool_FromLong((BIO_ctrl_pending(self->bio) == 0)
4700 && self->eof_written);
4701 }
4702
4703 PyDoc_STRVAR(PySSL_memory_bio_eof_doc,
4704 "Whether the memory BIO is at EOF.");
4705
4706 /*[clinic input]
4707 _ssl.MemoryBIO.read
4708 size as len: int = -1
4709 /
4710
4711 Read up to size bytes from the memory BIO.
4712
4713 If size is not specified, read the entire buffer.
4714 If the return value is an empty bytes instance, this means either
4715 EOF or that no data is available. Use the "eof" property to
4716 distinguish between the two.
4717 [clinic start generated code]*/
4718
4719 static PyObject *
_ssl_MemoryBIO_read_impl(PySSLMemoryBIO * self,int len)4720 _ssl_MemoryBIO_read_impl(PySSLMemoryBIO *self, int len)
4721 /*[clinic end generated code: output=a657aa1e79cd01b3 input=574d7be06a902366]*/
4722 {
4723 int avail, nbytes;
4724 PyObject *result;
4725
4726 avail = (int)Py_MIN(BIO_ctrl_pending(self->bio), INT_MAX);
4727 if ((len < 0) || (len > avail))
4728 len = avail;
4729
4730 result = PyBytes_FromStringAndSize(NULL, len);
4731 if ((result == NULL) || (len == 0))
4732 return result;
4733
4734 nbytes = BIO_read(self->bio, PyBytes_AS_STRING(result), len);
4735 if (nbytes < 0) {
4736 Py_DECREF(result);
4737 _setSSLError(NULL, 0, __FILE__, __LINE__);
4738 return NULL;
4739 }
4740
4741 /* There should never be any short reads but check anyway. */
4742 if (nbytes < len) {
4743 _PyBytes_Resize(&result, nbytes);
4744 }
4745
4746 return result;
4747 }
4748
4749 /*[clinic input]
4750 _ssl.MemoryBIO.write
4751 b: Py_buffer
4752 /
4753
4754 Writes the bytes b into the memory BIO.
4755
4756 Returns the number of bytes written.
4757 [clinic start generated code]*/
4758
4759 static PyObject *
_ssl_MemoryBIO_write_impl(PySSLMemoryBIO * self,Py_buffer * b)4760 _ssl_MemoryBIO_write_impl(PySSLMemoryBIO *self, Py_buffer *b)
4761 /*[clinic end generated code: output=156ec59110d75935 input=e45757b3e17c4808]*/
4762 {
4763 int nbytes;
4764
4765 if (b->len > INT_MAX) {
4766 PyErr_Format(PyExc_OverflowError,
4767 "string longer than %d bytes", INT_MAX);
4768 return NULL;
4769 }
4770
4771 if (self->eof_written) {
4772 PyErr_SetString(PySSLErrorObject,
4773 "cannot write() after write_eof()");
4774 return NULL;
4775 }
4776
4777 nbytes = BIO_write(self->bio, b->buf, (int)b->len);
4778 if (nbytes < 0) {
4779 _setSSLError(NULL, 0, __FILE__, __LINE__);
4780 return NULL;
4781 }
4782
4783 return PyLong_FromLong(nbytes);
4784 }
4785
4786 /*[clinic input]
4787 _ssl.MemoryBIO.write_eof
4788
4789 Write an EOF marker to the memory BIO.
4790
4791 When all data has been read, the "eof" property will be True.
4792 [clinic start generated code]*/
4793
4794 static PyObject *
_ssl_MemoryBIO_write_eof_impl(PySSLMemoryBIO * self)4795 _ssl_MemoryBIO_write_eof_impl(PySSLMemoryBIO *self)
4796 /*[clinic end generated code: output=d4106276ccd1ed34 input=56a945f1d29e8bd6]*/
4797 {
4798 self->eof_written = 1;
4799 /* After an EOF is written, a zero return from read() should be a real EOF
4800 * i.e. it should not be retried. Clear the SHOULD_RETRY flag. */
4801 BIO_clear_retry_flags(self->bio);
4802 BIO_set_mem_eof_return(self->bio, 0);
4803
4804 Py_RETURN_NONE;
4805 }
4806
4807 static PyGetSetDef memory_bio_getsetlist[] = {
4808 {"pending", (getter) memory_bio_get_pending, NULL,
4809 PySSL_memory_bio_pending_doc},
4810 {"eof", (getter) memory_bio_get_eof, NULL,
4811 PySSL_memory_bio_eof_doc},
4812 {NULL}, /* sentinel */
4813 };
4814
4815 static struct PyMethodDef memory_bio_methods[] = {
4816 _SSL_MEMORYBIO_READ_METHODDEF
4817 _SSL_MEMORYBIO_WRITE_METHODDEF
4818 _SSL_MEMORYBIO_WRITE_EOF_METHODDEF
4819 {NULL, NULL} /* sentinel */
4820 };
4821
4822 static PyTypeObject PySSLMemoryBIO_Type = {
4823 PyVarObject_HEAD_INIT(NULL, 0)
4824 "_ssl.MemoryBIO", /*tp_name*/
4825 sizeof(PySSLMemoryBIO), /*tp_basicsize*/
4826 0, /*tp_itemsize*/
4827 (destructor)memory_bio_dealloc, /*tp_dealloc*/
4828 0, /*tp_print*/
4829 0, /*tp_getattr*/
4830 0, /*tp_setattr*/
4831 0, /*tp_reserved*/
4832 0, /*tp_repr*/
4833 0, /*tp_as_number*/
4834 0, /*tp_as_sequence*/
4835 0, /*tp_as_mapping*/
4836 0, /*tp_hash*/
4837 0, /*tp_call*/
4838 0, /*tp_str*/
4839 0, /*tp_getattro*/
4840 0, /*tp_setattro*/
4841 0, /*tp_as_buffer*/
4842 Py_TPFLAGS_DEFAULT, /*tp_flags*/
4843 0, /*tp_doc*/
4844 0, /*tp_traverse*/
4845 0, /*tp_clear*/
4846 0, /*tp_richcompare*/
4847 0, /*tp_weaklistoffset*/
4848 0, /*tp_iter*/
4849 0, /*tp_iternext*/
4850 memory_bio_methods, /*tp_methods*/
4851 0, /*tp_members*/
4852 memory_bio_getsetlist, /*tp_getset*/
4853 0, /*tp_base*/
4854 0, /*tp_dict*/
4855 0, /*tp_descr_get*/
4856 0, /*tp_descr_set*/
4857 0, /*tp_dictoffset*/
4858 0, /*tp_init*/
4859 0, /*tp_alloc*/
4860 _ssl_MemoryBIO, /*tp_new*/
4861 };
4862
4863
4864 /*
4865 * SSL Session object
4866 */
4867
4868 static void
PySSLSession_dealloc(PySSLSession * self)4869 PySSLSession_dealloc(PySSLSession *self)
4870 {
4871 /* bpo-31095: UnTrack is needed before calling any callbacks */
4872 PyObject_GC_UnTrack(self);
4873 Py_XDECREF(self->ctx);
4874 if (self->session != NULL) {
4875 SSL_SESSION_free(self->session);
4876 }
4877 PyObject_GC_Del(self);
4878 }
4879
4880 static PyObject *
PySSLSession_richcompare(PyObject * left,PyObject * right,int op)4881 PySSLSession_richcompare(PyObject *left, PyObject *right, int op)
4882 {
4883 int result;
4884
4885 if (left == NULL || right == NULL) {
4886 PyErr_BadInternalCall();
4887 return NULL;
4888 }
4889
4890 if (!PySSLSession_Check(left) || !PySSLSession_Check(right)) {
4891 Py_RETURN_NOTIMPLEMENTED;
4892 }
4893
4894 if (left == right) {
4895 result = 0;
4896 } else {
4897 const unsigned char *left_id, *right_id;
4898 unsigned int left_len, right_len;
4899 left_id = SSL_SESSION_get_id(((PySSLSession *)left)->session,
4900 &left_len);
4901 right_id = SSL_SESSION_get_id(((PySSLSession *)right)->session,
4902 &right_len);
4903 if (left_len == right_len) {
4904 result = memcmp(left_id, right_id, left_len);
4905 } else {
4906 result = 1;
4907 }
4908 }
4909
4910 switch (op) {
4911 case Py_EQ:
4912 if (result == 0) {
4913 Py_RETURN_TRUE;
4914 } else {
4915 Py_RETURN_FALSE;
4916 }
4917 break;
