Updating openSSL libs to v1.0.2l-dev
* dtls/openssl.py: Added mtu-functions SSL_set_mtu() and DTLS_set_link_mtu() * dtls/prebuilt/win32-*: Updated libs for x86 and x86_64 to version 1.0.2l-dev * dtls/sslconnection.py: mtu size set hardcoded to 1500 - otherwise the windows implementation has problemsincoming
parent
70e78b97cb
commit
8b07f3f46d
|
@ -1,3 +1,11 @@
|
|||
2017-03-17 Björn Freise <mcfreis@gmx.net>
|
||||
|
||||
Updating openSSL libs to v1.0.2l-dev
|
||||
|
||||
* dtls/openssl.py: Added mtu-functions SSL_set_mtu() and DTLS_set_link_mtu()
|
||||
* dtls/prebuilt/win32-*: Updated libs for x86 and x86_64 to version 1.0.2l-dev
|
||||
* dtls/sslconnection.py: mtu size set hardcoded to 1500 - otherwise the windows implementation has problems
|
||||
|
||||
2017-03-17 Björn Freise <mcfreis@gmx.net>
|
||||
|
||||
Added interface for SSL_CTX_set_info_callback()
|
||||
|
|
|
@ -77,18 +77,19 @@ else:
|
|||
libcrypto = CDLL("libcrypto.so.1.0.0")
|
||||
libssl = CDLL("libssl.so.1.0.0")
|
||||
|
||||
#
|
||||
# Integer constants - exported
|
||||
#
|
||||
BIO_NOCLOSE = 0x00
|
||||
BIO_CLOSE = 0x01
|
||||
SSLEAY_VERSION = 0
|
||||
SSL_OP_NO_COMPRESSION = 0x00020000
|
||||
SSL_VERIFY_NONE = 0x00
|
||||
SSL_VERIFY_PEER = 0x01
|
||||
SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 0x02
|
||||
SSL_VERIFY_CLIENT_ONCE = 0x04
|
||||
SSL_SESS_CACHE_OFF = 0x0000
|
||||
#
|
||||
# Integer constants - exported
|
||||
#
|
||||
BIO_NOCLOSE = 0x00
|
||||
BIO_CLOSE = 0x01
|
||||
SSLEAY_VERSION = 0
|
||||
SSL_OP_NO_QUERY_MTU = 0x00001000
|
||||
SSL_OP_NO_COMPRESSION = 0x00020000
|
||||
SSL_VERIFY_NONE = 0x00
|
||||
SSL_VERIFY_PEER = 0x01
|
||||
SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 0x02
|
||||
SSL_VERIFY_CLIENT_ONCE = 0x04
|
||||
SSL_SESS_CACHE_OFF = 0x0000
|
||||
SSL_SESS_CACHE_CLIENT = 0x0001
|
||||
SSL_SESS_CACHE_SERVER = 0x0002
|
||||
SSL_SESS_CACHE_BOTH = SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER
|
||||
|
@ -130,6 +131,7 @@ SSL_CB_HANDSHAKE_DONE = 0x20
|
|||
#
|
||||
# Integer constants - internal
|
||||
#
|
||||
SSL_CTRL_SET_MTU = 17
|
||||
SSL_CTRL_OPTIONS = 32
|
||||
SSL_CTRL_SET_READ_AHEAD = 41
|
||||
SSL_CTRL_SET_SESS_CACHE_MODE = 44
|
||||
|
@ -144,6 +146,7 @@ BIO_C_SET_NBIO = 102
|
|||
DTLS_CTRL_GET_TIMEOUT = 73
|
||||
DTLS_CTRL_HANDLE_TIMEOUT = 74
|
||||
DTLS_CTRL_LISTEN = 75
|
||||
DTLS_CTRL_SET_LINK_MTU = 120
|
||||
|
||||
X509_NAME_MAXLEN = 256
|
||||
GETS_MAXLEN = 2048
|
||||
|
@ -504,7 +507,7 @@ __all__ = [
|
|||
# Constants
|
||||
"BIO_NOCLOSE", "BIO_CLOSE",
|
||||
"SSLEAY_VERSION",
|
||||
"SSL_OP_NO_COMPRESSION",
|
||||
"SSL_OP_NO_QUERY_MTU", "SSL_OP_NO_COMPRESSION",
|
||||
"SSL_VERIFY_NONE", "SSL_VERIFY_PEER",
|
||||
"SSL_VERIFY_FAIL_IF_NO_PEER_CERT", "SSL_VERIFY_CLIENT_ONCE",
|
||||
"SSL_SESS_CACHE_OFF", "SSL_SESS_CACHE_CLIENT",
|
||||
|
@ -524,6 +527,7 @@ __all__ = [
|
|||
"CRYPTO_set_locking_callback",
|
||||
"DTLSv1_get_timeout", "DTLSv1_handle_timeout",
|
||||
"DTLSv1_listen",
|
||||
"DTLS_set_link_mtu",
|
||||
"BIO_gets", "BIO_read", "BIO_get_mem_data",
|
||||
"BIO_dgram_set_connected",
