2020-06-03 23:40:05 +01:00
|
|
|
// Copyright (c) 2016 Linaro Ltd.
|
|
|
|
// SPDX-FileCopyrightText: 2014 MicroPython & CircuitPython contributors (https://github.com/adafruit/circuitpython/graphs/contributors)
|
|
|
|
//
|
|
|
|
// SPDX-License-Identifier: MIT
|
2016-09-21 21:25:33 +03:00
|
|
|
|
|
|
|
#include "py/mpconfig.h"
|
|
|
|
#if MICROPY_PY_USSL && MICROPY_SSL_MBEDTLS
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <string.h>
|
2017-07-21 10:30:35 -07:00
|
|
|
#include <errno.h> // needed because mp_is_nonblocking_error uses system error codes
|
2016-09-21 21:25:33 +03:00
|
|
|
|
|
|
|
#include "py/runtime.h"
|
|
|
|
#include "py/stream.h"
|
|
|
|
|
|
|
|
// mbedtls_time_t
|
2016-09-22 01:30:48 +03:00
|
|
|
#include "mbedtls/platform.h"
|
|
|
|
#include "mbedtls/net.h"
|
|
|
|
#include "mbedtls/ssl.h"
|
|
|
|
#include "mbedtls/x509_crt.h"
|
|
|
|
#include "mbedtls/pk.h"
|
|
|
|
#include "mbedtls/entropy.h"
|
|
|
|
#include "mbedtls/ctr_drbg.h"
|
|
|
|
#include "mbedtls/debug.h"
|
2016-09-21 21:25:33 +03:00
|
|
|
|
|
|
|
typedef struct _mp_obj_ssl_socket_t {
|
|
|
|
mp_obj_base_t base;
|
|
|
|
mp_obj_t sock;
|
|
|
|
mbedtls_entropy_context entropy;
|
|
|
|
mbedtls_ctr_drbg_context ctr_drbg;
|
|
|
|
mbedtls_ssl_context ssl;
|
|
|
|
mbedtls_ssl_config conf;
|
|
|
|
mbedtls_x509_crt cacert;
|
2016-09-22 00:17:44 +03:00
|
|
|
mbedtls_x509_crt cert;
|
|
|
|
mbedtls_pk_context pkey;
|
2016-09-21 21:25:33 +03:00
|
|
|
} mp_obj_ssl_socket_t;
|
|
|
|
|
2016-09-22 00:17:44 +03:00
|
|
|
struct ssl_args {
|
|
|
|
mp_arg_val_t key;
|
|
|
|
mp_arg_val_t cert;
|
|
|
|
mp_arg_val_t server_side;
|
2016-09-23 01:44:23 +03:00
|
|
|
mp_arg_val_t server_hostname;
|
2016-09-22 00:17:44 +03:00
|
|
|
};
|
|
|
|
|
2016-09-21 21:25:33 +03:00
|
|
|
STATIC const mp_obj_type_t ussl_socket_type;
|
|
|
|
|
2017-10-30 15:41:37 +11:00
|
|
|
#ifdef MBEDTLS_DEBUG_C
|
|
|
|
STATIC void mbedtls_debug(void *ctx, int level, const char *file, int line, const char *str) {
|
|
|
|
(void)ctx;
|
|
|
|
(void)level;
|
2016-09-21 21:25:33 +03:00
|
|
|
printf("DBG:%s:%04d: %s\n", file, line, str);
|
|
|
|
}
|
2017-10-30 15:41:37 +11:00
|
|
|
#endif
|
2016-09-21 21:25:33 +03:00
|
|
|
|
2017-10-30 15:41:37 +11:00
|
|
|
STATIC int _mbedtls_ssl_send(void *ctx, const byte *buf, size_t len) {
|
2021-03-15 19:27:36 +05:30
|
|
|
mp_obj_t sock = *(mp_obj_t *)ctx;
|
2016-09-21 21:25:33 +03:00
|
|
|
|
2018-06-13 12:37:49 +10:00
|
|
|
const mp_stream_p_t *sock_stream = mp_get_stream(sock);
|
2016-09-21 21:25:33 +03:00
|
|
|
int err;
|
|
|
|
|
2017-10-30 15:41:37 +11:00
|
|
|
mp_uint_t out_sz = sock_stream->write(sock, buf, len, &err);
|
2016-09-21 21:25:33 +03:00
|
|
|
if (out_sz == MP_STREAM_ERROR) {
|
2017-07-21 10:30:35 -07:00
|
|
|
if (mp_is_nonblocking_error(err)) {
|
|
|
|