4918 case Py_NE:
4919 if (result != 0) {
4920 Py_RETURN_TRUE;
4921 } else {
4922 Py_RETURN_FALSE;
4923 }
4924 break;
4925 case Py_LT:
4926 case Py_LE:
4927 case Py_GT:
4928 case Py_GE:
4929 Py_RETURN_NOTIMPLEMENTED;
4930 break;
4931 default:
4932 PyErr_BadArgument();
4933 return NULL;
4934 }
4935 }
4936
4937 static int
PySSLSession_traverse(PySSLSession * self,visitproc visit,void * arg)4938 PySSLSession_traverse(PySSLSession *self, visitproc visit, void *arg)
4939 {
4940 Py_VISIT(self->ctx);
4941 return 0;
4942 }
4943
4944 static int
PySSLSession_clear(PySSLSession * self)4945 PySSLSession_clear(PySSLSession *self)
4946 {
4947 Py_CLEAR(self->ctx);
4948 return 0;
4949 }
4950
4951
4952 static PyObject *
PySSLSession_get_time(PySSLSession * self,void * closure)4953 PySSLSession_get_time(PySSLSession *self, void *closure) {
4954 return PyLong_FromLong(SSL_SESSION_get_time(self->session));
4955 }
4956
4957 PyDoc_STRVAR(PySSLSession_get_time_doc,
4958 "Session creation time (seconds since epoch).");
4959
4960
4961 static PyObject *
PySSLSession_get_timeout(PySSLSession * self,void * closure)4962 PySSLSession_get_timeout(PySSLSession *self, void *closure) {
4963 return PyLong_FromLong(SSL_SESSION_get_timeout(self->session));
4964 }
4965
4966 PyDoc_STRVAR(PySSLSession_get_timeout_doc,
4967 "Session timeout (delta in seconds).");
4968
4969
4970 static PyObject *
PySSLSession_get_ticket_lifetime_hint(PySSLSession * self,void * closure)4971 PySSLSession_get_ticket_lifetime_hint(PySSLSession *self, void *closure) {
4972 unsigned long hint = SSL_SESSION_get_ticket_lifetime_hint(self->session);
4973 return PyLong_FromUnsignedLong(hint);
4974 }
4975
4976 PyDoc_STRVAR(PySSLSession_get_ticket_lifetime_hint_doc,
4977 "Ticket life time hint.");
4978
4979
4980 static PyObject *
PySSLSession_get_session_id(PySSLSession * self,void * closure)4981 PySSLSession_get_session_id(PySSLSession *self, void *closure) {
4982 const unsigned char *id;
4983 unsigned int len;
4984 id = SSL_SESSION_get_id(self->session, &len);
4985 return PyBytes_FromStringAndSize((const char *)id, len);
4986 }
4987
4988 PyDoc_STRVAR(PySSLSession_get_session_id_doc,
4989 "Session id");
4990
4991
4992 static PyObject *
PySSLSession_get_has_ticket(PySSLSession * self,void * closure)4993 PySSLSession_get_has_ticket(PySSLSession *self, void *closure) {
4994 if (SSL_SESSION_has_ticket(self->session)) {
4995 Py_RETURN_TRUE;
4996 } else {
4997 Py_RETURN_FALSE;
4998 }
4999 }
5000
5001 PyDoc_STRVAR(PySSLSession_get_has_ticket_doc,
5002 "Does the session contain a ticket?");
5003
5004
5005 static PyGetSetDef PySSLSession_getsetlist[] = {
5006 {"has_ticket", (getter) PySSLSession_get_has_ticket, NULL,
5007 PySSLSession_get_has_ticket_doc},
5008 {"id", (getter) PySSLSession_get_session_id, NULL,
5009 PySSLSession_get_session_id_doc},
5010 {"ticket_lifetime_hint", (getter) PySSLSession_get_ticket_lifetime_hint,
5011 NULL, PySSLSession_get_ticket_lifetime_hint_doc},
5012 {"time", (getter) PySSLSession_get_time, NULL,
5013 PySSLSession_get_time_doc},
5014 {"timeout", (getter) PySSLSession_get_timeout, NULL,
5015 PySSLSession_get_timeout_doc},
5016 {NULL}, /* sentinel */
5017 };
5018
5019 static PyTypeObject PySSLSession_Type = {
5020 PyVarObject_HEAD_INIT(NULL, 0)
5021 "_ssl.Session", /*tp_name*/
5022 sizeof(PySSLSession), /*tp_basicsize*/
5023 0, /*tp_itemsize*/
5024 (destructor)PySSLSession_dealloc, /*tp_dealloc*/
5025 0, /*tp_print*/
5026 0, /*tp_getattr*/
5027 0, /*tp_setattr*/
5028 0, /*tp_reserved*/
5029 0, /*tp_repr*/
5030 0, /*tp_as_number*/
5031 0, /*tp_as_sequence*/
5032 0, /*tp_as_mapping*/
5033 0, /*tp_hash*/
5034 0, /*tp_call*/
5035 0, /*tp_str*/
5036 0, /*tp_getattro*/
5037 0, /*tp_setattro*/
5038 0, /*tp_as_buffer*/
5039 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_HAVE_GC, /*tp_flags*/
5040 0, /*tp_doc*/
5041 (traverseproc)PySSLSession_traverse, /*tp_traverse*/
5042 (inquiry)PySSLSession_clear, /*tp_clear*/
5043 PySSLSession_richcompare, /*tp_richcompare*/
5044 0, /*tp_weaklistoffset*/
5045 0, /*tp_iter*/
5046 0, /*tp_iternext*/
5047 0, /*tp_methods*/
5048 0, /*tp_members*/
5049 PySSLSession_getsetlist, /*tp_getset*/
5050 };
5051
5052
5053 /* helper routines for seeding the SSL PRNG */
5054 /*[clinic input]
5055 _ssl.RAND_add
5056 string as view: Py_buffer(accept={str, buffer})
5057 entropy: double
5058 /
5059
5060 Mix string into the OpenSSL PRNG state.
5061
5062 entropy (a float) is a lower bound on the entropy contained in
5063 string. See RFC 4086.
5064 [clinic start generated code]*/
5065
5066 static PyObject *
_ssl_RAND_add_impl(PyObject * module,Py_buffer * view,double entropy)5067 _ssl_RAND_add_impl(PyObject *module, Py_buffer *view, double entropy)
5068 /*[clinic end generated code: output=e6dd48df9c9024e9 input=5c33017422828f5c]*/
5069 {
5070 const char *buf;
5071 Py_ssize_t len, written;
5072
5073 buf = (const char *)view->buf;
5074 len = view->len;
5075 do {
5076 written = Py_MIN(len, INT_MAX);
5077 RAND_add(buf, (int)written, entropy);
5078 buf += written;
5079 len -= written;
5080 } while (len);
5081 Py_RETURN_NONE;
5082 }
5083
5084 static PyObject *
PySSL_RAND(int len,int pseudo)5085 PySSL_RAND(int len, int pseudo)
5086 {
5087 int ok;
5088 PyObject *bytes;
5089 unsigned long err;
5090 const char *errstr;
5091 PyObject *v;
5092
5093 if (len < 0) {
5094 PyErr_SetString(PyExc_ValueError, "num must be positive");
5095 return NULL;
5096 }
5097
5098 bytes = PyBytes_FromStringAndSize(NULL, len);
5099 if (bytes == NULL)
5100 return NULL;
5101 if (pseudo) {
5102 ok = RAND_pseudo_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len);
5103 if (ok == 0 || ok == 1)
5104 return Py_BuildValue("NO", bytes, ok == 1 ? Py_True : Py_False);
5105 }
5106 else {
5107 ok = RAND_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len);
5108 if (ok == 1)
5109 return bytes;
5110 }
5111 Py_DECREF(bytes);
5112
5113 err = ERR_get_error();
5114 errstr = ERR_reason_error_string(err);
5115 v = Py_BuildValue("(ks)", err, errstr);
5116 if (v != NULL) {
5117 PyErr_SetObject(PySSLErrorObject, v);
5118 Py_DECREF(v);
5119 }
5120 return NULL;
5121 }
5122
5123 /*[clinic input]
