oci/zeronet
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

rev280, Fix Ubutuntu 15 gevent SSL incompatibility

Browse source
This commit is contained in:
HelloZeroNet 2015-07-07 21:15:20 +02:00
parent 417c6eb96f
commit a5741704e4
2 changed files with 64 additions and 49 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/Config.py
View file

@ -4,7 +4,7 @@ import ConfigParser
class Config(object): class Config(object):
def __init__(self): def __init__(self):
self.version = "0.3.1" self.version = "0.3.1"
self.rev = 278 self.rev = 280
self.parser = self.createArguments() self.parser = self.createArguments()
argv = sys.argv[:] # Copy command line arguments argv = sys.argv[:] # Copy command line arguments
argv = self.parseConfig(argv) # Add arguments from config file argv = self.parseConfig(argv) # Add arguments from config file

111
src/util/SslPatch.py
View file

@ -4,76 +4,91 @@
import logging import logging
from Config import config from Config import config
def disableSSLCompression(): def disableSSLCompression():
import ctypes import ctypes
import ctypes.util import ctypes.util
try: try:
openssl = ctypes.CDLL(ctypes.util.find_library('ssl') or ctypes.util.find_library('crypto') or 'libeay32', ctypes.RTLD_GLOBAL) openssl = ctypes.CDLL(ctypes.util.find_library('ssl') or ctypes.util.find_library('crypto') or 'libeay32', ctypes.RTLD_GLOBAL)
openssl.SSL_COMP_get_compression_methods.restype = ctypes.c_void_p openssl.SSL_COMP_get_compression_methods.restype = ctypes.c_void_p
except Exception, err: except Exception, err:
logging.debug("Disable SSL compression failed: %s (normal on Windows)" % err) logging.debug("Disable SSL compression failed: %s (normal on Windows)" % err)
return False return False
openssl.sk_zero.argtypes = [ctypes.c_void_p] openssl.sk_zero.argtypes = [ctypes.c_void_p]
openssl.sk_zero(openssl.SSL_COMP_get_compression_methods()) openssl.sk_zero(openssl.SSL_COMP_get_compression_methods())
logging.debug("Disabled SSL compression on %s" % openssl) logging.debug("Disabled SSL compression on %s" % openssl)
if config.disable_sslcompression: if config.disable_sslcompression:
disableSSLCompression() disableSSLCompression()
# https://github.com/gevent/gevent/issues/477 # https://github.com/gevent/gevent/issues/477
# Re-add sslwrap to Python 2.7.9 # Re-add sslwrap to Python 2.7.9
__ssl__ = __import__('ssl') __ssl__ = __import__('ssl')
try: try:
_ssl = __ssl__._ssl _ssl = __ssl__._ssl
except AttributeError: except AttributeError:
_ssl = __ssl__._ssl2 _ssl = __ssl__._ssl2
OldSSLSocket = __ssl__.SSLSocket OldSSLSocket = __ssl__.SSLSocket
class NewSSLSocket(OldSSLSocket): class NewSSLSocket(OldSSLSocket):
#Fix SSLSocket constructor # Fix SSLSocket constructor
def __init__(
self, sock, keyfile=None, certfile=None, server_side=False, def __init__(
cert_reqs=__ssl__.CERT_REQUIRED, ssl_version=2, ca_certs=None, self, sock, keyfile=None, certfile=None, server_side=False,
do_handshake_on_connect=True, suppress_ragged_eofs=True, ciphers=None, cert_reqs=__ssl__.CERT_REQUIRED, ssl_version=2, ca_certs=None,
server_hostname=None, _context=None do_handshake_on_connect=True, suppress_ragged_eofs=True, ciphers=None,
): server_hostname=None, _context=None
OldSSLSocket.__init__( ):
self, sock, keyfile=keyfile, certfile=certfile, OldSSLSocket.__init__(
server_side=server_side, cert_reqs=cert_reqs, self, sock, keyfile=keyfile, certfile=certfile,
ssl_version=ssl_version, ca_certs=ca_certs, server_side=server_side, cert_reqs=cert_reqs,
do_handshake_on_connect=do_handshake_on_connect, ssl_version=ssl_version, ca_certs=ca_certs,
suppress_ragged_eofs=suppress_ragged_eofs, ciphers=ciphers do_handshake_on_connect=do_handshake_on_connect,
) suppress_ragged_eofs=suppress_ragged_eofs, ciphers=ciphers
)
def new_sslwrap( def new_sslwrap(
sock, server_side=False, keyfile=None, certfile=None, sock, server_side=False, keyfile=None, certfile=None,
cert_reqs=__ssl__.CERT_NONE, ssl_version=__ssl__.PROTOCOL_SSLv23, cert_reqs=__ssl__.CERT_NONE, ssl_version=__ssl__.PROTOCOL_SSLv23,
ca_certs=None, ciphers=None ca_certs=None, ciphers=None
): ):
context = __ssl__.SSLContext(ssl_version) context = __ssl__.SSLContext(ssl_version)
context.verify_mode = cert_reqs or __ssl__.CERT_NONE context.verify_mode = cert_reqs or __ssl__.CERT_NONE
if ca_certs: if ca_certs:
context.load_verify_locations(ca_certs) context.load_verify_locations(ca_certs)
if certfile: if certfile:
context.load_cert_chain(certfile, keyfile) context.load_cert_chain(certfile, keyfile)
if ciphers: if ciphers:
context.set_ciphers(ciphers) context.set_ciphers(ciphers)
caller_self = inspect.currentframe().f_back.f_locals['self'] caller_self = inspect.currentframe().f_back.f_locals['self']
return context._wrap_socket(sock, server_side=server_side, ssl_sock=caller_self) return context._wrap_socket(sock, server_side=server_side, ssl_sock=caller_self)
# Re-add sslwrap to Python 2.7.9+
if not hasattr(_ssl, 'sslwrap'): if not hasattr(_ssl, 'sslwrap'):
import inspect import inspect
_ssl.sslwrap = new_sslwrap _ssl.sslwrap = new_sslwrap
__ssl__.SSLSocket = NewSSLSocket __ssl__.SSLSocket = NewSSLSocket
logging.debug("Missing SSLwrap, readded.") logging.debug("Missing SSLwrap, readded.")
logging.debug("Python SSL version: %s" % __ssl__.OPENSSL_VERSION)
# Add SSLContext to gevent.ssl (Ubutunu 15 fix)
try:
import gevent
if not hasattr(gevent.ssl, "SSLContext"):
gevent.ssl.SSLContext = __ssl__.SSLContext
logging.debug("Missing SSLContext, readded.")
except Exception, err:
pass
logging.debug("Python SSL version: %s" % __ssl__.OPENSSL_VERSION)