rev280, Fix Ubutuntu 15 gevent SSL incompatibility

2015-07-07 21:15:20 +02:00 · 2015-07-07 21:15:20 +02:00 · a5741704e4
commit a5741704e4
parent 417c6eb96f
2 changed files with 64 additions and 49 deletions
--- a/src/Config.py
+++ b/src/Config.py
@ -4,7 +4,7 @@ import ConfigParser
 class Config(object):
 	def __init__(self):
 		self.version = "0.3.1"
-		self.rev = 278
+		self.rev = 280
 		self.parser = self.createArguments()
 		argv = sys.argv[:] # Copy command line arguments
 		argv = self.parseConfig(argv) # Add arguments from config file
--- a/src/util/SslPatch.py
+++ b/src/util/SslPatch.py
@ -4,76 +4,91 @@
 import logging
 from Config import config

+
 def disableSSLCompression():
-	import ctypes
-	import ctypes.util
-	try:
-		openssl = ctypes.CDLL(ctypes.util.find_library('ssl') or ctypes.util.find_library('crypto') or 'libeay32', ctypes.RTLD_GLOBAL)
-		openssl.SSL_COMP_get_compression_methods.restype = ctypes.c_void_p
-	except Exception, err:
-		logging.debug("Disable SSL compression failed: %s (normal on Windows)" % err)
-		return False
-	
-	openssl.sk_zero.argtypes = [ctypes.c_void_p]
-	openssl.sk_zero(openssl.SSL_COMP_get_compression_methods())
-	logging.debug("Disabled SSL compression on %s" % openssl)
+    import ctypes
+    import ctypes.util
+    try:
+        openssl = ctypes.CDLL(ctypes.util.find_library('ssl') or ctypes.util.find_library('crypto') or 'libeay32', ctypes.RTLD_GLOBAL)
+        openssl.SSL_COMP_get_compression_methods.restype = ctypes.c_void_p
+    except Exception, err:
+        logging.debug("Disable SSL compression failed: %s (normal on Windows)" % err)
+        return False
+
+    openssl.sk_zero.argtypes = [ctypes.c_void_p]
+    openssl.sk_zero(openssl.SSL_COMP_get_compression_methods())
+    logging.debug("Disabled SSL compression on %s" % openssl)


 if config.disable_sslcompression:
-	disableSSLCompression()
+    disableSSLCompression()


 # https://github.com/gevent/gevent/issues/477
 # Re-add sslwrap to Python 2.7.9

 __ssl__ = __import__('ssl')
- 
+
 try:
-	_ssl = __ssl__._ssl
+    _ssl = __ssl__._ssl
 except AttributeError:
-	_ssl = __ssl__._ssl2
+    _ssl = __ssl__._ssl2

 OldSSLSocket = __ssl__.SSLSocket

+
 class NewSSLSocket(OldSSLSocket):
-	#Fix SSLSocket constructor
-	def __init__(
-		self, sock, keyfile=None, certfile=None, server_side=False,
-		cert_reqs=__ssl__.CERT_REQUIRED, ssl_version=2, ca_certs=None,
-		do_handshake_on_connect=True, suppress_ragged_eofs=True, ciphers=None,
-		server_hostname=None, _context=None
-	):
-		OldSSLSocket.__init__(
-			self, sock, keyfile=keyfile, certfile=certfile,
-			server_side=server_side, cert_reqs=cert_reqs,
-			ssl_version=ssl_version, ca_certs=ca_certs,
-			do_handshake_on_connect=do_handshake_on_connect,
-			suppress_ragged_eofs=suppress_ragged_eofs, ciphers=ciphers
-		)
+    # Fix SSLSocket constructor
+
+    def __init__(
+            self, sock, keyfile=None, certfile=None, server_side=False,
+            cert_reqs=__ssl__.CERT_REQUIRED, ssl_version=2, ca_certs=None,
+            do_handshake_on_connect=True, suppress_ragged_eofs=True, ciphers=None,
+            server_hostname=None, _context=None
+    ):
+        OldSSLSocket.__init__(
+            self, sock, keyfile=keyfile, certfile=certfile,
+            server_side=server_side, cert_reqs=cert_reqs,
+            ssl_version=ssl_version, ca_certs=ca_certs,
+            do_handshake_on_connect=do_handshake_on_connect,
+            suppress_ragged_eofs=suppress_ragged_eofs, ciphers=ciphers
+        )


 def new_sslwrap(
-	sock, server_side=False, keyfile=None, certfile=None,
-	cert_reqs=__ssl__.CERT_NONE, ssl_version=__ssl__.PROTOCOL_SSLv23,
-	ca_certs=None, ciphers=None
+        sock, server_side=False, keyfile=None, certfile=None,
+        cert_reqs=__ssl__.CERT_NONE, ssl_version=__ssl__.PROTOCOL_SSLv23,
+        ca_certs=None, ciphers=None
 ):
-	context = __ssl__.SSLContext(ssl_version)
-	context.verify_mode = cert_reqs or __ssl__.CERT_NONE
-	if ca_certs:
-		context.load_verify_locations(ca_certs)
-	if certfile:
-		context.load_cert_chain(certfile, keyfile)
-	if ciphers:
-		context.set_ciphers(ciphers)
+    context = __ssl__.SSLContext(ssl_version)
+    context.verify_mode = cert_reqs or __ssl__.CERT_NONE
+    if ca_certs:
+        context.load_verify_locations(ca_certs)
+    if certfile:
+        context.load_cert_chain(certfile, keyfile)
+    if ciphers:
+        context.set_ciphers(ciphers)

-	caller_self = inspect.currentframe().f_back.f_locals['self']
-	return context._wrap_socket(sock, server_side=server_side, ssl_sock=caller_self)
+    caller_self = inspect.currentframe().f_back.f_locals['self']
+    return context._wrap_socket(sock, server_side=server_side, ssl_sock=caller_self)


+# Re-add sslwrap to Python 2.7.9+
 if not hasattr(_ssl, 'sslwrap'):
-	import inspect
-	_ssl.sslwrap = new_sslwrap
-	__ssl__.SSLSocket = NewSSLSocket
-	logging.debug("Missing SSLwrap, readded.")
+    import inspect
+    _ssl.sslwrap = new_sslwrap
+    __ssl__.SSLSocket = NewSSLSocket
+    logging.debug("Missing SSLwrap, readded.")

-logging.debug("Python SSL version: %s" % __ssl__.OPENSSL_VERSION)
+
+# Add SSLContext to gevent.ssl (Ubutunu 15 fix)
+try:
+    import gevent
+    if not hasattr(gevent.ssl, "SSLContext"):
+        gevent.ssl.SSLContext = __ssl__.SSLContext
+        logging.debug("Missing SSLContext, readded.")
+except Exception, err:
+    pass
+
+
+logging.debug("Python SSL version: %s" % __ssl__.OPENSSL_VERSION)