5124 _ssl.RAND_bytes
5125 n: int
5126 /
5127
5128 Generate n cryptographically strong pseudo-random bytes.
5129 [clinic start generated code]*/
5130
5131 static PyObject *
_ssl_RAND_bytes_impl(PyObject * module,int n)5132 _ssl_RAND_bytes_impl(PyObject *module, int n)
5133 /*[clinic end generated code: output=977da635e4838bc7 input=678ddf2872dfebfc]*/
5134 {
5135 return PySSL_RAND(n, 0);
5136 }
5137
5138 /*[clinic input]
5139 _ssl.RAND_pseudo_bytes
5140 n: int
5141 /
5142
5143 Generate n pseudo-random bytes.
5144
5145 Return a pair (bytes, is_cryptographic). is_cryptographic is True
5146 if the bytes generated are cryptographically strong.
5147 [clinic start generated code]*/
5148
5149 static PyObject *
_ssl_RAND_pseudo_bytes_impl(PyObject * module,int n)5150 _ssl_RAND_pseudo_bytes_impl(PyObject *module, int n)
5151 /*[clinic end generated code: output=b1509e937000e52d input=58312bd53f9bbdd0]*/
5152 {
5153 return PySSL_RAND(n, 1);
5154 }
5155
5156 /*[clinic input]
5157 _ssl.RAND_status
5158
5159 Returns 1 if the OpenSSL PRNG has been seeded with enough data and 0 if not.
5160
5161 It is necessary to seed the PRNG with RAND_add() on some platforms before
5162 using the ssl() function.
5163 [clinic start generated code]*/
5164
5165 static PyObject *
_ssl_RAND_status_impl(PyObject * module)5166 _ssl_RAND_status_impl(PyObject *module)
5167 /*[clinic end generated code: output=7e0aaa2d39fdc1ad input=8a774b02d1dc81f3]*/
5168 {
5169 return PyLong_FromLong(RAND_status());
5170 }
5171
5172 #ifndef OPENSSL_NO_EGD
5173 /* LCOV_EXCL_START */
5174 /*[clinic input]
5175 _ssl.RAND_egd
5176 path: object(converter="PyUnicode_FSConverter")
5177 /
5178
5179 Queries the entropy gather daemon (EGD) on the socket named by 'path'.
5180
5181 Returns number of bytes read. Raises SSLError if connection to EGD
5182 fails or if it does not provide enough data to seed PRNG.
5183 [clinic start generated code]*/
5184
5185 static PyObject *
_ssl_RAND_egd_impl(PyObject * module,PyObject * path)5186 _ssl_RAND_egd_impl(PyObject *module, PyObject *path)
5187 /*[clinic end generated code: output=02a67c7c367f52fa input=1aeb7eb948312195]*/
5188 {
5189 int bytes = RAND_egd(PyBytes_AsString(path));
5190 Py_DECREF(path);
5191 if (bytes == -1) {
5192 PyErr_SetString(PySSLErrorObject,
5193 "EGD connection failed or EGD did not return "
5194 "enough data to seed the PRNG");
5195 return NULL;
5196 }
5197 return PyLong_FromLong(bytes);
5198 }
5199 /* LCOV_EXCL_STOP */
5200 #endif /* OPENSSL_NO_EGD */
5201
5202
5203
5204 /*[clinic input]
5205 _ssl.get_default_verify_paths
5206
5207 Return search paths and environment vars that are used by SSLContext's set_default_verify_paths() to load default CAs.
5208
5209 The values are 'cert_file_env', 'cert_file', 'cert_dir_env', 'cert_dir'.
5210 [clinic start generated code]*/
5211
5212 static PyObject *
_ssl_get_default_verify_paths_impl(PyObject * module)5213 _ssl_get_default_verify_paths_impl(PyObject *module)
5214 /*[clinic end generated code: output=e5b62a466271928b input=5210c953d98c3eb5]*/
5215 {
5216 PyObject *ofile_env = NULL;
5217 PyObject *ofile = NULL;
5218 PyObject *odir_env = NULL;
5219 PyObject *odir = NULL;
5220
5221 #define CONVERT(info, target) { \
5222 const char *tmp = (info); \
5223 target = NULL; \
5224 if (!tmp) { Py_INCREF(Py_None); target = Py_None; } \
5225 else if ((target = PyUnicode_DecodeFSDefault(tmp)) == NULL) { \
5226 target = PyBytes_FromString(tmp); } \
5227 if (!target) goto error; \
5228 }
5229
5230 CONVERT(X509_get_default_cert_file_env(), ofile_env);
5231 CONVERT(X509_get_default_cert_file(), ofile);
5232 CONVERT(X509_get_default_cert_dir_env(), odir_env);
5233 CONVERT(X509_get_default_cert_dir(), odir);
5234 #undef CONVERT
5235
5236 return Py_BuildValue("NNNN", ofile_env, ofile, odir_env, odir);
5237
5238 error:
5239 Py_XDECREF(ofile_env);
5240 Py_XDECREF(ofile);
5241 Py_XDECREF(odir_env);
5242 Py_XDECREF(odir);
5243 return NULL;
5244 }
5245
5246 static PyObject*
asn1obj2py(ASN1_OBJECT * obj)5247 asn1obj2py(ASN1_OBJECT *obj)
5248 {
5249 int nid;
5250 const char *ln, *sn;
5251
5252 nid = OBJ_obj2nid(obj);
5253 if (nid == NID_undef) {
5254 PyErr_Format(PyExc_ValueError, "Unknown object");
5255 return NULL;
5256 }
5257 sn = OBJ_nid2sn(nid);
5258 ln = OBJ_nid2ln(nid);
5259 return Py_BuildValue("issN", nid, sn, ln, _asn1obj2py(obj, 1));
5260 }
5261
5262 /*[clinic input]
5263 _ssl.txt2obj
5264 txt: str
5265 name: bool = False
5266
5267 Lookup NID, short name, long name and OID of an ASN1_OBJECT.
5268
5269 By default objects are looked up by OID. With name=True short and
5270 long name are also matched.
