1 /* SSL socket module
2 
3    SSL support based on patches by Brian E Gallew and Laszlo Kovacs.
4    Re-worked a bit by Bill Janssen to add server-side support and
5    certificate decoding.  Chris Stawarz contributed some non-blocking
6    patches.
7 
8    This module is imported by ssl.py. It should *not* be used
9    directly.
10 
11    XXX should partial writes be enabled, SSL_MODE_ENABLE_PARTIAL_WRITE?
12 
13    XXX integrate several "shutdown modes" as suggested in
14        http://bugs.python.org/issue8108#msg102867 ?
15 */
16 
17 #define PY_SSIZE_T_CLEAN
18 
19 #include "Python.h"
20 
21 #include "pythread.h"
22 
23 /* Redefined below for Windows debug builds after important #includes */
24 #define _PySSL_FIX_ERRNO
25 
26 #define PySSL_BEGIN_ALLOW_THREADS_S(save) \
27     do { if (_ssl_locks_count>0) { (save) = PyEval_SaveThread(); } } while (0)
28 #define PySSL_END_ALLOW_THREADS_S(save) \
29     do { if (_ssl_locks_count>0) { PyEval_RestoreThread(save); } _PySSL_FIX_ERRNO; } while (0)
30 #define PySSL_BEGIN_ALLOW_THREADS { \
31             PyThreadState *_save = NULL;  \
32             PySSL_BEGIN_ALLOW_THREADS_S(_save);
33 #define PySSL_BLOCK_THREADS     PySSL_END_ALLOW_THREADS_S(_save);
34 #define PySSL_UNBLOCK_THREADS   PySSL_BEGIN_ALLOW_THREADS_S(_save);
35 #define PySSL_END_ALLOW_THREADS PySSL_END_ALLOW_THREADS_S(_save); }
36 
37 /* Include symbols from _socket module */
38 #include "socketmodule.h"
39 
40 static PySocketModule_APIObject PySocketModule;
41 
42 #if defined(HAVE_POLL_H)
43 #include <poll.h>
44 #elif defined(HAVE_SYS_POLL_H)
45 #include <sys/poll.h>
46 #endif
47 
48 /* Don't warn about deprecated functions */
49 #ifdef __GNUC__
50 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
51 #endif
52 #ifdef __clang__
53 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
54 #endif
55 
56 /* Include OpenSSL header files */
57 #include "openssl/rsa.h"
58 #include "openssl/crypto.h"
59 #include "openssl/x509.h"
60 #include "openssl/x509v3.h"
61 #include "openssl/pem.h"
62 #include "openssl/ssl.h"
63 #include "openssl/err.h"
64 #include "openssl/rand.h"
65 #include "openssl/bio.h"
66 #include "openssl/dh.h"
67 
68 #ifndef HAVE_X509_VERIFY_PARAM_SET1_HOST
69 #  ifdef LIBRESSL_VERSION_NUMBER
70 #    error "LibreSSL is missing X509_VERIFY_PARAM_set1_host(), see https://github.com/libressl-portable/portable/issues/381"
71 #  elif OPENSSL_VERSION_NUMBER > 0x1000200fL
72 #    define HAVE_X509_VERIFY_PARAM_SET1_HOST
73 #  else
74 #    error "libssl is too old and does not support X509_VERIFY_PARAM_set1_host()"
75 #  endif
76 #endif
77 
78 /* SSL error object */
79 static PyObject *PySSLErrorObject;
80 static PyObject *PySSLCertVerificationErrorObject;
81 static PyObject *PySSLZeroReturnErrorObject;
82 static PyObject *PySSLWantReadErrorObject;
83 static PyObject *PySSLWantWriteErrorObject;
84 static PyObject *PySSLSyscallErrorObject;
85 static PyObject *PySSLEOFErrorObject;
86 
87 /* Error mappings */
88 static PyObject *err_codes_to_names;
89 static PyObject *err_names_to_codes;
90 static PyObject *lib_codes_to_names;
91 
92 struct py_ssl_error_code {
93     const char *mnemonic;
94     int library, reason;
95 };
96 struct py_ssl_library_code {
97     const char *library;
98     int code;
99 };
100 
101 #if defined(MS_WINDOWS) && defined(Py_DEBUG)
102 /* Debug builds on Windows rely on getting errno directly from OpenSSL.
103  * However, because it uses a different CRT, we need to transfer the
104  * value of errno from OpenSSL into our debug CRT.
105  *
106  * Don't be fooled - this is horribly ugly code. The only reasonable
107  * alternative is to do both debug and release builds of OpenSSL, which
108  * requires much uglier code to transform their automatically generated
109  * makefile. This is the lesser of all the evils.
110  */
111 
_PySSLFixErrno(void)112 static void _PySSLFixErrno(void) {
113     HMODULE ucrtbase = GetModuleHandleW(L"ucrtbase.dll");
114     if (!ucrtbase) {
115         /* If ucrtbase.dll is not loaded but the SSL DLLs are, we likely
116          * have a catastrophic failure, but this function is not the
117          * place to raise it. */
118         return;
119     }
120 
121     typedef int *(__stdcall *errno_func)(void);
122     errno_func ssl_errno = (errno_func)GetProcAddress(ucrtbase, "_errno");
123     if (ssl_errno) {
124         errno = *ssl_errno();
125         *ssl_errno() = 0;
126     } else {
127         errno = ENOTRECOVERABLE;
128     }
129 }
130 
131 #undef _PySSL_FIX_ERRNO
132 #define _PySSL_FIX_ERRNO _PySSLFixErrno()
133 #endif
134 
135 /* Include generated data (error codes) */
136 #include "_ssl_data.h"
137 
138 #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER)
139 #  define OPENSSL_VERSION_1_1 1
140 #  define PY_OPENSSL_1_1_API 1
141 #endif
142 
143 /* LibreSSL 2.7.0 provides necessary OpenSSL 1.1.0 APIs */
144 #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL
145 #  define PY_OPENSSL_1_1_API 1
146 #endif
147 
148 /* Openssl comes with TLSv1.1 and TLSv1.2 between 1.0.0h and 1.0.1
149     http://www.openssl.org/news/changelog.html
150  */
151 #if OPENSSL_VERSION_NUMBER >= 0x10001000L
152 # define HAVE_TLSv1_2 1
153 #else
154 # define HAVE_TLSv1_2 0
155 #endif
156 
157 /* SNI support (client- and server-side) appeared in OpenSSL 1.0.0 and 0.9.8f
158  * This includes the SSL_set_SSL_CTX() function.
159  */
160 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
161 # define HAVE_SNI 1
162 #else
163 # define HAVE_SNI 0
164 #endif
165 
166 #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
167 # define HAVE_ALPN 1
168 #else
169 # define HAVE_ALPN 0
170 #endif
171 
172 /* We cannot rely on OPENSSL_NO_NEXTPROTONEG because LibreSSL 2.6.1 dropped
173  * NPN support but did not set OPENSSL_NO_NEXTPROTONEG for compatibility
174  * reasons. The check for TLSEXT_TYPE_next_proto_neg works with
175  * OpenSSL 1.0.1+ and LibreSSL.
176  * OpenSSL 1.1.1-pre1 dropped NPN but still has TLSEXT_TYPE_next_proto_neg.
177  */
178 #ifdef OPENSSL_NO_NEXTPROTONEG
179 # define HAVE_NPN 0
180 #elif (OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(LIBRESSL_VERSION_NUMBER)
181 # define HAVE_NPN 0
182 #elif defined(TLSEXT_TYPE_next_proto_neg)
183 # define HAVE_NPN 1
184 #else
185 # define HAVE_NPN 0
186 #endif
187 
188 #ifndef INVALID_SOCKET /* MS defines this */
189 #define INVALID_SOCKET (-1)
190 #endif
191 
192 /* OpenSSL 1.0.2 and LibreSSL needs extra code for locking */
193 #ifndef OPENSSL_VERSION_1_1
194 #define HAVE_OPENSSL_CRYPTO_LOCK
195 #endif
196 
197 #if defined(OPENSSL_VERSION_1_1) && !defined(OPENSSL_NO_SSL2)
198 #define OPENSSL_NO_SSL2
199 #endif
200 
201 #ifndef PY_OPENSSL_1_1_API
202 /* OpenSSL 1.1 API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7.0 */
203 
204 #define TLS_method SSLv23_method
205 #define TLS_client_method SSLv23_client_method
206 #define TLS_server_method SSLv23_server_method
207 
X509_NAME_ENTRY_set(const X509_NAME_ENTRY * ne)208 static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne)
209 {
210     return ne->set;
211 }
212 
213 #ifndef OPENSSL_NO_COMP
214 /* LCOV_EXCL_START */
COMP_get_type(const COMP_METHOD * meth)215 static int COMP_get_type(const COMP_METHOD *meth)
216 {
217     return meth->type;
218 }
219 /* LCOV_EXCL_STOP */
220 #endif
221 
SSL_CTX_get_default_passwd_cb(SSL_CTX * ctx)222 static pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
223 {
224     return ctx->default_passwd_callback;
225 }
226 
SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX * ctx)227 static void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
228 {
229     return ctx->default_passwd_callback_userdata;
230 }
231 
X509_OBJECT_get_type(X509_OBJECT * x)232 static int X509_OBJECT_get_type(X509_OBJECT *x)
233 {
234     return x->type;
235 }
236 
X509_OBJECT_get0_X509(X509_OBJECT * x)237 static X509 *X509_OBJECT_get0_X509(X509_OBJECT *x)
238 {
239     return x->data.x509;
240 }
241 
BIO_up_ref(BIO * b)242 static int BIO_up_ref(BIO *b)
243 {
244     CRYPTO_add(&b->references, 1, CRYPTO_LOCK_BIO);
245     return 1;
246 }
247 
STACK_OF(X509_OBJECT)248 static STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *store) {
249     return store->objs;
250 }
251 
252 static int
SSL_SESSION_has_ticket(const SSL_SESSION * s)253 SSL_SESSION_has_ticket(const SSL_SESSION *s)
254 {
255     return (s->tlsext_ticklen > 0) ? 1 : 0;
256 }
257 
258 static unsigned long
SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION * s)259 SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
260 {
261     return s->tlsext_tick_lifetime_hint;
262 }
263 
264 #endif /* OpenSSL < 1.1.0 or LibreSSL < 2.7.0 */
265 
266 /* Default cipher suites */
267 #ifndef PY_SSL_DEFAULT_CIPHERS
268 #define PY_SSL_DEFAULT_CIPHERS 1
269 #endif
270 
271 #if PY_SSL_DEFAULT_CIPHERS == 0
272   #ifndef PY_SSL_DEFAULT_CIPHER_STRING
273      #error "Py_SSL_DEFAULT_CIPHERS 0 needs Py_SSL_DEFAULT_CIPHER_STRING"
274   #endif
275 #elif PY_SSL_DEFAULT_CIPHERS == 1
276 /* Python custom selection of sensible cipher suites
277  * DEFAULT: OpenSSL's default cipher list. Since 1.0.2 the list is in sensible order.
278  * !aNULL:!eNULL: really no NULL ciphers
279  * !MD5:!3DES:!DES:!RC4:!IDEA:!SEED: no weak or broken algorithms on old OpenSSL versions.
280  * !aDSS: no authentication with discrete logarithm DSA algorithm
281  * !SRP:!PSK: no secure remote password or pre-shared key authentication
282  */
283   #define PY_SSL_DEFAULT_CIPHER_STRING "DEFAULT:!aNULL:!eNULL:!MD5:!3DES:!DES:!RC4:!IDEA:!SEED:!aDSS:!SRP:!PSK"
284 #elif PY_SSL_DEFAULT_CIPHERS == 2
285 /* Ignored in SSLContext constructor, only used to as _ssl.DEFAULT_CIPHER_STRING */
286   #define PY_SSL_DEFAULT_CIPHER_STRING SSL_DEFAULT_CIPHER_LIST
287 #else
288   #error "Unsupported PY_SSL_DEFAULT_CIPHERS"
289 #endif
290 
291 
292 enum py_ssl_error {
293     /* these mirror ssl.h */
294     PY_SSL_ERROR_NONE,
295     PY_SSL_ERROR_SSL,
296     PY_SSL_ERROR_WANT_READ,
297     PY_SSL_ERROR_WANT_WRITE,
298     PY_SSL_ERROR_WANT_X509_LOOKUP,
299     PY_SSL_ERROR_SYSCALL,     /* look at error stack/return value/errno */
300     PY_SSL_ERROR_ZERO_RETURN,
301     PY_SSL_ERROR_WANT_CONNECT,
302     /* start of non ssl.h errorcodes */
303     PY_SSL_ERROR_EOF,         /* special case of SSL_ERROR_SYSCALL */
304     PY_SSL_ERROR_NO_SOCKET,   /* socket has been GC'd */
305     PY_SSL_ERROR_INVALID_ERROR_CODE
306 };
307 
308 enum py_ssl_server_or_client {
309     PY_SSL_CLIENT,
310     PY_SSL_SERVER
311 };
312 
313 enum py_ssl_cert_requirements {
314     PY_SSL_CERT_NONE,
315     PY_SSL_CERT_OPTIONAL,
316     PY_SSL_CERT_REQUIRED
317 };
318 
319 enum py_ssl_version {
320     PY_SSL_VERSION_SSL2,
321     PY_SSL_VERSION_SSL3=1,
322     PY_SSL_VERSION_TLS, /* SSLv23 */
323 #if HAVE_TLSv1_2
324     PY_SSL_VERSION_TLS1,
325     PY_SSL_VERSION_TLS1_1,
326     PY_SSL_VERSION_TLS1_2,
327 #else
328     PY_SSL_VERSION_TLS1,
329 #endif
330     PY_SSL_VERSION_TLS_CLIENT=0x10,
331     PY_SSL_VERSION_TLS_SERVER,
332 };
333 
334 enum py_proto_version {
335     PY_PROTO_MINIMUM_SUPPORTED = -2,
336     PY_PROTO_SSLv3 = SSL3_VERSION,
337     PY_PROTO_TLSv1 = TLS1_VERSION,
338     PY_PROTO_TLSv1_1 = TLS1_1_VERSION,
339     PY_PROTO_TLSv1_2 = TLS1_2_VERSION,
340 #ifdef TLS1_3_VERSION
341     PY_PROTO_TLSv1_3 = TLS1_3_VERSION,
342 #else
343     PY_PROTO_TLSv1_3 = 0x304,
344 #endif
345     PY_PROTO_MAXIMUM_SUPPORTED = -1,
346 
347 /* OpenSSL has no dedicated API to set the minimum version to the maximum
348  * available version, and the other way around. We have to figure out the
349  * minimum and maximum available version on our own and hope for the best.
350  */
351 #if defined(SSL3_VERSION) && !defined(OPENSSL_NO_SSL3)
352     PY_PROTO_MINIMUM_AVAILABLE = PY_PROTO_SSLv3,
353 #elif defined(TLS1_VERSION) && !defined(OPENSSL_NO_TLS1)
354     PY_PROTO_MINIMUM_AVAILABLE = PY_PROTO_TLSv1,
355 #elif defined(TLS1_1_VERSION) && !defined(OPENSSL_NO_TLS1_1)
356     PY_PROTO_MINIMUM_AVAILABLE = PY_PROTO_TLSv1_1,
357 #elif defined(TLS1_2_VERSION) && !defined(OPENSSL_NO_TLS1_2)
358     PY_PROTO_MINIMUM_AVAILABLE = PY_PROTO_TLSv1_2,
359 #elif defined(TLS1_3_VERSION) && !defined(OPENSSL_NO_TLS1_3)
360     PY_PROTO_MINIMUM_AVAILABLE = PY_PROTO_TLSv1_3,
361 #else
362     #error "PY_PROTO_MINIMUM_AVAILABLE not found"
363 #endif
364 
365 #if defined(TLS1_3_VERSION) && !defined(OPENSSL_NO_TLS1_3)
366     PY_PROTO_MAXIMUM_AVAILABLE = PY_PROTO_TLSv1_3,
367 #elif defined(TLS1_2_VERSION) && !defined(OPENSSL_NO_TLS1_2)
368     PY_PROTO_MAXIMUM_AVAILABLE = PY_PROTO_TLSv1_2,
369 #elif defined(TLS1_1_VERSION) && !defined(OPENSSL_NO_TLS1_1)
370     PY_PROTO_MAXIMUM_AVAILABLE = PY_PROTO_TLSv1_1,
371 #elif defined(TLS1_VERSION) && !defined(OPENSSL_NO_TLS1)
372     PY_PROTO_MAXIMUM_AVAILABLE = PY_PROTO_TLSv1,
373 #elif defined(SSL3_VERSION) && !defined(OPENSSL_NO_SSL3)
374     PY_PROTO_MAXIMUM_AVAILABLE = PY_PROTO_SSLv3,
375 #else
376     #error "PY_PROTO_MAXIMUM_AVAILABLE not found"
377 #endif
378 };
379 
380 
381 /* serves as a flag to see whether we've initialized the SSL thread support. */
382 /* 0 means no, greater than 0 means yes */
383 
384 static unsigned int _ssl_locks_count = 0;
385 
386 /* SSL socket object */
387 
388 #define X509_NAME_MAXLEN 256
389 
390 /* SSL_CTX_clear_options() and SSL_clear_options() were first added in
391  * OpenSSL 0.9.8m but do not appear in some 0.9.9-dev versions such the
392  * 0.9.9 from "May 2008" that NetBSD 5.0 uses. */
393 #if OPENSSL_VERSION_NUMBER >= 0x009080dfL && OPENSSL_VERSION_NUMBER != 0x00909000L
394 # define HAVE_SSL_CTX_CLEAR_OPTIONS
395 #else
396 # undef HAVE_SSL_CTX_CLEAR_OPTIONS
397 #endif
398 
399 /* In case of 'tls-unique' it will be 12 bytes for TLS, 36 bytes for
400  * older SSL, but let's be safe */
401 #define PySSL_CB_MAXLEN 128
402 
403 
404 typedef struct {
405     PyObject_HEAD
406     SSL_CTX *ctx;
407 #if HAVE_NPN
408     unsigned char *npn_protocols;
409     int npn_protocols_len;
410 #endif
411 #if HAVE_ALPN
412     unsigned char *alpn_protocols;
413     unsigned int alpn_protocols_len;
414 #endif
415 #ifndef OPENSSL_NO_TLSEXT
416     PyObject *set_sni_cb;
417 #endif
418     int check_hostname;
419     /* OpenSSL has no API to get hostflags from X509_VERIFY_PARAM* struct.
420      * We have to maintain our own copy. OpenSSL's hostflags default to 0.
421      */
422     unsigned int hostflags;
423     int protocol;
424 #ifdef TLS1_3_VERSION
425     int post_handshake_auth;
426 #endif
427 } PySSLContext;
428 
429 typedef struct {
430     int ssl; /* last seen error from SSL */
431     int c; /* last seen error from libc */
432 #ifdef MS_WINDOWS
433     int ws; /* last seen error from winsock */
434 #endif
435 } _PySSLError;
436 
437 typedef struct {
438     PyObject_HEAD
439     PyObject *Socket; /* weakref to socket on which we're layered */
440     SSL *ssl;
441     PySSLContext *ctx; /* weakref to SSL context */
442     char shutdown_seen_zero;
443     enum py_ssl_server_or_client socket_type;
444     PyObject *owner; /* Python level "owner" passed to servername callback */
445     PyObject *server_hostname;
446     _PySSLError err; /* last seen error from various sources */
447 } PySSLSocket;
448 
449 typedef struct {
450     PyObject_HEAD
451     BIO *bio;
452     int eof_written;
453 } PySSLMemoryBIO;
454 
455 typedef struct {
456     PyObject_HEAD
457     SSL_SESSION *session;
458     PySSLContext *ctx;
459 } PySSLSession;
460 
461 static PyTypeObject PySSLContext_Type;
462 static PyTypeObject PySSLSocket_Type;
463 static PyTypeObject PySSLMemoryBIO_Type;
464 static PyTypeObject PySSLSession_Type;
465 
_PySSL_errno(int failed,const SSL * ssl,int retcode)466 static inline _PySSLError _PySSL_errno(int failed, const SSL *ssl, int retcode)
467 {
468     _PySSLError err = { 0 };
469     if (failed) {
470 #ifdef MS_WINDOWS
471         err.ws = WSAGetLastError();
472         _PySSL_FIX_ERRNO;
473 #endif
474         err.c = errno;
475         err.ssl = SSL_get_error(ssl, retcode);
476     }
477     return err;
478 }
479 
480 /*[clinic input]
481 module _ssl
482 class _ssl._SSLContext "PySSLContext *" "&PySSLContext_Type"
483 class _ssl._SSLSocket "PySSLSocket *" "&PySSLSocket_Type"
484 class _ssl.MemoryBIO "PySSLMemoryBIO *" "&PySSLMemoryBIO_Type"
485 class _ssl.SSLSession "PySSLSession *" "&PySSLSession_Type"
486 [clinic start generated code]*/
487 /*[clinic end generated code: output=da39a3ee5e6b4b0d input=bdc67fafeeaa8109]*/
488 
489 #include "clinic/_ssl.c.h"
490 
491 static int PySSL_select(PySocketSockObject *s, int writing, _PyTime_t timeout);
492 
493 static int PySSL_set_owner(PySSLSocket *, PyObject *, void *);
494 static int PySSL_set_session(PySSLSocket *, PyObject *, void *);
495 #define PySSLSocket_Check(v)    (Py_TYPE(v) == &PySSLSocket_Type)
496 #define PySSLMemoryBIO_Check(v)    (Py_TYPE(v) == &PySSLMemoryBIO_Type)
497 #define PySSLSession_Check(v)   (Py_TYPE(v) == &PySSLSession_Type)
498 
499 typedef enum {
500     SOCKET_IS_NONBLOCKING,
501     SOCKET_IS_BLOCKING,
502     SOCKET_HAS_TIMED_OUT,
503     SOCKET_HAS_BEEN_CLOSED,
504     SOCKET_TOO_LARGE_FOR_SELECT,
505     SOCKET_OPERATION_OK
506 } timeout_state;
507 
508 /* Wrap error strings with filename and line # */
509 #define ERRSTR1(x,y,z) (x ":" y ": " z)
510 #define ERRSTR(x) ERRSTR1("_ssl.c", Py_STRINGIFY(__LINE__), x)
511 
512 /* Get the socket from a PySSLSocket, if it has one */
513 #define GET_SOCKET(obj) ((obj)->Socket ? \
514     (PySocketSockObject *) PyWeakref_GetObject((obj)->Socket) : NULL)
515 
516 /* If sock is NULL, use a timeout of 0 second */
517 #define GET_SOCKET_TIMEOUT(sock) \
518     ((sock != NULL) ? (sock)->sock_timeout : 0)
519 
520 /*
521  * SSL errors.
522  */
523 
524 PyDoc_STRVAR(SSLError_doc,
525 "An error occurred in the SSL implementation.");
526 
527 PyDoc_STRVAR(SSLCertVerificationError_doc,
528 "A certificate could not be verified.");
529 
530 PyDoc_STRVAR(SSLZeroReturnError_doc,
531 "SSL/TLS session closed cleanly.");
532 
533 PyDoc_STRVAR(SSLWantReadError_doc,
534 "Non-blocking SSL socket needs to read more data\n"
535 "before the requested operation can be completed.");
536 
537 PyDoc_STRVAR(SSLWantWriteError_doc,
538 "Non-blocking SSL socket needs to write more data\n"
539 "before the requested operation can be completed.");
540 
541 PyDoc_STRVAR(SSLSyscallError_doc,
542 "System error when attempting SSL operation.");
543 
544 PyDoc_STRVAR(SSLEOFError_doc,
545 "SSL/TLS connection terminated abruptly.");
546 
547 static PyObject *
SSLError_str(PyOSErrorObject * self)548 SSLError_str(PyOSErrorObject *self)
549 {
550     if (self->strerror != NULL && PyUnicode_Check(self->strerror)) {
551         Py_INCREF(self->strerror);
552         return self->strerror;
553     }
554     else
555         return PyObject_Str(self->args);
556 }
557 
558 static PyType_Slot sslerror_type_slots[] = {
559     {Py_tp_base, NULL},  /* Filled out in module init as it's not a constant */
560     {Py_tp_doc, SSLError_doc},
561     {Py_tp_str, SSLError_str},
562     {0, 0},
563 };
564 
565 static PyType_Spec sslerror_type_spec = {
566     "ssl.SSLError",
567     sizeof(PyOSErrorObject),
568     0,
569     Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,
570     sslerror_type_slots
571 };
572 
573 static void
fill_and_set_sslerror(PySSLSocket * sslsock,PyObject * type,int ssl_errno,const char * errstr,int lineno,unsigned long errcode)574 fill_and_set_sslerror(PySSLSocket *sslsock, PyObject *type, int ssl_errno,
575                       const char *errstr, int lineno, unsigned long errcode)
576 {
577     PyObject *err_value = NULL, *reason_obj = NULL, *lib_obj = NULL;
578     PyObject *verify_obj = NULL, *verify_code_obj = NULL;
579     PyObject *init_value, *msg, *key;
580     _Py_IDENTIFIER(reason);
581     _Py_IDENTIFIER(library);
582     _Py_IDENTIFIER(verify_message);
583     _Py_IDENTIFIER(verify_code);
584 
585     if (errcode != 0) {
586         int lib, reason;
587 
588         lib = ERR_GET_LIB(errcode);
589         reason = ERR_GET_REASON(errcode);
590         key = Py_BuildValue("ii", lib, reason);
591         if (key == NULL)
592             goto fail;
593         reason_obj = PyDict_GetItem(err_codes_to_names, key);
594         Py_DECREF(key);
595         if (reason_obj == NULL) {
596             /* XXX if reason < 100, it might reflect a library number (!!) */
597             PyErr_Clear();
598         }
599         key = PyLong_FromLong(lib);
600         if (key == NULL)
601             goto fail;
602         lib_obj = PyDict_GetItem(lib_codes_to_names, key);
603         Py_DECREF(key);
604         if (lib_obj == NULL) {
605             PyErr_Clear();
606         }
607         if (errstr == NULL)
608             errstr = ERR_reason_error_string(errcode);
609     }
610     if (errstr == NULL)
611         errstr = "unknown error";
612 
613     /* verify code for cert validation error */
614     if ((sslsock != NULL) && (type == PySSLCertVerificationErrorObject)) {
615         const char *verify_str = NULL;
616         long verify_code;
617 
618         verify_code = SSL_get_verify_result(sslsock->ssl);
619         verify_code_obj = PyLong_FromLong(verify_code);
620         if (verify_code_obj == NULL) {
621             goto fail;
622         }
623 
624         switch (verify_code) {
625 #ifdef X509_V_ERR_HOSTNAME_MISMATCH
626         /* OpenSSL >= 1.0.2, LibreSSL >= 2.5.3 */
627         case X509_V_ERR_HOSTNAME_MISMATCH:
628             verify_obj = PyUnicode_FromFormat(
629                 "Hostname mismatch, certificate is not valid for '%S'.",
630                 sslsock->server_hostname
631             );
632             break;
633 #endif
634 #ifdef X509_V_ERR_IP_ADDRESS_MISMATCH
635         case X509_V_ERR_IP_ADDRESS_MISMATCH:
636             verify_obj = PyUnicode_FromFormat(
637                 "IP address mismatch, certificate is not valid for '%S'.",
638                 sslsock->server_hostname
639             );
640             break;
641 #endif
642         default:
643             verify_str = X509_verify_cert_error_string(verify_code);
644             if (verify_str != NULL) {
645                 verify_obj = PyUnicode_FromString(verify_str);
646             } else {
647                 verify_obj = Py_None;
648                 Py_INCREF(verify_obj);
649             }
650             break;
651         }
652         if (verify_obj == NULL) {
653             goto fail;
654         }
655     }
656 
657     if (verify_obj && reason_obj && lib_obj)
658         msg = PyUnicode_FromFormat("[%S: %S] %s: %S (_ssl.c:%d)",
659                                    lib_obj, reason_obj, errstr, verify_obj,
660                                    lineno);
661     else if (reason_obj && lib_obj)
662         msg = PyUnicode_FromFormat("[%S: %S] %s (_ssl.c:%d)",
663                                    lib_obj, reason_obj, errstr, lineno);
664     else if (lib_obj)
665         msg = PyUnicode_FromFormat("[%S] %s (_ssl.c:%d)",
666                                    lib_obj, errstr, lineno);
667     else
668         msg = PyUnicode_FromFormat("%s (_ssl.c:%d)", errstr, lineno);
669     if (msg == NULL)
670         goto fail;
671 
672     init_value = Py_BuildValue("iN", ssl_errno, msg);
673     if (init_value == NULL)
674         goto fail;
675 
676     err_value = PyObject_CallObject(type, init_value);
677     Py_DECREF(init_value);
678     if (err_value == NULL)
679         goto fail;
680 
681     if (reason_obj == NULL)
682         reason_obj = Py_None;
683     if (_PyObject_SetAttrId(err_value, &PyId_reason, reason_obj))
684         goto fail;
685 
686     if (lib_obj == NULL)
687         lib_obj = Py_None;
688     if (_PyObject_SetAttrId(err_value, &PyId_library, lib_obj))
689         goto fail;
690 
691     if ((sslsock != NULL) && (type == PySSLCertVerificationErrorObject)) {
692         /* Only set verify code / message for SSLCertVerificationError */
693         if (_PyObject_SetAttrId(err_value, &PyId_verify_code,
694                                 verify_code_obj))
695             goto fail;
696         if (_PyObject_SetAttrId(err_value, &PyId_verify_message, verify_obj))
697             goto fail;
698     }
699 
700     PyErr_SetObject(type, err_value);
701 fail:
702     Py_XDECREF(err_value);
703     Py_XDECREF(verify_code_obj);
704     Py_XDECREF(verify_obj);
705 }
706 
707 static PyObject *
PySSL_SetError(PySSLSocket * sslsock,int ret,const char * filename,int lineno)708 PySSL_SetError(PySSLSocket *sslsock, int ret, const char *filename, int lineno)
709 {
710     PyObject *type = PySSLErrorObject;
711     char *errstr = NULL;
712     _PySSLError err;
713     enum py_ssl_error p = PY_SSL_ERROR_NONE;
714     unsigned long e = 0;
715 
716     assert(ret <= 0);
717     e = ERR_peek_last_error();
718 
719     if (sslsock->ssl != NULL) {
720         err = sslsock->err;
721 
722         switch (err.ssl) {
723         case SSL_ERROR_ZERO_RETURN:
724             errstr = "TLS/SSL connection has been closed (EOF)";
725             type = PySSLZeroReturnErrorObject;
726             p = PY_SSL_ERROR_ZERO_RETURN;
727             break;
728         case SSL_ERROR_WANT_READ:
729             errstr = "The operation did not complete (read)";
730             type = PySSLWantReadErrorObject;
731             p = PY_SSL_ERROR_WANT_READ;
732             break;
733         case SSL_ERROR_WANT_WRITE:
734             p = PY_SSL_ERROR_WANT_WRITE;
735             type = PySSLWantWriteErrorObject;
736             errstr = "The operation did not complete (write)";
737             break;
738         case SSL_ERROR_WANT_X509_LOOKUP:
739             p = PY_SSL_ERROR_WANT_X509_LOOKUP;
740             errstr = "The operation did not complete (X509 lookup)";
741             break;
742         case SSL_ERROR_WANT_CONNECT:
743             p = PY_SSL_ERROR_WANT_CONNECT;
744             errstr = "The operation did not complete (connect)";
745             break;
746         case SSL_ERROR_SYSCALL:
747         {
748             if (e == 0) {
749                 PySocketSockObject *s = GET_SOCKET(sslsock);
750                 if (ret == 0 || (((PyObject *)s) == Py_None)) {
751                     p = PY_SSL_ERROR_EOF;
752                     type = PySSLEOFErrorObject;
753                     errstr = "EOF occurred in violation of protocol";
754                 } else if (s && ret == -1) {
755                     /* underlying BIO reported an I/O error */
756                     ERR_clear_error();
757 #ifdef MS_WINDOWS
758                     if (err.ws) {
759                         return PyErr_SetFromWindowsErr(err.ws);
760                     }
761 #endif
762                     if (err.c) {
763                         errno = err.c;
764                         return PyErr_SetFromErrno(PyExc_OSError);
765                     }
766                     Py_INCREF(s);
767                     s->errorhandler();
768                     Py_DECREF(s);
769                     return NULL;
770                 } else { /* possible? */
771                     p = PY_SSL_ERROR_SYSCALL;
772                     type = PySSLSyscallErrorObject;
773                     errstr = "Some I/O error occurred";
774                 }
775             } else {
776                 p = PY_SSL_ERROR_SYSCALL;
777             }
778             break;
779         }
780         case SSL_ERROR_SSL:
781         {
782             p = PY_SSL_ERROR_SSL;
783             if (e == 0) {
784                 /* possible? */
785                 errstr = "A failure in the SSL library occurred";
786             }
787             if (ERR_GET_LIB(e) == ERR_LIB_SSL &&
788                     ERR_GET_REASON(e) == SSL_R_CERTIFICATE_VERIFY_FAILED) {
789                 type = PySSLCertVerificationErrorObject;
790             }
791             break;
792         }
793         default:
794             p = PY_SSL_ERROR_INVALID_ERROR_CODE;
795             errstr = "Invalid error code";
796         }
797     }
798     fill_and_set_sslerror(sslsock, type, p, errstr, lineno, e);
799     ERR_clear_error();
800     return NULL;
801 }
802 
803 static PyObject *
_setSSLError(const char * errstr,int errcode,const char * filename,int lineno)804 _setSSLError (const char *errstr, int errcode, const char *filename, int lineno) {
805 
806     if (errstr == NULL)
807         errcode = ERR_peek_last_error();
808     else
809         errcode = 0;
810     fill_and_set_sslerror(NULL, PySSLErrorObject, errcode, errstr, lineno, errcode);
811     ERR_clear_error();
812     return NULL;
813 }
814 
815 /*
816  * SSL objects
817  */
818 
819 static int
_ssl_configure_hostname(PySSLSocket * self,const char * server_hostname)820 _ssl_configure_hostname(PySSLSocket *self, const char* server_hostname)
821 {
822     int retval = -1;
823     ASN1_OCTET_STRING *ip;
824     PyObject *hostname;
825     size_t len;
826 
827     assert(server_hostname);
828 
829     /* Disable OpenSSL's special mode with leading dot in hostname:
830      * When name starts with a dot (e.g ".example.com"), it will be
831      * matched by a certificate valid for any sub-domain of name.
