MCPcopy Index your code
hub / github.com/python/cpython / wrap_conn

Method wrap_conn

Lib/test/test_ssl.py:2573–2632  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

2571 self.daemon = True
2572
2573 def wrap_conn(self):
2574 try:
2575 self.sslconn = self.server.context.wrap_socket(
2576 self.sock, server_side=True)
2577 self.server.selected_alpn_protocols.append(self.sslconn.selected_alpn_protocol())
2578 except (ConnectionResetError, BrokenPipeError, ConnectionAbortedError) as e:
2579 # We treat ConnectionResetError as though it were an
2580 # SSLError - OpenSSL on Ubuntu abruptly closes the
2581 # connection when asked to use an unsupported protocol.
2582 #
2583 # BrokenPipeError is raised in TLS 1.3 mode, when OpenSSL
2584 # tries to send session tickets after handshake.
2585 # https://github.com/openssl/openssl/issues/6342
2586 #
2587 # ConnectionAbortedError is raised in TLS 1.3 mode, when OpenSSL
2588 # tries to send session tickets after handshake when using WinSock.
2589 self.server.conn_errors.append(str(e))
2590 if self.server.chatty:
2591 handle_error("\n server: bad connection attempt from " + repr(self.addr) + ":\n")
2592 self.running = False
2593 self.close()
2594 return False
2595 except (ssl.SSLError, OSError) as e:
2596 # OSError may occur with wrong protocols, e.g. both
2597 # sides use PROTOCOL_TLS_SERVER.
2598 #
2599 # XXX Various errors can have happened here, for example
2600 # a mismatching protocol version, an invalid certificate,
2601 # or a low-level bug. This should be made more discriminating.
2602 #
2603 # bpo-31323: Store the exception as string to prevent
2604 # a reference leak: server -> conn_errors -> exception
2605 # -> traceback -> self (ConnectionHandler) -> server
2606 self.server.conn_errors.append(str(e))
2607 if self.server.chatty:
2608 handle_error("\n server: bad connection attempt from " + repr(self.addr) + ":\n")
2609
2610 # bpo-44229, bpo-43855, bpo-44237, and bpo-33450:
2611 # Ignore spurious EPROTOTYPE returned by write() on macOS.
2612 # See also http://erickt.github.io/blog/2014/11/19/adventures-in-debugging-a-potential-osx-kernel-bug/
2613 if e.errno != errno.EPROTOTYPE and sys.platform != "darwin":
2614 self.running = False
2615 self.close()
2616 return False
2617 else:
2618 self.server.shared_ciphers.append(self.sslconn.shared_ciphers())
2619 if self.server.context.verify_mode == ssl.CERT_REQUIRED:
2620 cert = self.sslconn.getpeercert()
2621 if support.verbose and self.server.chatty:
2622 sys.stdout.write(" client cert is " + pprint.pformat(cert) + "\n")
2623 cert_binary = self.sslconn.getpeercert(True)
2624 if support.verbose and self.server.chatty:
2625 if cert_binary is None:
2626 sys.stdout.write(" client did not provide a cert\n")
2627 else:
2628 sys.stdout.write(f" cert binary is {len(cert_binary)}b\n")
2629 cipher = self.sslconn.cipher()
2630 if support.verbose and self.server.chatty:

Callers 1

runMethod · 0.95

Calls 11

closeMethod · 0.95
strFunction · 0.85
handle_errorFunction · 0.85
wrap_socketMethod · 0.80
pformatMethod · 0.80
appendMethod · 0.45
shared_ciphersMethod · 0.45
getpeercertMethod · 0.45
writeMethod · 0.45
cipherMethod · 0.45

Tested by

no test coverage detected