Package tlslite :: Module tlsrecordlayer :: Class TLSRecordLayer
[hide private]
[frames] | no frames]

Class TLSRecordLayer

source code

object --+
         |
        TLSRecordLayer
Known Subclasses:

This class handles data transmission for a TLS connection.

Its only subclass is tlslite.TLSConnection.TLSConnection. We've separated the code in this class from TLSConnection to make things more readable.

Instance Methods [hide private]
 
__init__(self, sock)
x.__init__(...) initializes x; see help(type(x)) for signature
source code
str
read(self, max=None, min=1)
Read some data from the TLS connection.
source code
iterable
readAsync(self, max=None, min=1)
Start a read operation on the TLS connection.
source code
 
write(self, s)
Write some data to the TLS connection.
source code
iterable
writeAsync(self, s)
Start a write operation on the TLS connection.
source code
 
close(self)
Close the TLS connection.
source code
iterable
closeAsync(self)
Start a close operation on the TLS connection.
source code
str
getCipherImplementation(self)
Get the name of the cipher implementation used with this connection.
source code
str
getCipherName(self)
Get the name of the cipher used with this connection.
source code
 
_calcPendingStates(self, cipherSuite, masterSecret, clientRandom, serverRandom, implementations) source code
 
_calcSSLHandshakeHash(self, masterSecret, label) source code
 
_changeReadState(self) source code
 
_changeWriteState(self) source code
 
_decrefAsync(self) source code
 
_decref_socketios(self)
Close the TLS connection.
source code
 
_decryptRecord(self, recordType, b) source code
 
_getMsg(self, expectedType, secondaryType=None, constructorType=None) source code
 
_getNextRecord(self) source code
 
_handshakeDone(self, resumed) source code
 
_handshakeStart(self, client) source code
 
_sendError(self, alertDescription, errorStr=None) source code
 
_sendMsg(self, msg, randomizeFirstBlock=True) source code
 
_sendMsgs(self, msgs) source code
 
_shutdown(self, resumable) source code
 
clearReadBuffer(self) source code
 
clearWriteBuffer(self) source code
 
fileno(self)
Not implement in TLS Lite.
source code
str
getVersionName(self)
Get the name of this TLS version.
source code
 
getpeername(self)
Return the remote address to which the socket is connected (socket emulation).
source code
 
getsockname(self)
Return the socket's own address (socket emulation).
source code
 
gettimeout(self)
Return the timeout associated with socket operations (socket emulation).
source code
socket._fileobject
makefile(self, mode='r', bufsize=-1)
Create a file object for the TLS connection (socket emulation).
source code
 
recv(self, bufsize)
Get some data from the TLS connection (socket emulation).
source code
 
recv_into(self, b) source code
 
send(self, s)
Send data to the TLS connection (socket emulation).
source code
 
sendall(self, s)
Send data to the TLS connection (socket emulation).
source code
 
setsockopt(self, level, optname, value)
Set the value of the given socket option (socket emulation).
source code
 
settimeout(self, value)
Set a timeout on blocking socket operations (socket emulation).
source code
 
shutdown(self, how)
Shutdown the underlying socket.
source code
 
unread(self, b)
Add bytes to the front of the socket read buffer for future reading.
source code

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Instance Variables [hide private]
str or None allegedSrpUsername
This is set to the SRP username asserted by the client, whether the handshake succeeded or not.
bool closeSocket
If the socket should be closed when the connection is closed, defaults to True (writable).
bool closed
If this connection is closed.
bool ignoreAbruptClose
If an abrupt close of the socket should raise an error (writable).
bool resumed
If this connection is based on a resumed session.
tlslite.Session.Session session
The session corresponding to this connection.
socket.socket sock
The underlying socket object.
tuple version
The TLS version being used for this connection.
Properties [hide private]

Inherited from object: __class__

Method Details [hide private]

__init__(self, sock)
(Constructor)

source code 

x.__init__(...) initializes x; see help(type(x)) for signature

Overrides: object.__init__
(inherited documentation)

read(self, max=None, min=1)

source code 

Read some data from the TLS connection.

This function will block until at least 'min' bytes are available (or the connection is closed).

If an exception is raised, the connection will have been automatically closed.

Parameters:
  • max (int) - The maximum number of bytes to return.
  • min (int) - The minimum number of bytes to return
Returns: str
A string of no more than 'max' bytes, and no fewer than 'min' (unless the connection has been closed, in which case fewer than 'min' bytes may be returned).
Raises:

readAsync(self, max=None, min=1)

source code 

Start a read operation on the TLS connection.