832      */
833     len = strlen(server_hostname);
834     if (len == 0 || *server_hostname == '.') {
835         PyErr_SetString(
836             PyExc_ValueError,
837             "server_hostname cannot be an empty string or start with a "
838             "leading dot.");
839         return retval;
840     }
841 
842     /* inet_pton is not available on all platforms. */
843     ip = a2i_IPADDRESS(server_hostname);
844     if (ip == NULL) {
845         ERR_clear_error();
846     }
847 
848     hostname = PyUnicode_Decode(server_hostname, len, "ascii", "strict");
849     if (hostname == NULL) {
850         goto error;
851     }
852     self->server_hostname = hostname;
853 
854     /* Only send SNI extension for non-IP hostnames */
855     if (ip == NULL) {
856         if (!SSL_set_tlsext_host_name(self->ssl, server_hostname)) {
857             _setSSLError(NULL, 0, __FILE__, __LINE__);
858         }
859     }
860     if (self->ctx->check_hostname) {
861         X509_VERIFY_PARAM *param = SSL_get0_param(self->ssl);
862         if (ip == NULL) {
863             if (!X509_VERIFY_PARAM_set1_host(param, server_hostname,
864                                              strlen(server_hostname))) {
865                 _setSSLError(NULL, 0, __FILE__, __LINE__);
866                 goto error;
867             }
868         } else {
869             if (!X509_VERIFY_PARAM_set1_ip(param, ASN1_STRING_data(ip),
870                                            ASN1_STRING_length(ip))) {
871                 _setSSLError(NULL, 0, __FILE__, __LINE__);
872                 goto error;
873             }
874         }
875     }
876     retval = 0;
877   error:
878     if (ip != NULL) {
879         ASN1_OCTET_STRING_free(ip);
880     }
881     return retval;
882 }
883 
884 static PySSLSocket *
newPySSLSocket(PySSLContext * sslctx,PySocketSockObject * sock,enum py_ssl_server_or_client socket_type,char * server_hostname,PyObject * owner,PyObject * session,PySSLMemoryBIO * inbio,PySSLMemoryBIO * outbio)885 newPySSLSocket(PySSLContext *sslctx, PySocketSockObject *sock,
886                enum py_ssl_server_or_client socket_type,
887                char *server_hostname,
888                PyObject *owner, PyObject *session,
889                PySSLMemoryBIO *inbio, PySSLMemoryBIO *outbio)
890 {
891     PySSLSocket *self;
892     SSL_CTX *ctx = sslctx->ctx;
893     _PySSLError err = { 0 };
894 
895     self = PyObject_New(PySSLSocket, &PySSLSocket_Type);
896     if (self == NULL)
897         return NULL;
898 
899     self->ssl = NULL;
900     self->Socket = NULL;
901     self->ctx = sslctx;
902     Py_INCREF(sslctx);
903     self->shutdown_seen_zero = 0;
904     self->owner = NULL;
905     self->server_hostname = NULL;
906     self->err = err;
907 
908     /* Make sure the SSL error state is initialized */
909     (void) ERR_get_state();
910     ERR_clear_error();
911 
912     PySSL_BEGIN_ALLOW_THREADS
913     self->ssl = SSL_new(ctx);
914     PySSL_END_ALLOW_THREADS
915     if (self->ssl == NULL) {
916         Py_DECREF(self);
917         _setSSLError(NULL, 0, __FILE__, __LINE__);
918         return NULL;
919     }
920     SSL_set_app_data(self->ssl, self);
921     if (sock) {
922         SSL_set_fd(self->ssl, Py_SAFE_DOWNCAST(sock->sock_fd, SOCKET_T, int));
923     } else {
924         /* BIOs are reference counted and SSL_set_bio borrows our reference.
925          * To prevent a double free in memory_bio_dealloc() we need to take an
926          * extra reference here. */
927         BIO_up_ref(inbio->bio);
928         BIO_up_ref(outbio->bio);
929         SSL_set_bio(self->ssl, inbio->bio, outbio->bio);
930     }
931     SSL_set_mode(self->ssl,
932                  SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_AUTO_RETRY);
933 
934     if (server_hostname != NULL) {
935         if (_ssl_configure_hostname(self, server_hostname) < 0) {
936             Py_DECREF(self);
937             return NULL;
938         }
939     }
940     /* If the socket is in non-blocking mode or timeout mode, set the BIO
941      * to non-blocking mode (blocking is the default)
942      */
943     if (sock && sock->sock_timeout >= 0) {
944         BIO_set_nbio(SSL_get_rbio(self->ssl), 1);
945         BIO_set_nbio(SSL_get_wbio(self->ssl), 1);
946     }
947 
948     PySSL_BEGIN_ALLOW_THREADS
949     if (socket_type == PY_SSL_CLIENT)
950         SSL_set_connect_state(self->ssl);
951     else
952         SSL_set_accept_state(self->ssl);
953     PySSL_END_ALLOW_THREADS
954 
955     self->socket_type = socket_type;
956     if (sock != NULL) {
957         self->Socket = PyWeakref_NewRef((PyObject *) sock, NULL);
958         if (self->Socket == NULL) {
959             Py_DECREF(self);
960             return NULL;
961         }
962     }
963     if (owner && owner != Py_None) {
964         if (PySSL_set_owner(self, owner, NULL) == -1) {
965             Py_DECREF(self);
966             return NULL;
967         }
968     }
969     if (session && session != Py_None) {
970         if (PySSL_set_session(self, session, NULL) == -1) {
971             Py_DECREF(self);
972             return NULL;
973         }
974     }
975     return self;
976 }
977 
978 /* SSL object methods */
979 
980 /*[clinic input]
981 _ssl._SSLSocket.do_handshake
982 [clinic start generated code]*/
983 
984 static PyObject *
_ssl__SSLSocket_do_handshake_impl(PySSLSocket * self)985 _ssl__SSLSocket_do_handshake_impl(PySSLSocket *self)
986 /*[clinic end generated code: output=6c0898a8936548f6 input=d2d737de3df018c8]*/
987 {
988     int ret;
989     _PySSLError err;
990     int sockstate, nonblocking;
991     PySocketSockObject *sock = GET_SOCKET(self);
992     _PyTime_t timeout, deadline = 0;
993     int has_timeout;
994 
995     if (sock) {
996         if (((PyObject*)sock) == Py_None) {
997             _setSSLError("Underlying socket connection gone",
998                          PY_SSL_ERROR_NO_SOCKET, __FILE__, __LINE__);
999             return NULL;
1000         }
1001         Py_INCREF(sock);
1002 
1003         /* just in case the blocking state of the socket has been changed */
1004         nonblocking = (sock->sock_timeout >= 0);
1005         BIO_set_nbio(SSL_get_rbio(self->ssl), nonblocking);
1006         BIO_set_nbio(SSL_get_wbio(self->ssl), nonblocking);
1007     }
1008 
1009     timeout = GET_SOCKET_TIMEOUT(sock);
1010     has_timeout = (timeout > 0);
1011     if (has_timeout)
1012         deadline = _PyTime_GetMonotonicClock() + timeout;
1013 
1014     /* Actually negotiate SSL connection */
1015     /* XXX If SSL_do_handshake() returns 0, it's also a failure. */
1016     do {
1017         PySSL_BEGIN_ALLOW_THREADS
1018         ret = SSL_do_handshake(self->ssl);
1019         err = _PySSL_errno(ret < 1, self->ssl, ret);
1020         PySSL_END_ALLOW_THREADS
1021         self->err = err;
1022 
1023         if (PyErr_CheckSignals())
1024             goto error;
1025 
1026         if (has_timeout)
1027             timeout = deadline - _PyTime_GetMonotonicClock();
1028 
1029         if (err.ssl == SSL_ERROR_WANT_READ) {
1030             sockstate = PySSL_select(sock, 0, timeout);
1031         } else if (err.ssl == SSL_ERROR_WANT_WRITE) {
1032             sockstate = PySSL_select(sock, 1, timeout);
1033         } else {
1034             sockstate = SOCKET_OPERATION_OK;
1035         }
1036 
1037         if (sockstate == SOCKET_HAS_TIMED_OUT) {
1038             PyErr_SetString(PySocketModule.timeout_error,
1039                             ERRSTR("The handshake operation timed out"));
1040             goto error;
1041         } else if (sockstate == SOCKET_HAS_BEEN_CLOSED) {
1042             PyErr_SetString(PySSLErrorObject,
1043                             ERRSTR("Underlying socket has been closed."));
1044             goto error;
1045         } else if (sockstate == SOCKET_TOO_LARGE_FOR_SELECT) {
1046             PyErr_SetString(PySSLErrorObject,
1047                             ERRSTR("Underlying socket too large for select()."));
1048             goto error;
1049         } else if (sockstate == SOCKET_IS_NONBLOCKING) {
1050             break;
1051         }
1052     } while (err.ssl == SSL_ERROR_WANT_READ ||
1053              err.ssl == SSL_ERROR_WANT_WRITE);
1054     Py_XDECREF(sock);
1055     if (ret < 1)
1056         return PySSL_SetError(self, ret, __FILE__, __LINE__);
1057 
1058     Py_RETURN_NONE;
1059 
1060 error:
1061     Py_XDECREF(sock);
1062     return NULL;
1063 }
1064 
1065 static PyObject *
_asn1obj2py(const ASN1_OBJECT * name,int no_name)1066 _asn1obj2py(const ASN1_OBJECT *name, int no_name)
1067 {
1068     char buf[X509_NAME_MAXLEN];
1069     char *namebuf = buf;
1070     int buflen;
1071     PyObject *name_obj = NULL;
1072 
1073     buflen = OBJ_obj2txt(namebuf, X509_NAME_MAXLEN, name, no_name);
1074     if (buflen < 0) {
1075         _setSSLError(NULL, 0, __FILE__, __LINE__);
1076         return NULL;
1077     }
1078     /* initial buffer is too small for oid + terminating null byte */
1079     if (buflen > X509_NAME_MAXLEN - 1) {
1080         /* make OBJ_obj2txt() calculate the required buflen */
1081         buflen = OBJ_obj2txt(NULL, 0, name, no_name);
1082         /* allocate len + 1 for terminating NULL byte */
1083         namebuf = PyMem_Malloc(buflen + 1);
1084         if (namebuf == NULL) {
1085             PyErr_NoMemory();
1086             return NULL;
1087         }
1088         buflen = OBJ_obj2txt(namebuf, buflen + 1, name, no_name);
1089         if (buflen < 0) {
1090             _setSSLError(NULL, 0, __FILE__, __LINE__);
1091             goto done;
1092         }
1093     }
1094     if (!buflen && no_name) {
1095         Py_INCREF(Py_None);
1096         name_obj = Py_None;
1097     }
1098     else {
1099         name_obj = PyUnicode_FromStringAndSize(namebuf, buflen);
1100     }
1101 
1102   done:
1103     if (buf != namebuf) {
1104         PyMem_Free(namebuf);
1105     }
1106     return name_obj;
1107 }
1108 
1109 static PyObject *
_create_tuple_for_attribute(ASN1_OBJECT * name,ASN1_STRING * value)1110 _create_tuple_for_attribute(ASN1_OBJECT *name, ASN1_STRING *value)
1111 {
1112     Py_ssize_t buflen;
1113     unsigned char *valuebuf = NULL;
1114     PyObject *attr;
1115 
1116     buflen = ASN1_STRING_to_UTF8(&valuebuf, value);
1117     if (buflen < 0) {
1118         _setSSLError(NULL, 0, __FILE__, __LINE__);
1119         return NULL;
1120     }
1121     attr = Py_BuildValue("Ns#", _asn1obj2py(name, 0), valuebuf, buflen);
1122     OPENSSL_free(valuebuf);
1123     return attr;
1124 }
1125 
1126 static PyObject *
_create_tuple_for_X509_NAME(X509_NAME * xname)1127 _create_tuple_for_X509_NAME (X509_NAME *xname)
1128 {
1129     PyObject *dn = NULL;    /* tuple which represents the "distinguished name" */
1130     PyObject *rdn = NULL;   /* tuple to hold a "relative distinguished name" */
1131     PyObject *rdnt;
1132     PyObject *attr = NULL;   /* tuple to hold an attribute */
1133     int entry_count = X509_NAME_entry_count(xname);
1134     X509_NAME_ENTRY *entry;
1135     ASN1_OBJECT *name;
1136     ASN1_STRING *value;
1137     int index_counter;
1138     int rdn_level = -1;
1139     int retcode;
1140 
1141     dn = PyList_New(0);
1142     if (dn == NULL)
1143         return NULL;
1144     /* now create another tuple to hold the top-level RDN */
1145     rdn = PyList_New(0);
1146     if (rdn == NULL)
1147         goto fail0;
1148 
1149     for (index_counter = 0;
1150          index_counter < entry_count;
1151          index_counter++)
1152     {
1153         entry = X509_NAME_get_entry(xname, index_counter);
1154 
1155         /* check to see if we've gotten to a new RDN */
1156         if (rdn_level >= 0) {
1157             if (rdn_level != X509_NAME_ENTRY_set(entry)) {
1158                 /* yes, new RDN */
1159                 /* add old RDN to DN */
1160                 rdnt = PyList_AsTuple(rdn);
1161                 Py_DECREF(rdn);
1162                 if (rdnt == NULL)
1163                     goto fail0;
1164                 retcode = PyList_Append(dn, rdnt);
1165                 Py_DECREF(rdnt);
1166                 if (retcode < 0)
1167                     goto fail0;
1168                 /* create new RDN */
1169                 rdn = PyList_New(0);
1170                 if (rdn == NULL)
1171                     goto fail0;
1172             }
1173         }
1174         rdn_level = X509_NAME_ENTRY_set(entry);
1175 
1176         /* now add this attribute to the current RDN */
1177         name = X509_NAME_ENTRY_get_object(entry);
1178         value = X509_NAME_ENTRY_get_data(entry);
1179         attr = _create_tuple_for_attribute(name, value);
1180         /*
1181         fprintf(stderr, "RDN level %d, attribute %s: %s\n",
1182             entry->set,
1183             PyBytes_AS_STRING(PyTuple_GET_ITEM(attr, 0)),
1184             PyBytes_AS_STRING(PyTuple_GET_ITEM(attr, 1)));
1185         */
1186         if (attr == NULL)
1187             goto fail1;
1188         retcode = PyList_Append(rdn, attr);
1189         Py_DECREF(attr);
1190         if (retcode < 0)
1191             goto fail1;
1192     }
1193     /* now, there's typically a dangling RDN */
1194     if (rdn != NULL) {
1195         if (PyList_GET_SIZE(rdn) > 0) {
1196             rdnt = PyList_AsTuple(rdn);
1197             Py_DECREF(rdn);
1198             if (rdnt == NULL)
1199                 goto fail0;
1200             retcode = PyList_Append(dn, rdnt);
1201             Py_DECREF(rdnt);
1202             if (retcode < 0)
1203                 goto fail0;
1204         }
1205         else {
1206             Py_DECREF(rdn);
1207         }
1208     }
1209 
1210     /* convert list to tuple */
1211     rdnt = PyList_AsTuple(dn);
1212     Py_DECREF(dn);
1213     if (rdnt == NULL)
1214         return NULL;
1215     return rdnt;
1216 
1217   fail1:
1218     Py_XDECREF(rdn);
1219 
1220   fail0:
1221     Py_XDECREF(dn);
1222     return NULL;
1223 }
1224 
1225 static PyObject *
_get_peer_alt_names(X509 * certificate)1226 _get_peer_alt_names (X509 *certificate) {
1227 
1228     /* this code follows the procedure outlined in
1229        OpenSSL's crypto/x509v3/v3_prn.c:X509v3_EXT_print()
1230        function to extract the STACK_OF(GENERAL_NAME),
1231        then iterates through the stack to add the
1232        names. */
1233 
1234     int j;
1235     PyObject *peer_alt_names = Py_None;
1236     PyObject *v = NULL, *t;
1237     GENERAL_NAMES *names = NULL;
1238     GENERAL_NAME *name;
1239     BIO *biobuf = NULL;
1240     char buf[2048];
1241     char *vptr;
1242     int len;
1243 
1244     if (certificate == NULL)
1245         return peer_alt_names;
1246 
1247     /* get a memory buffer */
1248     biobuf = BIO_new(BIO_s_mem());
1249     if (biobuf == NULL) {
1250         PyErr_SetString(PySSLErrorObject, "failed to allocate BIO");
1251         return NULL;
1252     }
1253 
1254     names = (GENERAL_NAMES *)X509_get_ext_d2i(
1255         certificate, NID_subject_alt_name, NULL, NULL);
1256     if (names != NULL) {
1257         if (peer_alt_names == Py_None) {
1258             peer_alt_names = PyList_New(0);
1259             if (peer_alt_names == NULL)
1260                 goto fail;
1261         }
1262 
1263         for(j = 0; j < sk_GENERAL_NAME_num(names); j++) {
1264             /* get a rendering of each name in the set of names */
1265             int gntype;
1266             ASN1_STRING *as = NULL;
1267 
1268             name = sk_GENERAL_NAME_value(names, j);
1269             gntype = name->type;
1270             switch (gntype) {
1271             case GEN_DIRNAME:
1272                 /* we special-case DirName as a tuple of
1273                    tuples of attributes */
1274 
1275                 t = PyTuple_New(2);
1276                 if (t == NULL) {
1277                     goto fail;
1278                 }
1279 
1280                 v = PyUnicode_FromString("DirName");
1281                 if (v == NULL) {
1282                     Py_DECREF(t);
1283                     goto fail;
1284                 }
1285                 PyTuple_SET_ITEM(t, 0, v);
1286 
1287                 v = _create_tuple_for_X509_NAME (name->d.dirn);
1288                 if (v == NULL) {
1289                     Py_DECREF(t);
1290                     goto fail;
1291                 }
1292                 PyTuple_SET_ITEM(t, 1, v);
1293                 break;
1294 
1295             case GEN_EMAIL:
1296             case GEN_DNS:
1297             case GEN_URI:
1298                 /* GENERAL_NAME_print() doesn't handle NULL bytes in ASN1_string
1299                    correctly, CVE-2013-4238 */
1300                 t = PyTuple_New(2);
1301                 if (t == NULL)
1302                     goto fail;
1303                 switch (gntype) {
1304                 case GEN_EMAIL:
1305                     v = PyUnicode_FromString("email");
1306                     as = name->d.rfc822Name;
1307                     break;
1308                 case GEN_DNS:
1309                     v = PyUnicode_FromString("DNS");
1310                     as = name->d.dNSName;
1311                     break;
1312                 case GEN_URI:
1313                     v = PyUnicode_FromString("URI");
1314                     as = name->d.uniformResourceIdentifier;
1315                     break;
1316                 }
1317                 if (v == NULL) {
1318                     Py_DECREF(t);
1319                     goto fail;
1320                 }
1321                 PyTuple_SET_ITEM(t, 0, v);
1322                 v = PyUnicode_FromStringAndSize((char *)ASN1_STRING_data(as),
1323                                                 ASN1_STRING_length(as));
1324                 if (v == NULL) {
1325                     Py_DECREF(t);
1326                     goto fail;
1327                 }
1328                 PyTuple_SET_ITEM(t, 1, v);
1329                 break;
1330 
1331             case GEN_RID:
1332                 t = PyTuple_New(2);
1333                 if (t == NULL)
1334                     goto fail;
1335 
1336                 v = PyUnicode_FromString("Registered ID");
1337                 if (v == NULL) {
1338                     Py_DECREF(t);
1339                     goto fail;
1340                 }
1341                 PyTuple_SET_ITEM(t, 0, v);
1342 
1343                 len = i2t_ASN1_OBJECT(buf, sizeof(buf)-1, name->d.rid);
1344                 if (len < 0) {
1345                     Py_DECREF(t);
1346                     _setSSLError(NULL, 0, __FILE__, __LINE__);
1347                     goto fail;
1348                 } else if (len >= (int)sizeof(buf)) {
1349                     v = PyUnicode_FromString("<INVALID>");
1350                 } else {
1351                     v = PyUnicode_FromStringAndSize(buf, len);
1352                 }
1353                 if (v == NULL) {
1354                     Py_DECREF(t);
1355                     goto fail;
1356                 }
1357                 PyTuple_SET_ITEM(t, 1, v);
1358                 break;
1359 
1360             default:
1361                 /* for everything else, we use the OpenSSL print form */
1362                 switch (gntype) {
1363                     /* check for new general name type */
1364                     case GEN_OTHERNAME:
1365                     case GEN_X400:
1366                     case GEN_EDIPARTY:
1367                     case GEN_IPADD:
1368                     case GEN_RID:
1369                         break;
1370                     default:
1371                         if (PyErr_WarnFormat(PyExc_RuntimeWarning, 1,
1372                                              "Unknown general name type %d",
1373                                              gntype) == -1) {
1374                             goto fail;
1375                         }
1376                         break;
1377                 }
1378                 (void) BIO_reset(biobuf);
1379                 GENERAL_NAME_print(biobuf, name);
1380                 len = BIO_gets(biobuf, buf, sizeof(buf)-1);
1381                 if (len < 0) {
1382                     _setSSLError(NULL, 0, __FILE__, __LINE__);
1383                     goto fail;
1384                 }
1385                 vptr = strchr(buf, ':');
1386                 if (vptr == NULL) {
1387                     PyErr_Format(PyExc_ValueError,
1388                                  "Invalid value %.200s",
1389                                  buf);
1390                     goto fail;
1391                 }
1392                 t = PyTuple_New(2);
1393                 if (t == NULL)
1394                     goto fail;
1395                 v = PyUnicode_FromStringAndSize(buf, (vptr - buf));
1396                 if (v == NULL) {
1397                     Py_DECREF(t);
1398                     goto fail;
1399                 }
1400                 PyTuple_SET_ITEM(t, 0, v);
1401                 v = PyUnicode_FromStringAndSize((vptr + 1),
1402                                                 (len - (vptr - buf + 1)));
1403                 if (v == NULL) {
1404                     Py_DECREF(t);
1405                     goto fail;
1406                 }
1407                 PyTuple_SET_ITEM(t, 1, v);
1408                 break;
1409             }
1410 
1411             /* and add that rendering to the list */
1412 
1413             if (PyList_Append(peer_alt_names, t) < 0) {
1414                 Py_DECREF(t);
1415                 goto fail;
1416             }
1417             Py_DECREF(t);
1418         }
1419         sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
1420     }
1421     BIO_free(biobuf);
1422     if (peer_alt_names != Py_None) {
1423         v = PyList_AsTuple(peer_alt_names);
1424         Py_DECREF(peer_alt_names);
1425         return v;
1426     } else {
1427         return peer_alt_names;
1428     }
1429 
1430 
1431   fail:
1432     if (biobuf != NULL)
1433         BIO_free(biobuf);
1434 
1435     if (peer_alt_names != Py_None) {
1436         Py_XDECREF(peer_alt_names);
1437     }
1438 
1439     return NULL;
1440 }
1441 
1442 static PyObject *
_get_aia_uri(X509 * certificate,int nid)1443 _get_aia_uri(X509 *certificate, int nid) {
1444     PyObject *lst = NULL, *ostr = NULL;
1445     int i, result;
1446     AUTHORITY_INFO_ACCESS *info;
1447 
1448     info = X509_get_ext_d2i(certificate, NID_info_access, NULL, NULL);
1449     if (info == NULL)
1450         return Py_None;
1451     if (sk_ACCESS_DESCRIPTION_num(info) == 0) {
1452         AUTHORITY_INFO_ACCESS_free(info);
1453         return Py_None;
1454     }
1455 
1456     if ((lst = PyList_New(0)) == NULL) {
1457         goto fail;
1458     }
1459 
1460     for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {
1461         ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
1462         ASN1_IA5STRING *uri;
1463 
1464         if ((OBJ_obj2nid(ad->method) != nid) ||
1465                 (ad->location->type != GEN_URI)) {
1466             continue;
1467         }
1468         uri = ad->location->d.uniformResourceIdentifier;
1469         ostr = PyUnicode_FromStringAndSize((char *)uri->data,
1470                                            uri->length);
1471         if (ostr == NULL) {
1472             goto fail;
1473         }
1474         result = PyList_Append(lst, ostr);
1475         Py_DECREF(ostr);
1476         if (result < 0) {
1477             goto fail;
1478         }
1479     }
1480     AUTHORITY_INFO_ACCESS_free(info);
1481 
1482     /* convert to tuple or None */
1483     if (PyList_Size(lst) == 0) {
1484         Py_DECREF(lst);
1485         return Py_None;
1486     } else {
1487         PyObject *tup;
1488         tup = PyList_AsTuple(lst);
1489         Py_DECREF(lst);
1490         return tup;
1491     }
1492 
1493   fail:
1494     AUTHORITY_INFO_ACCESS_free(info);
1495     Py_XDECREF(lst);
1496     return NULL;
1497 }
1498 
1499 static PyObject *
_get_crl_dp(X509 * certificate)1500 _get_crl_dp(X509 *certificate) {
1501     STACK_OF(DIST_POINT) *dps;
1502     int i, j;
1503     PyObject *lst, *res = NULL;
1504 
1505     dps = X509_get_ext_d2i(certificate, NID_crl_distribution_points, NULL, NULL);
1506 
1507     if (dps == NULL)
1508         return Py_None;
1509 
1510     lst = PyList_New(0);
1511     if (lst == NULL)
1512         goto done;
1513 
1514     for (i=0; i < sk_DIST_POINT_num(dps); i++) {
1515         DIST_POINT *dp;
1516         STACK_OF(GENERAL_NAME) *gns;
1517 
1518         dp = sk_DIST_POINT_value(dps, i);
1519         if (dp->distpoint == NULL) {
1520             /* Ignore empty DP value, CVE-2019-5010 */
1521             continue;
1522         }
1523         gns = dp->distpoint->name.fullname;
1524 
1525         for (j=0; j < sk_GENERAL_NAME_num(gns); j++) {
1526             GENERAL_NAME *gn;
1527             ASN1_IA5STRING *uri;
1528             PyObject *ouri;
1529             int err;
1530 
1531             gn = sk_GENERAL_NAME_value(gns, j);
1532             if (gn->type != GEN_URI) {
1533                 continue;
1534             }
1535             uri = gn->d.uniformResourceIdentifier;
1536             ouri = PyUnicode_FromStringAndSize((char *)uri->data,
1537                                                uri->length);
1538             if (ouri == NULL)
1539                 goto done;
1540 
1541             err = PyList_Append(lst, ouri);
1542             Py_DECREF(ouri);
1543             if (err < 0)
1544                 goto done;
1545         }
1546     }
1547 
1548     /* Convert to tuple. */
1549     res = (PyList_GET_SIZE(lst) > 0) ? PyList_AsTuple(lst) : Py_None;
1550 
1551   done:
1552     Py_XDECREF(lst);
1553     CRL_DIST_POINTS_free(dps);
1554     return res;
1555 }
1556 
1557 static PyObject *
_decode_certificate(X509 * certificate)1558 _decode_certificate(X509 *certificate) {
1559 
1560     PyObject *retval = NULL;
1561     BIO *biobuf = NULL;
1562     PyObject *peer;
1563     PyObject *peer_alt_names = NULL;
1564     PyObject *issuer;
1565     PyObject *version;
1566     PyObject *sn_obj;
1567     PyObject *obj;
1568     ASN1_INTEGER *serialNumber;
1569     char buf[2048];
1570     int len, result;
1571     ASN1_TIME *notBefore, *notAfter;
1572     PyObject *pnotBefore, *pnotAfter;
1573 
1574     retval = PyDict_New();
1575     if (retval == NULL)
1576         return NULL;
1577 
1578     peer = _create_tuple_for_X509_NAME(
1579         X509_get_subject_name(certificate));
1580     if (peer == NULL)
1581         goto fail0;
1582     if (PyDict_SetItemString(retval, (const char *) "subject", peer) < 0) {
1583         Py_DECREF(peer);
1584         goto fail0;
1585     }
1586     Py_DECREF(peer);
1587 
1588     issuer = _create_tuple_for_X509_NAME(
1589         X509_get_issuer_name(certificate));
1590     if (issuer == NULL)
1591         goto fail0;
1592     if (PyDict_SetItemString(retval, (const char *)"issuer", issuer) < 0) {
1593         Py_DECREF(issuer);
1594         goto fail0;
1595     }
1596     Py_DECREF(issuer);
1597 
1598     version = PyLong_FromLong(X509_get_version(certificate) + 1);
1599     if (version == NULL)
1600         goto fail0;
1601     if (PyDict_SetItemString(retval, "version", version) < 0) {
1602         Py_DECREF(version);
1603         goto fail0;
1604     }
1605     Py_DECREF(version);
1606 
1607     /* get a memory buffer */
1608     biobuf = BIO_new(BIO_s_mem());
1609     if (biobuf == NULL) {
1610         PyErr_SetString(PySSLErrorObject, "failed to allocate BIO");
1611         goto fail0;
1612     }
1613 
1614     (void) BIO_reset(biobuf);
1615     serialNumber = X509_get_serialNumber(certificate);
1616     /* should not exceed 20 octets, 160 bits, so buf is big enough */
1617     i2a_ASN1_INTEGER(biobuf, serialNumber);
1618     len = BIO_gets(biobuf, buf, sizeof(buf)-1);
1619     if (len < 0) {
1620         _setSSLError(NULL, 0, __FILE__, __LINE__);
1621         goto fail1;
1622     }
1623     sn_obj = PyUnicode_FromStringAndSize(buf, len);
1624     if (sn_obj == NULL)
1625         goto fail1;
1626     if (PyDict_SetItemString(retval, "serialNumber", sn_obj) < 0) {
1627         Py_DECREF(sn_obj);
1628         goto fail1;
1629     }
1630     Py_DECREF(sn_obj);
1631 
1632     (void) BIO_reset(biobuf);
1633     notBefore = X509_get_notBefore(certificate);
1634     ASN1_TIME_print(biobuf, notBefore);
1635     len = BIO_gets(biobuf, buf, sizeof(buf)-1);
1636     if (len < 0) {
1637         _setSSLError(NULL, 0, __FILE__, __LINE__);
1638         goto fail1;
1639     }
1640     pnotBefore = PyUnicode_FromStringAndSize(buf, len);
1641     if (pnotBefore == NULL)
1642         goto fail1;
1643     if (PyDict_SetItemString(retval, "notBefore", pnotBefore) < 0) {
1644         Py_DECREF(pnotBefore);
1645         goto fail1;
1646     }
1647     Py_DECREF(pnotBefore);
1648 
1649     (void) BIO_reset(biobuf);
1650     notAfter = X509_get_notAfter(certificate);
1651     ASN1_TIME_print(biobuf, notAfter);
1652     len = BIO_gets(biobuf, buf, sizeof(buf)-1);
1653     if (len < 0) {
1654         _setSSLError(NULL, 0, __FILE__, __LINE__);
1655         goto fail1;
1656     }
1657     pnotAfter = PyUnicode_FromStringAndSize(buf, len);
1658     if (pnotAfter == NULL)
1659         goto fail1;
1660     if (PyDict_SetItemString(retval, "notAfter", pnotAfter) < 0) {
1661         Py_DECREF(pnotAfter);
1662         goto fail1;
1663     }
1664     Py_DECREF(pnotAfter);
1665 
1666     /* Now look for subjectAltName */
1667 
1668     peer_alt_names = _get_peer_alt_names(certificate);
1669     if (peer_alt_names == NULL)
1670         goto fail1;
1671     else if (peer_alt_names != Py_None) {
1672         if (PyDict_SetItemString(retval, "subjectAltName",
1673                                  peer_alt_names) < 0) {
1674             Py_DECREF(peer_alt_names);
1675             goto fail1;
1676         }
1677         Py_DECREF(peer_alt_names);
1678     }
1679 
1680     /* Authority Information Access: OCSP URIs */
1681     obj = _get_aia_uri(certificate, NID_ad_OCSP);
1682     if (obj == NULL) {
1683         goto fail1;
1684     } else if (obj != Py_None) {
1685         result = PyDict_SetItemString(retval, "OCSP", obj);
1686         Py_DECREF(obj);
1687         if (result < 0) {
1688             goto fail1;
1689         }
1690     }
1691 
1692     obj = _get_aia_uri(certificate, NID_ad_ca_issuers);
1693     if (obj == NULL) {
1694         goto fail1;
1695     } else if (obj != Py_None) {
1696         result = PyDict_SetItemString(retval, "caIssuers", obj);
1697         Py_DECREF(obj);
1698         if (result < 0) {
1699             goto fail1;
1700         }
1701     }
1702 
1703     /* CDP (CRL distribution points) */
1704     obj = _get_crl_dp(certificate);
1705     if (obj == NULL) {
1706         goto fail1;
1707     } else if (obj != Py_None) {
1708         result = PyDict_SetItemString(retval, "crlDistributionPoints", obj);
1709         Py_DECREF(obj);
1710         if (result < 0) {
1711             goto fail1;
1712         }
1713     }
1714 
1715     BIO_free(biobuf);
1716     return retval;
1717 
1718   fail1:
1719     if (biobuf != NULL)
1720         BIO_free(biobuf);
1721   fail0:
1722     Py_XDECREF(retval);
1723     return NULL;
1724 }
1725 
1726 static PyObject *
_certificate_to_der(X509 * certificate)1727 _certificate_to_der(X509 *certificate)
1728 {
1729     unsigned char *bytes_buf = NULL;
1730     int len;
1731     PyObject *retval;
1732 
1733     bytes_buf = NULL;
1734     len = i2d_X509(certificate, &bytes_buf);
1735     if (len < 0) {
1736         _setSSLError(NULL, 0, __FILE__, __LINE__);
1737         return NULL;
1738     }
1739     /* this is actually an immutable bytes sequence */
1740     retval = PyBytes_FromStringAndSize((const char *) bytes_buf, len);
1741     OPENSSL_free(bytes_buf);
1742     return retval;
1743 }
1744 
1745 /*[clinic input]
1746 _ssl._test_decode_cert
1747     path: object(converter="PyUnicode_FSConverter")
1748     /
1749 
1750 [clinic start generated code]*/
1751 
1752 static PyObject *
_ssl__test_decode_cert_impl(PyObject * module,PyObject * path)1753 _ssl__test_decode_cert_impl(PyObject *module, PyObject *path)
1754 /*[clinic end generated code: output=96becb9abb23c091 input=cdeaaf02d4346628]*/
1755 {
1756     PyObject *retval = NULL;
1757     X509 *x=NULL;
1758     BIO *cert;
1759 
1760     if ((cert=BIO_new(BIO_s_file())) == NULL) {
1761         PyErr_SetString(PySSLErrorObject,
1762                         "Can't malloc memory to read file");
1763         goto fail0;
1764     }
1765 
1766     if (BIO_read_filename(cert, PyBytes_AsString(path)) <= 0) {
1767         PyErr_SetString(PySSLErrorObject,
1768                         "Can't open file");
1769         goto fail0;
1770     }
1771 
1772     x = PEM_read_bio_X509_AUX(cert,NULL, NULL, NULL);
1773     if (x == NULL) {
1774         PyErr_SetString(PySSLErrorObject,
1775                         "Error decoding PEM-encoded file");
1776         goto fail0;
1777     }
1778 
1779     retval = _decode_certificate(x);
1780     X509_free(x);
1781 
1782   fail0:
1783     Py_DECREF(path);
1784     if (cert != NULL) BIO_free(cert);
1785     return retval;
1786 }
1787 
1788 
1789 /*[clinic input]