return MBEDTLS_ERR_SSL_WANT_WRITE;
|
|
|
|
}
|
2016-09-21 21:25:33 +03:00
|
|
|
return -err;
|
|
|
|
} else {
|
|
|
|
return out_sz;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-10-30 15:41:37 +11:00
|
|
|
STATIC int _mbedtls_ssl_recv(void *ctx, byte *buf, size_t len) {
|
2021-03-15 19:27:36 +05:30
|
|
|
mp_obj_t sock = *(mp_obj_t *)ctx;
|
2016-09-21 21:25:33 +03:00
|
|
|
|
2018-06-13 12:37:49 +10:00
|
|
|
const mp_stream_p_t *sock_stream = mp_get_stream(sock);
|
2016-09-21 21:25:33 +03:00
|
|
|
int err;
|
|
|
|
|
2017-10-30 15:41:37 +11:00
|
|
|
mp_uint_t out_sz = sock_stream->read(sock, buf, len, &err);
|
2016-09-21 21:25:33 +03:00
|
|
|
if (out_sz == MP_STREAM_ERROR) {
|
2017-07-21 10:30:35 -07:00
|
|
|
if (mp_is_nonblocking_error(err)) {
|
|
|
|
return MBEDTLS_ERR_SSL_WANT_READ;
|
|
|
|
}
|
2016-09-21 21:25:33 +03:00
|
|
|
return -err;
|
|
|
|
} else {
|
|
|
|
return out_sz;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2016-09-22 00:17:44 +03:00
|
|
|
STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
|
2018-06-13 12:37:49 +10:00
|
|
|
// Verify the socket object has the full stream protocol
|
|
|
|
mp_get_stream_raise(sock, MP_STREAM_OP_READ | MP_STREAM_OP_WRITE | MP_STREAM_OP_IOCTL);
|
|
|
|
|
2021-03-15 19:27:36 +05:30
|
|
|
#if MICROPY_PY_USSL_FINALISER
|
2017-10-26 21:17:35 -07:00
|
|
|
mp_obj_ssl_socket_t *o = m_new_obj_with_finaliser(mp_obj_ssl_socket_t);
|
2021-03-15 19:27:36 +05:30
|
|
|
#else
|
2016-09-21 21:25:33 +03:00
|
|
|
mp_obj_ssl_socket_t *o = m_new_obj(mp_obj_ssl_socket_t);
|
2021-03-15 19:27:36 +05:30
|
|
|
#endif
|
2016-09-21 21:25:33 +03:00
|
|
|
o->base.type = &ussl_socket_type;
|
2018-05-31 21:47:26 +10:00
|
|
|
o->sock = sock;
|
2016-09-21 21:25:33 +03:00
|
|
|
|
|
|
|
int ret;
|
|
|
|
mbedtls_ssl_init(&o->ssl);
|
|
|
|
mbedtls_ssl_config_init(&o->conf);
|
|
|
|
mbedtls_x509_crt_init(&o->cacert);
|
2016-09-22 00:17:44 +03:00
|
|
|
mbedtls_x509_crt_init(&o->cert);
|
|
|
|
mbedtls_pk_init(&o->pkey);
|
2016-09-21 21:25:33 +03:00
|
|
|
mbedtls_ctr_drbg_init(&o->ctr_drbg);
|
2017-09-06 17:34:45 +10:00
|
|
|
#ifdef MBEDTLS_DEBUG_C
|
2016-09-21 21:25:33 +03:00
|
|
|
// Debug level (0-4)
|
|
|
|
mbedtls_debug_set_threshold(0);
|
2017-09-06 17:34:45 +10:00
|
|
|
#endif
|
2016-09-21 21:25:33 +03:00
|
|
|
|
|
|
|
mbedtls_entropy_init(&o->entropy);
|
|
|
|
const byte seed[] = "upy";
|
2018-05-31 21:52:29 +10:00
|
|
|
ret = mbedtls_ctr_drbg_seed(&o->ctr_drbg, mbedtls_entropy_func, &o->entropy, seed, sizeof(seed));
|
2016-09-21 21:25:33 +03:00
|
|
|
if (ret != 0) {
|
2017-10-31 15:54:15 +11:00
|
|
|
goto cleanup;
|
2016-09-21 21:25:33 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
ret = mbedtls_ssl_config_defaults(&o->conf,
|
2021-03-15 19:27:36 +05:30
|
|
|
args->server_side.u_bool ? MBEDTLS_SSL_IS_SERVER : MBEDTLS_SSL_IS_CLIENT,