5271 [clinic start generated code]*/
5272
5273 static PyObject *
_ssl_txt2obj_impl(PyObject * module,const char * txt,int name)5274 _ssl_txt2obj_impl(PyObject *module, const char *txt, int name)
5275 /*[clinic end generated code: output=c38e3991347079c1 input=1c1e7d0aa7c48602]*/
5276 {
5277 PyObject *result = NULL;
5278 ASN1_OBJECT *obj;
5279
5280 obj = OBJ_txt2obj(txt, name ? 0 : 1);
5281 if (obj == NULL) {
5282 PyErr_Format(PyExc_ValueError, "unknown object '%.100s'", txt);
5283 return NULL;
5284 }
5285 result = asn1obj2py(obj);
5286 ASN1_OBJECT_free(obj);
5287 return result;
5288 }
5289
5290 /*[clinic input]
5291 _ssl.nid2obj
5292 nid: int
5293 /
5294
5295 Lookup NID, short name, long name and OID of an ASN1_OBJECT by NID.
5296 [clinic start generated code]*/
5297
5298 static PyObject *
_ssl_nid2obj_impl(PyObject * module,int nid)5299 _ssl_nid2obj_impl(PyObject *module, int nid)
5300 /*[clinic end generated code: output=4a98ab691cd4f84a input=51787a3bee7d8f98]*/
5301 {
5302 PyObject *result = NULL;
5303 ASN1_OBJECT *obj;
5304
5305 if (nid < NID_undef) {
5306 PyErr_SetString(PyExc_ValueError, "NID must be positive.");
5307 return NULL;
5308 }
5309 obj = OBJ_nid2obj(nid);
5310 if (obj == NULL) {
5311 PyErr_Format(PyExc_ValueError, "unknown NID %i", nid);
5312 return NULL;
5313 }
5314 result = asn1obj2py(obj);
5315 ASN1_OBJECT_free(obj);
5316 return result;
5317 }
5318
5319 #ifdef _MSC_VER
5320
5321 static PyObject*
certEncodingType(DWORD encodingType)5322 certEncodingType(DWORD encodingType)
5323 {
5324 static PyObject *x509_asn = NULL;
5325 static PyObject *pkcs_7_asn = NULL;
5326
5327 if (x509_asn == NULL) {
5328 x509_asn = PyUnicode_InternFromString("x509_asn");
5329 if (x509_asn == NULL)
5330 return NULL;
5331 }
5332 if (pkcs_7_asn == NULL) {
5333 pkcs_7_asn = PyUnicode_InternFromString("pkcs_7_asn");
5334 if (pkcs_7_asn == NULL)
5335 return NULL;
5336 }
5337 switch(encodingType) {
5338 case X509_ASN_ENCODING:
5339 Py_INCREF(x509_asn);
5340 return x509_asn;
5341 case PKCS_7_ASN_ENCODING:
5342 Py_INCREF(pkcs_7_asn);
5343 return pkcs_7_asn;
5344 default:
5345 return PyLong_FromLong(encodingType);
5346 }
5347 }
5348
5349 static PyObject*
parseKeyUsage(PCCERT_CONTEXT pCertCtx,DWORD flags)5350 parseKeyUsage(PCCERT_CONTEXT pCertCtx, DWORD flags)
5351 {
5352 CERT_ENHKEY_USAGE *usage;
5353 DWORD size, error, i;
5354 PyObject *retval;
5355
5356 if (!CertGetEnhancedKeyUsage(pCertCtx, flags, NULL, &size)) {
5357 error = GetLastError();
5358 if (error == CRYPT_E_NOT_FOUND) {
5359 Py_RETURN_TRUE;
5360 }
5361 return PyErr_SetFromWindowsErr(error);
5362 }
5363
5364 usage = (CERT_ENHKEY_USAGE*)PyMem_Malloc(size);
5365 if (usage == NULL) {
5366 return PyErr_NoMemory();
5367 }
5368
5369 /* Now get the actual enhanced usage property */
5370 if (!CertGetEnhancedKeyUsage(pCertCtx, flags, usage, &size)) {
5371 PyMem_Free(usage);
5372 error = GetLastError();
5373 if (error == CRYPT_E_NOT_FOUND) {
5374 Py_RETURN_TRUE;
5375 }
5376 return PyErr_SetFromWindowsErr(error);
5377 }
5378 retval = PySet_New(NULL);
5379 if (retval == NULL) {
5380 goto error;
5381 }
5382 for (i = 0; i < usage->cUsageIdentifier; ++i) {
5383 if (usage->rgpszUsageIdentifier[i]) {
5384 PyObject *oid;
5385 int err;
5386 oid = PyUnicode_FromString(usage->rgpszUsageIdentifier[i]);
5387 if (oid == NULL) {
5388 Py_CLEAR(retval);
5389 goto error;
5390 }
5391 err = PySet_Add(retval, oid);
5392 Py_DECREF(oid);
5393 if (err == -1) {
5394 Py_CLEAR(retval);
5395 goto error;
5396 }
5397 }
5398 }
5399 error:
5400 PyMem_Free(usage);
5401 return retval;
5402 }
5403
5404 /*[clinic input]
5405 _ssl.enum_certificates
5406 store_name: str
5407
5408 Retrieve certificates from Windows' cert store.
5409
5410 store_name may be one of 'CA', 'ROOT' or 'MY'. The system may provide
5411 more cert storages, too. The function returns a list of (bytes,
5412 encoding_type, trust) tuples. The encoding_type flag can be interpreted
5413 with X509_ASN_ENCODING or PKCS_7_ASN_ENCODING. The trust setting is either
5414 a set of OIDs or the boolean True.
5415 [clinic start generated code]*/
5416
5417 static PyObject *
_ssl_enum_certificates_impl(PyObject * module,const char * store_name)5418 _ssl_enum_certificates_impl(PyObject *module, const char *store_name)
5419 /*[clinic end generated code: output=5134dc8bb3a3c893 input=915f60d70461ea4e]*/
5420 {
5421 HCERTSTORE hStore = NULL;
5422 PCCERT_CONTEXT pCertCtx = NULL;
5423 PyObject *keyusage = NULL, *cert = NULL, *enc = NULL, *tup = NULL;
5424 PyObject *result = NULL;
5425
5426 result = PyList_New(0);
5427 if (result == NULL) {
5428 return NULL;
5429 }
5430 hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, (HCRYPTPROV)NULL,
5431 CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_LOCAL_MACHINE,
5432 store_name);
5433 if (hStore == NULL) {
5434 Py_DECREF(result);
5435 return PyErr_SetFromWindowsErr(GetLastError());
5436 }
5437
5438 while (pCertCtx = CertEnumCertificatesInStore(hStore, pCertCtx)) {
5439 cert = PyBytes_FromStringAndSize((const char*)pCertCtx->pbCertEncoded,
5440 pCertCtx->cbCertEncoded);
5441 if (!cert) {
5442 Py_CLEAR(result);
5443 break;
5444 }
5445 if ((enc = certEncodingType(pCertCtx->dwCertEncodingType)) == NULL) {
5446 Py_CLEAR(result);
5447 break;
5448 }
5449 keyusage = parseKeyUsage(pCertCtx, CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG);
5450 if (keyusage == Py_True) {
5451 Py_DECREF(keyusage);
5452 keyusage = parseKeyUsage(pCertCtx, CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG);
5453 }
5454 if (keyusage == NULL) {
5455 Py_CLEAR(result);
5456 break;
5457 }
5458 if ((tup = PyTuple_New(3)) == NULL) {
5459 Py_CLEAR(result);
5460 break;
5461 }
5462 PyTuple_SET_ITEM(tup, 0, cert);
5463 cert = NULL;
5464 PyTuple_SET_ITEM(tup, 1, enc);
5465 enc = NULL;
5466 PyTuple_SET_ITEM(tup, 2, keyusage);
5467 keyusage = NULL;
5468 if (PyList_Append(result, tup) < 0) {
5469 Py_CLEAR(result);
5470 break;
5471 }
5472 Py_CLEAR(tup);
5473 }
5474 if (pCertCtx) {
5475 /* loop ended with an error, need to clean up context manually */
5476 CertFreeCertificateContext(pCertCtx);
5477 }
5478
5479 /* In error cases cert, enc and tup may not be NULL */
5480 Py_XDECREF(cert);
5481 Py_XDECREF(enc);
5482 Py_XDECREF(keyusage);
5483 Py_XDECREF(tup);
5484
5485 if (!CertCloseStore(hStore, 0)) {
5486 /* This error case might shadow another exception.*/
5487 Py_XDECREF(result);
5488 return PyErr_SetFromWindowsErr(GetLastError());
5489 }
5490 return result;
5491 }
5492
5493 /*[clinic input]
