File: //proc/2/cwd/usr/lib64/python3.6/asyncio/__pycache__/sslproto.cpython-36.opt-1.pyc
3
  \�e  �            
   @   s�   d dl Z d dlZyd dlZW n ek
r4   dZY nX ddlmZ ddlmZ ddlmZ ddlmZ ddl	m
Z
 dd	� Zd
d� ZdZ
d
ZdZdZG dd� de�ZG dd� dejej�ZG dd� dej�ZdS )�    N�   )�base_events)�compat)�	protocols)�
transports)�loggerc             C   sj   | rt d��ttd�r*tj� }|sfd|_n<tjtj�}| jtjO  _| jtj	O  _|j
�  tj|_|S )Nz(Server side SSL needs a valid SSLContext�create_default_contextF)
�
ValueError�hasattr�sslr   �check_hostnameZ
SSLContextZPROTOCOL_SSLv23ZoptionsZOP_NO_SSLv2ZOP_NO_SSLv3Zset_default_verify_pathsZ
CERT_REQUIRED�verify_mode)�server_side�server_hostname�
sslcontext� r   �(/usr/lib64/python3.6/asyncio/sslproto.py�_create_transport_context   s    
r   c               C   s
   t td�S )N�	MemoryBIO)r
   r   r   r   r   r   �_is_sslproto_available%   s    r   Z	UNWRAPPEDZDO_HANDSHAKEZWRAPPEDZSHUTDOWNc               @   s~   e Zd ZdZdZddd�Zedd� �Zed	d
� �Zedd� �Z	ed
d� �Z
ddd�Zddd�Zdd� Z
ddd�Zd dd�ZdS )!�_SSLPipea  An SSL "Pipe".
    An SSL pipe allows you to communicate with an SSL/TLS protocol instance
    through memory buffers. It can be used to implement a security layer for an
    existing connection where you don't have access to the connection's file
    descriptor, or for some reason you don't want to use it.
    An SSL pipe can be in "wrapped" and "unwrapped" mode. In unwrapped mode,
    data is passed through untransformed. In wrapped mode, application level
    data is encrypted to SSL record level data and vice versa. The SSL record
    level is the lowest level in the SSL protocol suite and is what travels
    as-is over the wire.
    An SslPipe initially is in "unwrapped" mode. To start SSL, call
    do_handshake(). To shutdown SSL again, call unwrap().
    �   i   Nc             C   sH   || _ || _|| _t| _tj� | _tj� | _d| _	d| _
d| _d| _dS )a�  
        The *context* argument specifies the ssl.SSLContext to use.
        The *server_side* argument indicates whether this is a server side or
        client side transport.
        The optional *server_hostname* argument can be used to specify the
        hostname you are connecting to. You may only specify this parameter if
        the _ssl module supports Server Name Indication (SNI).
        NF)
�_context�_server_side�_server_hostname�
_UNWRAPPED�_stater   r   �	_incoming�	_outgoing�_sslobj�
_need_ssldata�
_handshake_cb�_shutdown_cb)�self�contextr   r   r   r   r   �__init__D   s    
z_SSLPipe.__init__c             C   s   | j S )z*The SSL context passed to the constructor.)r   )r#   r   r   r   r$   Z   s    z_SSLPipe.contextc             C   s   | j S )z^The internal ssl.SSLObject instance.
        Return None if the pipe is not wrapped.
        )r   )r#   r   r   r   �
ssl_object_   s    z_SSLPipe.ssl_objectc             C   s   | j S )zgWhether more record level data is needed to complete a handshake
        that is currently in progress.)r    )r#   r   r   r   �need_ssldatag   s    z_SSLPipe.need_ssldatac             C   s
   | j tkS )zj
        Whether a security layer is currently in effect.
        Return False during handshake.
        )r   �_WRAPPED)r#   r   r   r   �wrappedm   s    z_SSLPipe.wrappedc             C   sR   | j tkrtd��| jj| j| j| j| jd�| _	t
| _ || _| jddd�\}}|S )aL  Start the SSL handshake.
        Return a list of ssldata. A ssldata element is a list of buffers
        The optional *callback* argument can be used to install a callback that
        will be called when the handshake is complete. The callback will be
        called with None if successful, else an exception instance.
        z"handshake in progress or completed)r   r   �    T)�only_handshake)
r   r   �RuntimeErrorr   Zwrap_bior   r   r   r   r   �
_DO_HANDSHAKEr!   �feed_ssldata)r#   �callback�ssldata�appdatar   r   r   �do_handshakev   s    	
z_SSLPipe.do_handshakec             C   sB   | j tkrtd��| j tkr$td��t| _ || _| jd�\}}|S )a1  Start the SSL shutdown sequence.
        Return a list of ssldata. A ssldata element is a list of buffers
        The optional *callback* argument can be used to install a callback that
        will be called when the shutdown is complete. The callback will be
        called without arguments.
        zno security layer presentzshutdown in progressr*   )r   r   r,   �	_SHUTDOWNr"