rev280, Fix Ubutuntu 15 gevent SSL incompatibility
This commit is contained in:
parent
417c6eb96f
commit
a5741704e4
2 changed files with 64 additions and 49 deletions
|
@ -4,7 +4,7 @@ import ConfigParser
|
|||
class Config(object):
|
||||
def __init__(self):
|
||||
self.version = "0.3.1"
|
||||
self.rev = 278
|
||||
self.rev = 280
|
||||
self.parser = self.createArguments()
|
||||
argv = sys.argv[:] # Copy command line arguments
|
||||
argv = self.parseConfig(argv) # Add arguments from config file
|
||||
|
|
|
@ -4,76 +4,91 @@
|
|||
import logging
|
||||
from Config import config
|
||||
|
||||
|
||||
def disableSSLCompression():
|
||||
import ctypes
|
||||
import ctypes.util
|
||||
try:
|
||||
openssl = ctypes.CDLL(ctypes.util.find_library('ssl') or ctypes.util.find_library('crypto') or 'libeay32', ctypes.RTLD_GLOBAL)
|
||||
openssl.SSL_COMP_get_compression_methods.restype = ctypes.c_void_p
|
||||
except Exception, err:
|
||||
logging.debug("Disable SSL compression failed: %s (normal on Windows)" % err)
|
||||
return False
|
||||
|
||||
openssl.sk_zero.argtypes = [ctypes.c_void_p]
|
||||
openssl.sk_zero(openssl.SSL_COMP_get_compression_methods())
|
||||
logging.debug("Disabled SSL compression on %s" % openssl)
|
||||
import ctypes
|
||||
import ctypes.util
|
||||
try:
|
||||
openssl = ctypes.CDLL(ctypes.util.find_library('ssl') or ctypes.util.find_library('crypto') or 'libeay32', ctypes.RTLD_GLOBAL)
|
||||
openssl.SSL_COMP_get_compression_methods.restype = ctypes.c_void_p
|
||||
except Exception, err:
|
||||
logging.debug("Disable SSL compression failed: %s (normal on Windows)" % err)
|
||||
return False
|
||||
|
||||
openssl.sk_zero.argtypes = [ctypes.c_void_p]
|
||||
openssl.sk_zero(openssl.SSL_COMP_get_compression_methods())
|
||||
logging.debug("Disabled SSL compression on %s" % openssl)
|
||||
|
||||
|
||||
if config.disable_sslcompression:
|
||||
disableSSLCompression()
|
||||
disableSSLCompression()
|
||||
|
||||
|
||||
# https://github.com/gevent/gevent/issues/477
|
||||
# Re-add sslwrap to Python 2.7.9
|
||||
|
||||
__ssl__ = __import__('ssl')
|
||||
|
||||
|
||||
try:
|
||||
_ssl = __ssl__._ssl
|
||||
_ssl = __ssl__._ssl
|
||||
except AttributeError:
|
||||
_ssl = __ssl__._ssl2
|
||||
_ssl = __ssl__._ssl2
|
||||
|
||||
OldSSLSocket = __ssl__.SSLSocket
|
||||
|
||||
|
||||
class NewSSLSocket(OldSSLSocket):
|
||||
#Fix SSLSocket constructor
|
||||
def __init__(
|
||||
self, sock, keyfile=None, certfile=None, server_side=False,
|
||||
cert_reqs=__ssl__.CERT_REQUIRED, ssl_version=2, ca_certs=None,
|
||||
do_handshake_on_connect=True, suppress_ragged_eofs=True, ciphers=None,
|
||||
server_hostname=None, _context=None
|
||||
):
|
||||
OldSSLSocket.__init__(
|
||||
self, sock, keyfile=keyfile, certfile=certfile,
|
||||
server_side=server_side, cert_reqs=cert_reqs,
|
||||
ssl_version=ssl_version, ca_certs=ca_certs,
|
||||
do_handshake_on_connect=do_handshake_on_connect,