5494 _ssl.enum_crls
5495 store_name: str
5496
5497 Retrieve CRLs from Windows' cert store.
5498
5499 store_name may be one of 'CA', 'ROOT' or 'MY'. The system may provide
5500 more cert storages, too. The function returns a list of (bytes,
5501 encoding_type) tuples. The encoding_type flag can be interpreted with
5502 X509_ASN_ENCODING or PKCS_7_ASN_ENCODING.
5503 [clinic start generated code]*/
5504
5505 static PyObject *
_ssl_enum_crls_impl(PyObject * module,const char * store_name)5506 _ssl_enum_crls_impl(PyObject *module, const char *store_name)
5507 /*[clinic end generated code: output=bce467f60ccd03b6 input=a1f1d7629f1c5d3d]*/
5508 {
5509 HCERTSTORE hStore = NULL;
5510 PCCRL_CONTEXT pCrlCtx = NULL;
5511 PyObject *crl = NULL, *enc = NULL, *tup = NULL;
5512 PyObject *result = NULL;
5513
5514 result = PyList_New(0);
5515 if (result == NULL) {
5516 return NULL;
5517 }
5518 hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, (HCRYPTPROV)NULL,
5519 CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_LOCAL_MACHINE,
5520 store_name);
5521 if (hStore == NULL) {
5522 Py_DECREF(result);
5523 return PyErr_SetFromWindowsErr(GetLastError());
5524 }
5525
5526 while (pCrlCtx = CertEnumCRLsInStore(hStore, pCrlCtx)) {
5527 crl = PyBytes_FromStringAndSize((const char*)pCrlCtx->pbCrlEncoded,
5528 pCrlCtx->cbCrlEncoded);
5529 if (!crl) {
5530 Py_CLEAR(result);
5531 break;
5532 }
5533 if ((enc = certEncodingType(pCrlCtx->dwCertEncodingType)) == NULL) {
5534 Py_CLEAR(result);
5535 break;
5536 }
5537 if ((tup = PyTuple_New(2)) == NULL) {
5538 Py_CLEAR(result);
5539 break;
5540 }
5541 PyTuple_SET_ITEM(tup, 0, crl);
5542 crl = NULL;
5543 PyTuple_SET_ITEM(tup, 1, enc);
5544 enc = NULL;
5545
5546 if (PyList_Append(result, tup) < 0) {
5547 Py_CLEAR(result);
5548 break;
5549 }
5550 Py_CLEAR(tup);
5551 }
5552 if (pCrlCtx) {
5553 /* loop ended with an error, need to clean up context manually */
5554 CertFreeCRLContext(pCrlCtx);
5555 }
5556
5557 /* In error cases cert, enc and tup may not be NULL */
5558 Py_XDECREF(crl);
5559 Py_XDECREF(enc);
5560 Py_XDECREF(tup);
5561
5562 if (!CertCloseStore(hStore, 0)) {
5563 /* This error case might shadow another exception.*/
5564 Py_XDECREF(result);
5565 return PyErr_SetFromWindowsErr(GetLastError());
5566 }
5567 return result;
5568 }
5569
5570 #endif /* _MSC_VER */
5571
5572 /* List of functions exported by this module. */
5573 static PyMethodDef PySSL_methods[] = {
5574 _SSL__TEST_DECODE_CERT_METHODDEF
5575 _SSL_RAND_ADD_METHODDEF
5576 _SSL_RAND_BYTES_METHODDEF
5577 _SSL_RAND_PSEUDO_BYTES_METHODDEF
5578 _SSL_RAND_EGD_METHODDEF
5579 _SSL_RAND_STATUS_METHODDEF
5580 _SSL_GET_DEFAULT_VERIFY_PATHS_METHODDEF
5581 _SSL_ENUM_CERTIFICATES_METHODDEF
5582 _SSL_ENUM_CRLS_METHODDEF
5583 _SSL_TXT2OBJ_METHODDEF
5584 _SSL_NID2OBJ_METHODDEF
5585 {NULL, NULL} /* Sentinel */
5586 };
5587
5588
5589 #ifdef HAVE_OPENSSL_CRYPTO_LOCK
5590
5591 /* an implementation of OpenSSL threading operations in terms
5592 * of the Python C thread library
5593 * Only used up to 1.0.2. OpenSSL 1.1.0+ has its own locking code.
5594 */
5595
5596 static PyThread_type_lock *_ssl_locks = NULL;
5597
5598 #if OPENSSL_VERSION_NUMBER >= 0x10000000
5599 /* use new CRYPTO_THREADID API. */
5600 static void
_ssl_threadid_callback(CRYPTO_THREADID * id)5601 _ssl_threadid_callback(CRYPTO_THREADID *id)
5602 {
5603 CRYPTO_THREADID_set_numeric(id, PyThread_get_thread_ident());
5604 }
5605 #else
5606 /* deprecated CRYPTO_set_id_callback() API. */
5607 static unsigned long
_ssl_thread_id_function(void)5608 _ssl_thread_id_function (void) {
5609 return PyThread_get_thread_ident();
5610 }
5611 #endif
5612
_ssl_thread_locking_function(int mode,int n,const char * file,int line)5613 static void _ssl_thread_locking_function
5614 (int mode, int n, const char *file, int line) {
5615 /* this function is needed to perform locking on shared data
5616 structures. (Note that OpenSSL uses a number of global data
5617 structures that will be implicitly shared whenever multiple
5618 threads use OpenSSL.) Multi-threaded applications will
5619 crash at random if it is not set.
5620
5621 locking_function() must be able to handle up to
5622 CRYPTO_num_locks() different mutex locks. It sets the n-th
5623 lock if mode & CRYPTO_LOCK, and releases it otherwise.
5624
5625 file and line are the file number of the function setting the
5626 lock. They can be useful for debugging.
5627 */
5628
5629 if ((_ssl_locks == NULL) ||
5630 (n < 0) || ((unsigned)n >= _ssl_locks_count))
5631 return;
5632
5633 if (mode & CRYPTO_LOCK) {
5634 PyThread_acquire_lock(_ssl_locks[n], 1);
5635 } else {
5636 PyThread_release_lock(_ssl_locks[n]);
5637 }
5638 }
5639
_setup_ssl_threads(void)5640 static int _setup_ssl_threads(void) {
5641
5642 unsigned int i;
5643
5644 if (_ssl_locks == NULL) {
5645 _ssl_locks_count = CRYPTO_num_locks();
5646 _ssl_locks = PyMem_Calloc(_ssl_locks_count,
5647 sizeof(PyThread_type_lock));
5648 if (_ssl_locks == NULL) {
5649 PyErr_NoMemory();
5650 return 0;
5651 }
5652 for (i = 0; i < _ssl_locks_count; i++) {
5653 _ssl_locks[i] = PyThread_allocate_lock();
5654 if (_ssl_locks[i] == NULL) {
5655 unsigned int j;
5656 for (j = 0; j < i; j++) {
5657 PyThread_free_lock(_ssl_locks[j]);
5658 }
5659 PyMem_Free(_ssl_locks);
5660 return 0;
5661 }
5662 }
5663 CRYPTO_set_locking_callback(_ssl_thread_locking_function);
5664 #if OPENSSL_VERSION_NUMBER >= 0x10000000
5665 CRYPTO_THREADID_set_callback(_ssl_threadid_callback);
5666 #else
5667 CRYPTO_set_id_callback(_ssl_thread_id_function);
5668 #endif
5669 }
5670 return 1;
5671 }
5672