|
|
|
|
MBEDTLS_SSL_TRANSPORT_STREAM,
|
|
|
|
MBEDTLS_SSL_PRESET_DEFAULT);
|
2016-09-21 21:25:33 +03:00
|
|
|
if (ret != 0) {
|
2017-10-31 15:54:15 +11:00
|
|
|
goto cleanup;
|
2016-09-21 21:25:33 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
mbedtls_ssl_conf_authmode(&o->conf, MBEDTLS_SSL_VERIFY_NONE);
|
|
|
|
mbedtls_ssl_conf_rng(&o->conf, mbedtls_ctr_drbg_random, &o->ctr_drbg);
|
2017-09-06 17:34:45 +10:00
|
|
|
#ifdef MBEDTLS_DEBUG_C
|
2016-09-21 21:25:33 +03:00
|
|
|
mbedtls_ssl_conf_dbg(&o->conf, mbedtls_debug, NULL);
|
2017-09-06 17:34:45 +10:00
|
|
|
#endif
|
2016-09-21 21:25:33 +03:00
|
|
|
|
|
|
|
ret = mbedtls_ssl_setup(&o->ssl, &o->conf);
|
|
|
|
if (ret != 0) {
|
2017-10-31 15:54:15 +11:00
|
|
|
goto cleanup;
|
2016-09-21 21:25:33 +03:00
|
|
|
}
|
|
|
|
|
2016-09-23 01:44:23 +03:00
|
|
|
if (args->server_hostname.u_obj != mp_const_none) {
|
|
|
|
const char *sni = mp_obj_str_get_str(args->server_hostname.u_obj);
|
|
|
|
ret = mbedtls_ssl_set_hostname(&o->ssl, sni);
|
|
|
|
if (ret != 0) {
|
2017-10-31 15:54:15 +11:00
|
|
|
goto cleanup;
|
2016-09-23 01:44:23 +03:00
|
|
|
}
|
2016-09-21 21:25:33 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
mbedtls_ssl_set_bio(&o->ssl, &o->sock, _mbedtls_ssl_send, _mbedtls_ssl_recv, NULL);
|
|
|
|
|
2016-09-22 00:17:44 +03:00
|
|
|
if (args->key.u_obj != MP_OBJ_NULL) {
|
2017-03-25 19:48:44 +11:00
|
|
|
size_t key_len;
|
2021-03-15 19:27:36 +05:30
|
|
|
const byte *key = (const byte *)mp_obj_str_get_data(args->key.u_obj, &key_len);
|
2016-09-22 00:17:44 +03:00
|
|
|
// len should include terminating null
|
|
|
|
ret = mbedtls_pk_parse_key(&o->pkey, key, key_len + 1, NULL, 0);
|
|
|
|
assert(ret == 0);
|
|
|
|
|
2017-03-25 19:48:44 +11:00
|
|
|
size_t cert_len;
|
2021-03-15 19:27:36 +05:30
|
|
|
const byte *cert = (const byte *)mp_obj_str_get_data(args->cert.u_obj, &cert_len);
|
2016-09-22 00:17:44 +03:00
|
|
|
// len should include terminating null
|
|
|
|
ret = mbedtls_x509_crt_parse(&o->cert, cert, cert_len + 1);
|
|
|
|
assert(ret == 0);
|
|
|
|
|
|
|
|
ret = mbedtls_ssl_conf_own_cert(&o->conf, &o->cert, &o->pkey);
|
|
|
|
assert(ret == 0);
|
|
|
|
}
|
|
|
|
|
2017-07-24 15:07:48 +10:00
|
|
|
while ((ret = mbedtls_ssl_handshake(&o->ssl)) != 0) {
|
|
|
|
if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
|
|
|
|
printf("mbedtls_ssl_handshake error: -%x\n", -ret);
|
2017-10-31 15:54:15 +11:00
|
|
|
goto cleanup;
|
2016-09-21 21:25:33 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return o;
|
2017-10-31 15:54:15 +11:00
|
|
|
|
|
|
|
cleanup:
|
|
|
|
mbedtls_pk_free(&o->pkey);
|
|
|
|
mbedtls_x509_crt_free(&o->cert);
|
|
|
|
mbedtls_x509_crt_free(&o->cacert);
|
|
|
|
mbedtls_ssl_free(&o->ssl);
|
|
|
|
mbedtls_ssl_config_free(&o->conf);
|
|
|
|
