本文整理汇总了Python中_ssl.CERT_NONE属性的典型用法代码示例。如果您正苦于以下问题:Python _ssl.CERT_NONE属性的具体用法?Python _ssl.CERT_NONE怎么用?Python _ssl.CERT_NONE使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类_ssl
的用法示例。
在下文中一共展示了_ssl.CERT_NONE属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: get_server_certificate
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
"""Retrieve the certificate from the server at the specified address,
and return it as a PEM-encoded string.
If 'ca_certs' is specified, validate the server cert against it.
If 'ssl_version' is specified, use it in the connection attempt."""
host, port = addr
if (ca_certs is not None):
cert_reqs = CERT_REQUIRED
else:
cert_reqs = CERT_NONE
s = wrap_socket(socket(), ssl_version=ssl_version,
cert_reqs=cert_reqs, ca_certs=ca_certs)
s.connect(addr)
dercert = s.getpeercert(True)
s.close()
return DER_cert_to_PEM_cert(dercert)
示例2: sslwrap_simple
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def sslwrap_simple(sock, keyfile=None, certfile=None):
"""A replacement for the old socket.ssl function. Designed
for compability with Python 2.5 and earlier. Will disappear in
Python 3.0."""
if hasattr(sock, "_sock"):
sock = sock._sock
ssl_sock = _ssl.sslwrap(sock, 0, keyfile, certfile, CERT_NONE,
PROTOCOL_SSLv23, None)
try:
sock.getpeername()
except socket_error:
# no, no connection yet
pass
else:
# yes, do the handshake
ssl_sock.do_handshake()
return ssl_sock
示例3: get_server_certificate
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def get_server_certificate(addr, ssl_version=PROTOCOL_TLS, ca_certs=None):
"""Retrieve the certificate from the server at the specified address,
and return it as a PEM-encoded string.
If 'ca_certs' is specified, validate the server cert against it.
If 'ssl_version' is specified, use it in the connection attempt."""
host, port = addr
if ca_certs is not None:
cert_reqs = CERT_REQUIRED
else:
cert_reqs = CERT_NONE
context = _create_stdlib_context(ssl_version,
cert_reqs=cert_reqs,
cafile=ca_certs)
with closing(create_connection(addr)) as sock:
with closing(context.wrap_socket(sock)) as sslsock:
dercert = sslsock.getpeercert(True)
return DER_cert_to_PEM_cert(dercert)
示例4: test_constants
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def test_constants(self):
self.assertEqual(real_ssl.CERT_NONE, 0)
self.assertEqual(real_ssl.CERT_OPTIONAL, 1)
self.assertEqual(real_ssl.CERT_REQUIRED, 2)
self.assertEqual(real_ssl.PROTOCOL_SSLv2, 0)
self.assertEqual(real_ssl.PROTOCOL_SSLv23, 2)
self.assertEqual(real_ssl.PROTOCOL_SSLv3, 1)
self.assertEqual(real_ssl.PROTOCOL_TLSv1, 3)
self.assertEqual(real_ssl.PROTOCOL_TLSv1_1, 4)
self.assertEqual(real_ssl.PROTOCOL_TLSv1_2, 5)
self.assertEqual(real_ssl.OP_NO_SSLv2, 0x1000000)
self.assertEqual(real_ssl.OP_NO_SSLv3, 0x2000000)
self.assertEqual(real_ssl.OP_NO_TLSv1, 0x4000000)
self.assertEqual(real_ssl.OP_NO_TLSv1_1, 0x10000000)
self.assertEqual(real_ssl.OP_NO_TLSv1_2, 0x8000000)
self.assertEqual(real_ssl.SSL_ERROR_EOF, 8)
self.assertEqual(real_ssl.SSL_ERROR_INVALID_ERROR_CODE, 9)
self.assertEqual(real_ssl.SSL_ERROR_SSL, 1)
self.assertEqual(real_ssl.SSL_ERROR_SYSCALL, 5)
self.assertEqual(real_ssl.SSL_ERROR_WANT_CONNECT, 7)
self.assertEqual(real_ssl.SSL_ERROR_WANT_READ, 2)
self.assertEqual(real_ssl.SSL_ERROR_WANT_WRITE, 3)
self.assertEqual(real_ssl.SSL_ERROR_WANT_X509_LOOKUP, 4)
self.assertEqual(real_ssl.SSL_ERROR_ZERO_RETURN, 6)
示例5: get_server_certificate
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
"""Retrieve the certificate from the server at the specified address,
and return it as a PEM-encoded string.
If 'ca_certs' is specified, validate the server cert against it.
If 'ssl_version' is specified, use it in the connection attempt."""
host, port = addr
if ca_certs is not None:
cert_reqs = CERT_REQUIRED
else:
cert_reqs = CERT_NONE
context = _create_stdlib_context(ssl_version,
cert_reqs=cert_reqs,
cafile=ca_certs)
with closing(create_connection(addr)) as sock:
with closing(context.wrap_socket(sock)) as sslsock:
dercert = sslsock.getpeercert(True)
return DER_cert_to_PEM_cert(dercert)
示例6: get_server_certificate
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
"""Retrieve the certificate from the server at the specified address,
and return it as a PEM-encoded string.