This function returns a generator which behaves similarly to read(). Successive invocations of the generator will return 0 if it is waiting to read from the socket, 1 if it is waiting to write to the socket, or a string if the read operation has completed.

Returns: iterable
A generator; see above for details.

write(self, s)

source code 

Write some data to the TLS connection.

This function will block until all the data has been sent.

If an exception is raised, the connection will have been automatically closed.

Parameters:
  • s (str) - The data to transmit to the other party.
Raises:
  • socket.error - If a socket error occurs.

writeAsync(self, s)

source code 

Start a write operation on the TLS connection.

This function returns a generator which behaves similarly to write(). Successive invocations of the generator will return 1 if it is waiting to write to the socket, or will raise StopIteration if the write operation has completed.

Returns: iterable
A generator; see above for details.

close(self)

source code 

Close the TLS connection.

This function will block until it has exchanged close_notify alerts with the other party. After doing so, it will shut down the TLS connection. Further attempts to read through this connection will return "". Further attempts to write through this connection will raise ValueError.

If makefile() has been called on this connection, the connection will be not be closed until the connection object and all file objects have been closed.

Even if an exception is raised, the connection will have been closed.

Raises:

closeAsync(self)

source code 

Start a close operation on the TLS connection.

This function returns a generator which behaves similarly to close(). Successive invocations of the generator will return 0 if it is waiting to read from the socket, 1 if it is waiting to write to the socket, or will raise StopIteration if the close operation has completed.

Returns: iterable
A generator; see above for details.

getCipherImplementation(self)

source code 

Get the name of the cipher implementation used with this connection.

Returns: str
The name of the cipher implementation used with this connection. Either 'python', 'openssl', or 'pycrypto'.

getCipherName(self)

source code 

Get the name of the cipher used with this connection.

Returns: str
The name of the cipher used with this connection. Either 'aes128', 'aes256', 'rc4', or '3des'.

_decref_socketios(self)

source code 

Close the TLS connection.

This function will block until it has exchanged close_notify alerts with the other party. After doing so, it will shut down the TLS connection. Further attempts to read through this connection will return "". Further attempts to write through this connection will raise ValueError.

If makefile() has been called on this connection, the connection will be not be closed until the connection object and all file objects have been closed.

Even if an exception is raised, the connection will have been closed.

Raises:

getVersionName(self)

source code 

Get the name of this TLS version.

Returns: str
The name of the TLS version used with this connection. Either None, 'SSL 3.0', 'TLS 1.0', 'TLS 1.1', or 'TLS 1.2'.

recv(self, bufsize)

source code 

Get some data from the TLS connection (socket emulation).

Raises:

send(self, s)

source code 

Send data to the TLS connection (socket emulation).

Raises:
  • socket.error - If a socket error occurs.

sendall(self, s)

source code 

Send data to the TLS connection (socket emulation).

Raises:
  • socket.error - If a socket error occurs.

unread(self, b)

source code 

Add bytes to the front of the socket read buffer for future reading. Be careful using this in the context of select(...): if you unread the last data from a socket, that won't wake up selected waiters, and those waiters may hang forever.


Instance Variable Details [hide private]

allegedSrpUsername

This is set to the SRP username asserted by the client, whether the handshake succeeded or not. If the handshake fails, this can be inspected to determine if a guessing attack is in progress against a particular user account.
Type:
str or None

closeSocket

If the socket should be closed when the connection is closed, defaults to True (writable).

If you set this to True, TLS Lite will assume the responsibility of closing the socket when the TLS Connection is shutdown (either through an error or through the user calling close()). The default is False.

Type:
bool

ignoreAbruptClose

If an abrupt close of the socket should raise an error (writable).

If you set this to True, TLS Lite will not raise a tlslite.errors.TLSAbruptCloseError exception if the underlying socket is unexpectedly closed. Such an unexpected closure could be caused by an attacker. However, it also occurs with some incorrect TLS implementations.

You should set this to True only if you're not worried about an attacker truncating the connection, and only if necessary to avoid spurious errors. The default is False.

Type:
bool

session

The session corresponding to this connection.

Due to TLS session resumption, multiple connections can correspond to the same underlying session.

Type:
tlslite.Session.Session

version

The TLS version being used for this connection.

(3,0) means SSL 3.0, and (3,1) means TLS 1.0.

Type:
tuple