5673 #endif /* HAVE_OPENSSL_CRYPTO_LOCK for OpenSSL < 1.1.0 */
5674
5675 PyDoc_STRVAR(module_doc,
5676 "Implementation module for SSL socket operations. See the socket module\n\
5677 for documentation.");
5678
5679
5680 static struct PyModuleDef _sslmodule = {
5681 PyModuleDef_HEAD_INIT,
5682 "_ssl",
5683 module_doc,
5684 -1,
5685 PySSL_methods,
5686 NULL,
5687 NULL,
5688 NULL,
5689 NULL
5690 };
5691
5692
5693 static void
parse_openssl_version(unsigned long libver,unsigned int * major,unsigned int * minor,unsigned int * fix,unsigned int * patch,unsigned int * status)5694 parse_openssl_version(unsigned long libver,
5695 unsigned int *major, unsigned int *minor,
5696 unsigned int *fix, unsigned int *patch,
5697 unsigned int *status)
5698 {
5699 *status = libver & 0xF;
5700 libver >>= 4;
5701 *patch = libver & 0xFF;
5702 libver >>= 8;
5703 *fix = libver & 0xFF;
5704 libver >>= 8;
5705 *minor = libver & 0xFF;
5706 libver >>= 8;
5707 *major = libver & 0xFF;
5708 }
5709
5710 PyMODINIT_FUNC
PyInit__ssl(void)5711 PyInit__ssl(void)
5712 {
5713 PyObject *m, *d, *r, *bases;
5714 unsigned long libver;
5715 unsigned int major, minor, fix, patch, status;
5716 PySocketModule_APIObject *socket_api;
5717 struct py_ssl_error_code *errcode;
5718 struct py_ssl_library_code *libcode;
5719
5720 if (PyType_Ready(&PySSLContext_Type) < 0)
5721 return NULL;
5722 if (PyType_Ready(&PySSLSocket_Type) < 0)
5723 return NULL;
5724 if (PyType_Ready(&PySSLMemoryBIO_Type) < 0)
5725 return NULL;
5726 if (PyType_Ready(&PySSLSession_Type) < 0)
5727 return NULL;
5728
5729
5730 m = PyModule_Create(&_sslmodule);
5731 if (m == NULL)
5732 return NULL;
5733 d = PyModule_GetDict(m);
5734
5735 /* Load _socket module and its C API */
5736 socket_api = PySocketModule_ImportModuleAndAPI();
5737 if (!socket_api)
5738 return NULL;
5739 PySocketModule = *socket_api;
5740
5741 #ifndef OPENSSL_VERSION_1_1
5742 /* Load all algorithms and initialize cpuid */
5743 OPENSSL_add_all_algorithms_noconf();
5744 /* Init OpenSSL */
5745 SSL_load_error_strings();
5746 SSL_library_init();
5747 #endif
5748
5749 #ifdef HAVE_OPENSSL_CRYPTO_LOCK
5750 /* note that this will start threading if not already started */
5751 if (!_setup_ssl_threads()) {
5752 return NULL;
5753 }
5754 #elif OPENSSL_VERSION_1_1 && defined(OPENSSL_THREADS)
5755 /* OpenSSL 1.1.0 builtin thread support is enabled */
5756 _ssl_locks_count++;
5757 #endif
5758
5759 /* Add symbols to module dict */
5760 sslerror_type_slots[0].pfunc = PyExc_OSError;
5761 PySSLErrorObject = PyType_FromSpec(&sslerror_type_spec);
5762 if (PySSLErrorObject == NULL)
5763 return NULL;
5764
5765 /* ssl.CertificateError used to be a subclass of ValueError */
5766 bases = Py_BuildValue("OO", PySSLErrorObject, PyExc_ValueError);
5767 if (bases == NULL)
5768 return NULL;
5769 PySSLCertVerificationErrorObject = PyErr_NewExceptionWithDoc(
5770 "ssl.SSLCertVerificationError", SSLCertVerificationError_doc,
5771 bases, NULL);
5772 Py_DECREF(bases);
5773 PySSLZeroReturnErrorObject = PyErr_NewExceptionWithDoc(
5774 "ssl.SSLZeroReturnError", SSLZeroReturnError_doc,
5775 PySSLErrorObject, NULL);
5776 PySSLWantReadErrorObject = PyErr_NewExceptionWithDoc(
5777 "ssl.SSLWantReadError", SSLWantReadError_doc,
5778 PySSLErrorObject, NULL);
5779 PySSLWantWriteErrorObject = PyErr_NewExceptionWithDoc(
5780 "ssl.SSLWantWriteError", SSLWantWriteError_doc,
5781 PySSLErrorObject, NULL);
5782 PySSLSyscallErrorObject = PyErr_NewExceptionWithDoc(
5783 "ssl.SSLSyscallError", SSLSyscallError_doc,
5784 PySSLErrorObject, NULL);
5785 PySSLEOFErrorObject = PyErr_NewExceptionWithDoc(
5786 "ssl.SSLEOFError", SSLEOFError_doc,
5787 PySSLErrorObject, NULL);
5788 if (PySSLCertVerificationErrorObject == NULL
5789 || PySSLZeroReturnErrorObject == NULL
5790 || PySSLWantReadErrorObject == NULL
5791 || PySSLWantWriteErrorObject == NULL
5792 || PySSLSyscallErrorObject == NULL
5793 || PySSLEOFErrorObject == NULL)
5794 return NULL;
5795 if (PyDict_SetItemString(d, "SSLError", PySSLErrorObject) != 0
5796 || PyDict_SetItemString(d, "SSLCertVerificationError",
5797 PySSLCertVerificationErrorObject) != 0
5798 || PyDict_SetItemString(d, "SSLZeroReturnError", PySSLZeroReturnErrorObject) != 0
5799 || PyDict_SetItemString(d, "SSLWantReadError", PySSLWantReadErrorObject) != 0
5800 || PyDict_SetItemString(d, "SSLWantWriteError", PySSLWantWriteErrorObject) != 0
5801 || PyDict_SetItemString(d, "SSLSyscallError", PySSLSyscallErrorObject) != 0
5802 || PyDict_SetItemString(d, "SSLEOFError", PySSLEOFErrorObject) != 0)
5803 return NULL;
5804 if (PyDict_SetItemString(d, "_SSLContext",
5805 (PyObject *)&PySSLContext_Type) != 0)
5806 return NULL;
5807 if (PyDict_SetItemString(d, "_SSLSocket",
5808 (PyObject *)&PySSLSocket_Type) != 0)
5809 return NULL;
5810 if (PyDict_SetItemString(d, "MemoryBIO",
5811 (PyObject *)&PySSLMemoryBIO_Type) != 0)
5812 return NULL;
5813 if (PyDict_SetItemString(d, "SSLSession",
5814 (PyObject *)&PySSLSession_Type) != 0)
5815 return NULL;
5816
5817 PyModule_AddStringConstant(m, "_DEFAULT_CIPHERS",
5818 PY_SSL_DEFAULT_CIPHER_STRING);
5819
5820 PyModule_AddIntConstant(m, "SSL_ERROR_ZERO_RETURN",
5821 PY_SSL_ERROR_ZERO_RETURN);
5822 PyModule_AddIntConstant(m, "SSL_ERROR_WANT_READ",
5823 PY_SSL_ERROR_WANT_READ);
5824 PyModule_AddIntConstant(m, "SSL_ERROR_WANT_WRITE",
5825 PY_SSL_ERROR_WANT_WRITE);
5826 PyModule_AddIntConstant(m, "SSL_ERROR_WANT_X509_LOOKUP",
5827 PY_SSL_ERROR_WANT_X509_LOOKUP);
5828 PyModule_AddIntConstant(m, "SSL_ERROR_SYSCALL",
5829 PY_SSL_ERROR_SYSCALL);
5830 PyModule_AddIntConstant(m, "SSL_ERROR_SSL",
5831 PY_SSL_ERROR_SSL);