1790 _ssl._SSLSocket.getpeercert
1791     der as binary_mode: bool = False
1792     /
1793 
1794 Returns the certificate for the peer.
1795 
1796 If no certificate was provided, returns None.  If a certificate was
1797 provided, but not validated, returns an empty dictionary.  Otherwise
1798 returns a dict containing information about the peer certificate.
1799 
1800 If the optional argument is True, returns a DER-encoded copy of the
1801 peer certificate, or None if no certificate was provided.  This will
1802 return the certificate even if it wasn't validated.
1803 [clinic start generated code]*/
1804 
1805 static PyObject *
_ssl__SSLSocket_getpeercert_impl(PySSLSocket * self,int binary_mode)1806 _ssl__SSLSocket_getpeercert_impl(PySSLSocket *self, int binary_mode)
1807 /*[clinic end generated code: output=1f0ab66dfb693c88 input=c0fbe802e57629b7]*/
1808 {
1809     int verification;
1810     X509 *peer_cert;
1811     PyObject *result;
1812 
1813     if (!SSL_is_init_finished(self->ssl)) {
1814         PyErr_SetString(PyExc_ValueError,
1815                         "handshake not done yet");
1816         return NULL;
1817     }
1818     peer_cert = SSL_get_peer_certificate(self->ssl);
1819     if (peer_cert == NULL)
1820         Py_RETURN_NONE;
1821 
1822     if (binary_mode) {
1823         /* return cert in DER-encoded format */
1824         result = _certificate_to_der(peer_cert);
1825     } else {
1826         verification = SSL_CTX_get_verify_mode(SSL_get_SSL_CTX(self->ssl));
1827         if ((verification & SSL_VERIFY_PEER) == 0)
1828             result = PyDict_New();
1829         else
1830             result = _decode_certificate(peer_cert);
1831     }
1832     X509_free(peer_cert);
1833     return result;
1834 }
1835 
1836 static PyObject *
cipher_to_tuple(const SSL_CIPHER * cipher)1837 cipher_to_tuple(const SSL_CIPHER *cipher)
1838 {
1839     const char *cipher_name, *cipher_protocol;
1840     PyObject *v, *retval = PyTuple_New(3);
1841     if (retval == NULL)
1842         return NULL;
1843 
1844     cipher_name = SSL_CIPHER_get_name(cipher);
1845     if (cipher_name == NULL) {
1846         Py_INCREF(Py_None);
1847         PyTuple_SET_ITEM(retval, 0, Py_None);
1848     } else {
1849         v = PyUnicode_FromString(cipher_name);
1850         if (v == NULL)
1851             goto fail;
1852         PyTuple_SET_ITEM(retval, 0, v);
1853     }
1854 
1855     cipher_protocol = SSL_CIPHER_get_version(cipher);
1856     if (cipher_protocol == NULL) {
1857         Py_INCREF(Py_None);
1858         PyTuple_SET_ITEM(retval, 1, Py_None);
1859     } else {
1860         v = PyUnicode_FromString(cipher_protocol);
1861         if (v == NULL)
1862             goto fail;
1863         PyTuple_SET_ITEM(retval, 1, v);
1864     }
1865 
1866     v = PyLong_FromLong(SSL_CIPHER_get_bits(cipher, NULL));
1867     if (v == NULL)
1868         goto fail;
1869     PyTuple_SET_ITEM(retval, 2, v);
1870 
1871     return retval;
1872 
1873   fail:
1874     Py_DECREF(retval);
1875     return NULL;
1876 }
1877 
1878 #if OPENSSL_VERSION_NUMBER >= 0x10002000UL
1879 static PyObject *
cipher_to_dict(const SSL_CIPHER * cipher)1880 cipher_to_dict(const SSL_CIPHER *cipher)
1881 {
1882     const char *cipher_name, *cipher_protocol;
1883 
1884     unsigned long cipher_id;
1885     int alg_bits, strength_bits, len;
1886     char buf[512] = {0};
1887 #if OPENSSL_VERSION_1_1
1888     int aead, nid;
1889     const char *skcipher = NULL, *digest = NULL, *kx = NULL, *auth = NULL;
1890 #endif
1891 
1892     /* can be NULL */
1893     cipher_name = SSL_CIPHER_get_name(cipher);
1894     cipher_protocol = SSL_CIPHER_get_version(cipher);
1895     cipher_id = SSL_CIPHER_get_id(cipher);
1896     SSL_CIPHER_description(cipher, buf, sizeof(buf) - 1);
1897     /* Downcast to avoid a warning. Safe since buf is always 512 bytes */
1898     len = (int)strlen(buf);
1899     if (len > 1 && buf[len-1] == '\n')
1900         buf[len-1] = '\0';
1901     strength_bits = SSL_CIPHER_get_bits(cipher, &alg_bits);
1902 
1903 #if OPENSSL_VERSION_1_1
1904     aead = SSL_CIPHER_is_aead(cipher);
1905     nid = SSL_CIPHER_get_cipher_nid(cipher);
1906     skcipher = nid != NID_undef ? OBJ_nid2ln(nid) : NULL;
1907     nid = SSL_CIPHER_get_digest_nid(cipher);
1908     digest = nid != NID_undef ? OBJ_nid2ln(nid) : NULL;
1909     nid = SSL_CIPHER_get_kx_nid(cipher);
1910     kx = nid != NID_undef ? OBJ_nid2ln(nid) : NULL;
1911     nid = SSL_CIPHER_get_auth_nid(cipher);
1912     auth = nid != NID_undef ? OBJ_nid2ln(nid) : NULL;
1913 #endif
1914 
1915     return Py_BuildValue(
1916         "{sksssssssisi"
1917 #if OPENSSL_VERSION_1_1
1918         "sOssssssss"
1919 #endif
1920         "}",
1921         "id", cipher_id,
1922         "name", cipher_name,
1923         "protocol", cipher_protocol,
1924         "description", buf,
1925         "strength_bits", strength_bits,
1926         "alg_bits", alg_bits
1927 #if OPENSSL_VERSION_1_1
1928         ,"aead", aead ? Py_True : Py_False,
1929         "symmetric", skcipher,
1930         "digest", digest,
1931         "kea", kx,
1932         "auth", auth
1933 #endif
1934        );
1935 }
1936 #endif
1937 
1938 /*[clinic input]
1939 _ssl._SSLSocket.shared_ciphers
1940 [clinic start generated code]*/
1941 
1942 static PyObject *
_ssl__SSLSocket_shared_ciphers_impl(PySSLSocket * self)1943 _ssl__SSLSocket_shared_ciphers_impl(PySSLSocket *self)
1944 /*[clinic end generated code: output=3d174ead2e42c4fd input=0bfe149da8fe6306]*/
1945 {
1946     STACK_OF(SSL_CIPHER) *ciphers;
1947     int i;
1948     PyObject *res;
1949 
1950     ciphers = SSL_get_ciphers(self->ssl);
1951     if (!ciphers)
1952         Py_RETURN_NONE;
1953     res = PyList_New(sk_SSL_CIPHER_num(ciphers));
1954     if (!res)
1955         return NULL;
1956     for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
1957         PyObject *tup = cipher_to_tuple(sk_SSL_CIPHER_value(ciphers, i));
1958         if (!tup) {
1959             Py_DECREF(res);
1960             return NULL;
1961         }
1962         PyList_SET_ITEM(res, i, tup);
1963     }
1964     return res;
1965 }
1966 
1967 /*[clinic input]
1968 _ssl._SSLSocket.cipher
1969 [clinic start generated code]*/
1970 
1971 static PyObject *
_ssl__SSLSocket_cipher_impl(PySSLSocket * self)1972 _ssl__SSLSocket_cipher_impl(PySSLSocket *self)
1973 /*[clinic end generated code: output=376417c16d0e5815 input=548fb0e27243796d]*/
1974 {
1975     const SSL_CIPHER *current;
1976 
1977     if (self->ssl == NULL)
1978         Py_RETURN_NONE;
1979     current = SSL_get_current_cipher(self->ssl);
1980     if (current == NULL)
1981         Py_RETURN_NONE;
1982     return cipher_to_tuple(current);
1983 }
1984 
1985 /*[clinic input]
1986 _ssl._SSLSocket.version
1987 [clinic start generated code]*/
1988 
1989 static PyObject *
_ssl__SSLSocket_version_impl(PySSLSocket * self)1990 _ssl__SSLSocket_version_impl(PySSLSocket *self)
1991 /*[clinic end generated code: output=178aed33193b2cdb input=900186a503436fd6]*/
1992 {
1993     const char *version;
1994 
1995     if (self->ssl == NULL)
1996         Py_RETURN_NONE;
1997     if (!SSL_is_init_finished(self->ssl)) {
1998         /* handshake not finished */
1999         Py_RETURN_NONE;
2000     }
2001     version = SSL_get_version(self->ssl);
2002     if (!strcmp(version, "unknown"))
2003         Py_RETURN_NONE;
2004     return PyUnicode_FromString(version);
2005 }
2006 
2007 #if HAVE_NPN
2008 /*[clinic input]
2009 _ssl._SSLSocket.selected_npn_protocol
2010 [clinic start generated code]*/
2011 
2012 static PyObject *
_ssl__SSLSocket_selected_npn_protocol_impl(PySSLSocket * self)2013 _ssl__SSLSocket_selected_npn_protocol_impl(PySSLSocket *self)
2014 /*[clinic end generated code: output=b91d494cd207ecf6 input=c28fde139204b826]*/
2015 {
2016     const unsigned char *out;
2017     unsigned int outlen;
2018 
2019     SSL_get0_next_proto_negotiated(self->ssl,
2020                                    &out, &outlen);
2021 
2022     if (out == NULL)
2023         Py_RETURN_NONE;
2024     return PyUnicode_FromStringAndSize((char *)out, outlen);
2025 }
2026 #endif
2027 
2028 #if HAVE_ALPN
2029 /*[clinic input]
2030 _ssl._SSLSocket.selected_alpn_protocol
2031 [clinic start generated code]*/
2032 
2033 static PyObject *
_ssl__SSLSocket_selected_alpn_protocol_impl(PySSLSocket * self)2034 _ssl__SSLSocket_selected_alpn_protocol_impl(PySSLSocket *self)
2035 /*[clinic end generated code: output=ec33688b303d250f input=442de30e35bc2913]*/
2036 {
2037     const unsigned char *out;
2038     unsigned int outlen;
2039 
2040     SSL_get0_alpn_selected(self->ssl, &out, &outlen);
2041 
2042     if (out == NULL)
2043         Py_RETURN_NONE;
2044     return PyUnicode_FromStringAndSize((char *)out, outlen);
2045 }
2046 #endif
2047 
2048 /*[clinic input]
2049 _ssl._SSLSocket.compression
2050 [clinic start generated code]*/
2051 
2052 static PyObject *
_ssl__SSLSocket_compression_impl(PySSLSocket * self)2053 _ssl__SSLSocket_compression_impl(PySSLSocket *self)
2054 /*[clinic end generated code: output=bd16cb1bb4646ae7 input=5d059d0a2bbc32c8]*/
2055 {
2056 #ifdef OPENSSL_NO_COMP
2057     Py_RETURN_NONE;
2058 #else
2059     const COMP_METHOD *comp_method;
2060     const char *short_name;
2061 
2062     if (self->ssl == NULL)
2063         Py_RETURN_NONE;
2064     comp_method = SSL_get_current_compression(self->ssl);
2065     if (comp_method == NULL || COMP_get_type(comp_method) == NID_undef)
2066         Py_RETURN_NONE;
2067     short_name = OBJ_nid2sn(COMP_get_type(comp_method));
2068     if (short_name == NULL)
2069         Py_RETURN_NONE;
2070     return PyUnicode_DecodeFSDefault(short_name);
2071 #endif
2072 }
2073 
PySSL_get_context(PySSLSocket * self,void * closure)2074 static PySSLContext *PySSL_get_context(PySSLSocket *self, void *closure) {
2075     Py_INCREF(self->ctx);
2076     return self->ctx;
2077 }
2078 
PySSL_set_context(PySSLSocket * self,PyObject * value,void * closure)2079 static int PySSL_set_context(PySSLSocket *self, PyObject *value,
2080                                    void *closure) {
2081 
2082     if (PyObject_TypeCheck(value, &PySSLContext_Type)) {
2083 #if !HAVE_SNI
2084         PyErr_SetString(PyExc_NotImplementedError, "setting a socket's "
2085                         "context is not supported by your OpenSSL library");
2086         return -1;
2087 #else
2088         Py_INCREF(value);
2089         Py_SETREF(self->ctx, (PySSLContext *)value);
2090         SSL_set_SSL_CTX(self->ssl, self->ctx->ctx);
2091 #endif
2092     } else {
2093         PyErr_SetString(PyExc_TypeError, "The value must be a SSLContext");
2094         return -1;
2095     }
2096 
2097     return 0;
2098 }
2099 
2100 PyDoc_STRVAR(PySSL_set_context_doc,
2101 "_setter_context(ctx)\n\
2102 \
2103 This changes the context associated with the SSLSocket. This is typically\n\
2104 used from within a callback function set by the sni_callback\n\
2105 on the SSLContext to change the certificate information associated with the\n\
2106 SSLSocket before the cryptographic exchange handshake messages\n");
2107 
2108 
2109 static PyObject *
PySSL_get_server_side(PySSLSocket * self,void * c)2110 PySSL_get_server_side(PySSLSocket *self, void *c)
2111 {
2112     return PyBool_FromLong(self->socket_type == PY_SSL_SERVER);
2113 }
2114 
2115 PyDoc_STRVAR(PySSL_get_server_side_doc,
2116 "Whether this is a server-side socket.");
2117 
2118 static PyObject *
PySSL_get_server_hostname(PySSLSocket * self,void * c)2119 PySSL_get_server_hostname(PySSLSocket *self, void *c)
2120 {
2121     if (self->server_hostname == NULL)
2122         Py_RETURN_NONE;
2123     Py_INCREF(self->server_hostname);
2124     return self->server_hostname;
2125 }
2126 
2127 PyDoc_STRVAR(PySSL_get_server_hostname_doc,
2128 "The currently set server hostname (for SNI).");
2129 
2130 static PyObject *
PySSL_get_owner(PySSLSocket * self,void * c)2131 PySSL_get_owner(PySSLSocket *self, void *c)
2132 {
2133     PyObject *owner;
2134 
2135     if (self->owner == NULL)
2136         Py_RETURN_NONE;
2137 
2138     owner = PyWeakref_GetObject(self->owner);
2139     Py_INCREF(owner);
2140     return owner;
2141 }
2142 
2143 static int
PySSL_set_owner(PySSLSocket * self,PyObject * value,void * c)2144 PySSL_set_owner(PySSLSocket *self, PyObject *value, void *c)
2145 {
2146     Py_XSETREF(self->owner, PyWeakref_NewRef(value, NULL));
2147     if (self->owner == NULL)
2148         return -1;
2149     return 0;
2150 }
2151 
2152 PyDoc_STRVAR(PySSL_get_owner_doc,
2153 "The Python-level owner of this object.\
2154 Passed as \"self\" in servername callback.");
2155 
2156 
PySSL_dealloc(PySSLSocket * self)2157 static void PySSL_dealloc(PySSLSocket *self)
2158 {
2159     if (self->ssl)
2160         SSL_free(self->ssl);
2161     Py_XDECREF(self->Socket);
2162     Py_XDECREF(self->ctx);
2163     Py_XDECREF(self->server_hostname);
2164     Py_XDECREF(self->owner);
2165     PyObject_Del(self);
2166 }
2167 
2168 /* If the socket has a timeout, do a select()/poll() on the socket.
2169    The argument writing indicates the direction.
2170    Returns one of the possibilities in the timeout_state enum (above).
2171  */
2172 
2173 static int
PySSL_select(PySocketSockObject * s,int writing,_PyTime_t timeout)2174 PySSL_select(PySocketSockObject *s, int writing, _PyTime_t timeout)
2175 {
2176     int rc;
2177 #ifdef HAVE_POLL
2178     struct pollfd pollfd;
2179     _PyTime_t ms;
2180 #else
2181     int nfds;
2182     fd_set fds;
2183     struct timeval tv;
2184 #endif
2185 
2186     /* Nothing to do unless we're in timeout mode (not non-blocking) */
2187     if ((s == NULL) || (timeout == 0))
2188         return SOCKET_IS_NONBLOCKING;
2189     else if (timeout < 0) {
2190         if (s->sock_timeout > 0)
2191             return SOCKET_HAS_TIMED_OUT;
2192         else
2193             return SOCKET_IS_BLOCKING;
2194     }
2195 
2196     /* Guard against closed socket */
2197     if (s->sock_fd == INVALID_SOCKET)
2198         return SOCKET_HAS_BEEN_CLOSED;
2199 
2200     /* Prefer poll, if available, since you can poll() any fd
2201      * which can't be done with select(). */
2202 #ifdef HAVE_POLL
2203     pollfd.fd = s->sock_fd;
2204     pollfd.events = writing ? POLLOUT : POLLIN;
2205 
2206     /* timeout is in seconds, poll() uses milliseconds */
2207     ms = (int)_PyTime_AsMilliseconds(timeout, _PyTime_ROUND_CEILING);
2208     assert(ms <= INT_MAX);
2209 
2210     PySSL_BEGIN_ALLOW_THREADS
2211     rc = poll(&pollfd, 1, (int)ms);
2212     PySSL_END_ALLOW_THREADS
2213 #else
2214     /* Guard against socket too large for select*/
2215     if (!_PyIsSelectable_fd(s->sock_fd))
2216         return SOCKET_TOO_LARGE_FOR_SELECT;
2217 
2218     _PyTime_AsTimeval_noraise(timeout, &tv, _PyTime_ROUND_CEILING);
2219 
2220     FD_ZERO(&fds);
2221     FD_SET(s->sock_fd, &fds);
2222 
2223     /* Wait until the socket becomes ready */
2224     PySSL_BEGIN_ALLOW_THREADS
2225     nfds = Py_SAFE_DOWNCAST(s->sock_fd+1, SOCKET_T, int);
2226     if (writing)
2227         rc = select(nfds, NULL, &fds, NULL, &tv);
2228     else
2229         rc = select(nfds, &fds, NULL, NULL, &tv);
2230     PySSL_END_ALLOW_THREADS
2231 #endif
2232 
2233     /* Return SOCKET_TIMED_OUT on timeout, SOCKET_OPERATION_OK otherwise
2234        (when we are able to write or when there's something to read) */
2235     return rc == 0 ? SOCKET_HAS_TIMED_OUT : SOCKET_OPERATION_OK;
2236 }
2237 
2238 /*[clinic input]
2239 _ssl._SSLSocket.write
2240     b: Py_buffer
2241     /
2242 
2243 Writes the bytes-like object b into the SSL object.
2244 
2245 Returns the number of bytes written.
2246 [clinic start generated code]*/
2247 
2248 static PyObject *
_ssl__SSLSocket_write_impl(PySSLSocket * self,Py_buffer * b)2249 _ssl__SSLSocket_write_impl(PySSLSocket *self, Py_buffer *b)
2250 /*[clinic end generated code: output=aa7a6be5527358d8 input=77262d994fe5100a]*/
2251 {
2252     int len;
2253     int sockstate;
2254     _PySSLError err;
2255     int nonblocking;
2256     PySocketSockObject *sock = GET_SOCKET(self);
2257     _PyTime_t timeout, deadline = 0;
2258     int has_timeout;
2259 
2260     if (sock != NULL) {
2261         if (((PyObject*)sock) == Py_None) {
2262             _setSSLError("Underlying socket connection gone",
2263                          PY_SSL_ERROR_NO_SOCKET, __FILE__, __LINE__);
2264             return NULL;
2265         }
2266         Py_INCREF(sock);
2267     }
2268 
2269     if (b->len > INT_MAX) {
2270         PyErr_Format(PyExc_OverflowError,
2271                      "string longer than %d bytes", INT_MAX);
2272         goto error;
2273     }
2274 
2275     if (sock != NULL) {
2276         /* just in case the blocking state of the socket has been changed */
2277         nonblocking = (sock->sock_timeout >= 0);
2278         BIO_set_nbio(SSL_get_rbio(self->ssl), nonblocking);
2279         BIO_set_nbio(SSL_get_wbio(self->ssl), nonblocking);
2280     }
2281 
2282     timeout = GET_SOCKET_TIMEOUT(sock);
2283     has_timeout = (timeout > 0);
2284     if (has_timeout)
2285         deadline = _PyTime_GetMonotonicClock() + timeout;
2286 
2287     sockstate = PySSL_select(sock, 1, timeout);
2288     if (sockstate == SOCKET_HAS_TIMED_OUT) {
2289         PyErr_SetString(PySocketModule.timeout_error,
2290                         "The write operation timed out");
2291         goto error;
2292     } else if (sockstate == SOCKET_HAS_BEEN_CLOSED) {
2293         PyErr_SetString(PySSLErrorObject,
2294                         "Underlying socket has been closed.");
2295         goto error;
2296     } else if (sockstate == SOCKET_TOO_LARGE_FOR_SELECT) {
2297         PyErr_SetString(PySSLErrorObject,
2298                         "Underlying socket too large for select().");
2299         goto error;
2300     }
2301 
2302     do {
2303         PySSL_BEGIN_ALLOW_THREADS
2304         len = SSL_write(self->ssl, b->buf, (int)b->len);
2305         err = _PySSL_errno(len <= 0, self->ssl, len);
2306         PySSL_END_ALLOW_THREADS
2307         self->err = err;
2308 
2309         if (PyErr_CheckSignals())
2310             goto error;
2311 
2312         if (has_timeout)
2313             timeout = deadline - _PyTime_GetMonotonicClock();
2314 
2315         if (err.ssl == SSL_ERROR_WANT_READ) {
2316             sockstate = PySSL_select(sock, 0, timeout);
2317         } else if (err.ssl == SSL_ERROR_WANT_WRITE) {
2318             sockstate = PySSL_select(sock, 1, timeout);
2319         } else {
2320             sockstate = SOCKET_OPERATION_OK;
2321         }
2322 
2323         if (sockstate == SOCKET_HAS_TIMED_OUT) {
2324             PyErr_SetString(PySocketModule.timeout_error,
2325                             "The write operation timed out");
2326             goto error;
2327         } else if (sockstate == SOCKET_HAS_BEEN_CLOSED) {
2328             PyErr_SetString(PySSLErrorObject,
2329                             "Underlying socket has been closed.");
2330             goto error;
2331         } else if (sockstate == SOCKET_IS_NONBLOCKING) {
2332             break;
2333         }
2334     } while (err.ssl == SSL_ERROR_WANT_READ ||
2335              err.ssl == SSL_ERROR_WANT_WRITE);
2336 
2337     Py_XDECREF(sock);
2338     if (len > 0)
2339         return PyLong_FromLong(len);
2340     else
2341         return PySSL_SetError(self, len, __FILE__, __LINE__);
2342 
2343 error:
2344     Py_XDECREF(sock);
2345     return NULL;
2346 }
2347 
2348 /*[clinic input]
2349 _ssl._SSLSocket.pending
2350 
2351 Returns the number of already decrypted bytes available for read, pending on the connection.
2352 [clinic start generated code]*/
2353 
2354 static PyObject *
_ssl__SSLSocket_pending_impl(PySSLSocket * self)2355 _ssl__SSLSocket_pending_impl(PySSLSocket *self)
2356 /*[clinic end generated code: output=983d9fecdc308a83 input=2b77487d6dfd597f]*/
2357 {
2358     int count = 0;
2359     _PySSLError err;
2360 
2361     PySSL_BEGIN_ALLOW_THREADS
2362     count = SSL_pending(self->ssl);
2363     err = _PySSL_errno(count < 0, self->ssl, count);
2364     PySSL_END_ALLOW_THREADS
2365     self->err = err;
2366 
2367     if (count < 0)
2368         return PySSL_SetError(self, count, __FILE__, __LINE__);
2369     else
2370         return PyLong_FromLong(count);
2371 }
2372 
2373 /*[clinic input]
2374 _ssl._SSLSocket.read
2375     size as len: int
2376     [
2377     buffer: Py_buffer(accept={rwbuffer})
2378     ]
