ukamnya
/
pydtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
pydtls/dtls/err.py

115 lines
3.6 KiB
Python
Raw Normal View History

Licensing This project is now licensed under the Apache license. Individual files now have a license reference header. The Apache 2.0 license text is copied to the file LICENSE. The file NOTICE, referred to in the license text, has been added. A placeholder README.txt has been added. These three new files are integrated into the distribution/installation machinery, and are placed into the package directory upon installation.
2012-12-18 23:14:31 +04:00
# DTLS exceptions.
# Copyright 2012 Ray Brown
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# The License is also distributed with this work in the file named "LICENSE."
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
Initial commit: up to and including data exchange functionality This initial commit for the PyDTLS package includes the following functionality: * DTLS cookie exchange, using secure hmac cookies * A platform-independent routing UDP demultiplexer * SSL handshaking over UDP using the DTLS protocol * Datagram exchange using the DTLS protocol * SSL shutdown over UDP The package is structured as follows: * dtls: top-level package * dtls.demux: demultiplexer package; automatically loads a demultiplexer appropriate for the currently executing platform * dtls.demux.router: a routing demux for platforms whose network stacks cannot assign incoming UDP packets to sockets based on the sockets' connection information * dtls.demux.osnet: a demux that uses the operating system's UDP packet routing functionality * dtls.err: package-wide error handling and error definitions * dtls.sslconnection: a client and server-side connection class for UDP network connections secured with the DTLS protocol * dtls.openssl: a ctypes-based wrapper for the OpenSSL library * dtls.test: test scripts, utilities, and unit tests The following binaries are provided: * libeay32.dll: cryptographic portion of the OpenSSL library * ssleay32.dll: protocol portion of the OpenSSL library (depends on former) * cygcrypto-1.0.0.dll: as libeay32.dll, but with debugging symbols * cygssl-1.0.0.dll: as ssleay32.dll, but with debugging symbols All binaries have been built with the MinGW tool chain, targeted for msvcr90. The unstripped dll's can be debugged on Windows with gdb. Cygwin is not used.
2012-10-29 23:44:24 +04:00
"""DTLS Errors
This module defines error functionality and exception types for the dtls
package.
Classes:
SSLError -- exception raised for I/O errors
InvalidSocketError -- exception raised for improper socket objects
"""
from socket import error as socket_error
SSL_ERROR_NONE = 0
SSL_ERROR_SSL = 1
SSL_ERROR_WANT_READ = 2
SSL_ERROR_WANT_WRITE = 3
SSL_ERROR_WANT_X509_LOOKUP = 4
SSL_ERROR_SYSCALL = 5
SSL_ERROR_ZERO_RETURN = 6
SSL_ERROR_WANT_CONNECT = 7
SSL_ERROR_WANT_ACCEPT = 8
ERR_BOTH_KEY_CERT_FILES = 500
ERR_BOTH_KEY_CERT_FILES_SVR = 298
ERR_NO_CERTS = 331
SSL standard library module wire-in A patch implementation is provided, which augments and alters the Python standard library's ssl module to support passing of datagram sockets, in which case this package's DTLS protocol support will be activated. The ssl module's interface is intended to operate identically regardless of whether the DTLS protocol or another protocol is chosen. The following features of the ssl module are explicitly supported with datagram sockets: * socket wrapping, unwrapping, and re-wrapping * threaded UDP servers * asynchronous UDP servers (asyncore integration) * socket servers (SocketServer integration) The following modules have been added: * dtls.patch: standard library module patching code and substitution functions and methods * unit.py: this is a port of the standard library's testing module test_ssl.py for datagram sockets; all tests pass at this time; a couple of inapplicable tests have been dropped; a few other tests have been added Also note that the err module's exception raising mechanism has been augmented so as to raise exceptions of type ssl.SSLError (as opposed to dtls.err.SSLError) when instructed to do so through activation of the patching mechanism. This allows code written against the standard library module's interface to remain unchanged. In some cases, types derived from ssl.SSLError are raised.
2012-11-21 23:23:03 +04:00
ERR_NO_CIPHER = 501
Echo server connection timeout and monitoring Prior to this change, the unit tests' echo servers' connections would sometimes linger beyond server termination. A timeout mechanism is now implemented, which will terminate a connection and clean up its resources when the timeout is reached. For the purpose of unit testing, test echo servers now assert that all connections have been terminated when the servers are closed. For threaded echo servers, the timeout mechanism involves the use of sockets with timeouts instead of blocking sockets. This required an implementation with the proper handling of timeout sockets at the sslconnection level.