|
||||
suppress_ragged_eofs=suppress_ragged_eofs, ciphers=ciphers
|
||||
)
|
||||
# Fix SSLSocket constructor
|
||||
|
||||
def __init__(
|
||||
self, sock, keyfile=None, certfile=None, server_side=False,
|
||||
cert_reqs=__ssl__.CERT_REQUIRED, ssl_version=2, ca_certs=None,
|
||||
do_handshake_on_connect=True, suppress_ragged_eofs=True, ciphers=None,
|
||||
server_hostname=None, _context=None
|
||||
):
|
||||
OldSSLSocket.__init__(
|
||||
self, sock, keyfile=keyfile, certfile=certfile,
|
||||
server_side=server_side, cert_reqs=cert_reqs,
|
||||
ssl_version=ssl_version, ca_certs=ca_certs,
|
||||
do_handshake_on_connect=do_handshake_on_connect,
|
||||
suppress_ragged_eofs=suppress_ragged_eofs, ciphers=ciphers
|
||||
)
|
||||
|
||||
|
||||
def new_sslwrap(
|
||||
sock, server_side=False, keyfile=None, certfile=None,
|
||||
cert_reqs=__ssl__.CERT_NONE, ssl_version=__ssl__.PROTOCOL_SSLv23,
|
||||
ca_certs=None, ciphers=None
|
||||
sock, server_side=False, keyfile=None, certfile=None,
|
||||
cert_reqs=__ssl__.CERT_NONE, ssl_version=__ssl__.PROTOCOL_SSLv23,
|
||||
ca_certs=None, ciphers=None
|
||||
):
|
||||
context = __ssl__.SSLContext(ssl_version)
|
||||
context.verify_mode = cert_reqs or __ssl__.CERT_NONE
|
||||
if ca_certs:
|
||||
context.load_verify_locations(ca_certs)
|
||||
if certfile:
|
||||
context.load_cert_chain(certfile, keyfile)
|
||||
if ciphers:
|
||||
context.set_ciphers(ciphers)
|
||||
context = __ssl__.SSLContext(ssl_version)
|
||||
context.verify_mode = cert_reqs or __ssl__.CERT_NONE
|
||||
if ca_certs:
|
||||
context.load_verify_locations(ca_certs)
|
||||
if certfile:
|
||||
context.load_cert_chain(certfile, keyfile)
|
||||
if ciphers:
|
||||
context.set_ciphers(ciphers)
|
||||
|
||||
caller_self = inspect.currentframe().f_back.f_locals['self']
|
||||
return context._wrap_socket(sock, server_side=server_side, ssl_sock=caller_self)
|
||||
caller_self = inspect.currentframe().f_back.f_locals['self']
|
||||
return context._wrap_socket(sock, server_side=server_side, ssl_sock=caller_self)
|
||||
|
||||
|
||||
# Re-add sslwrap to Python 2.7.9+
|
||||
if not hasattr(_ssl, 'sslwrap'):
|
||||
import inspect
|
||||
_ssl.sslwrap = new_sslwrap
|
||||
__ssl__.SSLSocket = NewSSLSocket
|
||||
logging.debug("Missing SSLwrap, readded.")
|
||||
import inspect
|
||||
_ssl.sslwrap = new_sslwrap
|
||||
__ssl__.SSLSocket = NewSSLSocket
|
||||
logging.debug("Missing SSLwrap, readded.")
|
||||
|
||||
logging.debug("Python SSL version: %s" % __ssl__.OPENSSL_VERSION)
|
||||
|
||||
# Add SSLContext to gevent.ssl (Ubutunu 15 fix)
|
||||
try:
|
||||
import gevent
|
||||
if not hasattr(gevent.ssl, "SSLContext"):
|
||||
gevent.ssl.SSLContext = __ssl__.SSLContext
|
||||
logging.debug("Missing SSLContext, readded.")
|
||||
except Exception, err:
|
||||
pass
|
||||
|
||||
|
||||
logging.debug("Python SSL version: %s" % __ssl__.OPENSSL_VERSION)
|
||||
|
|
Loading…
Reference in a new issue