If 'ca_certs' is specified, validate the server cert against it.
If 'ssl_version' is specified, use it in the connection attempt."""
host, port = addr
if ca_certs is not None:
cert_reqs = CERT_REQUIRED
else:
cert_reqs = CERT_NONE
context = _create_stdlib_context(ssl_version,
cert_reqs=cert_reqs,
cafile=ca_certs)
with create_connection(addr) as sock:
with context.wrap_socket(sock) as sslsock:
dercert = sslsock.getpeercert(True)
return DER_cert_to_PEM_cert(dercert)
示例7: test_constants
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def test_constants(self):
self.assertEqual(_ssl.CERT_NONE, 0)
self.assertEqual(_ssl.CERT_OPTIONAL, 1)
self.assertEqual(_ssl.CERT_REQUIRED, 2)
self.assertEqual(_ssl.PROTOCOL_SSLv2, 0)
self.assertEqual(_ssl.PROTOCOL_SSLv23, 2)
self.assertEqual(_ssl.PROTOCOL_SSLv3, 1)
self.assertEqual(_ssl.PROTOCOL_TLSv1, 3)
self.assertEqual(_ssl.PROTOCOL_TLSv1_1, 4)
self.assertEqual(_ssl.PROTOCOL_TLSv1_2, 5)
self.assertEqual(_ssl.OP_NO_SSLv2, 0x1000000)
self.assertEqual(_ssl.OP_NO_SSLv3, 0x2000000)
self.assertEqual(_ssl.OP_NO_TLSv1, 0x4000000)
self.assertEqual(_ssl.OP_NO_TLSv1_1, 0x10000000)
self.assertEqual(_ssl.OP_NO_TLSv1_2, 0x8000000)
self.assertEqual(_ssl.SSL_ERROR_EOF, 8)
self.assertEqual(_ssl.SSL_ERROR_INVALID_ERROR_CODE, 10)
self.assertEqual(_ssl.SSL_ERROR_SSL, 1)
self.assertEqual(_ssl.SSL_ERROR_SYSCALL, 5)
self.assertEqual(_ssl.SSL_ERROR_WANT_CONNECT, 7)
self.assertEqual(_ssl.SSL_ERROR_WANT_READ, 2)
self.assertEqual(_ssl.SSL_ERROR_WANT_WRITE, 3)
self.assertEqual(_ssl.SSL_ERROR_WANT_X509_LOOKUP, 4)
self.assertEqual(_ssl.SSL_ERROR_ZERO_RETURN, 6)
示例8: get_server_certificate
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def get_server_certificate(addr, ssl_version=PROTOCOL_TLS, ca_certs=None):
"""Retrieve the certificate from the server at the specified address,
and return it as a PEM-encoded string.
If 'ca_certs' is specified, validate the server cert against it.
If 'ssl_version' is specified, use it in the connection attempt."""
host, port = addr
if ca_certs is not None:
cert_reqs = CERT_REQUIRED
else:
cert_reqs = CERT_NONE
context = _create_stdlib_context(ssl_version,
cert_reqs=cert_reqs,
cafile=ca_certs)
with create_connection(addr) as sock:
with context.wrap_socket(sock) as sslsock:
dercert = sslsock.getpeercert(True)
return DER_cert_to_PEM_cert(dercert)
示例9: __init__
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def __init__(self, sock, keyfile=None, certfile=None,
server_side=False, cert_reqs=CERT_NONE,
ssl_version=PROTOCOL_SSLv23, ca_certs=None,
do_handshake_on_connect=True,
suppress_ragged_eofs=True, ciphers=None):
socket.__init__(self, _sock=sock._sock)
# The initializer for socket overrides the methods send(), recv(), etc.
# in the instancce, which we don't need -- but we want to provide the
# methods defined in SSLSocket.
for attr in _delegate_methods:
try:
delattr(self, attr)
except AttributeError:
pass
if certfile and not keyfile:
keyfile = certfile
# see if it's connected
try:
socket.getpeername(self)
except socket_error, e:
if e.errno != errno.ENOTCONN:
raise
# no, no connection yet
self._connected = False
self._sslobj = None
示例10: wrap_socket
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def wrap_socket(sock, keyfile=None, certfile=None,
server_side=False, cert_reqs=CERT_NONE,
ssl_version=PROTOCOL_SSLv23, ca_certs=None,
do_handshake_on_connect=True,
suppress_ragged_eofs=True, ciphers=None):
return SSLSocket(sock, keyfile=keyfile, certfile=certfile,
server_side=server_side, cert_reqs=cert_reqs,
ssl_version=ssl_version, ca_certs=ca_certs,
do_handshake_on_connect=do_handshake_on_connect,
suppress_ragged_eofs=suppress_ragged_eofs,
ciphers=ciphers)
# some utility functions
示例11: create_default_context
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def create_default_context(purpose=Purpose.SERVER_AUTH, cafile=None,
capath=None, cadata=None):
"""Create a SSLContext object with default settings.