2379     /
2380 
2381 Read up to size bytes from the SSL socket.
2382 [clinic start generated code]*/
2383 
2384 static PyObject *
_ssl__SSLSocket_read_impl(PySSLSocket * self,int len,int group_right_1,Py_buffer * buffer)2385 _ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1,
2386                           Py_buffer *buffer)
2387 /*[clinic end generated code: output=00097776cec2a0af input=ff157eb918d0905b]*/
2388 {
2389     PyObject *dest = NULL;
2390     char *mem;
2391     int count;
2392     int sockstate;
2393     _PySSLError err;
2394     int nonblocking;
2395     PySocketSockObject *sock = GET_SOCKET(self);
2396     _PyTime_t timeout, deadline = 0;
2397     int has_timeout;
2398 
2399     if (!group_right_1 && len < 0) {
2400         PyErr_SetString(PyExc_ValueError, "size should not be negative");
2401         return NULL;
2402     }
2403 
2404     if (sock != NULL) {
2405         if (((PyObject*)sock) == Py_None) {
2406             _setSSLError("Underlying socket connection gone",
2407                          PY_SSL_ERROR_NO_SOCKET, __FILE__, __LINE__);
2408             return NULL;
2409         }
2410         Py_INCREF(sock);
2411     }
2412 
2413     if (!group_right_1) {
2414         dest = PyBytes_FromStringAndSize(NULL, len);
2415         if (dest == NULL)
2416             goto error;
2417         if (len == 0) {
2418             Py_XDECREF(sock);
2419             return dest;
2420         }
2421         mem = PyBytes_AS_STRING(dest);
2422     }
2423     else {
2424         mem = buffer->buf;
2425         if (len <= 0 || len > buffer->len) {
2426             len = (int) buffer->len;
2427             if (buffer->len != len) {
2428                 PyErr_SetString(PyExc_OverflowError,
2429                                 "maximum length can't fit in a C 'int'");
2430                 goto error;
2431             }
2432             if (len == 0) {
2433                 count = 0;
2434                 goto done;
2435             }
2436         }
2437     }
2438 
2439     if (sock != NULL) {
2440         /* just in case the blocking state of the socket has been changed */
2441         nonblocking = (sock->sock_timeout >= 0);
2442         BIO_set_nbio(SSL_get_rbio(self->ssl), nonblocking);
2443         BIO_set_nbio(SSL_get_wbio(self->ssl), nonblocking);
2444     }
2445 
2446     timeout = GET_SOCKET_TIMEOUT(sock);
2447     has_timeout = (timeout > 0);
2448     if (has_timeout)
2449         deadline = _PyTime_GetMonotonicClock() + timeout;
2450 
2451     do {
2452         PySSL_BEGIN_ALLOW_THREADS
2453         count = SSL_read(self->ssl, mem, len);
2454         err = _PySSL_errno(count <= 0, self->ssl, count);
2455         PySSL_END_ALLOW_THREADS
2456         self->err = err;
2457 
2458         if (PyErr_CheckSignals())
2459             goto error;
2460 
2461         if (has_timeout)
2462             timeout = deadline - _PyTime_GetMonotonicClock();
2463 
2464         if (err.ssl == SSL_ERROR_WANT_READ) {
2465             sockstate = PySSL_select(sock, 0, timeout);
2466         } else if (err.ssl == SSL_ERROR_WANT_WRITE) {
2467             sockstate = PySSL_select(sock, 1, timeout);
2468         } else if (err.ssl == SSL_ERROR_ZERO_RETURN &&
2469                    SSL_get_shutdown(self->ssl) == SSL_RECEIVED_SHUTDOWN)
2470         {
2471             count = 0;
2472             goto done;
2473         }
2474         else
2475             sockstate = SOCKET_OPERATION_OK;
2476 
2477         if (sockstate == SOCKET_HAS_TIMED_OUT) {
2478             PyErr_SetString(PySocketModule.timeout_error,
2479                             "The read operation timed out");
2480             goto error;
2481         } else if (sockstate == SOCKET_IS_NONBLOCKING) {
2482             break;
2483         }
2484     } while (err.ssl == SSL_ERROR_WANT_READ ||
2485              err.ssl == SSL_ERROR_WANT_WRITE);
2486 
2487     if (count <= 0) {
2488         PySSL_SetError(self, count, __FILE__, __LINE__);
2489         goto error;
2490     }
2491 
2492 done:
2493     Py_XDECREF(sock);
2494     if (!group_right_1) {
2495         _PyBytes_Resize(&dest, count);
2496         return dest;
2497     }
2498     else {
2499         return PyLong_FromLong(count);
2500     }
2501 
2502 error:
2503     Py_XDECREF(sock);
2504     if (!group_right_1)
2505         Py_XDECREF(dest);
2506     return NULL;
2507 }
2508 
2509 /*[clinic input]
2510 _ssl._SSLSocket.shutdown
2511 
2512 Does the SSL shutdown handshake with the remote end.
2513 [clinic start generated code]*/
2514 
2515 static PyObject *
_ssl__SSLSocket_shutdown_impl(PySSLSocket * self)2516 _ssl__SSLSocket_shutdown_impl(PySSLSocket *self)
2517 /*[clinic end generated code: output=ca1aa7ed9d25ca42 input=11d39e69b0a2bf4a]*/
2518 {
2519     _PySSLError err;
2520     int sockstate, nonblocking, ret;
2521     int zeros = 0;
2522     PySocketSockObject *sock = GET_SOCKET(self);
2523     _PyTime_t timeout, deadline = 0;
2524     int has_timeout;
2525 
2526     if (sock != NULL) {
2527         /* Guard against closed socket */
2528         if ((((PyObject*)sock) == Py_None) || (sock->sock_fd == INVALID_SOCKET)) {
2529             _setSSLError("Underlying socket connection gone",
2530                          PY_SSL_ERROR_NO_SOCKET, __FILE__, __LINE__);
2531             return NULL;
2532         }
2533         Py_INCREF(sock);
2534 
2535         /* Just in case the blocking state of the socket has been changed */
2536         nonblocking = (sock->sock_timeout >= 0);
2537         BIO_set_nbio(SSL_get_rbio(self->ssl), nonblocking);
2538         BIO_set_nbio(SSL_get_wbio(self->ssl), nonblocking);
2539     }
2540 
2541     timeout = GET_SOCKET_TIMEOUT(sock);
2542     has_timeout = (timeout > 0);
2543     if (has_timeout)
2544         deadline = _PyTime_GetMonotonicClock() + timeout;
2545 
2546     while (1) {
2547         PySSL_BEGIN_ALLOW_THREADS
2548         /* Disable read-ahead so that unwrap can work correctly.
2549          * Otherwise OpenSSL might read in too much data,
2550          * eating clear text data that happens to be
2551          * transmitted after the SSL shutdown.
2552          * Should be safe to call repeatedly every time this
2553          * function is used and the shutdown_seen_zero != 0
2554          * condition is met.
2555          */
2556         if (self->shutdown_seen_zero)
2557             SSL_set_read_ahead(self->ssl, 0);
2558         ret = SSL_shutdown(self->ssl);
2559         err = _PySSL_errno(ret < 0, self->ssl, ret);
2560         PySSL_END_ALLOW_THREADS
2561         self->err = err;
2562 
2563         /* If err == 1, a secure shutdown with SSL_shutdown() is complete */
2564         if (ret > 0)
2565             break;
2566         if (ret == 0) {
2567             /* Don't loop endlessly; instead preserve legacy
2568                behaviour of trying SSL_shutdown() only twice.
2569                This looks necessary for OpenSSL < 0.9.8m */
2570             if (++zeros > 1)
2571                 break;
2572             /* Shutdown was sent, now try receiving */
2573             self->shutdown_seen_zero = 1;
2574             continue;
2575         }
2576 
2577         if (has_timeout)
2578             timeout = deadline - _PyTime_GetMonotonicClock();
2579 
2580         /* Possibly retry shutdown until timeout or failure */
2581         if (err.ssl == SSL_ERROR_WANT_READ)
2582             sockstate = PySSL_select(sock, 0, timeout);
2583         else if (err.ssl == SSL_ERROR_WANT_WRITE)
2584             sockstate = PySSL_select(sock, 1, timeout);
2585         else
2586             break;
2587 
2588         if (sockstate == SOCKET_HAS_TIMED_OUT) {
2589             if (err.ssl == SSL_ERROR_WANT_READ)
2590                 PyErr_SetString(PySocketModule.timeout_error,
2591                                 "The read operation timed out");
2592             else
2593                 PyErr_SetString(PySocketModule.timeout_error,
2594                                 "The write operation timed out");
2595             goto error;
2596         }
2597         else if (sockstate == SOCKET_TOO_LARGE_FOR_SELECT) {
2598             PyErr_SetString(PySSLErrorObject,
2599                             "Underlying socket too large for select().");
2600             goto error;
2601         }
2602         else if (sockstate != SOCKET_OPERATION_OK)
2603             /* Retain the SSL error code */
2604             break;
2605     }
2606 
2607     if (ret < 0) {
2608         Py_XDECREF(sock);
2609         return PySSL_SetError(self, ret, __FILE__, __LINE__);
2610     }
2611     if (sock)
2612         /* It's already INCREF'ed */
2613         return (PyObject *) sock;
2614     else
2615         Py_RETURN_NONE;
2616 
2617 error:
2618     Py_XDECREF(sock);
2619     return NULL;
2620 }
2621 
2622 /*[clinic input]
2623 _ssl._SSLSocket.get_channel_binding
2624    cb_type: str = "tls-unique"
2625 
2626 Get channel binding data for current connection.
2627 
2628 Raise ValueError if the requested `cb_type` is not supported.  Return bytes
2629 of the data or None if the data is not available (e.g. before the handshake).
2630 Only 'tls-unique' channel binding data from RFC 5929 is supported.
2631 [clinic start generated code]*/
2632 
2633 static PyObject *
_ssl__SSLSocket_get_channel_binding_impl(PySSLSocket * self,const char * cb_type)2634 _ssl__SSLSocket_get_channel_binding_impl(PySSLSocket *self,
2635                                          const char *cb_type)
2636 /*[clinic end generated code: output=34bac9acb6a61d31 input=08b7e43b99c17d41]*/
2637 {
2638     char buf[PySSL_CB_MAXLEN];
2639     size_t len;
2640 
2641     if (strcmp(cb_type, "tls-unique") == 0) {
2642         if (SSL_session_reused(self->ssl) ^ !self->socket_type) {
2643             /* if session is resumed XOR we are the client */
2644             len = SSL_get_finished(self->ssl, buf, PySSL_CB_MAXLEN);
2645         }
2646         else {
2647             /* if a new session XOR we are the server */
2648             len = SSL_get_peer_finished(self->ssl, buf, PySSL_CB_MAXLEN);
2649         }
2650     }
2651     else {
2652         PyErr_Format(
2653             PyExc_ValueError,
2654             "'%s' channel binding type not implemented",
2655             cb_type
2656         );
2657         return NULL;
2658     }
2659 
2660     /* It cannot be negative in current OpenSSL version as of July 2011 */
2661     if (len == 0)
2662         Py_RETURN_NONE;
2663 
2664     return PyBytes_FromStringAndSize(buf, len);
2665 }
2666 
2667 /*[clinic input]
2668 _ssl._SSLSocket.verify_client_post_handshake
2669 
2670 Initiate TLS 1.3 post-handshake authentication
2671 [clinic start generated code]*/
2672 
2673 static PyObject *
_ssl__SSLSocket_verify_client_post_handshake_impl(PySSLSocket * self)2674 _ssl__SSLSocket_verify_client_post_handshake_impl(PySSLSocket *self)
2675 /*[clinic end generated code: output=532147f3b1341425 input=6bfa874810a3d889]*/
2676 {
2677 #ifdef TLS1_3_VERSION
2678     int err = SSL_verify_client_post_handshake(self->ssl);
2679     if (err == 0)
2680         return _setSSLError(NULL, 0, __FILE__, __LINE__);
2681     else
2682         Py_RETURN_NONE;
2683 #else
2684     PyErr_SetString(PyExc_NotImplementedError,
2685                     "Post-handshake auth is not supported by your "
2686                     "OpenSSL version.");
2687     return NULL;
2688 #endif
2689 }
2690 
2691 #ifdef OPENSSL_VERSION_1_1
2692 
2693 static SSL_SESSION*
_ssl_session_dup(SSL_SESSION * session)2694 _ssl_session_dup(SSL_SESSION *session) {
2695     SSL_SESSION *newsession = NULL;
2696     int slen;
2697     unsigned char *senc = NULL, *p;
2698     const unsigned char *const_p;
2699 
2700     if (session == NULL) {
2701         PyErr_SetString(PyExc_ValueError, "Invalid session");
2702         goto error;
2703     }
2704 
2705     /* get length */
2706     slen = i2d_SSL_SESSION(session, NULL);
2707     if (slen == 0 || slen > 0xFF00) {
2708         PyErr_SetString(PyExc_ValueError, "i2d() failed.");
2709         goto error;
2710     }
2711     if ((senc = PyMem_Malloc(slen)) == NULL) {
2712         PyErr_NoMemory();
2713         goto error;
2714     }
2715     p = senc;
2716     if (!i2d_SSL_SESSION(session, &p)) {
2717         PyErr_SetString(PyExc_ValueError, "i2d() failed.");
2718         goto error;
2719     }
2720     const_p = senc;
2721     newsession = d2i_SSL_SESSION(NULL, &const_p, slen);
2722     if (session == NULL) {
2723         goto error;
2724     }
2725     PyMem_Free(senc);
2726     return newsession;
2727   error:
2728     if (senc != NULL) {
2729         PyMem_Free(senc);
2730     }
2731     return NULL;
2732 }
2733 #endif
2734 
2735 static PyObject *
PySSL_get_session(PySSLSocket * self,void * closure)2736 PySSL_get_session(PySSLSocket *self, void *closure) {
2737     /* get_session can return sessions from a server-side connection,
2738      * it does not check for handshake done or client socket. */
2739     PySSLSession *pysess;
2740     SSL_SESSION *session;
2741 
2742 #ifdef OPENSSL_VERSION_1_1
2743     /* duplicate session as workaround for session bug in OpenSSL 1.1.0,
2744      * https://github.com/openssl/openssl/issues/1550 */
2745     session = SSL_get0_session(self->ssl);  /* borrowed reference */
2746     if (session == NULL) {
2747         Py_RETURN_NONE;
2748     }
2749     if ((session = _ssl_session_dup(session)) == NULL) {
2750         return NULL;
2751     }
2752 #else
2753     session = SSL_get1_session(self->ssl);
2754     if (session == NULL) {
2755         Py_RETURN_NONE;
2756     }
2757 #endif
2758     pysess = PyObject_GC_New(PySSLSession, &PySSLSession_Type);
2759     if (pysess == NULL) {
2760         SSL_SESSION_free(session);
2761         return NULL;
2762     }
2763 
2764     assert(self->ctx);
2765     pysess->ctx = self->ctx;
2766     Py_INCREF(pysess->ctx);
2767     pysess->session = session;
2768     PyObject_GC_Track(pysess);
2769     return (PyObject *)pysess;
2770 }
2771 
PySSL_set_session(PySSLSocket * self,PyObject * value,void * closure)2772 static int PySSL_set_session(PySSLSocket *self, PyObject *value,
2773                              void *closure)
2774                               {
2775     PySSLSession *pysess;
2776 #ifdef OPENSSL_VERSION_1_1
2777     SSL_SESSION *session;
2778 #endif
2779     int result;
2780 
2781     if (!PySSLSession_Check(value)) {
2782         PyErr_SetString(PyExc_TypeError, "Value is not a SSLSession.");
2783         return -1;
2784     }
2785     pysess = (PySSLSession *)value;
2786 
2787     if (self->ctx->ctx != pysess->ctx->ctx) {
2788         PyErr_SetString(PyExc_ValueError,
2789                         "Session refers to a different SSLContext.");
2790         return -1;
2791     }
2792     if (self->socket_type != PY_SSL_CLIENT) {
2793         PyErr_SetString(PyExc_ValueError,
2794                         "Cannot set session for server-side SSLSocket.");
2795         return -1;
2796     }
2797     if (SSL_is_init_finished(self->ssl)) {
2798         PyErr_SetString(PyExc_ValueError,
2799                         "Cannot set session after handshake.");
2800         return -1;
2801     }
2802 #ifdef OPENSSL_VERSION_1_1
2803     /* duplicate session */
2804     if ((session = _ssl_session_dup(pysess->session)) == NULL) {
2805         return -1;
2806     }
2807     result = SSL_set_session(self->ssl, session);
2808     /* free duplicate, SSL_set_session() bumps ref count */
2809     SSL_SESSION_free(session);
2810 #else
2811     result = SSL_set_session(self->ssl, pysess->session);
2812 #endif
2813     if (result == 0) {
2814         _setSSLError(NULL, 0, __FILE__, __LINE__);
2815         return -1;
2816     }
2817     return 0;
2818 }
2819 
2820 PyDoc_STRVAR(PySSL_set_session_doc,
2821 "_setter_session(session)\n\
2822 \
2823 Get / set SSLSession.");
2824 
2825 static PyObject *
PySSL_get_session_reused(PySSLSocket * self,void * closure)2826 PySSL_get_session_reused(PySSLSocket *self, void *closure) {
2827     if (SSL_session_reused(self->ssl)) {
2828         Py_RETURN_TRUE;
2829     } else {
2830         Py_RETURN_FALSE;
2831     }
2832 }
2833 
2834 PyDoc_STRVAR(PySSL_get_session_reused_doc,
2835 "Was the client session reused during handshake?");
2836 
2837 static PyGetSetDef ssl_getsetlist[] = {
2838     {"context", (getter) PySSL_get_context,
2839                 (setter) PySSL_set_context, PySSL_set_context_doc},
2840     {"server_side", (getter) PySSL_get_server_side, NULL,
2841                     PySSL_get_server_side_doc},
2842     {"server_hostname", (getter) PySSL_get_server_hostname, NULL,
2843                         PySSL_get_server_hostname_doc},
2844     {"owner", (getter) PySSL_get_owner, (setter) PySSL_set_owner,
2845               PySSL_get_owner_doc},
2846     {"session", (getter) PySSL_get_session,
2847                 (setter) PySSL_set_session, PySSL_set_session_doc},
2848     {"session_reused", (getter) PySSL_get_session_reused, NULL,
2849               PySSL_get_session_reused_doc},
2850     {NULL},            /* sentinel */
2851 };
2852 
2853 static PyMethodDef PySSLMethods[] = {
2854     _SSL__SSLSOCKET_DO_HANDSHAKE_METHODDEF
2855     _SSL__SSLSOCKET_WRITE_METHODDEF
2856     _SSL__SSLSOCKET_READ_METHODDEF
2857     _SSL__SSLSOCKET_PENDING_METHODDEF
2858     _SSL__SSLSOCKET_GETPEERCERT_METHODDEF
2859     _SSL__SSLSOCKET_GET_CHANNEL_BINDING_METHODDEF
2860     _SSL__SSLSOCKET_CIPHER_METHODDEF
2861     _SSL__SSLSOCKET_SHARED_CIPHERS_METHODDEF
2862     _SSL__SSLSOCKET_VERSION_METHODDEF
2863     _SSL__SSLSOCKET_SELECTED_NPN_PROTOCOL_METHODDEF
2864     _SSL__SSLSOCKET_SELECTED_ALPN_PROTOCOL_METHODDEF
2865     _SSL__SSLSOCKET_COMPRESSION_METHODDEF
2866     _SSL__SSLSOCKET_SHUTDOWN_METHODDEF
2867     _SSL__SSLSOCKET_VERIFY_CLIENT_POST_HANDSHAKE_METHODDEF
2868     {NULL, NULL}
2869 };
2870 
2871 static PyTypeObject PySSLSocket_Type = {
2872     PyVarObject_HEAD_INIT(NULL, 0)
2873     "_ssl._SSLSocket",                  /*tp_name*/
2874     sizeof(PySSLSocket),                /*tp_basicsize*/
2875     0,                                  /*tp_itemsize*/
2876     /* methods */
2877     (destructor)PySSL_dealloc,          /*tp_dealloc*/
2878     0,                                  /*tp_print*/
2879     0,                                  /*tp_getattr*/
2880     0,                                  /*tp_setattr*/
2881     0,                                  /*tp_reserved*/
2882     0,                                  /*tp_repr*/
2883     0,                                  /*tp_as_number*/
2884     0,                                  /*tp_as_sequence*/
2885     0,                                  /*tp_as_mapping*/
2886     0,                                  /*tp_hash*/
2887     0,                                  /*tp_call*/
2888     0,                                  /*tp_str*/
2889     0,                                  /*tp_getattro*/
2890     0,                                  /*tp_setattro*/
2891     0,                                  /*tp_as_buffer*/
2892     Py_TPFLAGS_DEFAULT,                 /*tp_flags*/
2893     0,                                  /*tp_doc*/
2894     0,                                  /*tp_traverse*/
2895     0,                                  /*tp_clear*/
2896     0,                                  /*tp_richcompare*/
2897     0,                                  /*tp_weaklistoffset*/
2898     0,                                  /*tp_iter*/
2899     0,                                  /*tp_iternext*/
2900     PySSLMethods,                       /*tp_methods*/
2901     0,                                  /*tp_members*/
2902     ssl_getsetlist,                     /*tp_getset*/
2903 };
2904 
2905 
2906 /*
2907  * _SSLContext objects
2908  */
2909 
2910 static int
_set_verify_mode(PySSLContext * self,enum py_ssl_cert_requirements n)2911 _set_verify_mode(PySSLContext *self, enum py_ssl_cert_requirements n)
2912 {
2913     int mode;
2914     int (*verify_cb)(int, X509_STORE_CTX *) = NULL;
2915 
2916     switch(n) {
2917     case PY_SSL_CERT_NONE:
2918         mode = SSL_VERIFY_NONE;
2919         break;
2920     case PY_SSL_CERT_OPTIONAL:
2921         mode = SSL_VERIFY_PEER;
2922         break;
2923     case PY_SSL_CERT_REQUIRED:
2924         mode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
2925         break;
2926     default:
2927          PyErr_SetString(PyExc_ValueError,
2928                         "invalid value for verify_mode");
2929         return -1;
2930     }
2931 #ifdef TLS1_3_VERSION
2932     if (self->post_handshake_auth)
2933         mode |= SSL_VERIFY_POST_HANDSHAKE;
2934 #endif
2935     /* keep current verify cb */
2936     verify_cb = SSL_CTX_get_verify_callback(self->ctx);
2937     SSL_CTX_set_verify(self->ctx, mode, verify_cb);
2938     return 0;
2939 }
2940 
2941 /*[clinic input]
2942 @classmethod
2943 _ssl._SSLContext.__new__
2944     protocol as proto_version: int
2945     /
2946 [clinic start generated code]*/
2947 
2948 static PyObject *
_ssl__SSLContext_impl(PyTypeObject * type,int proto_version)2949 _ssl__SSLContext_impl(PyTypeObject *type, int proto_version)
2950 /*[clinic end generated code: output=2cf0d7a0741b6bd1 input=8d58a805b95fc534]*/
2951 {
2952     PySSLContext *self;
2953     long options;
2954     SSL_CTX *ctx = NULL;
2955     X509_VERIFY_PARAM *params;
2956     int result;
2957 #if defined(SSL_MODE_RELEASE_BUFFERS)
2958     unsigned long libver;
2959 #endif
2960 
2961     PySSL_BEGIN_ALLOW_THREADS
2962     if (proto_version == PY_SSL_VERSION_TLS1)
2963         ctx = SSL_CTX_new(TLSv1_method());
2964 #if HAVE_TLSv1_2
2965     else if (proto_version == PY_SSL_VERSION_TLS1_1)
2966         ctx = SSL_CTX_new(TLSv1_1_method());
2967     else if (proto_version == PY_SSL_VERSION_TLS1_2)
2968         ctx = SSL_CTX_new(TLSv1_2_method());
2969 #endif
2970 #ifndef OPENSSL_NO_SSL3
2971     else if (proto_version == PY_SSL_VERSION_SSL3)
2972         ctx = SSL_CTX_new(SSLv3_method());
2973 #endif
2974 #ifndef OPENSSL_NO_SSL2
2975     else if (proto_version == PY_SSL_VERSION_SSL2)
2976         ctx = SSL_CTX_new(SSLv2_method());
2977 #endif
2978     else if (proto_version == PY_SSL_VERSION_TLS) /* SSLv23 */
2979         ctx = SSL_CTX_new(TLS_method());
2980     else if (proto_version == PY_SSL_VERSION_TLS_CLIENT)
2981         ctx = SSL_CTX_new(TLS_client_method());
2982     else if (proto_version == PY_SSL_VERSION_TLS_SERVER)
2983         ctx = SSL_CTX_new(TLS_server_method());
2984     else
2985         proto_version = -1;
2986     PySSL_END_ALLOW_THREADS
2987 
2988     if (proto_version == -1) {
2989         PyErr_SetString(PyExc_ValueError,
2990                         "invalid protocol version");
2991         return NULL;
2992     }
2993     if (ctx == NULL) {
2994         _setSSLError(NULL, 0, __FILE__, __LINE__);
2995         return NULL;
2996     }
2997 
2998     assert(type != NULL && type->tp_alloc != NULL);
2999     self = (PySSLContext *) type->tp_alloc(type, 0);
3000     if (self == NULL) {
3001         SSL_CTX_free(ctx);
3002         return NULL;
3003     }
3004     self->ctx = ctx;
3005     self->hostflags = X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS;
3006     self->protocol = proto_version;
3007 #if HAVE_NPN
3008     self->npn_protocols = NULL;
3009 #endif
3010 #if HAVE_ALPN
3011     self->alpn_protocols = NULL;
3012 #endif
3013 #ifndef OPENSSL_NO_TLSEXT
3014     self->set_sni_cb = NULL;
3015 #endif
3016     /* Don't check host name by default */
3017     if (proto_version == PY_SSL_VERSION_TLS_CLIENT) {
3018         self->check_hostname = 1;
3019         if (_set_verify_mode(self, PY_SSL_CERT_REQUIRED) == -1) {
3020             Py_DECREF(self);
3021             return NULL;
3022         }
3023     } else {
3024         self->check_hostname = 0;
3025         if (_set_verify_mode(self, PY_SSL_CERT_NONE) == -1) {
3026             Py_DECREF(self);
3027             return NULL;
3028         }
3029     }
3030     /* Defaults */
3031     options = SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
3032     if (proto_version != PY_SSL_VERSION_SSL2)
3033         options |= SSL_OP_NO_SSLv2;
3034     if (proto_version != PY_SSL_VERSION_SSL3)
3035         options |= SSL_OP_NO_SSLv3;
3036     /* Minimal security flags for server and client side context.
3037      * Client sockets ignore server-side parameters. */
3038 #ifdef SSL_OP_NO_COMPRESSION
3039     options |= SSL_OP_NO_COMPRESSION;
3040 #endif
3041 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
3042     options |= SSL_OP_CIPHER_SERVER_PREFERENCE;
3043 #endif
3044 #ifdef SSL_OP_SINGLE_DH_USE
3045     options |= SSL_OP_SINGLE_DH_USE;
3046 #endif
3047 #ifdef SSL_OP_SINGLE_ECDH_USE
3048     options |= SSL_OP_SINGLE_ECDH_USE;
3049 #endif
3050     SSL_CTX_set_options(self->ctx, options);
3051 
3052     /* A bare minimum cipher list without completely broken cipher suites.
3053      * It's far from perfect but gives users a better head start. */
3054     if (proto_version != PY_SSL_VERSION_SSL2) {
3055 #if PY_SSL_DEFAULT_CIPHERS == 2
3056         /* stick to OpenSSL's default settings */
3057         result = 1;
3058 #else
3059         result = SSL_CTX_set_cipher_list(ctx, PY_SSL_DEFAULT_CIPHER_STRING);
3060 #endif
3061     } else {
3062         /* SSLv2 needs MD5 */
3063         result = SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!eNULL");
3064     }
3065     if (result == 0) {
3066         Py_DECREF(self);
3067         ERR_clear_error();
3068         PyErr_SetString(PySSLErrorObject,
3069                         "No cipher can be selected.");
3070         return NULL;
3071     }
3072 
3073 #if defined(SSL_MODE_RELEASE_BUFFERS)
3074     /* Set SSL_MODE_RELEASE_BUFFERS. This potentially greatly reduces memory
3075        usage for no cost at all. However, don't do this for OpenSSL versions
3076        between 1.0.1 and 1.0.1h or 1.0.0 and 1.0.0m, which are affected by CVE
3077        2014-0198. I can't find exactly which beta fixed this CVE, so be
3078        conservative and assume it wasn't fixed until release. We do this check
3079        at runtime to avoid problems from the dynamic linker.
3080        See #25672 for more on this. */
3081     libver = SSLeay();
3082     if (!(libver >= 0x10001000UL && libver < 0x1000108fUL) &&
3083         !(libver >= 0x10000000UL && libver < 0x100000dfUL)) {
3084         SSL_CTX_set_mode(self->ctx, SSL_MODE_RELEASE_BUFFERS);
3085     }
3086 #endif
3087 
3088 
3089 #if !defined(OPENSSL_NO_ECDH) && !defined(OPENSSL_VERSION_1_1)
3090     /* Allow automatic ECDH curve selection (on OpenSSL 1.0.2+), or use
3091        prime256v1 by default.  This is Apache mod_ssl's initialization
3092        policy, so we should be safe. OpenSSL 1.1 has it enabled by default.
