本文整理汇总了Python中socket.ssl方法的典型用法代码示例。如果您正苦于以下问题:Python socket.ssl方法的具体用法?Python socket.ssl怎么用?Python socket.ssl使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类socket
的用法示例。
在下文中一共展示了socket.ssl方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _ssl_wrap_socket
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def _ssl_wrap_socket(sock, key_file, cert_file, disable_validation,
ca_certs, ssl_version, hostname):
if disable_validation:
cert_reqs = ssl.CERT_NONE
else:
cert_reqs = ssl.CERT_REQUIRED
if ssl_version is None:
ssl_version = ssl.PROTOCOL_SSLv23
if hasattr(ssl, 'SSLContext'): # Python 2.7.9
context = ssl.SSLContext(ssl_version)
context.verify_mode = cert_reqs
context.check_hostname = (cert_reqs != ssl.CERT_NONE)
if cert_file:
context.load_cert_chain(cert_file, key_file)
if ca_certs:
context.load_verify_locations(ca_certs)
return context.wrap_socket(sock, server_hostname=hostname)
else:
return ssl.wrap_socket(sock, keyfile=key_file, certfile=cert_file,
cert_reqs=cert_reqs, ca_certs=ca_certs,
ssl_version=ssl_version)
示例2: __init__
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def __init__(self, conn, host, port):
SocketTransport.__init__(self, conn, host, port)
# Bug (QPID-4337): this is the "old" version of python SSL.
# The private key is required. If a certificate is given, but no
# keyfile, assume the key is contained in the certificate
ssl_keyfile = conn.ssl_keyfile
ssl_certfile = conn.ssl_certfile
if ssl_certfile and not ssl_keyfile:
ssl_keyfile = ssl_certfile
# this version of SSL does NOT perform certificate validation. If the
# connection has been configured with CA certs (via ssl_trustfile), then
# the application expects the certificate to be validated against the
# supplied CA certs. Since this version cannot validate, the peer cannot
# be trusted.
if conn.ssl_trustfile:
raise socket.error("This version of Python does not support verification of the peer's certificate.")
self.ssl = ssl(self.socket, keyfile=ssl_keyfile, certfile=ssl_certfile)
self.socket.setblocking(1)
示例3: starttls
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def starttls(self, keyfile = None, certfile = None):
"""Puts the connection to the SMTP server into TLS mode.
If the server supports TLS, this will encrypt the rest of the SMTP
session. If you provide the keyfile and certfile parameters,
the identity of the SMTP server and client can be checked. This,
however, depends on whether the socket module really checks the
certificates.
"""
(resp, reply) = self.docmd("STARTTLS")
if resp == 220:
sslobj = socket.ssl(self.sock, keyfile, certfile)
self.sock = SSLFakeSocket(self.sock, sslobj)
self.file = SSLFakeFile(sslobj)
# RFC 3207:
# The client MUST discard any knowledge obtained from
# the server, such as the list of SMTP service extensions,
# which was not obtained from the TLS negotiation itself.
self.helo_resp = None
self.ehlo_resp = None
self.esmtp_features = {}
self.does_esmtp = 0
return (resp, reply)
示例4: startSSL
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def startSSL(self, sock):
"""If needed, start SSL on the proxy or endpoint connection."""
if not self.doSSL:
return sock
if self.caCerts:
# If cert checking is requested use m2crypto
if SSL:
return startSSLWithChecker(sock, self.caCerts, self.commonName)
else:
warnings.warn("m2crypto is not installed; server certificates "
"will not be validated!")
try:
# Python >= 2.6
import ssl
return ssl.SSLSocket(sock)
except ImportError:
# Python < 2.6
sslSock = socket.ssl(sock, None, None)
return httplib.FakeSocket(sock, sslSock)
示例5: _ssl_wrap_socket
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def _ssl_wrap_socket(
sock, key_file, cert_file, disable_validation, ca_certs, ssl_version, hostname
):
if disable_validation:
cert_reqs = ssl.CERT_NONE
else:
cert_reqs = ssl.CERT_REQUIRED
if ssl_version is None:
ssl_version = ssl.PROTOCOL_SSLv23
if hasattr(ssl, "SSLContext"): # Python 2.7.9
context = ssl.SSLContext(ssl_version)
context.verify_mode = cert_reqs
context.check_hostname = cert_reqs != ssl.CERT_NONE
if cert_file:
context.load_cert_chain(cert_file, key_file)
if ca_certs:
context.load_verify_locations(ca_certs)
return context.wrap_socket(sock, server_hostname=hostname)
else:
return ssl.wrap_socket(
sock,
keyfile=key_file,
certfile=cert_file,
cert_reqs=cert_reqs,
ca_certs=ca_certs,
ssl_version=ssl_version,
)
示例6: _ssl_wrap_socket_unsupported
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def _ssl_wrap_socket_unsupported(
sock, key_file, cert_file, disable_validation, ca_certs, ssl_version, hostname
):
if not disable_validation:
raise CertificateValidationUnsupported(
"SSL certificate validation is not supported without "
"the ssl module installed. To avoid this error, install "
"the ssl module, or explicity disable validation."