|
||||
"BIO_dgram_get_peer", "BIO_dgram_set_peer",
|
||||
|
@ -532,6 +536,8 @@ __all__ = [
|
|||
"SSL_CTX_set_options",
|
||||
"SSL_CTX_set_info_callback",
|
||||
"SSL_read", "SSL_write",
|
||||
"SSL_set_options",
|
||||
"SSL_set_mtu",
|
||||
"SSL_state_string_long", "SSL_alert_type_string_long", "SSL_alert_desc_string_long",
|
||||
"SSL_CTX_set_cookie_cb",
|
||||
"OBJ_obj2txt", "decode_ASN1_STRING", "ASN1_TIME_print",
|
||||
|
@ -815,16 +821,19 @@ def DTLSv1_handle_timeout(ssl):
|
|||
|
||||
def DTLSv1_listen(ssl):
|
||||
su = sockaddr_u()
|
||||
ret = _SSL_ctrl(ssl, DTLS_CTRL_LISTEN, 0, byref(su))
|
||||
errcheck_ord(ret, _SSL_ctrl, (ssl, DTLS_CTRL_LISTEN, 0, byref(su)))
|
||||
return addr_tuple_from_sockaddr_u(su)
|
||||
|
||||
def SSL_read(ssl, length, buffer):
|
||||
if buffer:
|
||||
length = min(length, len(buffer))
|
||||
buf = (c_char * length).from_buffer(buffer)
|
||||
else:
|
||||
buf = create_string_buffer(length)
|
||||
ret = _SSL_ctrl(ssl, DTLS_CTRL_LISTEN, 0, byref(su))
|
||||
errcheck_ord(ret, _SSL_ctrl, (ssl, DTLS_CTRL_LISTEN, 0, byref(su)))
|
||||
return addr_tuple_from_sockaddr_u(su)
|
||||
|
||||
def DTLS_set_link_mtu(ssl, mtu):
|
||||
return _SSL_ctrl(ssl, DTLS_CTRL_SET_LINK_MTU, mtu, None)
|
||||
|
||||
def SSL_read(ssl, length, buffer):
|
||||
if buffer:
|
||||
length = min(length, len(buffer))
|
||||
buf = (c_char * length).from_buffer(buffer)
|
||||
else:
|
||||
buf = create_string_buffer(length)
|
||||
res_len = _SSL_read(ssl, buf, length)
|
||||
if buffer:
|
||||
return res_len
|
||||
|
@ -841,6 +850,12 @@ def SSL_write(ssl, data):
|
|||
str_data = str(data)
|
||||
return _SSL_write(ssl, str_data, len(str_data))
|
||||
|
||||
def SSL_set_options(ssl, op):
|
||||
return _SSL_ctrl(ssl, SSL_CTRL_OPTIONS, op, None)
|
||||
|
||||
def SSL_set_mtu(ssl, mtu):
|
||||
return _SSL_ctrl(ssl, SSL_CTRL_SET_MTU, mtu, None)
|
||||
|
||||
def SSL_state_string_long(ssl):
|
||||
try:
|
||||
ret = _SSL_state_string_long(ssl)
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -404,18 +404,19 @@ class SSLConnection(object):
|
|||
try:
|
||||
peer_address = sock.getpeername()
|
||||
except socket.error:
|
||||
peer_address = None
|
||||
if server_side:
|
||||
post_init = self._init_server(peer_address)
|
||||
else:
|
||||
post_init = self._init_client(peer_address)
|
||||
|
||||
SSL_set_bio(self._ssl.value, self._rbio.value, self._wbio.value)
|
||||
self._rbio.disown()
|
||||
self._wbio.disown()
|
||||
if post_init:
|
||||
post_init()
|
||||
|
||||
peer_address = None
|
||||
if server_side:
|
||||
post_init = self._init_server(peer_address)
|
||||
else:
|
||||
post_init = self._init_client(peer_address)
|
||||
|
||||
SSL_set_options(self._ssl.value, SSL_OP_NO_QUERY_MTU)
|
||||
DTLS_set_link_mtu(self._ssl.value, 1500)
|
||||
SSL_set_bio(self._ssl.value, self._rbio.value, self._wbio.value)
|
||||
self._rbio.disown()
|
||||
self._wbio.disown()
|
||||
if post_init:
|
||||
post_init()
|
||||
def get_socket(self, inbound):
|
||||
"""Retrieve a socket used by this connection
|
||||
|
||||
|
|
Loading…
Reference in New Issue