5832 PyModule_AddIntConstant(m, "SSL_ERROR_WANT_CONNECT",
5833 PY_SSL_ERROR_WANT_CONNECT);
5834 /* non ssl.h errorcodes */
5835 PyModule_AddIntConstant(m, "SSL_ERROR_EOF",
5836 PY_SSL_ERROR_EOF);
5837 PyModule_AddIntConstant(m, "SSL_ERROR_INVALID_ERROR_CODE",
5838 PY_SSL_ERROR_INVALID_ERROR_CODE);
5839 /* cert requirements */
5840 PyModule_AddIntConstant(m, "CERT_NONE",
5841 PY_SSL_CERT_NONE);
5842 PyModule_AddIntConstant(m, "CERT_OPTIONAL",
5843 PY_SSL_CERT_OPTIONAL);
5844 PyModule_AddIntConstant(m, "CERT_REQUIRED",
5845 PY_SSL_CERT_REQUIRED);
5846 /* CRL verification for verification_flags */
5847 PyModule_AddIntConstant(m, "VERIFY_DEFAULT",
5848 0);
5849 PyModule_AddIntConstant(m, "VERIFY_CRL_CHECK_LEAF",
5850 X509_V_FLAG_CRL_CHECK);
5851 PyModule_AddIntConstant(m, "VERIFY_CRL_CHECK_CHAIN",
5852 X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
5853 PyModule_AddIntConstant(m, "VERIFY_X509_STRICT",
5854 X509_V_FLAG_X509_STRICT);
5855 #ifdef X509_V_FLAG_TRUSTED_FIRST
5856 PyModule_AddIntConstant(m, "VERIFY_X509_TRUSTED_FIRST",
5857 X509_V_FLAG_TRUSTED_FIRST);
5858 #endif
5859
5860 /* Alert Descriptions from ssl.h */
5861 /* note RESERVED constants no longer intended for use have been removed */
5862 /* http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6 */
5863
5864 #define ADD_AD_CONSTANT(s) \
5865 PyModule_AddIntConstant(m, "ALERT_DESCRIPTION_"#s, \
5866 SSL_AD_##s)
5867
5868 ADD_AD_CONSTANT(CLOSE_NOTIFY);
5869 ADD_AD_CONSTANT(UNEXPECTED_MESSAGE);
5870 ADD_AD_CONSTANT(BAD_RECORD_MAC);
5871 ADD_AD_CONSTANT(RECORD_OVERFLOW);
5872 ADD_AD_CONSTANT(DECOMPRESSION_FAILURE);
5873 ADD_AD_CONSTANT(HANDSHAKE_FAILURE);
5874 ADD_AD_CONSTANT(BAD_CERTIFICATE);
5875 ADD_AD_CONSTANT(UNSUPPORTED_CERTIFICATE);
5876 ADD_AD_CONSTANT(CERTIFICATE_REVOKED);
5877 ADD_AD_CONSTANT(CERTIFICATE_EXPIRED);
5878 ADD_AD_CONSTANT(CERTIFICATE_UNKNOWN);
5879 ADD_AD_CONSTANT(ILLEGAL_PARAMETER);
5880 ADD_AD_CONSTANT(UNKNOWN_CA);
5881 ADD_AD_CONSTANT(ACCESS_DENIED);
5882 ADD_AD_CONSTANT(DECODE_ERROR);
5883 ADD_AD_CONSTANT(DECRYPT_ERROR);
5884 ADD_AD_CONSTANT(PROTOCOL_VERSION);
5885 ADD_AD_CONSTANT(INSUFFICIENT_SECURITY);
5886 ADD_AD_CONSTANT(INTERNAL_ERROR);
5887 ADD_AD_CONSTANT(USER_CANCELLED);
5888 ADD_AD_CONSTANT(NO_RENEGOTIATION);
5889 /* Not all constants are in old OpenSSL versions */
5890 #ifdef SSL_AD_UNSUPPORTED_EXTENSION
5891 ADD_AD_CONSTANT(UNSUPPORTED_EXTENSION);
5892 #endif
5893 #ifdef SSL_AD_CERTIFICATE_UNOBTAINABLE
5894 ADD_AD_CONSTANT(CERTIFICATE_UNOBTAINABLE);
5895 #endif
5896 #ifdef SSL_AD_UNRECOGNIZED_NAME
5897 ADD_AD_CONSTANT(UNRECOGNIZED_NAME);
5898 #endif
5899 #ifdef SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE
5900 ADD_AD_CONSTANT(BAD_CERTIFICATE_STATUS_RESPONSE);
5901 #endif
5902 #ifdef SSL_AD_BAD_CERTIFICATE_HASH_VALUE
5903 ADD_AD_CONSTANT(BAD_CERTIFICATE_HASH_VALUE);
5904 #endif
5905 #ifdef SSL_AD_UNKNOWN_PSK_IDENTITY
5906 ADD_AD_CONSTANT(UNKNOWN_PSK_IDENTITY);
5907 #endif
5908
5909 #undef ADD_AD_CONSTANT
5910
5911 /* protocol versions */
5912 #ifndef OPENSSL_NO_SSL2
5913 PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
5914 PY_SSL_VERSION_SSL2);
5915 #endif
5916 #ifndef OPENSSL_NO_SSL3
5917 PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
5918 PY_SSL_VERSION_SSL3);
5919 #endif
5920 PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
5921 PY_SSL_VERSION_TLS);
5922 PyModule_AddIntConstant(m, "PROTOCOL_TLS",
5923 PY_SSL_VERSION_TLS);
5924 PyModule_AddIntConstant(m, "PROTOCOL_TLS_CLIENT",
5925 PY_SSL_VERSION_TLS_CLIENT);
5926 PyModule_AddIntConstant(m, "PROTOCOL_TLS_SERVER",
5927 PY_SSL_VERSION_TLS_SERVER);
5928 PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",
5929 PY_SSL_VERSION_TLS1);
5930 #if HAVE_TLSv1_2
5931 PyModule_AddIntConstant(m, "PROTOCOL_TLSv1_1",
5932 PY_SSL_VERSION_TLS1_1);
5933 PyModule_AddIntConstant(m, "PROTOCOL_TLSv1_2",
5934 PY_SSL_VERSION_TLS1_2);
5935 #endif
5936
5937 /* protocol options */
5938 PyModule_AddIntConstant(m, "OP_ALL",
5939 SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
5940 PyModule_AddIntConstant(m, "OP_NO_SSLv2", SSL_OP_NO_SSLv2);
5941 PyModule_AddIntConstant(m, "OP_NO_SSLv3", SSL_OP_NO_SSLv3);
5942 PyModule_AddIntConstant(m, "OP_NO_TLSv1", SSL_OP_NO_TLSv1);
5943 #if HAVE_TLSv1_2
5944 PyModule_AddIntConstant(m, "OP_NO_TLSv1_1", SSL_OP_NO_TLSv1_1);
5945 PyModule_AddIntConstant(m, "OP_NO_TLSv1_2", SSL_OP_NO_TLSv1_2);
5946 #endif
5947 #ifdef SSL_OP_NO_TLSv1_3
5948 PyModule_AddIntConstant(m, "OP_NO_TLSv1_3", SSL_OP_NO_TLSv1_3);
5949 #else
5950 PyModule_AddIntConstant(m, "OP_NO_TLSv1_3", 0);
5951 #endif
5952 PyModule_AddIntConstant(m, "OP_CIPHER_SERVER_PREFERENCE",
5953 SSL_OP_CIPHER_SERVER_PREFERENCE);
5954 PyModule_AddIntConstant(m, "OP_SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE);
5955 PyModule_AddIntConstant(m, "OP_NO_TICKET", SSL_OP_NO_TICKET);
5956 #ifdef SSL_OP_SINGLE_ECDH_USE
5957 PyModule_AddIntConstant(m, "OP_SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE);
5958 #endif
5959 #ifdef SSL_OP_NO_COMPRESSION
5960 PyModule_AddIntConstant(m, "OP_NO_COMPRESSION",
5961 SSL_OP_NO_COMPRESSION);
5962 #endif
5963 #ifdef SSL_OP_ENABLE_MIDDLEBOX_COMPAT
5964 PyModule_AddIntConstant(m, "OP_ENABLE_MIDDLEBOX_COMPAT",
5965 SSL_OP_ENABLE_MIDDLEBOX_COMPAT);
5966 #endif
5967 #ifdef SSL_OP_NO_RENEGOTIATION
5968 PyModule_AddIntConstant(m, "OP_NO_RENEGOTIATION",
5969 SSL_OP_NO_RENEGOTIATION);
5970 #endif
5971
5972 #ifdef X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT
5973 PyModule_AddIntConstant(m, "HOSTFLAG_ALWAYS_CHECK_SUBJECT",
5974 X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT);