NOTE: The protocol and settings may change anytime without prior
deprecation. The values represent a fair balance between maximum
compatibility and security.
"""
if not isinstance(purpose, _ASN1Object):
raise TypeError(purpose)
# SSLContext sets OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_COMPRESSION,
# OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE and OP_SINGLE_ECDH_USE
# by default.
context = SSLContext(PROTOCOL_TLS)
if purpose == Purpose.SERVER_AUTH:
# verify certs and host name in client mode
context.verify_mode = CERT_REQUIRED
context.check_hostname = True
elif purpose == Purpose.CLIENT_AUTH:
context.set_ciphers(_RESTRICTED_SERVER_CIPHERS)
if cafile or capath or cadata:
context.load_verify_locations(cafile, capath, cadata)
elif context.verify_mode != CERT_NONE:
# no explicit cafile, capath or cadata but the verify mode is
# CERT_OPTIONAL or CERT_REQUIRED. Let's try to load default system
# root CA certificates for the given purpose. This may fail silently.
context.load_default_certs(purpose)
return context
示例12: _create_unverified_context
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def _create_unverified_context(protocol=PROTOCOL_TLS, cert_reqs=None,
check_hostname=False, purpose=Purpose.SERVER_AUTH,
certfile=None, keyfile=None,
cafile=None, capath=None, cadata=None):
"""Create a SSLContext object for Python stdlib modules
All Python stdlib modules shall use this function to create SSLContext
objects in order to keep common settings in one place. The configuration
is less restrict than create_default_context()'s to increase backward
compatibility.
"""
if not isinstance(purpose, _ASN1Object):
raise TypeError(purpose)
# SSLContext sets OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_COMPRESSION,
# OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE and OP_SINGLE_ECDH_USE
# by default.
context = SSLContext(protocol)
if cert_reqs is not None:
context.verify_mode = cert_reqs
context.check_hostname = check_hostname
if keyfile and not certfile:
raise ValueError("certfile must be specified")
if certfile or keyfile:
context.load_cert_chain(certfile, keyfile)
# load CA root certs
if cafile or capath or cadata:
context.load_verify_locations(cafile, capath, cadata)
elif context.verify_mode != CERT_NONE:
# no explicit cafile, capath or cadata but the verify mode is
# CERT_OPTIONAL or CERT_REQUIRED. Let's try to load default system
# root CA certificates for the given purpose. This may fail silently.
context.load_default_certs(purpose)
return context
# Backwards compatibility alias, even though it's not a public name.
示例13: wrap_socket
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def wrap_socket(sock, keyfile=None, certfile=None,
server_side=False, cert_reqs=CERT_NONE,
ssl_version=PROTOCOL_TLS, ca_certs=None,
do_handshake_on_connect=True,
suppress_ragged_eofs=True,
ciphers=None):
return SSLSocket(sock=sock, keyfile=keyfile, certfile=certfile,
server_side=server_side, cert_reqs=cert_reqs,
ssl_version=ssl_version, ca_certs=ca_certs,
do_handshake_on_connect=do_handshake_on_connect,
suppress_ragged_eofs=suppress_ragged_eofs,
ciphers=ciphers)
# some utility functions
示例14: __init__
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def __init__(self, sock, keyfile=None, certfile=None,
server_side=False, cert_reqs=CERT_NONE,
ssl_version=PROTOCOL_SSLv23, ca_certs=None,
do_handshake_on_connect=True,
suppress_ragged_eofs=True, ciphers=None):
socket.__init__(self, _sock=sock._sock)
# The initializer for socket overrides the methods send(), recv(), etc.
# in the instancce, which we don't need -- but we want to provide the
# methods defined in SSLSocket.
for attr in _delegate_methods:
try:
delattr(self, attr)
except AttributeError:
pass
if ciphers is None and ssl_version != _SSLv2_IF_EXISTS:
ciphers = _DEFAULT_CIPHERS
if certfile and not keyfile:
keyfile = certfile
# see if it's connected
try:
socket.getpeername(self)
except socket_error, e:
if e.errno != errno.ENOTCONN:
raise
# no, no connection yet
self._connected = False
self._sslobj = None
示例15: wrap_socket
# 需要导入模块: import _ssl [as 别名]
# 或者: from _ssl import CERT_NONE [as 别名]
def wrap_socket(sock, keyfile=None, certfile=None,
server_side=False, cert_reqs=CERT_NONE,
ssl_version=PROTOCOL_SSLv23, ca_certs=None,
do_handshake_on_connect=True,
suppress_ragged_eofs=True,
ciphers=None):
return SSLSocket(sock=sock, keyfile=keyfile, certfile=certfile,
server_side=server_side, cert_reqs=cert_reqs,
ssl_version=ssl_version, ca_certs=ca_certs,
do_handshake_on_connect=do_handshake_on_connect,
suppress_ragged_eofs=suppress_ragged_eofs,
ciphers=ciphers)
# some utility functions