2012-11-26 01:44:55 +04:00
ERR_READ_TIMEOUT = 502
ERR_WRITE_TIMEOUT = 503
ERR_HANDSHAKE_TIMEOUT = 504
ERR_PORT_UNREACHABLE = 505
Initial commit: up to and including data exchange functionality This initial commit for the PyDTLS package includes the following functionality: * DTLS cookie exchange, using secure hmac cookies * A platform-independent routing UDP demultiplexer * SSL handshaking over UDP using the DTLS protocol * Datagram exchange using the DTLS protocol * SSL shutdown over UDP The package is structured as follows: * dtls: top-level package * dtls.demux: demultiplexer package; automatically loads a demultiplexer appropriate for the currently executing platform * dtls.demux.router: a routing demux for platforms whose network stacks cannot assign incoming UDP packets to sockets based on the sockets' connection information * dtls.demux.osnet: a demux that uses the operating system's UDP packet routing functionality * dtls.err: package-wide error handling and error definitions * dtls.sslconnection: a client and server-side connection class for UDP network connections secured with the DTLS protocol * dtls.openssl: a ctypes-based wrapper for the OpenSSL library * dtls.test: test scripts, utilities, and unit tests The following binaries are provided: * libeay32.dll: cryptographic portion of the OpenSSL library * ssleay32.dll: protocol portion of the OpenSSL library (depends on former) * cygcrypto-1.0.0.dll: as libeay32.dll, but with debugging symbols * cygssl-1.0.0.dll: as ssleay32.dll, but with debugging symbols All binaries have been built with the MinGW tool chain, targeted for msvcr90. The unstripped dll's can be debugged on Windows with gdb. Cygwin is not used.
2012-10-29 23:44:24 +04:00
ERR_COOKIE_MISMATCH = 0x1408A134
class SSLError(socket_error):
"""This exception is raised by modules in the dtls package."""
def __init__(self, *args):
super(SSLError, self).__init__(*args)
class InvalidSocketError(Exception):
"""There is a problem with a socket passed to the dtls package."""
def __init__(self, *args):
super(InvalidSocketError, self).__init__(*args)
SSL standard library module wire-in A patch implementation is provided, which augments and alters the Python standard library's ssl module to support passing of datagram sockets, in which case this package's DTLS protocol support will be activated. The ssl module's interface is intended to operate identically regardless of whether the DTLS protocol or another protocol is chosen. The following features of the ssl module are explicitly supported with datagram sockets: * socket wrapping, unwrapping, and re-wrapping * threaded UDP servers * asynchronous UDP servers (asyncore integration) * socket servers (SocketServer integration) The following modules have been added: * dtls.patch: standard library module patching code and substitution functions and methods * unit.py: this is a port of the standard library's testing module test_ssl.py for datagram sockets; all tests pass at this time; a couple of inapplicable tests have been dropped; a few other tests have been added Also note that the err module's exception raising mechanism has been augmented so as to raise exceptions of type ssl.SSLError (as opposed to dtls.err.SSLError) when instructed to do so through activation of the patching mechanism. This allows code written against the standard library module's interface to remain unchanged. In some cases, types derived from ssl.SSLError are raised.
