public static PythonSocket.ssl sslwrap(
CodeContext context,
PythonSocket.socket socket,
bool server_side,
[DefaultParameterValue(null)] string keyfile,
[DefaultParameterValue(null)] string certfile,
[DefaultParameterValue(PythonSsl.CERT_NONE)]int certs_mode,
[DefaultParameterValue(-1)]int protocol,
[DefaultParameterValue(null)]string cacertsfile) {
return new PythonSocket.ssl(
context,
socket,
server_side,
keyfile,
certfile,
certs_mode,
protocol,
cacertsfile
);
}
public static PythonSocket.ssl sslwrap(
CodeContext context,
PythonSocket.socket socket,
bool server_side,
[DefaultParameterValue(null)] string keyfile,
[DefaultParameterValue(null)] string certfile,
[DefaultParameterValue(PythonSsl.CERT_NONE)]int certs_mode,
[DefaultParameterValue(PythonSsl.PROTOCOL_SSLv23 | PythonSsl.OP_NO_SSLv2 | PythonSsl.OP_NO_SSLv3)]int protocol,
[DefaultParameterValue(null)]string cacertsfile,
[DefaultParameterValue(null)]object ciphers) {
return new PythonSocket.ssl(
context,
socket,
server_side,
keyfile,
certfile,
certs_mode,
protocol,
cacertsfile
);
}
internal ssl(CodeContext context,
PythonSocket.socket sock,
bool server_side,
[DefaultParameterValue(null)] string keyfile,
[DefaultParameterValue(null)] string certfile,
[DefaultParameterValue(PythonSsl.CERT_NONE)]int certs_mode,
[DefaultParameterValue(-1)]int protocol,
string cacertsfile) {
if (sock == null) {
throw PythonOps.TypeError("expected socket object, got None");
}
if ((keyfile == null) != (certfile == null)) {
throw PythonExceptions.CreateThrowable(
PythonSsl.SSLError(context),
"When key or certificate is provided both must be provided"
);
}
_serverSide = server_side;
bool validate;
_certsMode = certs_mode;
RemoteCertificateValidationCallback callback;
switch (certs_mode) {
case PythonSsl.CERT_NONE:
validate = false;
callback = CertValidationCallback;
break;
case PythonSsl.CERT_OPTIONAL:
validate = true;
callback = CertValidationCallbackOptional;
break;
case PythonSsl.CERT_REQUIRED:
validate = true;
callback = CertValidationCallbackRequired;
break;
default:
throw new InvalidOperationException(String.Format("bad certs_mode: {0}", certs_mode));
}
_callback = callback;
if (certfile != null) {
_cert = PythonSsl.ReadCertificate(context, certfile);
}
_socket = sock;
EnsureSslStream(false);
_certCollection = cacertsfile != null ?
new X509Certificate2Collection(new[] { PythonSsl.ReadCertificate(context, cacertsfile) }) :
new X509Certificate2Collection();
_protocol = protocol;
_validate = validate;
_context = context;
}
public ssl(CodeContext context, PythonSocket.socket sock, [DefaultParameterValue(null)] string keyfile, [DefaultParameterValue(null)] string certfile) {
_context = context;
_sslStream = new SslStream(new NetworkStream(sock._socket, false), true, CertValidationCallback);
_socket = sock;
_certCollection = new X509Certificate2Collection();
_protocol = -1;
_validate = false;
}
public ssl(PythonSocket.socket sock, [DefaultParameterValue(null)] string keyfile, [DefaultParameterValue(null)] string certfile) {
_sslStream = new SslStream(new NetworkStream(sock._socket, false), true, CertValidationCallback);
_sslStream.AuthenticateAsClient(sock._hostName);
}