5975 #endif
5976 #ifdef X509_CHECK_FLAG_NEVER_CHECK_SUBJECT
5977 PyModule_AddIntConstant(m, "HOSTFLAG_NEVER_CHECK_SUBJECT",
5978 X509_CHECK_FLAG_NEVER_CHECK_SUBJECT);
5979 #endif
5980 #ifdef X509_CHECK_FLAG_NO_WILDCARDS
5981 PyModule_AddIntConstant(m, "HOSTFLAG_NO_WILDCARDS",
5982 X509_CHECK_FLAG_NO_WILDCARDS);
5983 #endif
5984 #ifdef X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS
5985 PyModule_AddIntConstant(m, "HOSTFLAG_NO_PARTIAL_WILDCARDS",
5986 X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
5987 #endif
5988 #ifdef X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS
5989 PyModule_AddIntConstant(m, "HOSTFLAG_MULTI_LABEL_WILDCARDS",
5990 X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS);
5991 #endif
5992 #ifdef X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS
5993 PyModule_AddIntConstant(m, "HOSTFLAG_SINGLE_LABEL_SUBDOMAINS",
5994 X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS);
5995 #endif
5996
5997 /* protocol versions */
5998 PyModule_AddIntConstant(m, "PROTO_MINIMUM_SUPPORTED",
5999 PY_PROTO_MINIMUM_SUPPORTED);
6000 PyModule_AddIntConstant(m, "PROTO_MAXIMUM_SUPPORTED",
6001 PY_PROTO_MAXIMUM_SUPPORTED);
6002 PyModule_AddIntConstant(m, "PROTO_SSLv3", PY_PROTO_SSLv3);
6003 PyModule_AddIntConstant(m, "PROTO_TLSv1", PY_PROTO_TLSv1);
6004 PyModule_AddIntConstant(m, "PROTO_TLSv1_1", PY_PROTO_TLSv1_1);
6005 PyModule_AddIntConstant(m, "PROTO_TLSv1_2", PY_PROTO_TLSv1_2);
6006 PyModule_AddIntConstant(m, "PROTO_TLSv1_3", PY_PROTO_TLSv1_3);
6007
6008 #define addbool(m, v, b) \
6009 Py_INCREF((b) ? Py_True : Py_False); \
6010 PyModule_AddObject((m), (v), (b) ? Py_True : Py_False);
6011
6012 #if HAVE_SNI
6013 addbool(m, "HAS_SNI", 1);
6014 #else
6015 addbool(m, "HAS_SNI", 0);
6016 #endif
6017
6018 addbool(m, "HAS_TLS_UNIQUE", 1);
6019
6020 #ifndef OPENSSL_NO_ECDH
6021 addbool(m, "HAS_ECDH", 1);
6022 #else
6023 addbool(m, "HAS_ECDH", 0);
6024 #endif
6025
6026 #if HAVE_NPN
6027 addbool(m, "HAS_NPN", 1);
6028 #else
6029 addbool(m, "HAS_NPN", 0);
6030 #endif
6031
6032 #if HAVE_ALPN
6033 addbool(m, "HAS_ALPN", 1);
6034 #else
6035 addbool(m, "HAS_ALPN", 0);
6036 #endif
6037
6038 #if defined(SSL2_VERSION) && !defined(OPENSSL_NO_SSL2)
6039 addbool(m, "HAS_SSLv2", 1);
6040 #else
6041 addbool(m, "HAS_SSLv2", 0);
6042 #endif
6043
6044 #if defined(SSL3_VERSION) && !defined(OPENSSL_NO_SSL3)
6045 addbool(m, "HAS_SSLv3", 1);
6046 #else
6047 addbool(m, "HAS_SSLv3", 0);
6048 #endif
6049
6050 #if defined(TLS1_VERSION) && !defined(OPENSSL_NO_TLS1)
6051 addbool(m, "HAS_TLSv1", 1);
6052 #else
6053 addbool(m, "HAS_TLSv1", 0);
6054 #endif
6055
6056 #if defined(TLS1_1_VERSION) && !defined(OPENSSL_NO_TLS1_1)
6057 addbool(m, "HAS_TLSv1_1", 1);
6058 #else
6059 addbool(m, "HAS_TLSv1_1", 0);
6060 #endif
6061
6062 #if defined(TLS1_2_VERSION) && !defined(OPENSSL_NO_TLS1_2)
6063 addbool(m, "HAS_TLSv1_2", 1);
6064 #else
6065 addbool(m, "HAS_TLSv1_2", 0);
6066 #endif
6067
6068 #if defined(TLS1_3_VERSION) && !defined(OPENSSL_NO_TLS1_3)
6069 addbool(m, "HAS_TLSv1_3", 1);
6070 #else
6071 addbool(m, "HAS_TLSv1_3", 0);
6072 #endif
6073
6074 /* Mappings for error codes */
6075 err_codes_to_names = PyDict_New();
6076 err_names_to_codes = PyDict_New();
6077 if (err_codes_to_names == NULL || err_names_to_codes == NULL)
6078 return NULL;
6079 errcode = error_codes;
6080 while (errcode->mnemonic != NULL) {
6081 PyObject *mnemo, *key;
6082 mnemo = PyUnicode_FromString(errcode->mnemonic);
6083 key = Py_BuildValue("ii", errcode->library, errcode->reason);
6084 if (mnemo == NULL || key == NULL)
6085 return NULL;
6086 if (PyDict_SetItem(err_codes_to_names, key, mnemo))
6087 return NULL;
6088 if (PyDict_SetItem(err_names_to_codes, mnemo, key))
6089 return NULL;
6090 Py_DECREF(key);
6091 Py_DECREF(mnemo);
6092 errcode++;
6093 }
6094 if (PyModule_AddObject(m, "err_codes_to_names", err_codes_to_names))
6095 return NULL;
6096 if (PyModule_AddObject(m, "err_names_to_codes", err_names_to_codes))
6097 return NULL;
6098
6099 lib_codes_to_names = PyDict_New();
6100 if (lib_codes_to_names == NULL)
6101 return NULL;
6102 libcode = library_codes;
6103 while (libcode->library != NULL) {
6104 PyObject *mnemo, *key;
6105 key = PyLong_FromLong(libcode->code);
6106 mnemo = PyUnicode_FromString(libcode->library);
6107 if (key == NULL || mnemo == NULL)
6108 return NULL;
6109 if (PyDict_SetItem(lib_codes_to_names, key, mnemo))
6110 return NULL;
6111 Py_DECREF(key);
6112 Py_DECREF(mnemo);
6113 libcode++;
6114 }
6115 if (PyModule_AddObject(m, "lib_codes_to_names", lib_codes_to_names))
6116 return NULL;
6117
6118 /* OpenSSL version */
6119 /* SSLeay() gives us the version of the library linked against,
6120 which could be different from the headers version.
6121 */
6122 libver = SSLeay();
6123 r = PyLong_FromUnsignedLong(libver);
6124 if (r == NULL)
6125 return NULL;
6126 if (PyModule_AddObject(m, "OPENSSL_VERSION_NUMBER", r))
6127 return NULL;
6128 parse_openssl_version(libver, &major, &minor, &fix, &patch, &status);
6129 r = Py_BuildValue("IIIII", major, minor, fix, patch, status);
6130 if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r))
6131 return NULL;
6132 r = PyUnicode_FromString(SSLeay_version(SSLEAY_VERSION));
6133 if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r))
6134 return NULL;
6135
6136 libver = OPENSSL_VERSION_NUMBER;
6137 parse_openssl_version(libver, &major, &minor, &fix, &patch, &status);
6138 r = Py_BuildValue("IIIII", major, minor, fix, patch, status);
6139 if (r == NULL || PyModule_AddObject(m, "_OPENSSL_API_VERSION", r))
6140 return NULL;
6141
6142 return m;
6143 }
6144