3093      */
3094 #if defined(SSL_CTX_set_ecdh_auto)
3095     SSL_CTX_set_ecdh_auto(self->ctx, 1);
3096 #else
3097     {
3098         EC_KEY *key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
3099         SSL_CTX_set_tmp_ecdh(self->ctx, key);
3100         EC_KEY_free(key);
3101     }
3102 #endif
3103 #endif
3104 
3105 #define SID_CTX "Python"
3106     SSL_CTX_set_session_id_context(self->ctx, (const unsigned char *) SID_CTX,
3107                                    sizeof(SID_CTX));
3108 #undef SID_CTX
3109 
3110     params = SSL_CTX_get0_param(self->ctx);
3111 #ifdef X509_V_FLAG_TRUSTED_FIRST
3112     /* Improve trust chain building when cross-signed intermediate
3113        certificates are present. See https://bugs.python.org/issue23476. */
3114     X509_VERIFY_PARAM_set_flags(params, X509_V_FLAG_TRUSTED_FIRST);
3115 #endif
3116     X509_VERIFY_PARAM_set_hostflags(params, self->hostflags);
3117 
3118 #ifdef TLS1_3_VERSION
3119     self->post_handshake_auth = 0;
3120     SSL_CTX_set_post_handshake_auth(self->ctx, self->post_handshake_auth);
3121 #endif
3122 
3123     return (PyObject *)self;
3124 }
3125 
3126 static int
context_traverse(PySSLContext * self,visitproc visit,void * arg)3127 context_traverse(PySSLContext *self, visitproc visit, void *arg)
3128 {
3129 #ifndef OPENSSL_NO_TLSEXT
3130     Py_VISIT(self->set_sni_cb);
3131 #endif
3132     return 0;
3133 }
3134 
3135 static int
context_clear(PySSLContext * self)3136 context_clear(PySSLContext *self)
3137 {
3138 #ifndef OPENSSL_NO_TLSEXT
3139     Py_CLEAR(self->set_sni_cb);
3140 #endif
3141     return 0;
3142 }
3143 
3144 static void
context_dealloc(PySSLContext * self)3145 context_dealloc(PySSLContext *self)
3146 {
3147     /* bpo-31095: UnTrack is needed before calling any callbacks */
3148     PyObject_GC_UnTrack(self);
3149     context_clear(self);
3150     SSL_CTX_free(self->ctx);
3151 #if HAVE_NPN
3152     PyMem_FREE(self->npn_protocols);
3153 #endif
3154 #if HAVE_ALPN
3155     PyMem_FREE(self->alpn_protocols);
3156 #endif
3157     Py_TYPE(self)->tp_free(self);
3158 }
3159 
3160 /*[clinic input]
3161 _ssl._SSLContext.set_ciphers
3162     cipherlist: str
3163     /
3164 [clinic start generated code]*/
3165 
3166 static PyObject *
_ssl__SSLContext_set_ciphers_impl(PySSLContext * self,const char * cipherlist)3167 _ssl__SSLContext_set_ciphers_impl(PySSLContext *self, const char *cipherlist)
3168 /*[clinic end generated code: output=3a3162f3557c0f3f input=a7ac931b9f3ca7fc]*/
3169 {
3170     int ret = SSL_CTX_set_cipher_list(self->ctx, cipherlist);
3171     if (ret == 0) {
3172         /* Clearing the error queue is necessary on some OpenSSL versions,
3173            otherwise the error will be reported again when another SSL call
3174            is done. */
3175         ERR_clear_error();
3176         PyErr_SetString(PySSLErrorObject,
3177                         "No cipher can be selected.");
3178         return NULL;
3179     }
3180     Py_RETURN_NONE;
3181 }
3182 
3183 #if OPENSSL_VERSION_NUMBER >= 0x10002000UL
3184 /*[clinic input]
3185 _ssl._SSLContext.get_ciphers
3186 [clinic start generated code]*/
3187 
3188 static PyObject *
_ssl__SSLContext_get_ciphers_impl(PySSLContext * self)3189 _ssl__SSLContext_get_ciphers_impl(PySSLContext *self)
3190 /*[clinic end generated code: output=a56e4d68a406dfc4 input=a2aadc9af89b79c5]*/
3191 {
3192     SSL *ssl = NULL;
3193     STACK_OF(SSL_CIPHER) *sk = NULL;
3194     const SSL_CIPHER *cipher;
3195     int i=0;
3196     PyObject *result = NULL, *dct;
3197 
3198     ssl = SSL_new(self->ctx);
3199     if (ssl == NULL) {
3200         _setSSLError(NULL, 0, __FILE__, __LINE__);
3201         goto exit;
3202     }
3203     sk = SSL_get_ciphers(ssl);
3204 
3205     result = PyList_New(sk_SSL_CIPHER_num(sk));
3206     if (result == NULL) {
3207         goto exit;
3208     }
3209 
3210     for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
3211         cipher = sk_SSL_CIPHER_value(sk, i);
3212         dct = cipher_to_dict(cipher);
3213         if (dct == NULL) {
3214             Py_CLEAR(result);
3215             goto exit;
3216         }
3217         PyList_SET_ITEM(result, i, dct);
3218     }
3219 
3220   exit:
3221     if (ssl != NULL)
3222         SSL_free(ssl);
3223     return result;
3224 
3225 }
3226 #endif
3227 
3228 
3229 #if HAVE_NPN || HAVE_ALPN
3230 static int
do_protocol_selection(int alpn,unsigned char ** out,unsigned char * outlen,const unsigned char * server_protocols,unsigned int server_protocols_len,const unsigned char * client_protocols,unsigned int client_protocols_len)3231 do_protocol_selection(int alpn, unsigned char **out, unsigned char *outlen,
3232                       const unsigned char *server_protocols, unsigned int server_protocols_len,
3233                       const unsigned char *client_protocols, unsigned int client_protocols_len)
3234 {
3235     int ret;
3236     if (client_protocols == NULL) {
3237         client_protocols = (unsigned char *)"";
3238         client_protocols_len = 0;
3239     }
3240     if (server_protocols == NULL) {
3241         server_protocols = (unsigned char *)"";
3242         server_protocols_len = 0;
3243     }
3244 
3245     ret = SSL_select_next_proto(out, outlen,
3246                                 server_protocols, server_protocols_len,
3247                                 client_protocols, client_protocols_len);
3248     if (alpn && ret != OPENSSL_NPN_NEGOTIATED)
3249         return SSL_TLSEXT_ERR_NOACK;
3250 
3251     return SSL_TLSEXT_ERR_OK;
3252 }
3253 #endif
3254 
3255 #if HAVE_NPN
3256 /* this callback gets passed to SSL_CTX_set_next_protos_advertise_cb */
3257 static int
_advertiseNPN_cb(SSL * s,const unsigned char ** data,unsigned int * len,void * args)3258 _advertiseNPN_cb(SSL *s,
3259                  const unsigned char **data, unsigned int *len,
3260                  void *args)
3261 {
3262     PySSLContext *ssl_ctx = (PySSLContext *) args;
3263 
3264     if (ssl_ctx->npn_protocols == NULL) {
3265         *data = (unsigned char *)"";
3266         *len = 0;
3267     } else {
3268         *data = ssl_ctx->npn_protocols;
3269         *len = ssl_ctx->npn_protocols_len;
3270     }
3271 
3272     return SSL_TLSEXT_ERR_OK;
3273 }
3274 /* this callback gets passed to SSL_CTX_set_next_proto_select_cb */
3275 static int
_selectNPN_cb(SSL * s,unsigned char ** out,unsigned char * outlen,const unsigned char * server,unsigned int server_len,void * args)3276 _selectNPN_cb(SSL *s,
3277               unsigned char **out, unsigned char *outlen,
3278               const unsigned char *server, unsigned int server_len,
3279               void *args)
3280 {
3281     PySSLContext *ctx = (PySSLContext *)args;
3282     return do_protocol_selection(0, out, outlen, server, server_len,
3283                                  ctx->npn_protocols, ctx->npn_protocols_len);
3284 }
3285 #endif
3286 
3287 /*[clinic input]
3288 _ssl._SSLContext._set_npn_protocols
3289     protos: Py_buffer
3290     /
3291 [clinic start generated code]*/
3292 
3293 static PyObject *
_ssl__SSLContext__set_npn_protocols_impl(PySSLContext * self,Py_buffer * protos)3294 _ssl__SSLContext__set_npn_protocols_impl(PySSLContext *self,
3295                                          Py_buffer *protos)
3296 /*[clinic end generated code: output=72b002c3324390c6 input=319fcb66abf95bd7]*/
3297 {
3298 #if HAVE_NPN
3299     PyMem_Free(self->npn_protocols);
3300     self->npn_protocols = PyMem_Malloc(protos->len);
3301     if (self->npn_protocols == NULL)
3302         return PyErr_NoMemory();
3303     memcpy(self->npn_protocols, protos->buf, protos->len);
3304     self->npn_protocols_len = (int) protos->len;
3305 
3306     /* set both server and client callbacks, because the context can
3307      * be used to create both types of sockets */
3308     SSL_CTX_set_next_protos_advertised_cb(self->ctx,
3309                                           _advertiseNPN_cb,
3310                                           self);
3311     SSL_CTX_set_next_proto_select_cb(self->ctx,
3312                                      _selectNPN_cb,
3313                                      self);
3314 
3315     Py_RETURN_NONE;
3316 #else
3317     PyErr_SetString(PyExc_NotImplementedError,
3318                     "The NPN extension requires OpenSSL 1.0.1 or later.");
3319     return NULL;
3320 #endif
3321 }
3322 
3323 #if HAVE_ALPN
3324 static int
_selectALPN_cb(SSL * s,const unsigned char ** out,unsigned char * outlen,const unsigned char * client_protocols,unsigned int client_protocols_len,void * args)3325 _selectALPN_cb(SSL *s,
3326               const unsigned char **out, unsigned char *outlen,
3327               const unsigned char *client_protocols, unsigned int client_protocols_len,
3328               void *args)
3329 {
3330     PySSLContext *ctx = (PySSLContext *)args;
3331     return do_protocol_selection(1, (unsigned char **)out, outlen,
3332                                  ctx->alpn_protocols, ctx->alpn_protocols_len,
3333                                  client_protocols, client_protocols_len);
3334 }
3335 #endif
3336 
3337 /*[clinic input]
3338 _ssl._SSLContext._set_alpn_protocols
3339     protos: Py_buffer
3340     /
3341 [clinic start generated code]*/
3342 
3343 static PyObject *
_ssl__SSLContext__set_alpn_protocols_impl(PySSLContext * self,Py_buffer * protos)3344 _ssl__SSLContext__set_alpn_protocols_impl(PySSLContext *self,
3345                                           Py_buffer *protos)
3346 /*[clinic end generated code: output=87599a7f76651a9b input=9bba964595d519be]*/
3347 {
3348 #if HAVE_ALPN
3349     if ((size_t)protos->len > UINT_MAX) {
3350         PyErr_Format(PyExc_OverflowError,
3351             "protocols longer than %d bytes", UINT_MAX);
3352         return NULL;
3353     }
3354 
3355     PyMem_FREE(self->alpn_protocols);
3356     self->alpn_protocols = PyMem_Malloc(protos->len);
3357     if (!self->alpn_protocols)
3358         return PyErr_NoMemory();
3359     memcpy(self->alpn_protocols, protos->buf, protos->len);
3360     self->alpn_protocols_len = (unsigned int)protos->len;
3361 
3362     if (SSL_CTX_set_alpn_protos(self->ctx, self->alpn_protocols, self->alpn_protocols_len))
3363         return PyErr_NoMemory();
3364     SSL_CTX_set_alpn_select_cb(self->ctx, _selectALPN_cb, self);
3365 
3366     Py_RETURN_NONE;
3367 #else
3368     PyErr_SetString(PyExc_NotImplementedError,
3369                     "The ALPN extension requires OpenSSL 1.0.2 or later.");
3370     return NULL;
3371 #endif
3372 }
3373 
3374 static PyObject *
get_verify_mode(PySSLContext * self,void * c)3375 get_verify_mode(PySSLContext *self, void *c)
3376 {
3377     /* ignore SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE */
3378     int mask = (SSL_VERIFY_NONE | SSL_VERIFY_PEER |
3379                 SSL_VERIFY_FAIL_IF_NO_PEER_CERT);
3380     switch (SSL_CTX_get_verify_mode(self->ctx) & mask) {
3381     case SSL_VERIFY_NONE:
3382         return PyLong_FromLong(PY_SSL_CERT_NONE);
3383     case SSL_VERIFY_PEER:
3384         return PyLong_FromLong(PY_SSL_CERT_OPTIONAL);
3385     case SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT:
3386         return PyLong_FromLong(PY_SSL_CERT_REQUIRED);
3387     }
3388     PyErr_SetString(PySSLErrorObject,
3389                     "invalid return value from SSL_CTX_get_verify_mode");
3390     return NULL;
3391 }
3392 
3393 static int
set_verify_mode(PySSLContext * self,PyObject * arg,void * c)3394 set_verify_mode(PySSLContext *self, PyObject *arg, void *c)
3395 {
3396     int n;
3397     if (!PyArg_Parse(arg, "i", &n))
3398         return -1;
3399     if (n == PY_SSL_CERT_NONE && self->check_hostname) {
3400         PyErr_SetString(PyExc_ValueError,
3401                         "Cannot set verify_mode to CERT_NONE when "
3402                         "check_hostname is enabled.");
3403         return -1;
3404     }
3405     return _set_verify_mode(self, n);
3406 }
3407 
3408 static PyObject *
get_verify_flags(PySSLContext * self,void * c)3409 get_verify_flags(PySSLContext *self, void *c)
3410 {
3411     X509_VERIFY_PARAM *param;
3412     unsigned long flags;
3413 
3414     param = SSL_CTX_get0_param(self->ctx);
3415     flags = X509_VERIFY_PARAM_get_flags(param);
3416     return PyLong_FromUnsignedLong(flags);
3417 }
3418 
3419 static int
set_verify_flags(PySSLContext * self,PyObject * arg,void * c)3420 set_verify_flags(PySSLContext *self, PyObject *arg, void *c)
3421 {
3422     X509_VERIFY_PARAM *param;
3423     unsigned long new_flags, flags, set, clear;
3424 
3425     if (!PyArg_Parse(arg, "k", &new_flags))
3426         return -1;
3427     param = SSL_CTX_get0_param(self->ctx);
3428     flags = X509_VERIFY_PARAM_get_flags(param);
3429     clear = flags & ~new_flags;
3430     set = ~flags & new_flags;
3431     if (clear) {
3432         if (!X509_VERIFY_PARAM_clear_flags(param, clear)) {
3433             _setSSLError(NULL, 0, __FILE__, __LINE__);
3434             return -1;
3435         }
3436     }
3437     if (set) {
3438         if (!X509_VERIFY_PARAM_set_flags(param, set)) {
3439             _setSSLError(NULL, 0, __FILE__, __LINE__);
3440             return -1;
3441         }
3442     }
3443     return 0;
3444 }
3445 
3446 /* Getter and setter for protocol version */
3447 #if defined(SSL_CTRL_GET_MAX_PROTO_VERSION)
3448 
3449 
3450 static int
set_min_max_proto_version(PySSLContext * self,PyObject * arg,int what)3451 set_min_max_proto_version(PySSLContext *self, PyObject *arg, int what)
3452 {
3453     long v;
3454     int result;
3455 
3456     if (!PyArg_Parse(arg, "l", &v))
3457         return -1;
3458     if (v > INT_MAX) {
3459         PyErr_SetString(PyExc_OverflowError, "Option is too long");
3460         return -1;
3461     }
3462 
3463     switch(self->protocol) {
3464     case PY_SSL_VERSION_TLS_CLIENT:  /* fall through */
3465     case PY_SSL_VERSION_TLS_SERVER:  /* fall through */
3466     case PY_SSL_VERSION_TLS:
3467         break;
3468     default:
3469         PyErr_SetString(
3470             PyExc_ValueError,
3471             "The context's protocol doesn't support modification of "
3472             "highest and lowest version."
3473         );
3474         return -1;
3475     }
3476 
3477     if (what == 0) {
3478         switch(v) {
3479         case PY_PROTO_MINIMUM_SUPPORTED:
3480             v = 0;
3481             break;
3482         case PY_PROTO_MAXIMUM_SUPPORTED:
3483             /* Emulate max for set_min_proto_version */
3484             v = PY_PROTO_MAXIMUM_AVAILABLE;
3485             break;
3486         default:
3487             break;
3488         }
3489         result = SSL_CTX_set_min_proto_version(self->ctx, v);
3490     }
3491     else {
3492         switch(v) {
3493         case PY_PROTO_MAXIMUM_SUPPORTED:
3494             v = 0;
3495             break;
3496         case PY_PROTO_MINIMUM_SUPPORTED:
3497             /* Emulate max for set_min_proto_version */
3498             v = PY_PROTO_MINIMUM_AVAILABLE;
3499             break;
3500         default:
3501             break;
3502         }
3503         result = SSL_CTX_set_max_proto_version(self->ctx, v);
3504     }
3505     if (result == 0) {
3506         PyErr_Format(PyExc_ValueError,
3507                      "Unsupported protocol version 0x%x", v);
3508         return -1;
3509     }
3510     return 0;
3511 }
3512 
3513 static PyObject *
get_minimum_version(PySSLContext * self,void * c)3514 get_minimum_version(PySSLContext *self, void *c)
3515 {
3516     int v = SSL_CTX_ctrl(self->ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL);
3517     if (v == 0) {
3518         v = PY_PROTO_MINIMUM_SUPPORTED;
3519     }
3520     return PyLong_FromLong(v);
3521 }
3522 
3523 static int
set_minimum_version(PySSLContext * self,PyObject * arg,void * c)3524 set_minimum_version(PySSLContext *self, PyObject *arg, void *c)
3525 {
3526     return set_min_max_proto_version(self, arg, 0);
3527 }
3528 
3529 static PyObject *
get_maximum_version(PySSLContext * self,void * c)3530 get_maximum_version(PySSLContext *self, void *c)
3531 {
3532     int v = SSL_CTX_ctrl(self->ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL);
3533     if (v == 0) {
3534         v = PY_PROTO_MAXIMUM_SUPPORTED;
3535     }
3536     return PyLong_FromLong(v);
3537 }
3538 
3539 static int
set_maximum_version(PySSLContext * self,PyObject * arg,void * c)3540 set_maximum_version(PySSLContext *self, PyObject *arg, void *c)
3541 {
3542     return set_min_max_proto_version(self, arg, 1);
3543 }
3544 #endif /* SSL_CTRL_GET_MAX_PROTO_VERSION */
3545 
3546 static PyObject *
get_options(PySSLContext * self,void * c)3547 get_options(PySSLContext *self, void *c)
3548 {
3549     return PyLong_FromLong(SSL_CTX_get_options(self->ctx));
3550 }
3551 
3552 static int
set_options(PySSLContext * self,PyObject * arg,void * c)3553 set_options(PySSLContext *self, PyObject *arg, void *c)
3554 {
3555     long new_opts, opts, set, clear;
3556     if (!PyArg_Parse(arg, "l", &new_opts))
3557         return -1;
3558     opts = SSL_CTX_get_options(self->ctx);
3559     clear = opts & ~new_opts;
3560     set = ~opts & new_opts;
3561     if (clear) {
3562 #ifdef HAVE_SSL_CTX_CLEAR_OPTIONS
3563         SSL_CTX_clear_options(self->ctx, clear);
3564 #else
3565         PyErr_SetString(PyExc_ValueError,
3566                         "can't clear options before OpenSSL 0.9.8m");
3567         return -1;
3568 #endif
3569     }
3570     if (set)
3571         SSL_CTX_set_options(self->ctx, set);
3572     return 0;
3573 }
3574 
3575 static PyObject *
get_host_flags(PySSLContext * self,void * c)3576 get_host_flags(PySSLContext *self, void *c)
3577 {
3578     return PyLong_FromUnsignedLong(self->hostflags);
3579 }
3580 
3581 static int
set_host_flags(PySSLContext * self,PyObject * arg,void * c)3582 set_host_flags(PySSLContext *self, PyObject *arg, void *c)
3583 {
3584     X509_VERIFY_PARAM *param;
3585     unsigned int new_flags = 0;
3586 
3587     if (!PyArg_Parse(arg, "I", &new_flags))
3588         return -1;
3589 
3590     param = SSL_CTX_get0_param(self->ctx);
3591     self->hostflags = new_flags;
3592     X509_VERIFY_PARAM_set_hostflags(param, new_flags);
3593     return 0;
3594 }
3595 
3596 static PyObject *
get_check_hostname(PySSLContext * self,void * c)3597 get_check_hostname(PySSLContext *self, void *c)
3598 {
3599     return PyBool_FromLong(self->check_hostname);
3600 }
3601 
3602 static int
set_check_hostname(PySSLContext * self,PyObject * arg,void * c)3603 set_check_hostname(PySSLContext *self, PyObject *arg, void *c)
3604 {
3605     int check_hostname;
3606     if (!PyArg_Parse(arg, "p", &check_hostname))
3607         return -1;
3608     if (check_hostname &&
3609             SSL_CTX_get_verify_mode(self->ctx) == SSL_VERIFY_NONE) {
3610         /* check_hostname = True sets verify_mode = CERT_REQUIRED */
3611         if (_set_verify_mode(self, PY_SSL_CERT_REQUIRED) == -1) {
3612             return -1;
3613         }
3614     }
3615     self->check_hostname = check_hostname;
3616     return 0;
3617 }
3618 
3619 static PyObject *
get_post_handshake_auth(PySSLContext * self,void * c)3620 get_post_handshake_auth(PySSLContext *self, void *c) {
3621 #if TLS1_3_VERSION
3622     return PyBool_FromLong(self->post_handshake_auth);
3623 #else
3624     Py_RETURN_NONE;
3625 #endif
3626 }
3627 
3628 #if TLS1_3_VERSION
3629 static int
set_post_handshake_auth(PySSLContext * self,PyObject * arg,void * c)3630 set_post_handshake_auth(PySSLContext *self, PyObject *arg, void *c) {
3631     int (*verify_cb)(int, X509_STORE_CTX *) = NULL;
3632     int mode = SSL_CTX_get_verify_mode(self->ctx);
3633     if (arg == NULL) {
3634         PyErr_SetString(PyExc_AttributeError, "cannot delete attribute");
3635         return -1;
3636     }
3637     int pha = PyObject_IsTrue(arg);
3638 
3639     if (pha == -1) {
3640         return -1;
3641     }
3642     self->post_handshake_auth = pha;
3643 
3644     /* client-side socket setting, ignored by server-side */
3645     SSL_CTX_set_post_handshake_auth(self->ctx, pha);
3646 
3647     /* server-side socket setting, ignored by client-side */
3648     verify_cb = SSL_CTX_get_verify_callback(self->ctx);
3649     if (pha) {
3650         mode |= SSL_VERIFY_POST_HANDSHAKE;
3651     } else {
3652         mode ^= SSL_VERIFY_POST_HANDSHAKE;
3653     }
3654     SSL_CTX_set_verify(self->ctx, mode, verify_cb);
3655 
3656     return 0;
3657 }
3658 #endif
3659 
3660 static PyObject *
get_protocol(PySSLContext * self,void * c)3661 get_protocol(PySSLContext *self, void *c) {
3662     return PyLong_FromLong(self->protocol);
3663 }
3664 
3665 typedef struct {
3666     PyThreadState *thread_state;
3667     PyObject *callable;
3668     char *password;
3669     int size;
3670     int error;
3671 } _PySSLPasswordInfo;
3672 
3673 static int
_pwinfo_set(_PySSLPasswordInfo * pw_info,PyObject * password,const char * bad_type_error)3674 _pwinfo_set(_PySSLPasswordInfo *pw_info, PyObject* password,
3675             const char *bad_type_error)
3676 {
3677     /* Set the password and size fields of a _PySSLPasswordInfo struct
3678        from a unicode, bytes, or byte array object.
3679        The password field will be dynamically allocated and must be freed
3680        by the caller */
3681     PyObject *password_bytes = NULL;
3682     const char *data = NULL;
3683     Py_ssize_t size;
3684 
3685     if (PyUnicode_Check(password)) {
3686         password_bytes = PyUnicode_AsEncodedString(password, NULL, NULL);
3687         if (!password_bytes) {
3688             goto error;
3689         }
3690         data = PyBytes_AS_STRING(password_bytes);
3691         size = PyBytes_GET_SIZE(password_bytes);
3692     } else if (PyBytes_Check(password)) {
3693         data = PyBytes_AS_STRING(password);
3694         size = PyBytes_GET_SIZE(password);
3695     } else if (PyByteArray_Check(password)) {
3696         data = PyByteArray_AS_STRING(password);
3697         size = PyByteArray_GET_SIZE(password);
3698     } else {
3699         PyErr_SetString(PyExc_TypeError, bad_type_error);
3700         goto error;
3701     }
3702 
3703     if (size > (Py_ssize_t)INT_MAX) {
3704         PyErr_Format(PyExc_ValueError,
3705                      "password cannot be longer than %d bytes", INT_MAX);
3706         goto error;
3707     }
3708 
3709     PyMem_Free(pw_info->password);
3710     pw_info->password = PyMem_Malloc(size);
3711     if (!pw_info->password) {
3712         PyErr_SetString(PyExc_MemoryError,
3713                         "unable to allocate password buffer");
3714         goto error;
3715     }
3716     memcpy(pw_info->password, data, size);
3717     pw_info->size = (int)size;
3718 
3719     Py_XDECREF(password_bytes);
3720     return 1;
3721 
3722 error:
3723     Py_XDECREF(password_bytes);
3724     return 0;
3725 }
3726 
3727 static int
_password_callback(char * buf,int size,int rwflag,void * userdata)3728 _password_callback(char *buf, int size, int rwflag, void *userdata)
3729 {
3730     _PySSLPasswordInfo *pw_info = (_PySSLPasswordInfo*) userdata;
3731     PyObject *fn_ret = NULL;
3732 
3733     PySSL_END_ALLOW_THREADS_S(pw_info->thread_state);
3734 
3735     if (pw_info->callable) {
3736         fn_ret = _PyObject_CallNoArg(pw_info->callable);
3737         if (!fn_ret) {
3738             /* TODO: It would be nice to move _ctypes_add_traceback() into the
3739                core python API, so we could use it to add a frame here */
3740             goto error;
3741         }
3742 
3743         if (!_pwinfo_set(pw_info, fn_ret,
3744                          "password callback must return a string")) {
3745             goto error;
3746         }
3747         Py_CLEAR(fn_ret);
3748     }
3749 
3750     if (pw_info->size > size) {
3751         PyErr_Format(PyExc_ValueError,
3752                      "password cannot be longer than %d bytes", size);
3753         goto error;
3754     }
3755 
3756     PySSL_BEGIN_ALLOW_THREADS_S(pw_info->thread_state);
3757     memcpy(buf, pw_info->password, pw_info->size);
3758     return pw_info->size;
3759 
3760 error:
3761     Py_XDECREF(fn_ret);
3762     PySSL_BEGIN_ALLOW_THREADS_S(pw_info->thread_state);
3763     pw_info->error = 1;
3764     return -1;
3765 }
3766 
3767 /*[clinic input]
3768 _ssl._SSLContext.load_cert_chain
3769     certfile: object
3770     keyfile: object = NULL
3771     password: object = NULL
3772 
3773 [clinic start generated code]*/
3774 
3775 static PyObject *
_ssl__SSLContext_load_cert_chain_impl(PySSLContext * self,PyObject * certfile,PyObject * keyfile,PyObject * password)3776 _ssl__SSLContext_load_cert_chain_impl(PySSLContext *self, PyObject *certfile,
3777                                       PyObject *keyfile, PyObject *password)
3778 /*[clinic end generated code: output=9480bc1c380e2095 input=7cf9ac673cbee6fc]*/
3779 {
3780     PyObject *certfile_bytes = NULL, *keyfile_bytes = NULL;
3781     pem_password_cb *orig_passwd_cb = SSL_CTX_get_default_passwd_cb(self->ctx);
3782     void *orig_passwd_userdata = SSL_CTX_get_default_passwd_cb_userdata(self->ctx);
3783     _PySSLPasswordInfo pw_info = { NULL, NULL, NULL, 0, 0 };
3784     int r;
3785 
3786     errno = 0;
3787     ERR_clear_error();
3788     if (keyfile == Py_None)
3789         keyfile = NULL;
3790     if (!PyUnicode_FSConverter(certfile, &certfile_bytes)) {
3791         PyErr_SetString(PyExc_TypeError,
3792                         "certfile should be a valid filesystem path");
3793         return NULL;
3794     }
3795     if (keyfile && !PyUnicode_FSConverter(keyfile, &keyfile_bytes)) {
3796         PyErr_SetString(PyExc_TypeError,
3797                         "keyfile should be a valid filesystem path");
3798         goto error;
3799     }
3800     if (password && password != Py_None) {
3801         if (PyCallable_Check(password)) {
3802             pw_info.callable = password;
3803         } else if (!_pwinfo_set(&pw_info, password,
3804                                 "password should be a string or callable")) {
3805             goto error;
3806         }
3807         SSL_CTX_set_default_passwd_cb(self->ctx, _password_callback);
3808         SSL_CTX_set_default_passwd_cb_userdata(self->ctx, &pw_info);
3809     }
3810     PySSL_BEGIN_ALLOW_THREADS_S(pw_info.thread_state);
3811     r = SSL_CTX_use_certificate_chain_file(self->ctx,
3812         PyBytes_AS_STRING(certfile_bytes));
3813     PySSL_END_ALLOW_THREADS_S(pw_info.thread_state);
3814     if (r != 1) {
3815         if (pw_info.error) {
3816             ERR_clear_error();
3817             /* the password callback has already set the error information */
3818         }
3819         else if (errno != 0) {
3820             ERR_clear_error();
3821             PyErr_SetFromErrno(PyExc_OSError);
3822         }
3823         else {
3824             _setSSLError(NULL, 0, __FILE__, __LINE__);
3825         }
3826         goto error;
3827     }
3828     PySSL_BEGIN_ALLOW_THREADS_S(pw_info.thread_state);
3829     r = SSL_CTX_use_PrivateKey_file(self->ctx,
3830         PyBytes_AS_STRING(keyfile ? keyfile_bytes : certfile_bytes),
3831         SSL_FILETYPE_PEM);
3832     PySSL_END_ALLOW_THREADS_S(pw_info.thread_state);
3833     Py_CLEAR(keyfile_bytes);
3834     Py_CLEAR(certfile_bytes);
3835     if (r != 1) {
3836         if (pw_info.error) {
3837             ERR_clear_error();
3838             /* the password callback has already set the error information */
3839         }
3840         else if (errno != 0) {
3841             ERR_clear_error();
3842             PyErr_SetFromErrno(PyExc_OSError);
3843         }
3844         else {
3845             _setSSLError(NULL, 0, __FILE__, __LINE__);
3846         }
3847         goto error;
3848     }
3849     PySSL_BEGIN_ALLOW_THREADS_S(pw_info.thread_state);
3850     r = SSL_CTX_check_private_key(self->ctx);
3851     PySSL_END_ALLOW_THREADS_S(pw_info.thread_state);
3852     if (r != 1) {
3853         _setSSLError(NULL, 0, __FILE__, __LINE__);
3854         goto error;
3855     }
3856     SSL_CTX_set_default_passwd_cb(self->ctx, orig_passwd_cb);
3857     SSL_CTX_set_default_passwd_cb_userdata(self->ctx, orig_passwd_userdata);
3858     PyMem_Free(pw_info.password);
3859     Py_RETURN_NONE;
3860 
3861 error:
3862     SSL_CTX_set_default_passwd_cb(self->ctx, orig_passwd_cb);
3863     SSL_CTX_set_default_passwd_cb_userdata(self->ctx, orig_passwd_userdata);
3864     PyMem_Free(pw_info.password);
3865     Py_XDECREF(keyfile_bytes);
3866     Py_XDECREF(certfile_bytes);
3867     return NULL;
3868 }
3869 
3870 /* internal helper function, returns -1 on error
3871  */
3872 static int
_add_ca_certs(PySSLContext * self,void * data,Py_ssize_t len,int filetype)3873 _add_ca_certs(PySSLContext *self, void *data, Py_ssize_t len,
3874               int filetype)
3875 {
3876     BIO *biobuf = NULL;
3877     X509_STORE *store;
3878     int retval = 0, err, loaded = 0;
3879 
3880     assert(filetype == SSL_FILETYPE_ASN1 || filetype == SSL_FILETYPE_PEM);
3881 
3882     if (len <= 0) {
3883         PyErr_SetString(PyExc_ValueError,
3884                         "Empty certificate data");
3885         return -1;
3886     } else if (len > INT_MAX) {
3887         PyErr_SetString(PyExc_OverflowError,
3888                         "Certificate data is too long.");
3889         return -1;
3890     }
3891 
3892     biobuf = BIO_new_mem_buf(data, (int)len);
3893     if (biobuf == NULL) {
3894         _setSSLError("Can't allocate buffer", 0, __FILE__, __LINE__);
3895         return -1;
3896     }
3897 
3898     store = SSL_CTX_get_cert_store(self->ctx);
3899     assert(store != NULL);
3900 
3901     while (1) {
3902         X509 *cert = NULL;
3903         int r;
3904 
3905         if (filetype == SSL_FILETYPE_ASN1) {
3906             cert = d2i_X509_bio(biobuf, NULL);
3907         } else {
3908             cert = PEM_read_bio_X509(biobuf, NULL,
3909                                      SSL_CTX_get_default_passwd_cb(self->ctx),
3910                                      SSL_CTX_get_default_passwd_cb_userdata(self->ctx)
3911                                     );
3912         }
3913         if (cert == NULL) {
3914             break;
3915         }
3916         r = X509_STORE_add_cert(store, cert);
3917         X509_free(cert);
3918         if (!r) {
3919             err = ERR_peek_last_error();
3920             if ((ERR_GET_LIB(err) == ERR_LIB_X509) &&
3921                 (ERR_GET_REASON(err) == X509_R_CERT_ALREADY_IN_HASH_TABLE)) {