mbedtls_ctr_drbg_free(&o->ctr_drbg);
|
|
|
|
mbedtls_entropy_free(&o->entropy);
|
|
|
|
|
|
|
|
if (ret == MBEDTLS_ERR_SSL_ALLOC_FAILED) {
|
|
|
|
mp_raise_OSError(MP_ENOMEM);
|
|
|
|
} else {
|
|
|
|
mp_raise_OSError(MP_EIO);
|
|
|
|
}
|
2016-09-21 21:25:33 +03:00
|
|
|
}
|
|
|
|
|
2017-08-15 07:49:11 -07:00
|
|
|
STATIC mp_obj_t mod_ssl_getpeercert(mp_obj_t o_in, mp_obj_t binary_form) {
|
|
|
|
mp_obj_ssl_socket_t *o = MP_OBJ_TO_PTR(o_in);
|
|
|
|
if (!mp_obj_is_true(binary_form)) {
|
|
|
|
mp_raise_NotImplementedError(NULL);
|
|
|
|
}
|
2021-03-15 19:27:36 +05:30
|
|
|
const mbedtls_x509_crt *peer_cert = mbedtls_ssl_get_peer_cert(&o->ssl);
|
2017-08-15 07:49:11 -07:00
|
|
|
return mp_obj_new_bytes(peer_cert->raw.p, peer_cert->raw.len);
|
|
|
|
}
|
|
|
|
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_ssl_getpeercert_obj, mod_ssl_getpeercert);
|
|
|
|
|
2016-09-21 21:25:33 +03:00
|
|
|
STATIC void socket_print(const mp_print_t *print, mp_obj_t self_in, mp_print_kind_t kind) {
|
|
|
|
(void)kind;
|
|
|
|
mp_obj_ssl_socket_t *self = MP_OBJ_TO_PTR(self_in);
|
|
|
|
mp_printf(print, "<_SSLSocket %p>", self);
|
|
|
|
}
|
|
|
|
|
|
|
|
STATIC mp_uint_t socket_read(mp_obj_t o_in, void *buf, mp_uint_t size, int *errcode) {
|
|
|
|
mp_obj_ssl_socket_t *o = MP_OBJ_TO_PTR(o_in);
|
|
|
|
|
|
|
|
int ret = mbedtls_ssl_read(&o->ssl, buf, size);
|
2017-03-03 15:46:23 +11:00
|
|
|
if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) {
|
|
|
|
// end of stream
|
|
|
|
return 0;
|
|
|
|
}
|
2016-09-21 21:25:33 +03:00
|
|
|
if (ret >= 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
2017-07-21 10:30:35 -07:00
|
|
|
if (ret == MBEDTLS_ERR_SSL_WANT_READ) {
|
|
|
|
ret = MP_EWOULDBLOCK;
|
|
|
|
}
|
2016-09-21 21:25:33 +03:00
|
|
|
*errcode = ret;
|
|
|
|
return MP_STREAM_ERROR;
|
|
|
|
}
|
|
|
|
|
|
|
|
STATIC mp_uint_t socket_write(mp_obj_t o_in, const void *buf, mp_uint_t size, int *errcode) {
|
|
|
|
mp_obj_ssl_socket_t *o = MP_OBJ_TO_PTR(o_in);
|
|
|
|
|
|
|
|
int ret = mbedtls_ssl_write(&o->ssl, buf, size);
|
|
|
|
if (ret >= 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
2017-07-21 10:30:35 -07:00
|
|
|
if (ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
|
|
|
|
ret = MP_EWOULDBLOCK;
|
|
|
|
}
|
2016-09-21 21:25:33 +03:00
|
|
|
*errcode = ret;
|
|
|
|
return MP_STREAM_ERROR;
|
|
|
|
}
|
|
|
|
|
2016-10-15 23:46:13 +03:00
|
|
|
STATIC mp_obj_t socket_setblocking(mp_obj_t self_in, mp_obj_t flag_in) {
|
2017-07-21 10:30:35 -07:00
|
|
|
mp_obj_ssl_socket_t *o = MP_OBJ_TO_PTR(self_in);
|
|
|
|
mp_obj_t sock = o->sock;
|
|
|
|
mp_obj_t dest[3];
|
|
|
|
mp_load_method(sock, MP_QSTR_setblocking, dest);
|
|
|
|
dest[2] = flag_in;
|
|
|
|
return mp_call_method_n_kw(1, 0, dest);
|
2016-10-15 23:46:13 +03:00
|
|
|
}
|
|
|
|