2012-11-21 23:23:03 +04:00
def _make_opensslerror_class():
global _OpenSSLError
class __OpenSSLError(SSLError):
"""
This exception is raised when an error occurs in the OpenSSL library
"""
def __init__(self, ssl_error, errqueue, result, func, args):
self.ssl_error = ssl_error
self.errqueue = errqueue
self.result = result
self.func = func
self.args = args
SSLError.__init__(self, ssl_error, errqueue,
result, func, args)
_OpenSSLError = __OpenSSLError
_make_opensslerror_class()
def openssl_error():
"""Return the OpenSSL error type for use in exception clauses"""
return _OpenSSLError
def raise_as_ssl_module_error():
"""Exceptions raised from this module are instances of ssl.SSLError"""
import ssl
global SSLError
SSLError = ssl.SSLError
_make_opensslerror_class()
def raise_ssl_error(code, nested=None):
Initial commit: up to and including data exchange functionality This initial commit for the PyDTLS package includes the following functionality: * DTLS cookie exchange, using secure hmac cookies * A platform-independent routing UDP demultiplexer * SSL handshaking over UDP using the DTLS protocol * Datagram exchange using the DTLS protocol * SSL shutdown over UDP The package is structured as follows: * dtls: top-level package * dtls.demux: demultiplexer package; automatically loads a demultiplexer appropriate for the currently executing platform * dtls.demux.router: a routing demux for platforms whose network stacks cannot assign incoming UDP packets to sockets based on the sockets' connection information * dtls.demux.osnet: a demux that uses the operating system's UDP packet routing functionality * dtls.err: package-wide error handling and error definitions * dtls.sslconnection: a client and server-side connection class for UDP network connections secured with the DTLS protocol * dtls.openssl: a ctypes-based wrapper for the OpenSSL library * dtls.test: test scripts, utilities, and unit tests The following binaries are provided: * libeay32.dll: cryptographic portion of the OpenSSL library * ssleay32.dll: protocol portion of the OpenSSL library (depends on former) * cygcrypto-1.0.0.dll: as libeay32.dll, but with debugging symbols * cygssl-1.0.0.dll: as ssleay32.dll, but with debugging symbols All binaries have been built with the MinGW tool chain, targeted for msvcr90. The unstripped dll's can be debugged on Windows with gdb. Cygwin is not used.
2012-10-29 23:44:24 +04:00
"""Raise an SSL error with the given error code"""
SSL standard library module wire-in A patch implementation is provided, which augments and alters the Python standard library's ssl module to support passing of datagram sockets, in which case this package's DTLS protocol support will be activated. The ssl module's interface is intended to operate identically regardless of whether the DTLS protocol or another protocol is chosen. The following features of the ssl module are explicitly supported with datagram sockets: * socket wrapping, unwrapping, and re-wrapping * threaded UDP servers * asynchronous UDP servers (asyncore integration) * socket servers (SocketServer integration) The following modules have been added: * dtls.patch: standard library module patching code and substitution functions and methods * unit.py: this is a port of the standard library's testing module test_ssl.py for datagram sockets; all tests pass at this time; a couple of inapplicable tests have been dropped; a few other tests have been added Also note that the err module's exception raising mechanism has been augmented so as to raise exceptions of type ssl.SSLError (as opposed to dtls.err.SSLError) when instructed to do so through activation of the patching mechanism. This allows code written against the standard library module's interface to remain unchanged. In some cases, types derived from ssl.SSLError are raised.
2012-11-21 23:23:03 +04:00
err_string = str(code) + ": " + _ssl_errors[code]
if nested:
raise SSLError(err_string, nested)
raise SSLError(err_string)
Initial commit: up to and including data exchange functionality This initial commit for the PyDTLS package includes the following functionality: * DTLS cookie exchange, using secure hmac cookies * A platform-independent routing UDP demultiplexer * SSL handshaking over UDP using the DTLS protocol * Datagram exchange using the DTLS protocol * SSL shutdown over UDP The package is structured as follows: * dtls: top-level package * dtls.demux: demultiplexer package; automatically loads a demultiplexer appropriate for the currently executing platform * dtls.demux.router: a routing demux for platforms whose network stacks cannot assign incoming UDP packets to sockets based on the sockets' connection information * dtls.demux.osnet: a demux that uses the operating system's UDP packet routing functionality * dtls.err: package-wide error handling and error definitions * dtls.sslconnection: a client and server-side connection class for UDP network connections secured with the DTLS protocol * dtls.openssl: a ctypes-based wrapper for the OpenSSL library * dtls.test: test scripts, utilities, and unit tests The following binaries are provided: * libeay32.dll: cryptographic portion of the OpenSSL library * ssleay32.dll: protocol portion of the OpenSSL library (depends on former) * cygcrypto-1.0.0.dll: as libeay32.dll, but with debugging symbols * cygssl-1.0.0.dll: as ssleay32.dll, but with debugging symbols All binaries have been built with the MinGW tool chain, targeted for msvcr90. The unstripped dll's can be debugged on Windows with gdb. Cygwin is not used.