3922                 /* cert already in hash table, not an error */
3923                 ERR_clear_error();
3924             } else {
3925                 break;
3926             }
3927         }
3928         loaded++;
3929     }
3930 
3931     err = ERR_peek_last_error();
3932     if ((filetype == SSL_FILETYPE_ASN1) &&
3933             (loaded > 0) &&
3934             (ERR_GET_LIB(err) == ERR_LIB_ASN1) &&
3935             (ERR_GET_REASON(err) == ASN1_R_HEADER_TOO_LONG)) {
3936         /* EOF ASN1 file, not an error */
3937         ERR_clear_error();
3938         retval = 0;
3939     } else if ((filetype == SSL_FILETYPE_PEM) &&
3940                    (loaded > 0) &&
3941                    (ERR_GET_LIB(err) == ERR_LIB_PEM) &&
3942                    (ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) {
3943         /* EOF PEM file, not an error */
3944         ERR_clear_error();
3945         retval = 0;
3946     } else {
3947         _setSSLError(NULL, 0, __FILE__, __LINE__);
3948         retval = -1;
3949     }
3950 
3951     BIO_free(biobuf);
3952     return retval;
3953 }
3954 
3955 
3956 /*[clinic input]
3957 _ssl._SSLContext.load_verify_locations
3958     cafile: object = NULL
3959     capath: object = NULL
3960     cadata: object = NULL
3961 
3962 [clinic start generated code]*/
3963 
3964 static PyObject *
_ssl__SSLContext_load_verify_locations_impl(PySSLContext * self,PyObject * cafile,PyObject * capath,PyObject * cadata)3965 _ssl__SSLContext_load_verify_locations_impl(PySSLContext *self,
3966                                             PyObject *cafile,
3967                                             PyObject *capath,
3968                                             PyObject *cadata)
3969 /*[clinic end generated code: output=454c7e41230ca551 input=997f1fb3a784ef88]*/
3970 {
3971     PyObject *cafile_bytes = NULL, *capath_bytes = NULL;
3972     const char *cafile_buf = NULL, *capath_buf = NULL;
3973     int r = 0, ok = 1;
3974 
3975     errno = 0;
3976     if (cafile == Py_None)
3977         cafile = NULL;
3978     if (capath == Py_None)
3979         capath = NULL;
3980     if (cadata == Py_None)
3981         cadata = NULL;
3982 
3983     if (cafile == NULL && capath == NULL && cadata == NULL) {
3984         PyErr_SetString(PyExc_TypeError,
3985                         "cafile, capath and cadata cannot be all omitted");
3986         goto error;
3987     }
3988     if (cafile && !PyUnicode_FSConverter(cafile, &cafile_bytes)) {
3989         PyErr_SetString(PyExc_TypeError,
3990                         "cafile should be a valid filesystem path");
3991         goto error;
3992     }
3993     if (capath && !PyUnicode_FSConverter(capath, &capath_bytes)) {
3994         PyErr_SetString(PyExc_TypeError,
3995                         "capath should be a valid filesystem path");
3996         goto error;
3997     }
3998 
3999     /* validata cadata type and load cadata */
4000     if (cadata) {
4001         Py_buffer buf;
4002         PyObject *cadata_ascii = NULL;
4003 
4004         if (PyObject_GetBuffer(cadata, &buf, PyBUF_SIMPLE) == 0) {
4005             if (!PyBuffer_IsContiguous(&buf, 'C') || buf.ndim > 1) {
4006                 PyBuffer_Release(&buf);
4007                 PyErr_SetString(PyExc_TypeError,
4008                                 "cadata should be a contiguous buffer with "
4009                                 "a single dimension");
4010                 goto error;
4011             }
4012             r = _add_ca_certs(self, buf.buf, buf.len, SSL_FILETYPE_ASN1);
4013             PyBuffer_Release(&buf);
4014             if (r == -1) {
4015                 goto error;
4016             }
4017         } else {
4018             PyErr_Clear();
4019             cadata_ascii = PyUnicode_AsASCIIString(cadata);
4020             if (cadata_ascii == NULL) {
4021                 PyErr_SetString(PyExc_TypeError,
4022                                 "cadata should be an ASCII string or a "
4023                                 "bytes-like object");
4024                 goto error;
4025             }
4026             r = _add_ca_certs(self,
4027                               PyBytes_AS_STRING(cadata_ascii),
4028                               PyBytes_GET_SIZE(cadata_ascii),
4029                               SSL_FILETYPE_PEM);
4030             Py_DECREF(cadata_ascii);
4031             if (r == -1) {
4032                 goto error;
4033             }
4034         }
4035     }
4036 
4037     /* load cafile or capath */
4038     if (cafile || capath) {
4039         if (cafile)
4040             cafile_buf = PyBytes_AS_STRING(cafile_bytes);
4041         if (capath)
4042             capath_buf = PyBytes_AS_STRING(capath_bytes);
4043         PySSL_BEGIN_ALLOW_THREADS
4044         r = SSL_CTX_load_verify_locations(self->ctx, cafile_buf, capath_buf);
4045         PySSL_END_ALLOW_THREADS
4046         if (r != 1) {
4047             ok = 0;
4048             if (errno != 0) {
4049                 ERR_clear_error();
4050                 PyErr_SetFromErrno(PyExc_OSError);
4051             }
4052             else {
4053                 _setSSLError(NULL, 0, __FILE__, __LINE__);
4054             }
4055             goto error;
4056         }
4057     }
4058     goto end;
4059 
4060   error:
4061     ok = 0;
4062   end:
4063     Py_XDECREF(cafile_bytes);
4064     Py_XDECREF(capath_bytes);
4065     if (ok) {
4066         Py_RETURN_NONE;
4067     } else {
4068         return NULL;
4069     }
4070 }
4071 
4072 /*[clinic input]
4073 _ssl._SSLContext.load_dh_params
4074     path as filepath: object
4075     /
4076 
4077 [clinic start generated code]*/
4078 
4079 static PyObject *
_ssl__SSLContext_load_dh_params(PySSLContext * self,PyObject * filepath)4080 _ssl__SSLContext_load_dh_params(PySSLContext *self, PyObject *filepath)
4081 /*[clinic end generated code: output=1c8e57a38e055af0 input=c8871f3c796ae1d6]*/
4082 {
4083     FILE *f;
4084     DH *dh;
4085 
4086     f = _Py_fopen_obj(filepath, "rb");
4087     if (f == NULL)
4088         return NULL;
4089 
4090     errno = 0;
4091     PySSL_BEGIN_ALLOW_THREADS
4092     dh = PEM_read_DHparams(f, NULL, NULL, NULL);
4093     fclose(f);
4094     PySSL_END_ALLOW_THREADS
4095     if (dh == NULL) {
4096         if (errno != 0) {
4097             ERR_clear_error();
4098             PyErr_SetFromErrnoWithFilenameObject(PyExc_OSError, filepath);
4099         }
4100         else {
4101             _setSSLError(NULL, 0, __FILE__, __LINE__);
4102         }
4103         return NULL;
4104     }
4105     if (SSL_CTX_set_tmp_dh(self->ctx, dh) == 0)
4106         _setSSLError(NULL, 0, __FILE__, __LINE__);
4107     DH_free(dh);
4108     Py_RETURN_NONE;
4109 }
4110 
4111 /*[clinic input]
4112 _ssl._SSLContext._wrap_socket
4113     sock: object(subclass_of="PySocketModule.Sock_Type")
4114     server_side: int
4115     server_hostname as hostname_obj: object = None
4116     *
4117     owner: object = None
4118     session: object = None
4119 
4120 [clinic start generated code]*/
4121 
4122 static PyObject *
_ssl__SSLContext__wrap_socket_impl(PySSLContext * self,PyObject * sock,int server_side,PyObject * hostname_obj,PyObject * owner,PyObject * session)4123 _ssl__SSLContext__wrap_socket_impl(PySSLContext *self, PyObject *sock,
4124                                    int server_side, PyObject *hostname_obj,
4125                                    PyObject *owner, PyObject *session)
4126 /*[clinic end generated code: output=f103f238633940b4 input=957d5006183d1894]*/
4127 {
4128     char *hostname = NULL;
4129     PyObject *res;
4130 
4131     /* server_hostname is either None (or absent), or to be encoded
4132        as IDN A-label (ASCII str) without NULL bytes. */
4133     if (hostname_obj != Py_None) {
4134         if (!PyArg_Parse(hostname_obj, "es", "ascii", &hostname))
4135             return NULL;
4136     }
4137 
4138     res = (PyObject *) newPySSLSocket(self, (PySocketSockObject *)sock,
4139                                       server_side, hostname,
4140                                       owner, session,
4141                                       NULL, NULL);
4142     if (hostname != NULL)
4143         PyMem_Free(hostname);
4144     return res;
4145 }
4146 
4147 /*[clinic input]
4148 _ssl._SSLContext._wrap_bio
4149     incoming: object(subclass_of="&PySSLMemoryBIO_Type", type="PySSLMemoryBIO *")
4150     outgoing: object(subclass_of="&PySSLMemoryBIO_Type", type="PySSLMemoryBIO *")
4151     server_side: int
4152     server_hostname as hostname_obj: object = None
4153     *
4154     owner: object = None
4155     session: object = None
4156 
4157 [clinic start generated code]*/
4158 
4159 static PyObject *
_ssl__SSLContext__wrap_bio_impl(PySSLContext * self,PySSLMemoryBIO * incoming,PySSLMemoryBIO * outgoing,int server_side,PyObject * hostname_obj,PyObject * owner,PyObject * session)4160 _ssl__SSLContext__wrap_bio_impl(PySSLContext *self, PySSLMemoryBIO *incoming,
4161                                 PySSLMemoryBIO *outgoing, int server_side,
4162                                 PyObject *hostname_obj, PyObject *owner,
4163                                 PyObject *session)
4164 /*[clinic end generated code: output=5c5d6d9b41f99332 input=8cf22f4d586ac56a]*/
4165 {
4166     char *hostname = NULL;
4167     PyObject *res;
4168 
4169     /* server_hostname is either None (or absent), or to be encoded
4170        as IDN A-label (ASCII str) without NULL bytes. */
4171     if (hostname_obj != Py_None) {
4172         if (!PyArg_Parse(hostname_obj, "es", "ascii", &hostname))
4173             return NULL;
4174     }
4175 
4176     res = (PyObject *) newPySSLSocket(self, NULL, server_side, hostname,
4177                                       owner, session,
4178                                       incoming, outgoing);
4179 
4180     PyMem_Free(hostname);
4181     return res;
4182 }
4183 
4184 /*[clinic input]
4185 _ssl._SSLContext.session_stats
4186 [clinic start generated code]*/
4187 
4188 static PyObject *
_ssl__SSLContext_session_stats_impl(PySSLContext * self)4189 _ssl__SSLContext_session_stats_impl(PySSLContext *self)
4190 /*[clinic end generated code: output=0d96411c42893bfb input=7e0a81fb11102c8b]*/
4191 {
4192     int r;
4193     PyObject *value, *stats = PyDict_New();
4194     if (!stats)
4195         return NULL;
4196 
4197 #define ADD_STATS(SSL_NAME, KEY_NAME) \
4198     value = PyLong_FromLong(SSL_CTX_sess_ ## SSL_NAME (self->ctx)); \
4199     if (value == NULL) \
4200         goto error; \
4201     r = PyDict_SetItemString(stats, KEY_NAME, value); \
4202     Py_DECREF(value); \
4203     if (r < 0) \
4204         goto error;
4205 
4206     ADD_STATS(number, "number");
4207     ADD_STATS(connect, "connect");
4208     ADD_STATS(connect_good, "connect_good");
4209     ADD_STATS(connect_renegotiate, "connect_renegotiate");
4210     ADD_STATS(accept, "accept");
4211     ADD_STATS(accept_good, "accept_good");
4212     ADD_STATS(accept_renegotiate, "accept_renegotiate");
4213     ADD_STATS(accept, "accept");
4214     ADD_STATS(hits, "hits");
4215     ADD_STATS(misses, "misses");
4216     ADD_STATS(timeouts, "timeouts");
4217     ADD_STATS(cache_full, "cache_full");
4218 
4219 #undef ADD_STATS
4220 
4221     return stats;
4222 
4223 error:
4224     Py_DECREF(stats);
4225     return NULL;
4226 }
4227 
4228 /*[clinic input]
4229 _ssl._SSLContext.set_default_verify_paths
4230 [clinic start generated code]*/
4231 
4232 static PyObject *
_ssl__SSLContext_set_default_verify_paths_impl(PySSLContext * self)4233 _ssl__SSLContext_set_default_verify_paths_impl(PySSLContext *self)
4234 /*[clinic end generated code: output=0bee74e6e09deaaa input=35f3408021463d74]*/
4235 {
4236     if (!SSL_CTX_set_default_verify_paths(self->ctx)) {
4237         _setSSLError(NULL, 0, __FILE__, __LINE__);
4238         return NULL;
4239     }
4240     Py_RETURN_NONE;
4241 }
4242 
4243 #ifndef OPENSSL_NO_ECDH
4244 /*[clinic input]
4245 _ssl._SSLContext.set_ecdh_curve
4246     name: object
4247     /
4248 
4249 [clinic start generated code]*/
4250 
4251 static PyObject *
_ssl__SSLContext_set_ecdh_curve(PySSLContext * self,PyObject * name)4252 _ssl__SSLContext_set_ecdh_curve(PySSLContext *self, PyObject *name)
4253 /*[clinic end generated code: output=23022c196e40d7d2 input=c2bafb6f6e34726b]*/
4254 {
4255     PyObject *name_bytes;
4256     int nid;
4257     EC_KEY *key;
4258 
4259     if (!PyUnicode_FSConverter(name, &name_bytes))
4260         return NULL;
4261     assert(PyBytes_Check(name_bytes));
4262     nid = OBJ_sn2nid(PyBytes_AS_STRING(name_bytes));
4263     Py_DECREF(name_bytes);
4264     if (nid == 0) {
4265         PyErr_Format(PyExc_ValueError,
4266                      "unknown elliptic curve name %R", name);
4267         return NULL;
4268     }
4269     key = EC_KEY_new_by_curve_name(nid);
4270     if (key == NULL) {
4271         _setSSLError(NULL, 0, __FILE__, __LINE__);
4272         return NULL;
4273     }
4274     SSL_CTX_set_tmp_ecdh(self->ctx, key);
4275     EC_KEY_free(key);
4276     Py_RETURN_NONE;
4277 }
4278 #endif
4279 
4280 #if HAVE_SNI && !defined(OPENSSL_NO_TLSEXT)
4281 static int
_servername_callback(SSL * s,int * al,void * args)4282 _servername_callback(SSL *s, int *al, void *args)
4283 {
4284     int ret;
4285     PySSLContext *ssl_ctx = (PySSLContext *) args;
4286     PySSLSocket *ssl;
4287     PyObject *result;
4288     /* The high-level ssl.SSLSocket object */
4289     PyObject *ssl_socket;
4290     const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
4291     PyGILState_STATE gstate = PyGILState_Ensure();
4292 
4293     if (ssl_ctx->set_sni_cb == NULL) {
4294         /* remove race condition in this the call back while if removing the
4295          * callback is in progress */
4296         PyGILState_Release(gstate);
4297         return SSL_TLSEXT_ERR_OK;
4298     }
4299 
4300     ssl = SSL_get_app_data(s);
4301     assert(PySSLSocket_Check(ssl));
4302 
4303     /* The servername callback expects an argument that represents the current
4304      * SSL connection and that has a .context attribute that can be changed to
4305      * identify the requested hostname. Since the official API is the Python
4306      * level API we want to pass the callback a Python level object rather than
4307      * a _ssl.SSLSocket instance. If there's an "owner" (typically an
4308      * SSLObject) that will be passed. Otherwise if there's a socket then that
4309      * will be passed. If both do not exist only then the C-level object is
4310      * passed. */
4311     if (ssl->owner)
4312         ssl_socket = PyWeakref_GetObject(ssl->owner);
4313     else if (ssl->Socket)
4314         ssl_socket = PyWeakref_GetObject(ssl->Socket);
4315     else
4316         ssl_socket = (PyObject *) ssl;
4317 
4318     Py_INCREF(ssl_socket);
4319     if (ssl_socket == Py_None)
4320         goto error;
4321 
4322     if (servername == NULL) {
4323         result = PyObject_CallFunctionObjArgs(ssl_ctx->set_sni_cb, ssl_socket,
4324                                               Py_None, ssl_ctx, NULL);
4325     }
4326     else {
4327         PyObject *servername_bytes;
4328         PyObject *servername_str;
4329 
4330         servername_bytes = PyBytes_FromString(servername);
4331         if (servername_bytes == NULL) {
4332             PyErr_WriteUnraisable((PyObject *) ssl_ctx);
4333             goto error;
4334         }
4335         /* server_hostname was encoded to an A-label by our caller; put it
4336          * back into a str object, but still as an A-label (bpo-28414)
4337          */
4338         servername_str = PyUnicode_FromEncodedObject(servername_bytes, "ascii", NULL);
4339         Py_DECREF(servername_bytes);
4340         if (servername_str == NULL) {
4341             PyErr_WriteUnraisable(servername_bytes);
4342             goto error;
4343         }
4344         result = PyObject_CallFunctionObjArgs(
4345             ssl_ctx->set_sni_cb, ssl_socket, servername_str,
4346             ssl_ctx, NULL);
4347         Py_DECREF(servername_str);
4348     }
4349     Py_DECREF(ssl_socket);
4350 
4351     if (result == NULL) {
4352         PyErr_WriteUnraisable(ssl_ctx->set_sni_cb);
4353         *al = SSL_AD_HANDSHAKE_FAILURE;
4354         ret = SSL_TLSEXT_ERR_ALERT_FATAL;
4355     }
4356     else {
4357         /* Result may be None, a SSLContext or an integer
4358          * None and SSLContext are OK, integer or other values are an error.
4359          */
4360         if (result == Py_None) {
4361             ret = SSL_TLSEXT_ERR_OK;
4362         } else {
4363             *al = (int) PyLong_AsLong(result);
4364             if (PyErr_Occurred()) {
4365                 PyErr_WriteUnraisable(result);
4366                 *al = SSL_AD_INTERNAL_ERROR;
4367             }
4368             ret = SSL_TLSEXT_ERR_ALERT_FATAL;
4369         }
4370         Py_DECREF(result);
4371     }
4372 
4373     PyGILState_Release(gstate);
4374     return ret;
4375 
4376 error:
4377     Py_DECREF(ssl_socket);
4378     *al = SSL_AD_INTERNAL_ERROR;
4379     ret = SSL_TLSEXT_ERR_ALERT_FATAL;
4380     PyGILState_Release(gstate);
4381     return ret;
4382 }
4383 #endif
4384 
4385 static PyObject *
get_sni_callback(PySSLContext * self,void * c)4386 get_sni_callback(PySSLContext *self, void *c)
4387 {
4388     PyObject *cb = self->set_sni_cb;
4389     if (cb == NULL) {
4390         Py_RETURN_NONE;
4391     }
4392     Py_INCREF(cb);
4393     return cb;
4394 }
4395 
4396 static int
set_sni_callback(PySSLContext * self,PyObject * arg,void * c)4397 set_sni_callback(PySSLContext *self, PyObject *arg, void *c)
4398 {
4399     if (self->protocol == PY_SSL_VERSION_TLS_CLIENT) {
4400         PyErr_SetString(PyExc_ValueError,
4401                         "sni_callback cannot be set on TLS_CLIENT context");
4402         return -1;
4403     }
4404 #if HAVE_SNI && !defined(OPENSSL_NO_TLSEXT)
4405     Py_CLEAR(self->set_sni_cb);
4406     if (arg == Py_None) {
4407         SSL_CTX_set_tlsext_servername_callback(self->ctx, NULL);
4408     }
4409     else {
4410         if (!PyCallable_Check(arg)) {
4411             SSL_CTX_set_tlsext_servername_callback(self->ctx, NULL);
4412             PyErr_SetString(PyExc_TypeError,
4413                             "not a callable object");
4414             return -1;
4415         }
4416         Py_INCREF(arg);
4417         self->set_sni_cb = arg;
4418         SSL_CTX_set_tlsext_servername_callback(self->ctx, _servername_callback);
4419         SSL_CTX_set_tlsext_servername_arg(self->ctx, self);
4420     }
4421     return 0;
4422 #else
4423     PyErr_SetString(PyExc_NotImplementedError,
4424                     "The TLS extension servername callback, "
4425                     "SSL_CTX_set_tlsext_servername_callback, "
4426                     "is not in the current OpenSSL library.");
4427     return -1;
4428 #endif
4429 }
4430 
4431 PyDoc_STRVAR(PySSLContext_sni_callback_doc,
4432 "Set a callback that will be called when a server name is provided by the SSL/TLS client in the SNI extension.\n\
4433 \n\
4434 If the argument is None then the callback is disabled. The method is called\n\
4435 with the SSLSocket, the server name as a string, and the SSLContext object.\n\
4436 See RFC 6066 for details of the SNI extension.");
4437 
4438 /*[clinic input]
4439 _ssl._SSLContext.cert_store_stats
4440 
4441 Returns quantities of loaded X.509 certificates.
4442 
4443 X.509 certificates with a CA extension and certificate revocation lists
4444 inside the context's cert store.
4445 
4446 NOTE: Certificates in a capath directory aren't loaded unless they have
4447 been used at least once.
4448 [clinic start generated code]*/
4449 
4450 static PyObject *
_ssl__SSLContext_cert_store_stats_impl(PySSLContext * self)4451 _ssl__SSLContext_cert_store_stats_impl(PySSLContext *self)
4452 /*[clinic end generated code: output=5f356f4d9cca874d input=eb40dd0f6d0e40cf]*/
4453 {
4454     X509_STORE *store;
4455     STACK_OF(X509_OBJECT) *objs;
4456     X509_OBJECT *obj;
4457     int x509 = 0, crl = 0, ca = 0, i;
4458 
4459     store = SSL_CTX_get_cert_store(self->ctx);
4460     objs = X509_STORE_get0_objects(store);
4461     for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
4462         obj = sk_X509_OBJECT_value(objs, i);
4463         switch (X509_OBJECT_get_type(obj)) {
4464             case X509_LU_X509:
4465                 x509++;
4466                 if (X509_check_ca(X509_OBJECT_get0_X509(obj))) {
4467                     ca++;
4468                 }
4469                 break;
4470             case X509_LU_CRL:
4471                 crl++;
4472                 break;
4473             default:
4474                 /* Ignore X509_LU_FAIL, X509_LU_RETRY, X509_LU_PKEY.
4475                  * As far as I can tell they are internal states and never
4476                  * stored in a cert store */
4477                 break;
4478         }
4479     }
4480     return Py_BuildValue("{sisisi}", "x509", x509, "crl", crl,
4481         "x509_ca", ca);
4482 }
4483 
4484 /*[clinic input]
4485 _ssl._SSLContext.get_ca_certs
4486     binary_form: bool = False
4487 
4488 Returns a list of dicts with information of loaded CA certs.
4489 
4490 If the optional argument is True, returns a DER-encoded copy of the CA
4491 certificate.
4492 
4493 NOTE: Certificates in a capath directory aren't loaded unless they have
4494 been used at least once.
4495 [clinic start generated code]*/
4496 
4497 static PyObject *
_ssl__SSLContext_get_ca_certs_impl(PySSLContext * self,int binary_form)4498 _ssl__SSLContext_get_ca_certs_impl(PySSLContext *self, int binary_form)
4499 /*[clinic end generated code: output=0d58f148f37e2938 input=6887b5a09b7f9076]*/
4500 {
4501     X509_STORE *store;
4502     STACK_OF(X509_OBJECT) *objs;
4503     PyObject *ci = NULL, *rlist = NULL;
4504     int i;
4505 
4506     if ((rlist = PyList_New(0)) == NULL) {
4507         return NULL;
4508     }
4509 
4510     store = SSL_CTX_get_cert_store(self->ctx);
4511     objs = X509_STORE_get0_objects(store);
4512     for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
4513         X509_OBJECT *obj;
4514         X509 *cert;
4515 
4516         obj = sk_X509_OBJECT_value(objs, i);
4517         if (X509_OBJECT_get_type(obj) != X509_LU_X509) {
4518             /* not a x509 cert */
4519             continue;
4520         }
4521         /* CA for any purpose */
4522         cert = X509_OBJECT_get0_X509(obj);
4523         if (!X509_check_ca(cert)) {
4524             continue;
4525         }
4526         if (binary_form) {
4527             ci = _certificate_to_der(cert);
4528         } else {
4529             ci = _decode_certificate(cert);
4530         }
4531         if (ci == NULL) {
4532             goto error;
4533         }
4534         if (PyList_Append(rlist, ci) == -1) {
4535             goto error;
4536         }
4537         Py_CLEAR(ci);
4538     }
4539     return rlist;
4540 
4541   error:
4542     Py_XDECREF(ci);
4543     Py_XDECREF(rlist);
4544     return NULL;
4545 }
4546 
4547 
4548 static PyGetSetDef context_getsetlist[] = {
4549     {"check_hostname", (getter) get_check_hostname,
4550                        (setter) set_check_hostname, NULL},
4551     {"_host_flags", (getter) get_host_flags,
4552                     (setter) set_host_flags, NULL},
4553 #if SSL_CTRL_GET_MAX_PROTO_VERSION
4554     {"minimum_version", (getter) get_minimum_version,
4555                         (setter) set_minimum_version, NULL},
4556     {"maximum_version", (getter) get_maximum_version,
4557                         (setter) set_maximum_version, NULL},
4558 #endif
4559     {"sni_callback", (getter) get_sni_callback,
4560                      (setter) set_sni_callback, PySSLContext_sni_callback_doc},
4561     {"options", (getter) get_options,
4562                 (setter) set_options, NULL},
4563     {"post_handshake_auth", (getter) get_post_handshake_auth,
4564 #ifdef TLS1_3_VERSION
4565                             (setter) set_post_handshake_auth,
4566 #else
4567                             NULL,
4568 #endif
4569                             NULL},
4570     {"protocol", (getter) get_protocol,
4571                  NULL, NULL},
4572     {"verify_flags", (getter) get_verify_flags,
4573                      (setter) set_verify_flags, NULL},
4574     {"verify_mode", (getter) get_verify_mode,
4575                     (setter) set_verify_mode, NULL},
4576     {NULL},            /* sentinel */
4577 };
4578 
4579 static struct PyMethodDef context_methods[] = {
4580     _SSL__SSLCONTEXT__WRAP_SOCKET_METHODDEF
4581     _SSL__SSLCONTEXT__WRAP_BIO_METHODDEF
4582     _SSL__SSLCONTEXT_SET_CIPHERS_METHODDEF
4583     _SSL__SSLCONTEXT__SET_ALPN_PROTOCOLS_METHODDEF
4584     _SSL__SSLCONTEXT__SET_NPN_PROTOCOLS_METHODDEF
4585     _SSL__SSLCONTEXT_LOAD_CERT_CHAIN_METHODDEF
4586     _SSL__SSLCONTEXT_LOAD_DH_PARAMS_METHODDEF
4587     _SSL__SSLCONTEXT_LOAD_VERIFY_LOCATIONS_METHODDEF
4588     _SSL__SSLCONTEXT_SESSION_STATS_METHODDEF
4589     _SSL__SSLCONTEXT_SET_DEFAULT_VERIFY_PATHS_METHODDEF
4590     _SSL__SSLCONTEXT_SET_ECDH_CURVE_METHODDEF
4591     _SSL__SSLCONTEXT_CERT_STORE_STATS_METHODDEF
4592     _SSL__SSLCONTEXT_GET_CA_CERTS_METHODDEF
4593     _SSL__SSLCONTEXT_GET_CIPHERS_METHODDEF
4594     {NULL, NULL}        /* sentinel */
4595 };
4596 
4597 static PyTypeObject PySSLContext_Type = {
4598     PyVarObject_HEAD_INIT(NULL, 0)
4599     "_ssl._SSLContext",                        /*tp_name*/
4600     sizeof(PySSLContext),                      /*tp_basicsize*/
4601     0,                                         /*tp_itemsize*/
4602     (destructor)context_dealloc,               /*tp_dealloc*/
4603     0,                                         /*tp_print*/
4604     0,                                         /*tp_getattr*/
4605     0,                                         /*tp_setattr*/
4606     0,                                         /*tp_reserved*/
4607     0,                                         /*tp_repr*/
4608     0,                                         /*tp_as_number*/
4609     0,                                         /*tp_as_sequence*/
4610     0,                                         /*tp_as_mapping*/
4611     0,                                         /*tp_hash*/
4612     0,                                         /*tp_call*/
4613     0,                                         /*tp_str*/
4614     0,                                         /*tp_getattro*/
4615     0,                                         /*tp_setattro*/
4616     0,                                         /*tp_as_buffer*/
4617     Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_HAVE_GC, /*tp_flags*/
4618     0,                                         /*tp_doc*/
4619     (traverseproc) context_traverse,           /*tp_traverse*/
4620     (inquiry) context_clear,                   /*tp_clear*/
4621     0,                                         /*tp_richcompare*/
4622     0,                                         /*tp_weaklistoffset*/
4623     0,                                         /*tp_iter*/
4624     0,                                         /*tp_iternext*/
4625     context_methods,                           /*tp_methods*/
4626     0,                                         /*tp_members*/
4627     context_getsetlist,                        /*tp_getset*/
4628     0,                                         /*tp_base*/
4629     0,                                         /*tp_dict*/
4630     0,                                         /*tp_descr_get*/
4631     0,                                         /*tp_descr_set*/
4632     0,                                         /*tp_dictoffset*/
4633     0,                                         /*tp_init*/
4634     0,                                         /*tp_alloc*/
4635     _ssl__SSLContext,                          /*tp_new*/
4636 };
4637 
4638 
4639 /*
4640  * MemoryBIO objects
4641  */
4642 
4643 /*[clinic input]
4644 @classmethod
4645 _ssl.MemoryBIO.__new__
4646 
4647 [clinic start generated code]*/
4648 
4649 static PyObject *
_ssl_MemoryBIO_impl(PyTypeObject * type)4650 _ssl_MemoryBIO_impl(PyTypeObject *type)
4651 /*[clinic end generated code: output=8820a58db78330ac input=26d22e4909ecb1b5]*/
4652 {
4653     BIO *bio;
4654     PySSLMemoryBIO *self;
4655 
4656     bio = BIO_new(BIO_s_mem());
4657     if (bio == NULL) {
4658         PyErr_SetString(PySSLErrorObject,
4659                         "failed to allocate BIO");
4660         return NULL;
4661     }
4662     /* Since our BIO is non-blocking an empty read() does not indicate EOF,
4663      * just that no data is currently available. The SSL routines should retry
4664      * the read, which we can achieve by calling BIO_set_retry_read(). */
4665     BIO_set_retry_read(bio);
4666     BIO_set_mem_eof_return(bio, -1);
4667 
4668     assert(type != NULL && type->tp_alloc != NULL);
4669     self = (PySSLMemoryBIO *) type->tp_alloc(type, 0);
4670     if (self == NULL) {
4671         BIO_free(bio);
4672         return NULL;
4673     }
4674     self->bio = bio;
4675     self->eof_written = 0;
4676 
4677     return (PyObject *) self;
4678 }
4679 
4680 static void
memory_bio_dealloc(PySSLMemoryBIO * self)4681 memory_bio_dealloc(PySSLMemoryBIO *self)
4682 {
4683     BIO_free(self->bio);
4684     Py_TYPE(self)->tp_free(self);
4685 }
4686 
4687 static PyObject *
memory_bio_get_pending(PySSLMemoryBIO * self,void * c)4688 memory_bio_get_pending(PySSLMemoryBIO *self, void *c)
4689 {
4690     return PyLong_FromSize_t(BIO_ctrl_pending(self->bio));
4691 }
4692 
4693 PyDoc_STRVAR(PySSL_memory_bio_pending_doc,
4694 "The number of bytes pending in the memory BIO.");
4695 
4696 static PyObject *
memory_bio_get_eof(PySSLMemoryBIO * self,void * c)4697 memory_bio_get_eof(PySSLMemoryBIO *self, void *c)
4698 {
4699     return PyBool_FromLong((BIO_ctrl_pending(self->bio) == 0)
4700                            && self->eof_written);
4701 }
4702 
4703 PyDoc_STRVAR(PySSL_memory_bio_eof_doc,
4704 "Whether the memory BIO is at EOF.");
4705 
4706 /*[clinic input]
4707 _ssl.MemoryBIO.read
4708     size as len: int = -1
4709     /
4710 
4711 Read up to size bytes from the memory BIO.
4712 
4713 If size is not specified, read the entire buffer.
4714 If the return value is an empty bytes instance, this means either
4715 EOF or that no data is available. Use the "eof" property to
4716 distinguish between the two.