STATIC MP_DEFINE_CONST_FUN_OBJ_2(socket_setblocking_obj, socket_setblocking);
|
|
|
|
|
2018-03-07 17:48:53 +11:00
|
|
|
STATIC mp_uint_t socket_ioctl(mp_obj_t o_in, mp_uint_t request, uintptr_t arg, int *errcode) {
|
|
|
|
mp_obj_ssl_socket_t *self = MP_OBJ_TO_PTR(o_in);
|
|
|
|
(void)arg;
|
|
|
|
switch (request) {
|
|
|
|
case MP_STREAM_CLOSE:
|
|
|
|
mbedtls_pk_free(&self->pkey);
|
|
|
|
mbedtls_x509_crt_free(&self->cert);
|
|
|
|
mbedtls_x509_crt_free(&self->cacert);
|
|
|
|
mbedtls_ssl_free(&self->ssl);
|
|
|
|
mbedtls_ssl_config_free(&self->conf);
|
|
|
|
mbedtls_ctr_drbg_free(&self->ctr_drbg);
|
|
|
|
mbedtls_entropy_free(&self->entropy);
|
|
|
|
mp_stream_close(self->sock);
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
default:
|
|
|
|
*errcode = MP_EINVAL;
|
|
|
|
return MP_STREAM_ERROR;
|
|
|
|
}
|
2016-09-21 21:25:33 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
STATIC const mp_rom_map_elem_t ussl_socket_locals_dict_table[] = {
|
|
|
|
{ MP_ROM_QSTR(MP_QSTR_read), MP_ROM_PTR(&mp_stream_read_obj) },
|
|
|
|
{ MP_ROM_QSTR(MP_QSTR_readinto), MP_ROM_PTR(&mp_stream_readinto_obj) },
|
|
|
|
{ MP_ROM_QSTR(MP_QSTR_readline), MP_ROM_PTR(&mp_stream_unbuffered_readline_obj) },
|
|
|
|
{ MP_ROM_QSTR(MP_QSTR_write), MP_ROM_PTR(&mp_stream_write_obj) },
|
2016-10-15 23:46:13 +03:00
|
|
|
{ MP_ROM_QSTR(MP_QSTR_setblocking), MP_ROM_PTR(&socket_setblocking_obj) },
|
2018-03-07 17:48:53 +11:00
|
|
|
{ MP_ROM_QSTR(MP_QSTR_close), MP_ROM_PTR(&mp_stream_close_obj) },
|
2021-03-15 19:27:36 +05:30
|
|
|
#if MICROPY_PY_USSL_FINALISER
|
2018-03-07 17:48:53 +11:00
|
|
|
{ MP_ROM_QSTR(MP_QSTR___del__), MP_ROM_PTR(&mp_stream_close_obj) },
|
2021-03-15 19:27:36 +05:30
|
|
|
#endif
|
2017-08-15 07:49:11 -07:00
|
|
|
{ MP_ROM_QSTR(MP_QSTR_getpeercert), MP_ROM_PTR(&mod_ssl_getpeercert_obj) },
|
2016-09-21 21:25:33 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
STATIC MP_DEFINE_CONST_DICT(ussl_socket_locals_dict, ussl_socket_locals_dict_table);
|
|
|
|
|
|
|
|
STATIC const mp_stream_p_t ussl_socket_stream_p = {
|
protocols: Allow them to be (optionally) type-safe
Protocols are nice, but there is no way for C code to verify whether
a type's "protocol" structure actually implements some particular
protocol. As a result, you can pass an object that implements the
"vfs" protocol to one that expects the "stream" protocol, and the
opposite of awesomeness ensues.
This patch adds an OPTIONAL (but enabled by default) protocol identifier
as the first member of any protocol structure. This identifier is
simply a unique QSTR chosen by the protocol designer and used by each
protocol implementer. When checking for protocol support, instead of
just checking whether the object's type has a non-NULL protocol field,
use `mp_proto_get` which implements the protocol check when possible.