2012-10-29 23:44:24 +04:00
_ssl_errors = {
ERR_NO_CERTS: "No root certificates specified for verification " + \
"of other-side certificates",
ERR_BOTH_KEY_CERT_FILES: "Both the key & certificate files " + \
"must be specified",
ERR_BOTH_KEY_CERT_FILES_SVR: "Both the key & certificate files must be " + \
SSL standard library module wire-in A patch implementation is provided, which augments and alters the Python standard library's ssl module to support passing of datagram sockets, in which case this package's DTLS protocol support will be activated. The ssl module's interface is intended to operate identically regardless of whether the DTLS protocol or another protocol is chosen. The following features of the ssl module are explicitly supported with datagram sockets: * socket wrapping, unwrapping, and re-wrapping * threaded UDP servers * asynchronous UDP servers (asyncore integration) * socket servers (SocketServer integration) The following modules have been added: * dtls.patch: standard library module patching code and substitution functions and methods * unit.py: this is a port of the standard library's testing module test_ssl.py for datagram sockets; all tests pass at this time; a couple of inapplicable tests have been dropped; a few other tests have been added Also note that the err module's exception raising mechanism has been augmented so as to raise exceptions of type ssl.SSLError (as opposed to dtls.err.SSLError) when instructed to do so through activation of the patching mechanism. This allows code written against the standard library module's interface to remain unchanged. In some cases, types derived from ssl.SSLError are raised.
2012-11-21 23:23:03 +04:00
"specified for server-side operation",
ERR_NO_CIPHER: "No cipher can be selected.",
Echo server connection timeout and monitoring Prior to this change, the unit tests' echo servers' connections would sometimes linger beyond server termination. A timeout mechanism is now implemented, which will terminate a connection and clean up its resources when the timeout is reached. For the purpose of unit testing, test echo servers now assert that all connections have been terminated when the servers are closed. For threaded echo servers, the timeout mechanism involves the use of sockets with timeouts instead of blocking sockets. This required an implementation with the proper handling of timeout sockets at the sslconnection level.
2012-11-26 01:44:55 +04:00
ERR_READ_TIMEOUT: "The read operation timed out",
ERR_WRITE_TIMEOUT: "The write operation timed out",
SSL standard library module wire-in A patch implementation is provided, which augments and alters the Python standard library's ssl module to support passing of datagram sockets, in which case this package's DTLS protocol support will be activated. The ssl module's interface is intended to operate identically regardless of whether the DTLS protocol or another protocol is chosen. The following features of the ssl module are explicitly supported with datagram sockets: * socket wrapping, unwrapping, and re-wrapping * threaded UDP servers * asynchronous UDP servers (asyncore integration) * socket servers (SocketServer integration) The following modules have been added: * dtls.patch: standard library module patching code and substitution functions and methods * unit.py: this is a port of the standard library's testing module test_ssl.py for datagram sockets; all tests pass at this time; a couple of inapplicable tests have been dropped; a few other tests have been added Also note that the err module's exception raising mechanism has been augmented so as to raise exceptions of type ssl.SSLError (as opposed to dtls.err.SSLError) when instructed to do so through activation of the patching mechanism. This allows code written against the standard library module's interface to remain unchanged. In some cases, types derived from ssl.SSLError are raised.
2012-11-21 23:23:03 +04:00
ERR_HANDSHAKE_TIMEOUT: "The handshake operation timed out",
ERR_PORT_UNREACHABLE: "The peer address is not reachable",
Initial commit: up to and including data exchange functionality This initial commit for the PyDTLS package includes the following functionality: * DTLS cookie exchange, using secure hmac cookies * A platform-independent routing UDP demultiplexer * SSL handshaking over UDP using the DTLS protocol * Datagram exchange using the DTLS protocol * SSL shutdown over UDP The package is structured as follows: * dtls: top-level package * dtls.demux: demultiplexer package; automatically loads a demultiplexer appropriate for the currently executing platform * dtls.demux.router: a routing demux for platforms whose network stacks cannot assign incoming UDP packets to sockets based on the sockets' connection information * dtls.demux.osnet: a demux that uses the operating system's UDP packet routing functionality * dtls.err: package-wide error handling and error definitions * dtls.sslconnection: a client and server-side connection class for UDP network connections secured with the DTLS protocol * dtls.openssl: a ctypes-based wrapper for the OpenSSL library * dtls.test: test scripts, utilities, and unit tests The following binaries are provided: * libeay32.dll: cryptographic portion of the OpenSSL library * ssleay32.dll: protocol portion of the OpenSSL library (depends on former) * cygcrypto-1.0.0.dll: as libeay32.dll, but with debugging symbols * cygssl-1.0.0.dll: as ssleay32.dll, but with debugging symbols All binaries have been built with the MinGW tool chain, targeted for msvcr90. The unstripped dll's can be debugged on Windows with gdb. Cygwin is not used.
2012-10-29 23:44:24 +04:00
}