4717 [clinic start generated code]*/
4718 
4719 static PyObject *
_ssl_MemoryBIO_read_impl(PySSLMemoryBIO * self,int len)4720 _ssl_MemoryBIO_read_impl(PySSLMemoryBIO *self, int len)
4721 /*[clinic end generated code: output=a657aa1e79cd01b3 input=574d7be06a902366]*/
4722 {
4723     int avail, nbytes;
4724     PyObject *result;
4725 
4726     avail = (int)Py_MIN(BIO_ctrl_pending(self->bio), INT_MAX);
4727     if ((len < 0) || (len > avail))
4728         len = avail;
4729 
4730     result = PyBytes_FromStringAndSize(NULL, len);
4731     if ((result == NULL) || (len == 0))
4732         return result;
4733 
4734     nbytes = BIO_read(self->bio, PyBytes_AS_STRING(result), len);
4735     if (nbytes < 0) {
4736         Py_DECREF(result);
4737         _setSSLError(NULL, 0, __FILE__, __LINE__);
4738         return NULL;
4739     }
4740 
4741     /* There should never be any short reads but check anyway. */
4742     if (nbytes < len) {
4743         _PyBytes_Resize(&result, nbytes);
4744     }
4745 
4746     return result;
4747 }
4748 
4749 /*[clinic input]
4750 _ssl.MemoryBIO.write
4751     b: Py_buffer
4752     /
4753 
4754 Writes the bytes b into the memory BIO.
4755 
4756 Returns the number of bytes written.
4757 [clinic start generated code]*/
4758 
4759 static PyObject *
_ssl_MemoryBIO_write_impl(PySSLMemoryBIO * self,Py_buffer * b)4760 _ssl_MemoryBIO_write_impl(PySSLMemoryBIO *self, Py_buffer *b)
4761 /*[clinic end generated code: output=156ec59110d75935 input=e45757b3e17c4808]*/
4762 {
4763     int nbytes;
4764 
4765     if (b->len > INT_MAX) {
4766         PyErr_Format(PyExc_OverflowError,
4767                      "string longer than %d bytes", INT_MAX);
4768         return NULL;
4769     }
4770 
4771     if (self->eof_written) {
4772         PyErr_SetString(PySSLErrorObject,
4773                         "cannot write() after write_eof()");
4774         return NULL;
4775     }
4776 
4777     nbytes = BIO_write(self->bio, b->buf, (int)b->len);
4778     if (nbytes < 0) {
4779         _setSSLError(NULL, 0, __FILE__, __LINE__);
4780         return NULL;
4781     }
4782 
4783     return PyLong_FromLong(nbytes);
4784 }
4785 
4786 /*[clinic input]
4787 _ssl.MemoryBIO.write_eof
4788 
4789 Write an EOF marker to the memory BIO.
4790 
4791 When all data has been read, the "eof" property will be True.
4792 [clinic start generated code]*/
4793 
4794 static PyObject *
_ssl_MemoryBIO_write_eof_impl(PySSLMemoryBIO * self)4795 _ssl_MemoryBIO_write_eof_impl(PySSLMemoryBIO *self)
4796 /*[clinic end generated code: output=d4106276ccd1ed34 input=56a945f1d29e8bd6]*/
4797 {
4798     self->eof_written = 1;
4799     /* After an EOF is written, a zero return from read() should be a real EOF
4800      * i.e. it should not be retried. Clear the SHOULD_RETRY flag. */
4801     BIO_clear_retry_flags(self->bio);
4802     BIO_set_mem_eof_return(self->bio, 0);
4803 
4804     Py_RETURN_NONE;
4805 }
4806 
4807 static PyGetSetDef memory_bio_getsetlist[] = {
4808     {"pending", (getter) memory_bio_get_pending, NULL,
4809                 PySSL_memory_bio_pending_doc},
4810     {"eof", (getter) memory_bio_get_eof, NULL,
4811             PySSL_memory_bio_eof_doc},
4812     {NULL},            /* sentinel */
4813 };
4814 
4815 static struct PyMethodDef memory_bio_methods[] = {
4816     _SSL_MEMORYBIO_READ_METHODDEF
4817     _SSL_MEMORYBIO_WRITE_METHODDEF
4818     _SSL_MEMORYBIO_WRITE_EOF_METHODDEF
4819     {NULL, NULL}        /* sentinel */
4820 };
4821 
4822 static PyTypeObject PySSLMemoryBIO_Type = {
4823     PyVarObject_HEAD_INIT(NULL, 0)
4824     "_ssl.MemoryBIO",                         /*tp_name*/
4825     sizeof(PySSLMemoryBIO),                    /*tp_basicsize*/
4826     0,                                         /*tp_itemsize*/
4827     (destructor)memory_bio_dealloc,            /*tp_dealloc*/
4828     0,                                         /*tp_print*/
4829     0,                                         /*tp_getattr*/
4830     0,                                         /*tp_setattr*/
4831     0,                                         /*tp_reserved*/
4832     0,                                         /*tp_repr*/
4833     0,                                         /*tp_as_number*/
4834     0,                                         /*tp_as_sequence*/
4835     0,                                         /*tp_as_mapping*/
4836     0,                                         /*tp_hash*/
4837     0,                                         /*tp_call*/
4838     0,                                         /*tp_str*/
4839     0,                                         /*tp_getattro*/
4840     0,                                         /*tp_setattro*/
4841     0,                                         /*tp_as_buffer*/
4842     Py_TPFLAGS_DEFAULT,                        /*tp_flags*/
4843     0,                                         /*tp_doc*/
4844     0,                                         /*tp_traverse*/
4845     0,                                         /*tp_clear*/
4846     0,                                         /*tp_richcompare*/
4847     0,                                         /*tp_weaklistoffset*/
4848     0,                                         /*tp_iter*/
4849     0,                                         /*tp_iternext*/
4850     memory_bio_methods,                        /*tp_methods*/
4851     0,                                         /*tp_members*/
4852     memory_bio_getsetlist,                     /*tp_getset*/
4853     0,                                         /*tp_base*/
4854     0,                                         /*tp_dict*/
4855     0,                                         /*tp_descr_get*/
4856     0,                                         /*tp_descr_set*/
4857     0,                                         /*tp_dictoffset*/
4858     0,                                         /*tp_init*/
4859     0,                                         /*tp_alloc*/
4860     _ssl_MemoryBIO,                            /*tp_new*/
4861 };
4862 
4863 
4864 /*
4865  * SSL Session object
4866  */
4867 
4868 static void
PySSLSession_dealloc(PySSLSession * self)4869 PySSLSession_dealloc(PySSLSession *self)
4870 {
4871     /* bpo-31095: UnTrack is needed before calling any callbacks */
4872     PyObject_GC_UnTrack(self);
4873     Py_XDECREF(self->ctx);
4874     if (self->session != NULL) {
4875         SSL_SESSION_free(self->session);
4876     }
4877     PyObject_GC_Del(self);
4878 }
4879 
4880 static PyObject *
PySSLSession_richcompare(PyObject * left,PyObject * right,int op)4881 PySSLSession_richcompare(PyObject *left, PyObject *right, int op)
4882 {
4883     int result;
4884 
4885     if (left == NULL || right == NULL) {
4886         PyErr_BadInternalCall();
4887         return NULL;
4888     }
4889 
4890     if (!PySSLSession_Check(left) || !PySSLSession_Check(right)) {
4891         Py_RETURN_NOTIMPLEMENTED;
4892     }
4893 
4894     if (left == right) {
4895         result = 0;
4896     } else {
4897         const unsigned char *left_id, *right_id;
4898         unsigned int left_len, right_len;
4899         left_id = SSL_SESSION_get_id(((PySSLSession *)left)->session,
4900                                      &left_len);
4901         right_id = SSL_SESSION_get_id(((PySSLSession *)right)->session,
4902                                       &right_len);
4903         if (left_len == right_len) {
4904             result = memcmp(left_id, right_id, left_len);
4905         } else {
4906             result = 1;
4907         }
4908     }
4909 
4910     switch (op) {
4911       case Py_EQ:
4912         if (result == 0) {
4913             Py_RETURN_TRUE;
4914         } else {
4915             Py_RETURN_FALSE;
4916         }
4917         break;
4918       case Py_NE:
4919         if (result != 0) {
4920             Py_RETURN_TRUE;
4921         } else {
4922             Py_RETURN_FALSE;
4923         }
4924         break;
4925       case Py_LT:
4926       case Py_LE:
4927       case Py_GT:
4928       case Py_GE:
4929         Py_RETURN_NOTIMPLEMENTED;
4930         break;
4931       default:
4932         PyErr_BadArgument();
4933         return NULL;
4934     }
4935 }
4936 
4937 static int
PySSLSession_traverse(PySSLSession * self,visitproc visit,void * arg)4938 PySSLSession_traverse(PySSLSession *self, visitproc visit, void *arg)
4939 {
4940     Py_VISIT(self->ctx);
4941     return 0;
4942 }
4943 
4944 static int
PySSLSession_clear(PySSLSession * self)4945 PySSLSession_clear(PySSLSession *self)
4946 {
4947     Py_CLEAR(self->ctx);
4948     return 0;
4949 }
4950 
4951 
4952 static PyObject *
PySSLSession_get_time(PySSLSession * self,void * closure)4953 PySSLSession_get_time(PySSLSession *self, void *closure) {
4954     return PyLong_FromLong(SSL_SESSION_get_time(self->session));
4955 }
4956 
4957 PyDoc_STRVAR(PySSLSession_get_time_doc,
4958 "Session creation time (seconds since epoch).");
4959 
4960 
4961 static PyObject *
PySSLSession_get_timeout(PySSLSession * self,void * closure)4962 PySSLSession_get_timeout(PySSLSession *self, void *closure) {
4963     return PyLong_FromLong(SSL_SESSION_get_timeout(self->session));
4964 }
4965 
4966 PyDoc_STRVAR(PySSLSession_get_timeout_doc,
4967 "Session timeout (delta in seconds).");
4968 
4969 
4970 static PyObject *
PySSLSession_get_ticket_lifetime_hint(PySSLSession * self,void * closure)4971 PySSLSession_get_ticket_lifetime_hint(PySSLSession *self, void *closure) {
4972     unsigned long hint = SSL_SESSION_get_ticket_lifetime_hint(self->session);
4973     return PyLong_FromUnsignedLong(hint);
4974 }
4975 
4976 PyDoc_STRVAR(PySSLSession_get_ticket_lifetime_hint_doc,
4977 "Ticket life time hint.");
4978 
4979 
4980 static PyObject *
PySSLSession_get_session_id(PySSLSession * self,void * closure)4981 PySSLSession_get_session_id(PySSLSession *self, void *closure) {
4982     const unsigned char *id;
4983     unsigned int len;
4984     id = SSL_SESSION_get_id(self->session, &len);
4985     return PyBytes_FromStringAndSize((const char *)id, len);
4986 }
4987 
4988 PyDoc_STRVAR(PySSLSession_get_session_id_doc,
4989 "Session id");
4990 
4991 
4992 static PyObject *
PySSLSession_get_has_ticket(PySSLSession * self,void * closure)4993 PySSLSession_get_has_ticket(PySSLSession *self, void *closure) {
4994     if (SSL_SESSION_has_ticket(self->session)) {
4995         Py_RETURN_TRUE;
4996     } else {
4997         Py_RETURN_FALSE;
4998     }
4999 }
5000 
5001 PyDoc_STRVAR(PySSLSession_get_has_ticket_doc,
5002 "Does the session contain a ticket?");
5003 
5004 
5005 static PyGetSetDef PySSLSession_getsetlist[] = {
5006     {"has_ticket", (getter) PySSLSession_get_has_ticket, NULL,
5007               PySSLSession_get_has_ticket_doc},
5008     {"id",   (getter) PySSLSession_get_session_id, NULL,
5009               PySSLSession_get_session_id_doc},
5010     {"ticket_lifetime_hint", (getter) PySSLSession_get_ticket_lifetime_hint,
5011               NULL, PySSLSession_get_ticket_lifetime_hint_doc},
5012     {"time", (getter) PySSLSession_get_time, NULL,
5013               PySSLSession_get_time_doc},
5014     {"timeout", (getter) PySSLSession_get_timeout, NULL,
5015               PySSLSession_get_timeout_doc},
5016     {NULL},            /* sentinel */
5017 };
5018 
5019 static PyTypeObject PySSLSession_Type = {
5020     PyVarObject_HEAD_INIT(NULL, 0)
5021     "_ssl.Session",                            /*tp_name*/
5022     sizeof(PySSLSession),                      /*tp_basicsize*/
5023     0,                                         /*tp_itemsize*/
5024     (destructor)PySSLSession_dealloc,          /*tp_dealloc*/
5025     0,                                         /*tp_print*/
5026     0,                                         /*tp_getattr*/
5027     0,                                         /*tp_setattr*/
5028     0,                                         /*tp_reserved*/
5029     0,                                         /*tp_repr*/
5030     0,                                         /*tp_as_number*/
5031     0,                                         /*tp_as_sequence*/
5032     0,                                         /*tp_as_mapping*/
5033     0,                                         /*tp_hash*/
5034     0,                                         /*tp_call*/
5035     0,                                         /*tp_str*/
5036     0,                                         /*tp_getattro*/
5037     0,                                         /*tp_setattro*/
5038     0,                                         /*tp_as_buffer*/
5039     Py_TPFLAGS_DEFAULT | Py_TPFLAGS_HAVE_GC,   /*tp_flags*/
5040     0,                                         /*tp_doc*/
5041     (traverseproc)PySSLSession_traverse,       /*tp_traverse*/
5042     (inquiry)PySSLSession_clear,               /*tp_clear*/
5043     PySSLSession_richcompare,                  /*tp_richcompare*/
5044     0,                                         /*tp_weaklistoffset*/
5045     0,                                         /*tp_iter*/
5046     0,                                         /*tp_iternext*/
5047     0,                                         /*tp_methods*/
5048     0,                                         /*tp_members*/
5049     PySSLSession_getsetlist,                   /*tp_getset*/
5050 };
5051 
5052 
5053 /* helper routines for seeding the SSL PRNG */
5054 /*[clinic input]
5055 _ssl.RAND_add
5056     string as view: Py_buffer(accept={str, buffer})
5057     entropy: double
5058     /
5059 
5060 Mix string into the OpenSSL PRNG state.
5061 
5062 entropy (a float) is a lower bound on the entropy contained in
5063 string.  See RFC 4086.
5064 [clinic start generated code]*/
5065 
5066 static PyObject *
_ssl_RAND_add_impl(PyObject * module,Py_buffer * view,double entropy)5067 _ssl_RAND_add_impl(PyObject *module, Py_buffer *view, double entropy)
5068 /*[clinic end generated code: output=e6dd48df9c9024e9 input=5c33017422828f5c]*/
5069 {
5070     const char *buf;
5071     Py_ssize_t len, written;
5072 
5073     buf = (const char *)view->buf;
5074     len = view->len;
5075     do {
5076         written = Py_MIN(len, INT_MAX);
5077         RAND_add(buf, (int)written, entropy);
5078         buf += written;
5079         len -= written;
5080     } while (len);
5081     Py_RETURN_NONE;
5082 }
5083 
5084 static PyObject *
PySSL_RAND(int len,int pseudo)5085 PySSL_RAND(int len, int pseudo)
5086 {
5087     int ok;
5088     PyObject *bytes;
5089     unsigned long err;
5090     const char *errstr;
5091     PyObject *v;
5092 
5093     if (len < 0) {
5094         PyErr_SetString(PyExc_ValueError, "num must be positive");
5095         return NULL;
5096     }
5097 
5098     bytes = PyBytes_FromStringAndSize(NULL, len);
5099     if (bytes == NULL)
5100         return NULL;
5101     if (pseudo) {
5102         ok = RAND_pseudo_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len);
5103         if (ok == 0 || ok == 1)
5104             return Py_BuildValue("NO", bytes, ok == 1 ? Py_True : Py_False);
5105     }
5106     else {
5107         ok = RAND_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len);
5108         if (ok == 1)
5109             return bytes;
5110     }
5111     Py_DECREF(bytes);
5112 
5113     err = ERR_get_error();
5114     errstr = ERR_reason_error_string(err);
5115     v = Py_BuildValue("(ks)", err, errstr);
5116     if (v != NULL) {
5117         PyErr_SetObject(PySSLErrorObject, v);
5118         Py_DECREF(v);
5119     }
5120     return NULL;
5121 }
5122 
5123 /*[clinic input]
5124 _ssl.RAND_bytes
5125     n: int
5126     /
5127 
5128 Generate n cryptographically strong pseudo-random bytes.
5129 [clinic start generated code]*/
5130 
5131 static PyObject *
_ssl_RAND_bytes_impl(PyObject * module,int n)5132 _ssl_RAND_bytes_impl(PyObject *module, int n)
5133 /*[clinic end generated code: output=977da635e4838bc7 input=678ddf2872dfebfc]*/
5134 {
5135     return PySSL_RAND(n, 0);
5136 }
5137 
5138 /*[clinic input]
5139 _ssl.RAND_pseudo_bytes
5140     n: int
5141     /
5142 
5143 Generate n pseudo-random bytes.
5144 
5145 Return a pair (bytes, is_cryptographic).  is_cryptographic is True
5146 if the bytes generated are cryptographically strong.
5147 [clinic start generated code]*/
5148 
5149 static PyObject *
_ssl_RAND_pseudo_bytes_impl(PyObject * module,int n)5150 _ssl_RAND_pseudo_bytes_impl(PyObject *module, int n)
5151 /*[clinic end generated code: output=b1509e937000e52d input=58312bd53f9bbdd0]*/
5152 {
5153     return PySSL_RAND(n, 1);
5154 }
5155 
5156 /*[clinic input]
5157 _ssl.RAND_status
5158 
5159 Returns 1 if the OpenSSL PRNG has been seeded with enough data and 0 if not.
5160 
5161 It is necessary to seed the PRNG with RAND_add() on some platforms before
5162 using the ssl() function.
5163 [clinic start generated code]*/
5164 
5165 static PyObject *
_ssl_RAND_status_impl(PyObject * module)5166 _ssl_RAND_status_impl(PyObject *module)
5167 /*[clinic end generated code: output=7e0aaa2d39fdc1ad input=8a774b02d1dc81f3]*/
5168 {
5169     return PyLong_FromLong(RAND_status());
5170 }
5171 
5172 #ifndef OPENSSL_NO_EGD
5173 /* LCOV_EXCL_START */
5174 /*[clinic input]
5175 _ssl.RAND_egd
5176     path: object(converter="PyUnicode_FSConverter")
5177     /
5178 
5179 Queries the entropy gather daemon (EGD) on the socket named by 'path'.
5180 
5181 Returns number of bytes read.  Raises SSLError if connection to EGD
5182 fails or if it does not provide enough data to seed PRNG.
5183 [clinic start generated code]*/
5184 
5185 static PyObject *
_ssl_RAND_egd_impl(PyObject * module,PyObject * path)5186 _ssl_RAND_egd_impl(PyObject *module, PyObject *path)
5187 /*[clinic end generated code: output=02a67c7c367f52fa input=1aeb7eb948312195]*/
5188 {
5189     int bytes = RAND_egd(PyBytes_AsString(path));
5190     Py_DECREF(path);
5191     if (bytes == -1) {
5192         PyErr_SetString(PySSLErrorObject,
5193                         "EGD connection failed or EGD did not return "
5194                         "enough data to seed the PRNG");
5195         return NULL;
5196     }
5197     return PyLong_FromLong(bytes);
5198 }
5199 /* LCOV_EXCL_STOP */
5200 #endif /* OPENSSL_NO_EGD */
5201 
5202 
5203 
5204 /*[clinic input]
5205 _ssl.get_default_verify_paths
5206 
5207 Return search paths and environment vars that are used by SSLContext's set_default_verify_paths() to load default CAs.
5208 
5209 The values are 'cert_file_env', 'cert_file', 'cert_dir_env', 'cert_dir'.
5210 [clinic start generated code]*/
5211 
5212 static PyObject *
_ssl_get_default_verify_paths_impl(PyObject * module)5213 _ssl_get_default_verify_paths_impl(PyObject *module)
5214 /*[clinic end generated code: output=e5b62a466271928b input=5210c953d98c3eb5]*/
5215 {
5216     PyObject *ofile_env = NULL;
5217     PyObject *ofile = NULL;
5218     PyObject *odir_env = NULL;
5219     PyObject *odir = NULL;
5220 
5221 #define CONVERT(info, target) { \
5222         const char *tmp = (info); \
5223         target = NULL; \
5224         if (!tmp) { Py_INCREF(Py_None); target = Py_None; } \
5225         else if ((target = PyUnicode_DecodeFSDefault(tmp)) == NULL) { \
5226             target = PyBytes_FromString(tmp); } \
5227         if (!target) goto error; \
5228     }
5229 
5230     CONVERT(X509_get_default_cert_file_env(), ofile_env);
5231     CONVERT(X509_get_default_cert_file(), ofile);
5232     CONVERT(X509_get_default_cert_dir_env(), odir_env);
5233     CONVERT(X509_get_default_cert_dir(), odir);
5234 #undef CONVERT
5235 
5236     return Py_BuildValue("NNNN", ofile_env, ofile, odir_env, odir);
5237 
5238   error:
5239     Py_XDECREF(ofile_env);
5240     Py_XDECREF(ofile);
5241     Py_XDECREF(odir_env);
5242     Py_XDECREF(odir);
5243     return NULL;
5244 }
5245 
5246 static PyObject*
asn1obj2py(ASN1_OBJECT * obj)5247 asn1obj2py(ASN1_OBJECT *obj)
5248 {
5249     int nid;
5250     const char *ln, *sn;
5251 
5252     nid = OBJ_obj2nid(obj);
5253     if (nid == NID_undef) {
5254         PyErr_Format(PyExc_ValueError, "Unknown object");
5255         return NULL;
5256     }
5257     sn = OBJ_nid2sn(nid);
5258     ln = OBJ_nid2ln(nid);
5259     return Py_BuildValue("issN", nid, sn, ln, _asn1obj2py(obj, 1));
5260 }
5261 
5262 /*[clinic input]
5263 _ssl.txt2obj
5264     txt: str
5265     name: bool = False
5266 
5267 Lookup NID, short name, long name and OID of an ASN1_OBJECT.
5268 
5269 By default objects are looked up by OID. With name=True short and
5270 long name are also matched.
5271 [clinic start generated code]*/
5272 
5273 static PyObject *
_ssl_txt2obj_impl(PyObject * module,const char * txt,int name)5274 _ssl_txt2obj_impl(PyObject *module, const char *txt, int name)
5275 /*[clinic end generated code: output=c38e3991347079c1 input=1c1e7d0aa7c48602]*/
5276 {
5277     PyObject *result = NULL;
5278     ASN1_OBJECT *obj;
5279 
5280     obj = OBJ_txt2obj(txt, name ? 0 : 1);
5281     if (obj == NULL) {
5282         PyErr_Format(PyExc_ValueError, "unknown object '%.100s'", txt);
5283         return NULL;
5284     }
5285     result = asn1obj2py(obj);
5286     ASN1_OBJECT_free(obj);
5287     return result;
5288 }
5289 
5290 /*[clinic input]
5291 _ssl.nid2obj
5292     nid: int
5293     /
5294 
5295 Lookup NID, short name, long name and OID of an ASN1_OBJECT by NID.
5296 [clinic start generated code]*/
5297 
5298 static PyObject *
_ssl_nid2obj_impl(PyObject * module,int nid)5299 _ssl_nid2obj_impl(PyObject *module, int nid)
5300 /*[clinic end generated code: output=4a98ab691cd4f84a input=51787a3bee7d8f98]*/
5301 {
5302     PyObject *result = NULL;
5303     ASN1_OBJECT *obj;
5304 
5305     if (nid < NID_undef) {
5306         PyErr_SetString(PyExc_ValueError, "NID must be positive.");
5307         return NULL;
5308     }
5309     obj = OBJ_nid2obj(nid);
5310     if (obj == NULL) {
5311         PyErr_Format(PyExc_ValueError, "unknown NID %i", nid);
5312         return NULL;
5313     }
5314     result = asn1obj2py(obj);
5315     ASN1_OBJECT_free(obj);
5316     return result;
5317 }
5318 
5319 #ifdef _MSC_VER
5320 
5321 static PyObject*
certEncodingType(DWORD encodingType)5322 certEncodingType(DWORD encodingType)
5323 {
5324     static PyObject *x509_asn = NULL;
5325     static PyObject *pkcs_7_asn = NULL;
5326 
5327     if (x509_asn == NULL) {
5328         x509_asn = PyUnicode_InternFromString("x509_asn");
5329         if (x509_asn == NULL)
5330             return NULL;
5331     }
5332     if (pkcs_7_asn == NULL) {
5333         pkcs_7_asn = PyUnicode_InternFromString("pkcs_7_asn");
5334         if (pkcs_7_asn == NULL)
5335             return NULL;
5336     }
5337     switch(encodingType) {
5338     case X509_ASN_ENCODING:
5339         Py_INCREF(x509_asn);
5340         return x509_asn;
5341     case PKCS_7_ASN_ENCODING:
5342         Py_INCREF(pkcs_7_asn);
5343         return pkcs_7_asn;
5344     default:
5345         return PyLong_FromLong(encodingType);
5346     }
5347 }
5348 
5349 static PyObject*
parseKeyUsage(PCCERT_CONTEXT pCertCtx,DWORD flags)5350 parseKeyUsage(PCCERT_CONTEXT pCertCtx, DWORD flags)
5351 {
5352     CERT_ENHKEY_USAGE *usage;
5353     DWORD size, error, i;
5354     PyObject *retval;
5355 
5356     if (!CertGetEnhancedKeyUsage(pCertCtx, flags, NULL, &size)) {
5357         error = GetLastError();
5358         if (error == CRYPT_E_NOT_FOUND) {
5359             Py_RETURN_TRUE;
5360         }
5361         return PyErr_SetFromWindowsErr(error);
5362     }
5363 
5364     usage = (CERT_ENHKEY_USAGE*)PyMem_Malloc(size);
5365     if (usage == NULL) {
5366         return PyErr_NoMemory();
5367     }
5368 
5369     /* Now get the actual enhanced usage property */
5370     if (!CertGetEnhancedKeyUsage(pCertCtx, flags, usage, &size)) {
5371         PyMem_Free(usage);
5372         error = GetLastError();
5373         if (error == CRYPT_E_NOT_FOUND) {
5374             Py_RETURN_TRUE;
5375         }
5376         return PyErr_SetFromWindowsErr(error);
5377     }
5378     retval = PySet_New(NULL);
5379     if (retval == NULL) {
5380         goto error;
5381     }
5382     for (i = 0; i < usage->cUsageIdentifier; ++i) {
5383         if (usage->rgpszUsageIdentifier[i]) {
5384             PyObject *oid;
5385             int err;
5386             oid = PyUnicode_FromString(usage->rgpszUsageIdentifier[i]);
5387             if (oid == NULL) {
5388                 Py_CLEAR(retval);
5389                 goto error;
5390             }
5391             err = PySet_Add(retval, oid);
5392             Py_DECREF(oid);
5393             if (err == -1) {
5394                 Py_CLEAR(retval);
5395                 goto error;
5396             }
5397         }
5398     }
5399   error:
5400     PyMem_Free(usage);
5401     return retval;
5402 }
5403 
5404 /*[clinic input]
5405 _ssl.enum_certificates
5406     store_name: str
5407 
5408 Retrieve certificates from Windows' cert store.
5409 
5410 store_name may be one of 'CA', 'ROOT' or 'MY'.  The system may provide
5411 more cert storages, too.  The function returns a list of (bytes,
5412 encoding_type, trust) tuples.  The encoding_type flag can be interpreted
5413 with X509_ASN_ENCODING or PKCS_7_ASN_ENCODING. The trust setting is either
5414 a set of OIDs or the boolean True.