)
ssl_sock = socket.ssl(sock, key_file, cert_file)
return httplib.FakeSocket(sock, ssl_sock)
示例7: _ssl_wrap_socket
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def _ssl_wrap_socket(sock, key_file, cert_file,
disable_validation, ca_certs):
if disable_validation:
cert_reqs = ssl.CERT_NONE
else:
cert_reqs = ssl.CERT_REQUIRED
# We should be specifying SSL version 3 or TLS v1, but the ssl module
# doesn't expose the necessary knobs. So we need to go with the default
# of SSLv23.
return ssl.wrap_socket(sock, keyfile=key_file, certfile=cert_file,
cert_reqs=cert_reqs, ca_certs=ca_certs)
示例8: _ssl_wrap_socket_unsupported
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def _ssl_wrap_socket_unsupported(sock, key_file, cert_file, disable_validation,
ca_certs, ssl_version, hostname):
if not disable_validation:
raise CertificateValidationUnsupported(
"SSL certificate validation is not supported without "
"the ssl module installed. To avoid this error, install "
"the ssl module, or explicity disable validation.")
ssl_sock = socket.ssl(sock, key_file, cert_file)
return httplib.FakeSocket(sock, ssl_sock)
示例9: ssl_wrap_socket
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def ssl_wrap_socket(self):
# Allow sending of keep-alive messages - seems to prevent some servers
# from closing SSL, leading to deadlocks.
self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
try:
import ssl
if self.ca_certs is not None:
cert_reqs = ssl.CERT_REQUIRED
else:
cert_reqs = ssl.CERT_NONE
if self.ssl_version == "tls1":
ssl_version = ssl.PROTOCOL_TLSv1
elif self.ssl_version == "ssl2":
ssl_version = ssl.PROTOCOL_SSLv2
elif self.ssl_version == "ssl3":
ssl_version = ssl.PROTOCOL_SSLv3
elif self.ssl_version == "ssl23" or self.ssl_version is None:
ssl_version = ssl.PROTOCOL_SSLv23
else:
raise socket.sslerror("Invalid SSL version requested: %s", self.ssl_version)
self.sock = ssl.wrap_socket(self.sock, self.keyfile, self.certfile, ca_certs=self.ca_certs, cert_reqs=cert_reqs, ssl_version=ssl_version)
ssl_exc = ssl.SSLError
self.read_fd = self.sock.fileno()
except ImportError:
# No ssl module, and socket.ssl has no fileno(), and does not allow certificate verification
raise socket.sslerror("imaplib2 SSL mode does not work without ssl module")
if self.cert_verify_cb is not None:
cert_err = self.cert_verify_cb(self.sock.getpeercert(), self.host)
if cert_err:
raise ssl_exc(cert_err)
示例10: open
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def open(self, host=None, port=None):
"""open(host=None, port=None)
Setup secure connection to remote server on "host:port"
(default: localhost:standard IMAP4 SSL port).
This connection will be used by the routines:
read, send, shutdown, socket, ssl."""
self.host = self._choose_nonull_or_dflt('', host)
self.port = self._choose_nonull_or_dflt(IMAP4_SSL_PORT, port)
self.sock = self.open_socket()
self.ssl_wrap_socket()
示例11: ssl
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def ssl(self):
"""ssl = ssl()
Return ssl instance used to communicate with the IMAP4 server."""
return self.sock
示例12: __init__
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def __init__(self, sock, keyfile=None, certfile=None, trustfile=None):
# Bug (QPID-4337): this is the "old" version of python SSL.
# The private key is required. If a certificate is given, but no
# keyfile, assume the key is contained in the certificate
if certfile and not keyfile:
keyfile = certfile
self.sock = sock
self.ssl = wrap_socket(sock, keyfile=keyfile, certfile=certfile)
示例13: __init__
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def __init__(self, sock, keyFile, certFile):
self._sock = sock
self._sslObj = socket.ssl(self._sock, self._keyFile, self._certFile)
self._keyFile = keyFile
self._certFile = certFile
示例14: connect
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def connect(host, port, options = None):
sock = socket.socket()
sock.connect((host, port))
sock.setblocking(1)
if options and options.get("ssl", False):
log.debug("Wrapping socket for SSL")
ssl_certfile = options.get("ssl_certfile", None)
ssl_keyfile = options.get("ssl_keyfile", ssl_certfile)
ssl_trustfile = options.get("ssl_trustfile", None)
ssl_require_trust = options.get("ssl_require_trust", True)
ssl_verify_hostname = not options.get("ssl_skip_hostname_check", False)
try:
# Python 2.6 and 2.7
from ssl import wrap_socket, CERT_REQUIRED, CERT_NONE
try:
# Python 2.7.9 and newer
from ssl import match_hostname as verify_hostname
except ImportError:
# Before Python 2.7.9 we roll our own
from qpid.messaging.transports import verify_hostname
if ssl_require_trust or ssl_verify_hostname:
validate = CERT_REQUIRED
else:
validate = CERT_NONE
sock = wrap_socket(sock,
keyfile=ssl_keyfile,
certfile=ssl_certfile,
ca_certs=ssl_trustfile,
cert_reqs=validate)
except ImportError, e:
# Python 2.5 and older
if ssl_verify_hostname:
log.error("Your version of Python does not support ssl hostname verification. Please upgrade your version of Python.")
raise e
sock = _OldSSLSock(sock, ssl_keyfile, ssl_certfile)
if ssl_verify_hostname:
verify_hostname(sock.getpeercert(), host)
示例15: recv
# 需要导入模块: import socket [as 别名]
# 或者: from socket import ssl [as 别名]
def recv(self, n):
return self.ssl.read(n)