diff options
Diffstat (limited to 'OpenSSL/ssl')
| -rwxr-xr-x | OpenSSL/ssl/connection.c | 59 | ||||
| -rw-r--r-- | OpenSSL/ssl/session.c | 159 | ||||
| -rw-r--r-- | OpenSSL/ssl/session.h | 27 | ||||
| -rw-r--r-- | OpenSSL/ssl/ssl.c | 2 | ||||
| -rw-r--r-- | OpenSSL/ssl/ssl.h | 1 |
5 files changed, 248 insertions, 0 deletions
diff --git a/OpenSSL/ssl/connection.c b/OpenSSL/ssl/connection.c index 037f2a0..ebbe39f 100755 --- a/OpenSSL/ssl/connection.c +++ b/OpenSSL/ssl/connection.c @@ -1254,6 +1254,63 @@ ssl_Connection_want_write(ssl_ConnectionObj *self, PyObject *args) return PyLong_FromLong((long)SSL_want_write(self->ssl)); } +static char ssl_Connection_get_session_doc[] = "\n\ +Returns the Session currently used.\n\ +\n\ +@return: An instance of :py:class:`OpenSSL.SSL.Session` or :py:obj:`None` if\n\ + no session exists.\n\ +"; +static PyObject * +ssl_Connection_get_session(ssl_ConnectionObj *self, PyObject *args) { + ssl_SessionObj *session; + SSL_SESSION *native_session; + + if (!PyArg_ParseTuple(args, ":get_session")) { + return NULL; + } + + native_session = SSL_get1_session(self->ssl); + + if (native_session == NULL) { + Py_INCREF(Py_None); + return Py_None; + } + + session = ssl_Session_from_SSL_SESSION(native_session); + if (!session) { + Py_INCREF(Py_None); + return Py_None; + } + + return (PyObject*)session; +} + +static char ssl_Connection_set_session_doc[] = "\n\ +Set the session to be used when the TLS/SSL connection is established.\n\ +\n\ +:param session: A Session instance representing the session to use.\n\ +:returns: None\n\ +"; +static PyObject * +ssl_Connection_set_session(ssl_ConnectionObj *self, PyObject *args) { + ssl_SessionObj *session; + + if (!PyArg_ParseTuple(args, "O!:set_session", &ssl_Session_Type, &session)) { + return NULL; + } + + if (SSL_set_session(self->ssl, session->session) == 0) { + /* The only case which leads to this seems to be a mismatch, between + * this connection and the session, of the SSL method. + */ + exception_from_error_queue(ssl_Error); + return NULL; + } + + Py_INCREF(Py_None); + return Py_None; +} + /* * Member methods in the Connection object * ADD_METHOD(name) expands to a correct PyMethodDef declaration @@ -1309,6 +1366,8 @@ static PyMethodDef ssl_Connection_methods[] = ADD_METHOD(want_write), ADD_METHOD(set_accept_state), ADD_METHOD(set_connect_state), + ADD_METHOD(get_session), + ADD_METHOD(set_session), { NULL, NULL } }; #undef ADD_ALIAS diff --git a/OpenSSL/ssl/session.c b/OpenSSL/ssl/session.c new file mode 100644 index 0000000..f9932a4 --- /dev/null +++ b/OpenSSL/ssl/session.c @@ -0,0 +1,159 @@ +/* + * session.c + * + * Copyright (C) Jean-Paul Calderone + * Copyright (C) Alejandro Alvarez Ayllon + * See LICENSE for details. + * + * SSL Session object data structures and functions. + * + */ +#include <Python.h> +#define SSL_MODULE +#include "ssl.h" + +static char ssl_Session_doc[] = "\n\ +Session() -> Session instance\n\ +\n\ +"; + +/* + * Initialize an already-constructed Session instance with an OpenSSL session + * structure (or NULL). A reference to the OpenSSL session structure is stolen. + */ +static ssl_SessionObj* +ssl_Session_init(ssl_SessionObj *self, SSL_SESSION *native_session) { + self->session = native_session; + return self; +} + +/* + * Create a Session object + */ +static PyObject* +ssl_Session_new(PyTypeObject *subtype, PyObject *args, PyObject *kwargs) { + ssl_SessionObj *self; + + if (!PyArg_ParseTuple(args, ":Session")) { + return NULL; + } + + self = PyObject_New(ssl_SessionObj, &ssl_Session_Type); + if (self == NULL) { + return NULL; + } + + return (PyObject *)ssl_Session_init(self, NULL); +} + +/* + * Create a Session object from an existing SSL_SESSION*. A reference to the + * SSL_SESSION* is stolen. + */ +ssl_SessionObj* +ssl_Session_from_SSL_SESSION(SSL_SESSION *native_session) { + ssl_SessionObj *self; + + self = PyObject_New(ssl_SessionObj, &ssl_Session_Type); + if (self == NULL) { + return NULL; + } + + return ssl_Session_init(self, native_session); +} + +/* + * Discard the reference to the OpenSSL session structure, if there is one, so + * that it can be freed if it is no longer in use. Also release the memory for + * the Python object. + */ +static void +ssl_Session_dealloc(ssl_SessionObj *self) { + if (self->session != NULL) { + SSL_SESSION_free(self->session); + self->session = NULL; + } + Py_TYPE(self)->tp_free((PyObject*)self); +} + +/* + * Member methods in the Session object + * ADD_METHOD(name) expands to a correct PyMethodDef declaration + * { 'name', (PyCFunction)ssl_Session_name, METH_VARARGS } + * for convenience + * ADD_ALIAS(name,real) creates an "alias" of the ssl_Session_real + * function with the name 'name' + */ +#define ADD_METHOD(name) { #name, (PyCFunction)ssl_Session_##name, METH_VARARGS, ssl_Session_##name##_doc } +static PyMethodDef ssl_Session_methods[] = { + { NULL, NULL } +}; +#undef ADD_METHOD + +/* + * The Python Session type definition. + */ +PyTypeObject ssl_Session_Type = { + PyOpenSSL_HEAD_INIT(&PyType_Type, 0) + "OpenSSL.SSL.Session", + sizeof(ssl_SessionObj), + 0, + (destructor)ssl_Session_dealloc, /* tp_dealloc */ + NULL, /* print */ + NULL, /* tp_getattr */ + NULL, /* setattr */ + NULL, /* compare */ + NULL, /* repr */ + NULL, /* as_number */ + NULL, /* as_sequence */ + NULL, /* as_mapping */ + NULL, /* hash */ + NULL, /* call */ + NULL, /* str */ + NULL, /* getattro */ + NULL, /* setattro */ + NULL, /* as_buffer */ + Py_TPFLAGS_DEFAULT, // Py_TPFLAGS_HAVE_GC, /* tp_flags */ + ssl_Session_doc, /* tp_doc */ + NULL, // (traverseproc)ssl_Session_traverse, /* tp_traverse */ + NULL, // (inquiry)ssl_Session_clear, /* tp_clear */ + NULL, /* tp_richcompare */ + 0, /* tp_weaklistoffset */ + NULL, /* tp_iter */ + NULL, /* tp_iternext */ + ssl_Session_methods, /* tp_methods */ + NULL, /* tp_members */ + NULL, /* tp_getset */ + NULL, /* tp_base */ + NULL, /* tp_dict */ + NULL, /* tp_descr_get */ + NULL, /* tp_descr_set */ + 0, /* tp_dictoffset */ + NULL, /* tp_init */ + NULL, /* tp_alloc */ + ssl_Session_new, /* tp_new */ +}; + +/* + * Initialize the Session part of the SSL sub module + * + * Arguments: dict - The OpenSSL.SSL module + * Returns: 1 for success, 0 otherwise + */ +int +init_ssl_session(PyObject *module) { + + if (PyType_Ready(&ssl_Session_Type) < 0) { + return 0; + } + + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&ssl_Session_Type); + if (PyModule_AddObject(module, "Session", (PyObject *)&ssl_Session_Type) < 0) { + return 0; + } + + return 1; +} + diff --git a/OpenSSL/ssl/session.h b/OpenSSL/ssl/session.h new file mode 100644 index 0000000..4e8de11 --- /dev/null +++ b/OpenSSL/ssl/session.h @@ -0,0 +1,27 @@ +/* + * session.h + * Copyright (C) Jean-Paul Calderone + * See LICENSE for details. + * + * Defined here is the Python type which represents an SSL session by wrapping + * an OpenSSL SSL_SESSION*. + * + */ + +#ifndef PyOpenSSL_SSL_SESSION_H_ +#define PyOpenSSL_SSL_SESSION_H_ + +#include <Python.h> +#include <openssl/ssl.h> + +typedef struct { + PyObject_HEAD + SSL_SESSION *session; +} ssl_SessionObj; + +extern PyTypeObject ssl_Session_Type; + +extern int init_ssl_session(PyObject *); +extern ssl_SessionObj *ssl_Session_from_SSL_SESSION(SSL_SESSION *native_session); + +#endif diff --git a/OpenSSL/ssl/ssl.c b/OpenSSL/ssl/ssl.c index a68f447..5725d5d 100644 --- a/OpenSSL/ssl/ssl.c +++ b/OpenSSL/ssl/ssl.c @@ -298,6 +298,8 @@ do { \ if (!init_ssl_context(module)) goto error; + if (!init_ssl_session(module)) + goto error; if (!init_ssl_connection(module)) goto error; diff --git a/OpenSSL/ssl/ssl.h b/OpenSSL/ssl/ssl.h index 6a0a57e..3074ba5 100644 --- a/OpenSSL/ssl/ssl.h +++ b/OpenSSL/ssl/ssl.h @@ -16,6 +16,7 @@ #include <Python.h> #include <pythread.h> #include "context.h" +#include "session.h" #include "connection.h" #include "../util.h" #include "../crypto/crypto.h" |