5415 [clinic start generated code]*/
5416 
5417 static PyObject *
_ssl_enum_certificates_impl(PyObject * module,const char * store_name)5418 _ssl_enum_certificates_impl(PyObject *module, const char *store_name)
5419 /*[clinic end generated code: output=5134dc8bb3a3c893 input=915f60d70461ea4e]*/
5420 {
5421     HCERTSTORE hStore = NULL;
5422     PCCERT_CONTEXT pCertCtx = NULL;
5423     PyObject *keyusage = NULL, *cert = NULL, *enc = NULL, *tup = NULL;
5424     PyObject *result = NULL;
5425 
5426     result = PyList_New(0);
5427     if (result == NULL) {
5428         return NULL;
5429     }
5430     hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, (HCRYPTPROV)NULL,
5431                             CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_LOCAL_MACHINE,
5432                             store_name);
5433     if (hStore == NULL) {
5434         Py_DECREF(result);
5435         return PyErr_SetFromWindowsErr(GetLastError());
5436     }
5437 
5438     while (pCertCtx = CertEnumCertificatesInStore(hStore, pCertCtx)) {
5439         cert = PyBytes_FromStringAndSize((const char*)pCertCtx->pbCertEncoded,
5440                                             pCertCtx->cbCertEncoded);
5441         if (!cert) {
5442             Py_CLEAR(result);
5443             break;
5444         }
5445         if ((enc = certEncodingType(pCertCtx->dwCertEncodingType)) == NULL) {
5446             Py_CLEAR(result);
5447             break;
5448         }
5449         keyusage = parseKeyUsage(pCertCtx, CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG);
5450         if (keyusage == Py_True) {
5451             Py_DECREF(keyusage);
5452             keyusage = parseKeyUsage(pCertCtx, CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG);
5453         }
5454         if (keyusage == NULL) {
5455             Py_CLEAR(result);
5456             break;
5457         }
5458         if ((tup = PyTuple_New(3)) == NULL) {
5459             Py_CLEAR(result);
5460             break;
5461         }
5462         PyTuple_SET_ITEM(tup, 0, cert);
5463         cert = NULL;
5464         PyTuple_SET_ITEM(tup, 1, enc);
5465         enc = NULL;
5466         PyTuple_SET_ITEM(tup, 2, keyusage);
5467         keyusage = NULL;
5468         if (PyList_Append(result, tup) < 0) {
5469             Py_CLEAR(result);
5470             break;
5471         }
5472         Py_CLEAR(tup);
5473     }
5474     if (pCertCtx) {
5475         /* loop ended with an error, need to clean up context manually */
5476         CertFreeCertificateContext(pCertCtx);
5477     }
5478 
5479     /* In error cases cert, enc and tup may not be NULL */
5480     Py_XDECREF(cert);
5481     Py_XDECREF(enc);
5482     Py_XDECREF(keyusage);
5483     Py_XDECREF(tup);
5484 
5485     if (!CertCloseStore(hStore, 0)) {
5486         /* This error case might shadow another exception.*/
5487         Py_XDECREF(result);
5488         return PyErr_SetFromWindowsErr(GetLastError());
5489     }
5490     return result;
5491 }
5492 
5493 /*[clinic input]
5494 _ssl.enum_crls
5495     store_name: str
5496 
5497 Retrieve CRLs from Windows' cert store.
5498 
5499 store_name may be one of 'CA', 'ROOT' or 'MY'.  The system may provide
5500 more cert storages, too.  The function returns a list of (bytes,
5501 encoding_type) tuples.  The encoding_type flag can be interpreted with
5502 X509_ASN_ENCODING or PKCS_7_ASN_ENCODING.
5503 [clinic start generated code]*/
5504 
5505 static PyObject *
_ssl_enum_crls_impl(PyObject * module,const char * store_name)5506 _ssl_enum_crls_impl(PyObject *module, const char *store_name)
5507 /*[clinic end generated code: output=bce467f60ccd03b6 input=a1f1d7629f1c5d3d]*/
5508 {
5509     HCERTSTORE hStore = NULL;
5510     PCCRL_CONTEXT pCrlCtx = NULL;
5511     PyObject *crl = NULL, *enc = NULL, *tup = NULL;
5512     PyObject *result = NULL;
5513 
5514     result = PyList_New(0);
5515     if (result == NULL) {
5516         return NULL;
5517     }
5518     hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, (HCRYPTPROV)NULL,
5519                             CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_LOCAL_MACHINE,
5520                             store_name);
5521     if (hStore == NULL) {
5522         Py_DECREF(result);
5523         return PyErr_SetFromWindowsErr(GetLastError());
5524     }
5525 
5526     while (pCrlCtx = CertEnumCRLsInStore(hStore, pCrlCtx)) {
5527         crl = PyBytes_FromStringAndSize((const char*)pCrlCtx->pbCrlEncoded,
5528                                             pCrlCtx->cbCrlEncoded);
5529         if (!crl) {
5530             Py_CLEAR(result);
5531             break;
5532         }
5533         if ((enc = certEncodingType(pCrlCtx->dwCertEncodingType)) == NULL) {
5534             Py_CLEAR(result);
5535             break;
5536         }
5537         if ((tup = PyTuple_New(2)) == NULL) {
5538             Py_CLEAR(result);
5539             break;
5540         }
5541         PyTuple_SET_ITEM(tup, 0, crl);
5542         crl = NULL;
5543         PyTuple_SET_ITEM(tup, 1, enc);
5544         enc = NULL;
5545 
5546         if (PyList_Append(result, tup) < 0) {
5547             Py_CLEAR(result);
5548             break;
5549         }
5550         Py_CLEAR(tup);
5551     }
5552     if (pCrlCtx) {
5553         /* loop ended with an error, need to clean up context manually */
5554         CertFreeCRLContext(pCrlCtx);
5555     }
5556 
5557     /* In error cases cert, enc and tup may not be NULL */
5558     Py_XDECREF(crl);
5559     Py_XDECREF(enc);
5560     Py_XDECREF(tup);
5561 
5562     if (!CertCloseStore(hStore, 0)) {
5563         /* This error case might shadow another exception.*/
5564         Py_XDECREF(result);
5565         return PyErr_SetFromWindowsErr(GetLastError());
5566     }
5567     return result;
5568 }
5569 
5570 #endif /* _MSC_VER */
5571 
5572 /* List of functions exported by this module. */
5573 static PyMethodDef PySSL_methods[] = {
5574     _SSL__TEST_DECODE_CERT_METHODDEF
5575     _SSL_RAND_ADD_METHODDEF
5576     _SSL_RAND_BYTES_METHODDEF
5577     _SSL_RAND_PSEUDO_BYTES_METHODDEF
5578     _SSL_RAND_EGD_METHODDEF
5579     _SSL_RAND_STATUS_METHODDEF
5580     _SSL_GET_DEFAULT_VERIFY_PATHS_METHODDEF
5581     _SSL_ENUM_CERTIFICATES_METHODDEF
5582     _SSL_ENUM_CRLS_METHODDEF
5583     _SSL_TXT2OBJ_METHODDEF
5584     _SSL_NID2OBJ_METHODDEF
5585     {NULL,                  NULL}            /* Sentinel */
5586 };
5587 
5588 
5589 #ifdef HAVE_OPENSSL_CRYPTO_LOCK
5590 
5591 /* an implementation of OpenSSL threading operations in terms
5592  * of the Python C thread library
5593  * Only used up to 1.0.2. OpenSSL 1.1.0+ has its own locking code.
5594  */
5595 
5596 static PyThread_type_lock *_ssl_locks = NULL;
5597 
5598 #if OPENSSL_VERSION_NUMBER >= 0x10000000
5599 /* use new CRYPTO_THREADID API. */
5600 static void
_ssl_threadid_callback(CRYPTO_THREADID * id)5601 _ssl_threadid_callback(CRYPTO_THREADID *id)
5602 {
5603     CRYPTO_THREADID_set_numeric(id, PyThread_get_thread_ident());
5604 }
5605 #else
5606 /* deprecated CRYPTO_set_id_callback() API. */
5607 static unsigned long
_ssl_thread_id_function(void)5608 _ssl_thread_id_function (void) {
5609     return PyThread_get_thread_ident();
5610 }
5611 #endif
5612 
_ssl_thread_locking_function(int mode,int n,const char * file,int line)5613 static void _ssl_thread_locking_function
5614     (int mode, int n, const char *file, int line) {
5615     /* this function is needed to perform locking on shared data
5616        structures. (Note that OpenSSL uses a number of global data
5617        structures that will be implicitly shared whenever multiple
5618        threads use OpenSSL.) Multi-threaded applications will
5619        crash at random if it is not set.
5620 
5621        locking_function() must be able to handle up to
5622        CRYPTO_num_locks() different mutex locks. It sets the n-th
5623        lock if mode & CRYPTO_LOCK, and releases it otherwise.
5624 
5625        file and line are the file number of the function setting the
5626        lock. They can be useful for debugging.
5627     */
5628 
5629     if ((_ssl_locks == NULL) ||
5630         (n < 0) || ((unsigned)n >= _ssl_locks_count))
5631         return;
5632 
5633     if (mode & CRYPTO_LOCK) {
5634         PyThread_acquire_lock(_ssl_locks[n], 1);
5635     } else {
5636         PyThread_release_lock(_ssl_locks[n]);
5637     }
5638 }
5639 
_setup_ssl_threads(void)5640 static int _setup_ssl_threads(void) {
5641 
5642     unsigned int i;
5643 
5644     if (_ssl_locks == NULL) {
5645         _ssl_locks_count = CRYPTO_num_locks();
5646         _ssl_locks = PyMem_Calloc(_ssl_locks_count,
5647                                   sizeof(PyThread_type_lock));
5648         if (_ssl_locks == NULL) {
5649             PyErr_NoMemory();
5650             return 0;
5651         }
5652         for (i = 0;  i < _ssl_locks_count;  i++) {
5653             _ssl_locks[i] = PyThread_allocate_lock();
5654             if (_ssl_locks[i] == NULL) {
5655                 unsigned int j;
5656                 for (j = 0;  j < i;  j++) {
5657                     PyThread_free_lock(_ssl_locks[j]);
5658                 }
5659                 PyMem_Free(_ssl_locks);
5660                 return 0;
5661             }
5662         }
5663         CRYPTO_set_locking_callback(_ssl_thread_locking_function);
5664 #if OPENSSL_VERSION_NUMBER >= 0x10000000
5665         CRYPTO_THREADID_set_callback(_ssl_threadid_callback);
5666 #else
5667         CRYPTO_set_id_callback(_ssl_thread_id_function);
5668 #endif
5669     }
5670     return 1;
5671 }
5672 
5673 #endif  /* HAVE_OPENSSL_CRYPTO_LOCK for OpenSSL < 1.1.0 */
5674 
5675 PyDoc_STRVAR(module_doc,
5676 "Implementation module for SSL socket operations.  See the socket module\n\
5677 for documentation.");
5678 
5679 
5680 static struct PyModuleDef _sslmodule = {
5681     PyModuleDef_HEAD_INIT,
5682     "_ssl",
5683     module_doc,
5684     -1,
5685     PySSL_methods,
5686     NULL,
5687     NULL,
5688     NULL,
5689     NULL
5690 };
5691 
5692 
5693 static void
parse_openssl_version(unsigned long libver,unsigned int * major,unsigned int * minor,unsigned int * fix,unsigned int * patch,unsigned int * status)5694 parse_openssl_version(unsigned long libver,
5695                       unsigned int *major, unsigned int *minor,
5696                       unsigned int *fix, unsigned int *patch,
5697                       unsigned int *status)
5698 {
5699     *status = libver & 0xF;
5700     libver >>= 4;
5701     *patch = libver & 0xFF;
5702     libver >>= 8;
5703     *fix = libver & 0xFF;
5704     libver >>= 8;
5705     *minor = libver & 0xFF;
5706     libver >>= 8;
5707     *major = libver & 0xFF;
5708 }
5709 
5710 PyMODINIT_FUNC
PyInit__ssl(void)5711 PyInit__ssl(void)
5712 {
5713     PyObject *m, *d, *r, *bases;
5714     unsigned long libver;
5715     unsigned int major, minor, fix, patch, status;
5716     PySocketModule_APIObject *socket_api;
5717     struct py_ssl_error_code *errcode;
5718     struct py_ssl_library_code *libcode;
5719 
5720     if (PyType_Ready(&PySSLContext_Type) < 0)
5721         return NULL;
5722     if (PyType_Ready(&PySSLSocket_Type) < 0)
5723         return NULL;
5724     if (PyType_Ready(&PySSLMemoryBIO_Type) < 0)
5725         return NULL;
5726     if (PyType_Ready(&PySSLSession_Type) < 0)
5727         return NULL;
5728 
5729 
5730     m = PyModule_Create(&_sslmodule);
5731     if (m == NULL)
5732         return NULL;
5733     d = PyModule_GetDict(m);
5734 
5735     /* Load _socket module and its C API */
5736     socket_api = PySocketModule_ImportModuleAndAPI();
5737     if (!socket_api)
5738         return NULL;
5739     PySocketModule = *socket_api;
5740 
5741 #ifndef OPENSSL_VERSION_1_1
5742     /* Load all algorithms and initialize cpuid */
5743     OPENSSL_add_all_algorithms_noconf();
5744     /* Init OpenSSL */
5745     SSL_load_error_strings();
5746     SSL_library_init();
5747 #endif
5748 
5749 #ifdef HAVE_OPENSSL_CRYPTO_LOCK
5750     /* note that this will start threading if not already started */
5751     if (!_setup_ssl_threads()) {
5752         return NULL;
5753     }
5754 #elif OPENSSL_VERSION_1_1 && defined(OPENSSL_THREADS)
5755     /* OpenSSL 1.1.0 builtin thread support is enabled */
5756     _ssl_locks_count++;
5757 #endif
5758 
5759     /* Add symbols to module dict */
5760     sslerror_type_slots[0].pfunc = PyExc_OSError;
5761     PySSLErrorObject = PyType_FromSpec(&sslerror_type_spec);
5762     if (PySSLErrorObject == NULL)
5763         return NULL;
5764 
5765     /* ssl.CertificateError used to be a subclass of ValueError */
5766     bases = Py_BuildValue("OO", PySSLErrorObject, PyExc_ValueError);
5767     if (bases == NULL)
5768         return NULL;
5769     PySSLCertVerificationErrorObject = PyErr_NewExceptionWithDoc(
5770         "ssl.SSLCertVerificationError", SSLCertVerificationError_doc,
5771         bases, NULL);
5772     Py_DECREF(bases);
5773     PySSLZeroReturnErrorObject = PyErr_NewExceptionWithDoc(
5774         "ssl.SSLZeroReturnError", SSLZeroReturnError_doc,
5775         PySSLErrorObject, NULL);
5776     PySSLWantReadErrorObject = PyErr_NewExceptionWithDoc(
5777         "ssl.SSLWantReadError", SSLWantReadError_doc,
5778         PySSLErrorObject, NULL);
5779     PySSLWantWriteErrorObject = PyErr_NewExceptionWithDoc(
5780         "ssl.SSLWantWriteError", SSLWantWriteError_doc,
5781         PySSLErrorObject, NULL);
5782     PySSLSyscallErrorObject = PyErr_NewExceptionWithDoc(
5783         "ssl.SSLSyscallError", SSLSyscallError_doc,
5784         PySSLErrorObject, NULL);
5785     PySSLEOFErrorObject = PyErr_NewExceptionWithDoc(
5786         "ssl.SSLEOFError", SSLEOFError_doc,
5787         PySSLErrorObject, NULL);
5788     if (PySSLCertVerificationErrorObject == NULL
5789         || PySSLZeroReturnErrorObject == NULL
5790         || PySSLWantReadErrorObject == NULL
5791         || PySSLWantWriteErrorObject == NULL
5792         || PySSLSyscallErrorObject == NULL
5793         || PySSLEOFErrorObject == NULL)
5794         return NULL;
5795     if (PyDict_SetItemString(d, "SSLError", PySSLErrorObject) != 0
5796         || PyDict_SetItemString(d, "SSLCertVerificationError",
5797                                 PySSLCertVerificationErrorObject) != 0
5798         || PyDict_SetItemString(d, "SSLZeroReturnError", PySSLZeroReturnErrorObject) != 0
5799         || PyDict_SetItemString(d, "SSLWantReadError", PySSLWantReadErrorObject) != 0
5800         || PyDict_SetItemString(d, "SSLWantWriteError", PySSLWantWriteErrorObject) != 0
5801         || PyDict_SetItemString(d, "SSLSyscallError", PySSLSyscallErrorObject) != 0
5802         || PyDict_SetItemString(d, "SSLEOFError", PySSLEOFErrorObject) != 0)
5803         return NULL;
5804     if (PyDict_SetItemString(d, "_SSLContext",
5805                              (PyObject *)&PySSLContext_Type) != 0)
5806         return NULL;
5807     if (PyDict_SetItemString(d, "_SSLSocket",
5808                              (PyObject *)&PySSLSocket_Type) != 0)
5809         return NULL;
5810     if (PyDict_SetItemString(d, "MemoryBIO",
5811                              (PyObject *)&PySSLMemoryBIO_Type) != 0)
5812         return NULL;
5813     if (PyDict_SetItemString(d, "SSLSession",
5814                              (PyObject *)&PySSLSession_Type) != 0)
5815         return NULL;
5816 
5817     PyModule_AddStringConstant(m, "_DEFAULT_CIPHERS",
5818                                PY_SSL_DEFAULT_CIPHER_STRING);
5819 
5820     PyModule_AddIntConstant(m, "SSL_ERROR_ZERO_RETURN",
5821                             PY_SSL_ERROR_ZERO_RETURN);
5822     PyModule_AddIntConstant(m, "SSL_ERROR_WANT_READ",
5823                             PY_SSL_ERROR_WANT_READ);
5824     PyModule_AddIntConstant(m, "SSL_ERROR_WANT_WRITE",
5825                             PY_SSL_ERROR_WANT_WRITE);
5826     PyModule_AddIntConstant(m, "SSL_ERROR_WANT_X509_LOOKUP",
5827                             PY_SSL_ERROR_WANT_X509_LOOKUP);
5828     PyModule_AddIntConstant(m, "SSL_ERROR_SYSCALL",
5829                             PY_SSL_ERROR_SYSCALL);
5830     PyModule_AddIntConstant(m, "SSL_ERROR_SSL",
5831                             PY_SSL_ERROR_SSL);
5832     PyModule_AddIntConstant(m, "SSL_ERROR_WANT_CONNECT",
5833                             PY_SSL_ERROR_WANT_CONNECT);
5834     /* non ssl.h errorcodes */
5835     PyModule_AddIntConstant(m, "SSL_ERROR_EOF",
5836                             PY_SSL_ERROR_EOF);
5837     PyModule_AddIntConstant(m, "SSL_ERROR_INVALID_ERROR_CODE",
5838                             PY_SSL_ERROR_INVALID_ERROR_CODE);
5839     /* cert requirements */
5840     PyModule_AddIntConstant(m, "CERT_NONE",
5841                             PY_SSL_CERT_NONE);
5842     PyModule_AddIntConstant(m, "CERT_OPTIONAL",
5843                             PY_SSL_CERT_OPTIONAL);
5844     PyModule_AddIntConstant(m, "CERT_REQUIRED",
5845                             PY_SSL_CERT_REQUIRED);
5846     /* CRL verification for verification_flags */
5847     PyModule_AddIntConstant(m, "VERIFY_DEFAULT",
5848                             0);
5849     PyModule_AddIntConstant(m, "VERIFY_CRL_CHECK_LEAF",
5850                             X509_V_FLAG_CRL_CHECK);
5851     PyModule_AddIntConstant(m, "VERIFY_CRL_CHECK_CHAIN",
5852                             X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
5853     PyModule_AddIntConstant(m, "VERIFY_X509_STRICT",
5854                             X509_V_FLAG_X509_STRICT);
5855 #ifdef X509_V_FLAG_TRUSTED_FIRST
5856     PyModule_AddIntConstant(m, "VERIFY_X509_TRUSTED_FIRST",
5857                             X509_V_FLAG_TRUSTED_FIRST);
5858 #endif
5859 
5860     /* Alert Descriptions from ssl.h */
5861     /* note RESERVED constants no longer intended for use have been removed */
5862     /* http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6 */
5863 
5864 #define ADD_AD_CONSTANT(s) \
5865     PyModule_AddIntConstant(m, "ALERT_DESCRIPTION_"#s, \
5866                             SSL_AD_##s)
5867 
5868     ADD_AD_CONSTANT(CLOSE_NOTIFY);
5869     ADD_AD_CONSTANT(UNEXPECTED_MESSAGE);
5870     ADD_AD_CONSTANT(BAD_RECORD_MAC);
5871     ADD_AD_CONSTANT(RECORD_OVERFLOW);
5872     ADD_AD_CONSTANT(DECOMPRESSION_FAILURE);
5873     ADD_AD_CONSTANT(HANDSHAKE_FAILURE);
5874     ADD_AD_CONSTANT(BAD_CERTIFICATE);
5875     ADD_AD_CONSTANT(UNSUPPORTED_CERTIFICATE);
5876     ADD_AD_CONSTANT(CERTIFICATE_REVOKED);
5877     ADD_AD_CONSTANT(CERTIFICATE_EXPIRED);
5878     ADD_AD_CONSTANT(CERTIFICATE_UNKNOWN);
5879     ADD_AD_CONSTANT(ILLEGAL_PARAMETER);
5880     ADD_AD_CONSTANT(UNKNOWN_CA);
5881     ADD_AD_CONSTANT(ACCESS_DENIED);
5882     ADD_AD_CONSTANT(DECODE_ERROR);
5883     ADD_AD_CONSTANT(DECRYPT_ERROR);
5884     ADD_AD_CONSTANT(PROTOCOL_VERSION);
5885     ADD_AD_CONSTANT(INSUFFICIENT_SECURITY);
5886     ADD_AD_CONSTANT(INTERNAL_ERROR);
5887     ADD_AD_CONSTANT(USER_CANCELLED);
5888     ADD_AD_CONSTANT(NO_RENEGOTIATION);
5889     /* Not all constants are in old OpenSSL versions */
5890 #ifdef SSL_AD_UNSUPPORTED_EXTENSION
5891     ADD_AD_CONSTANT(UNSUPPORTED_EXTENSION);
5892 #endif
5893 #ifdef SSL_AD_CERTIFICATE_UNOBTAINABLE
5894     ADD_AD_CONSTANT(CERTIFICATE_UNOBTAINABLE);
5895 #endif
5896 #ifdef SSL_AD_UNRECOGNIZED_NAME
5897     ADD_AD_CONSTANT(UNRECOGNIZED_NAME);
5898 #endif
5899 #ifdef SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE
5900     ADD_AD_CONSTANT(BAD_CERTIFICATE_STATUS_RESPONSE);
5901 #endif
5902 #ifdef SSL_AD_BAD_CERTIFICATE_HASH_VALUE
5903     ADD_AD_CONSTANT(BAD_CERTIFICATE_HASH_VALUE);
5904 #endif
5905 #ifdef SSL_AD_UNKNOWN_PSK_IDENTITY
5906     ADD_AD_CONSTANT(UNKNOWN_PSK_IDENTITY);
5907 #endif
5908 
5909 #undef ADD_AD_CONSTANT
5910 
5911     /* protocol versions */
5912 #ifndef OPENSSL_NO_SSL2
5913     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
5914                             PY_SSL_VERSION_SSL2);
5915 #endif
5916 #ifndef OPENSSL_NO_SSL3
5917     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
5918                             PY_SSL_VERSION_SSL3);
5919 #endif
5920     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
5921                             PY_SSL_VERSION_TLS);
5922     PyModule_AddIntConstant(m, "PROTOCOL_TLS",
5923                             PY_SSL_VERSION_TLS);
5924     PyModule_AddIntConstant(m, "PROTOCOL_TLS_CLIENT",
5925                             PY_SSL_VERSION_TLS_CLIENT);
5926     PyModule_AddIntConstant(m, "PROTOCOL_TLS_SERVER",
5927                             PY_SSL_VERSION_TLS_SERVER);
5928     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",
5929                             PY_SSL_VERSION_TLS1);
5930 #if HAVE_TLSv1_2
5931     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1_1",
5932                             PY_SSL_VERSION_TLS1_1);
5933     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1_2",
5934                             PY_SSL_VERSION_TLS1_2);
5935 #endif
5936 
5937     /* protocol options */
5938     PyModule_AddIntConstant(m, "OP_ALL",
5939                             SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
5940     PyModule_AddIntConstant(m, "OP_NO_SSLv2", SSL_OP_NO_SSLv2);
5941     PyModule_AddIntConstant(m, "OP_NO_SSLv3", SSL_OP_NO_SSLv3);
5942     PyModule_AddIntConstant(m, "OP_NO_TLSv1", SSL_OP_NO_TLSv1);
5943 #if HAVE_TLSv1_2
5944     PyModule_AddIntConstant(m, "OP_NO_TLSv1_1", SSL_OP_NO_TLSv1_1);
5945     PyModule_AddIntConstant(m, "OP_NO_TLSv1_2", SSL_OP_NO_TLSv1_2);
5946 #endif
5947 #ifdef SSL_OP_NO_TLSv1_3
5948     PyModule_AddIntConstant(m, "OP_NO_TLSv1_3", SSL_OP_NO_TLSv1_3);
5949 #else
5950     PyModule_AddIntConstant(m, "OP_NO_TLSv1_3", 0);
5951 #endif
5952     PyModule_AddIntConstant(m, "OP_CIPHER_SERVER_PREFERENCE",
5953                             SSL_OP_CIPHER_SERVER_PREFERENCE);
5954     PyModule_AddIntConstant(m, "OP_SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE);
5955     PyModule_AddIntConstant(m, "OP_NO_TICKET", SSL_OP_NO_TICKET);
5956 #ifdef SSL_OP_SINGLE_ECDH_USE
5957     PyModule_AddIntConstant(m, "OP_SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE);
5958 #endif
5959 #ifdef SSL_OP_NO_COMPRESSION
5960     PyModule_AddIntConstant(m, "OP_NO_COMPRESSION",
5961                             SSL_OP_NO_COMPRESSION);
5962 #endif
5963 #ifdef SSL_OP_ENABLE_MIDDLEBOX_COMPAT
5964     PyModule_AddIntConstant(m, "OP_ENABLE_MIDDLEBOX_COMPAT",
5965                             SSL_OP_ENABLE_MIDDLEBOX_COMPAT);
5966 #endif
5967 #ifdef SSL_OP_NO_RENEGOTIATION
5968     PyModule_AddIntConstant(m, "OP_NO_RENEGOTIATION",
5969                             SSL_OP_NO_RENEGOTIATION);
5970 #endif
5971 
5972 #ifdef X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT
5973     PyModule_AddIntConstant(m, "HOSTFLAG_ALWAYS_CHECK_SUBJECT",
5974                             X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT);
5975 #endif
5976 #ifdef X509_CHECK_FLAG_NEVER_CHECK_SUBJECT
5977     PyModule_AddIntConstant(m, "HOSTFLAG_NEVER_CHECK_SUBJECT",
5978                             X509_CHECK_FLAG_NEVER_CHECK_SUBJECT);
5979 #endif
5980 #ifdef X509_CHECK_FLAG_NO_WILDCARDS
5981     PyModule_AddIntConstant(m, "HOSTFLAG_NO_WILDCARDS",
5982                             X509_CHECK_FLAG_NO_WILDCARDS);
5983 #endif
5984 #ifdef X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS
5985     PyModule_AddIntConstant(m, "HOSTFLAG_NO_PARTIAL_WILDCARDS",
5986                             X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
5987 #endif
5988 #ifdef X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS
5989     PyModule_AddIntConstant(m, "HOSTFLAG_MULTI_LABEL_WILDCARDS",
5990                             X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS);
5991 #endif
5992 #ifdef X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS
5993     PyModule_AddIntConstant(m, "HOSTFLAG_SINGLE_LABEL_SUBDOMAINS",
5994                             X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS);
5995 #endif
5996 
5997     /* protocol versions */
5998     PyModule_AddIntConstant(m, "PROTO_MINIMUM_SUPPORTED",
5999                             PY_PROTO_MINIMUM_SUPPORTED);
6000     PyModule_AddIntConstant(m, "PROTO_MAXIMUM_SUPPORTED",
6001                             PY_PROTO_MAXIMUM_SUPPORTED);
6002     PyModule_AddIntConstant(m, "PROTO_SSLv3", PY_PROTO_SSLv3);
6003     PyModule_AddIntConstant(m, "PROTO_TLSv1", PY_PROTO_TLSv1);
6004     PyModule_AddIntConstant(m, "PROTO_TLSv1_1", PY_PROTO_TLSv1_1);
6005     PyModule_AddIntConstant(m, "PROTO_TLSv1_2", PY_PROTO_TLSv1_2);
6006     PyModule_AddIntConstant(m, "PROTO_TLSv1_3", PY_PROTO_TLSv1_3);
6007 
6008 #define addbool(m, v, b) \
6009     Py_INCREF((b) ? Py_True : Py_False); \
6010     PyModule_AddObject((m), (v), (b) ? Py_True : Py_False);
6011 
6012 #if HAVE_SNI
6013     addbool(m, "HAS_SNI", 1);
6014 #else
6015     addbool(m, "HAS_SNI", 0);
6016 #endif
6017 
6018     addbool(m, "HAS_TLS_UNIQUE", 1);
6019 
6020 #ifndef OPENSSL_NO_ECDH
6021     addbool(m, "HAS_ECDH", 1);
6022 #else
6023     addbool(m, "HAS_ECDH", 0);
6024 #endif
6025 
6026 #if HAVE_NPN
6027     addbool(m, "HAS_NPN", 1);
6028 #else
6029     addbool(m, "HAS_NPN", 0);
6030 #endif
6031 
6032 #if HAVE_ALPN
6033     addbool(m, "HAS_ALPN", 1);
6034 #else
6035     addbool(m, "HAS_ALPN", 0);
6036 #endif
6037 
6038 #if defined(SSL2_VERSION) && !defined(OPENSSL_NO_SSL2)
6039     addbool(m, "HAS_SSLv2", 1);
6040 #else
6041     addbool(m, "HAS_SSLv2", 0);
6042 #endif
6043 
6044 #if defined(SSL3_VERSION) && !defined(OPENSSL_NO_SSL3)
6045     addbool(m, "HAS_SSLv3", 1);
6046 #else
6047     addbool(m, "HAS_SSLv3", 0);
6048 #endif
6049 
6050 #if defined(TLS1_VERSION) && !defined(OPENSSL_NO_TLS1)
6051     addbool(m, "HAS_TLSv1", 1);
6052 #else
6053     addbool(m, "HAS_TLSv1", 0);
6054 #endif
6055 
6056 #if defined(TLS1_1_VERSION) && !defined(OPENSSL_NO_TLS1_1)
6057     addbool(m, "HAS_TLSv1_1", 1);
6058 #else
6059     addbool(m, "HAS_TLSv1_1", 0);
6060 #endif
6061 
6062 #if defined(TLS1_2_VERSION) && !defined(OPENSSL_NO_TLS1_2)
6063     addbool(m, "HAS_TLSv1_2", 1);
6064 #else
6065     addbool(m, "HAS_TLSv1_2", 0);
6066 #endif
6067 
6068 #if defined(TLS1_3_VERSION) && !defined(OPENSSL_NO_TLS1_3)
6069     addbool(m, "HAS_TLSv1_3", 1);
6070 #else
6071     addbool(m, "HAS_TLSv1_3", 0);
6072 #endif
6073 
6074     /* Mappings for error codes */
6075     err_codes_to_names = PyDict_New();
6076     err_names_to_codes = PyDict_New();
6077     if (err_codes_to_names == NULL || err_names_to_codes == NULL)
6078         return NULL;
6079     errcode = error_codes;
6080     while (errcode->mnemonic != NULL) {
6081         PyObject *mnemo, *key;
6082         mnemo = PyUnicode_FromString(errcode->mnemonic);
6083         key = Py_BuildValue("ii", errcode->library, errcode->reason);
6084         if (mnemo == NULL || key == NULL)
6085             return NULL;
6086         if (PyDict_SetItem(err_codes_to_names, key, mnemo))
6087             return NULL;
6088         if (PyDict_SetItem(err_names_to_codes, mnemo, key))
6089             return NULL;
6090         Py_DECREF(key);
6091         Py_DECREF(mnemo);
6092         errcode++;
6093     }
6094     if (PyModule_AddObject(m, "err_codes_to_names", err_codes_to_names))
6095         return NULL;
6096     if (PyModule_AddObject(m, "err_names_to_codes", err_names_to_codes))
6097         return NULL;
6098 
6099     lib_codes_to_names = PyDict_New();
6100     if (lib_codes_to_names == NULL)
6101         return NULL;
6102     libcode = library_codes;
6103     while (libcode->library != NULL) {
6104         PyObject *mnemo, *key;
6105         key = PyLong_FromLong(libcode->code);
6106         mnemo = PyUnicode_FromString(libcode->library);
6107         if (key == NULL || mnemo == NULL)
6108             return NULL;
6109         if (PyDict_SetItem(lib_codes_to_names, key, mnemo))
6110             return NULL;
6111         Py_DECREF(key);
6112         Py_DECREF(mnemo);
6113         libcode++;
6114     }
6115     if (PyModule_AddObject(m, "lib_codes_to_names", lib_codes_to_names))
6116         return NULL;
6117 
6118     /* OpenSSL version */
6119     /* SSLeay() gives us the version of the library linked against,
6120        which could be different from the headers version.
6121     */
6122     libver = SSLeay();
6123     r = PyLong_FromUnsignedLong(libver);
6124     if (r == NULL)
6125         return NULL;
6126     if (PyModule_AddObject(m, "OPENSSL_VERSION_NUMBER", r))
6127         return NULL;
6128     parse_openssl_version(libver, &major, &minor, &fix, &patch, &status);
6129     r = Py_BuildValue("IIIII", major, minor, fix, patch, status);
6130     if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r))
6131         return NULL;
6132     r = PyUnicode_FromString(SSLeay_version(SSLEAY_VERSION));
6133     if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r))
6134         return NULL;
6135 
6136     libver = OPENSSL_VERSION_NUMBER;
6137     parse_openssl_version(libver, &major, &minor, &fix, &patch, &status);
6138     r = Py_BuildValue("IIIII", major, minor, fix, patch, status);
6139     if (r == NULL || PyModule_AddObject(m, "_OPENSSL_API_VERSION", r))
6140         return NULL;
6141 
6142     return m;
6143 }
6144