The existing protocols are now named:
protocol_framebuf
protocol_i2c
protocol_pin
protocol_stream
protocol_spi
protocol_vfs
(most of these are unused in CP and are just inherited from MP; vfs and
stream are definitely used though)
I did not find any crashing examples, but here's one to give a flavor of what
is improved, using `micropython_coverage`. Before the change,
the vfs "ioctl" protocol is invoked, and the result is not intelligible
as json (but it could have resulted in a hard fault, potentially):
>>> import uos, ujson
>>> u = uos.VfsPosix('/tmp')
>>> ujson.load(u)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ValueError: syntax error in JSON
After the change, the vfs object is correctly detected as not supporting
the stream protocol:
>>> ujson.load(p)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
OSError: stream operation not supported
2019-12-03 14:50:37 -06:00
|
|
|
MP_PROTO_IMPLEMENT(MP_QSTR_protocol_stream)
|
2016-09-21 21:25:33 +03:00
|
|
|
.read = socket_read,
|
|
|
|
.write = socket_write,
|
2018-03-07 17:48:53 +11:00
|
|
|
.ioctl = socket_ioctl,
|
2016-09-21 21:25:33 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
STATIC const mp_obj_type_t ussl_socket_type = {
|
|
|
|
{ &mp_type_type },
|
|
|
|
// Save on qstr's, reuse same as for module
|
|
|
|
.name = MP_QSTR_ussl,
|
|
|
|
.print = socket_print,
|
|
|
|
.getiter = NULL,
|
|
|
|
.iternext = NULL,
|
|
|
|
.protocol = &ussl_socket_stream_p,
|
2021-03-15 19:27:36 +05:30
|
|
|
.locals_dict = (void *)&ussl_socket_locals_dict,
|
2016-09-21 21:25:33 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
STATIC mp_obj_t mod_ssl_wrap_socket(size_t n_args, const mp_obj_t *pos_args, mp_map_t *kw_args) {
|
|
|
|
// TODO: Implement more args
|
|
|
|
static const mp_arg_t allowed_args[] = {
|
2016-09-22 00:17:44 +03:00
|
|
|
{ MP_QSTR_key, MP_ARG_KW_ONLY | MP_ARG_OBJ, {.u_obj = MP_OBJ_NULL} },
|
|
|
|
{ MP_QSTR_cert, MP_ARG_KW_ONLY | MP_ARG_OBJ, {.u_obj = MP_OBJ_NULL} },
|
2016-09-21 21:25:33 +03:00
|
|
|
{ MP_QSTR_server_side, MP_ARG_KW_ONLY | MP_ARG_BOOL, {.u_bool = false} },
|
2016-09-23 01:44:23 +03:00
|
|
|
{ MP_QSTR_server_hostname, MP_ARG_KW_ONLY | MP_ARG_OBJ, {.u_obj = mp_const_none} },
|
2016-09-21 21:25:33 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
// TODO: Check that sock implements stream protocol
|
|
|
|
mp_obj_t sock = pos_args[0];
|
|
|
|
|
2016-09-22 00:17:44 +03:00
|
|
|
struct ssl_args args;
|
2016-09-21 21:25:33 +03:00
|
|
|
mp_arg_parse_all(n_args - 1, pos_args + 1, kw_args,
|
2021-03-15 19:27:36 +05:30
|
|
|
MP_ARRAY_SIZE(allowed_args), allowed_args, (mp_arg_val_t *)&args);
|
2016-09-21 21:25:33 +03:00
|
|
|
|
2016-09-22 00:17:44 +03:00
|
|
|
return MP_OBJ_FROM_PTR(socket_new(sock, &args));
|
2016-09-21 21:25:33 +03:00
|
|
|
}
|
|
|
|
STATIC MP_DEFINE_CONST_FUN_OBJ_KW(mod_ssl_wrap_socket_obj, 1, mod_ssl_wrap_socket);
|
|
|
|
|
|
|
|
STATIC const mp_rom_map_elem_t mp_module_ssl_globals_table[] = {
|
|
|
|
{ MP_ROM_QSTR(MP_QSTR___name__), MP_ROM_QSTR(MP_QSTR_ussl) },
|
|
|
|
{ MP_ROM_QSTR(MP_QSTR_wrap_socket), MP_ROM_PTR(&mod_ssl_wrap_socket_obj) },
|
|
|
|
};
|
|
|
|
|
|
|
|
STATIC MP_DEFINE_CONST_DICT(mp_module_ssl_globals, mp_module_ssl_globals_table);
|
|
|
|
|
|
|
|
const mp_obj_module_t mp_module_ussl = {
|
|
|
|
.base = { &mp_type_module },
|
2021-03-15 19:27:36 +05:30
|
|
|
.globals = (mp_obj_dict_t *)&mp_module_ssl_globals,
|
2016-09-21 21:25:33 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
#endif // MICROPY_PY_USSL
|