OLD | NEW |
| 1 # Authors: |
| 2 # Trevor Perrin |
| 3 # Dave Baggett (Arcode Corporation) - Added TLSUnsupportedError. |
| 4 # |
| 5 # See the LICENSE file for legal information regarding use of this file. |
| 6 |
1 """Exception classes. | 7 """Exception classes. |
2 @sort: TLSError, TLSAbruptCloseError, TLSAlert, TLSLocalAlert, TLSRemoteAlert, | 8 @sort: TLSError, TLSAbruptCloseError, TLSAlert, TLSLocalAlert, TLSRemoteAlert, |
3 TLSAuthenticationError, TLSNoAuthenticationError, TLSAuthenticationTypeError, | 9 TLSAuthenticationError, TLSNoAuthenticationError, TLSAuthenticationTypeError, |
4 TLSFingerprintError, TLSAuthorizationError, TLSValidationError, TLSFaultError | 10 TLSFingerprintError, TLSAuthorizationError, TLSValidationError, TLSFaultError, |
| 11 TLSUnsupportedError |
5 """ | 12 """ |
| 13 import socket |
6 | 14 |
7 from constants import AlertDescription, AlertLevel | 15 from .constants import AlertDescription, AlertLevel |
8 | 16 |
9 class TLSError(Exception): | 17 class TLSError(Exception): |
10 """Base class for all TLS Lite exceptions.""" | 18 """Base class for all TLS Lite exceptions.""" |
| 19 |
| 20 def __str__(self): |
| 21 """"At least print out the Exception time for str(...).""" |
| 22 return repr(self) |
| 23 |
| 24 class TLSClosedConnectionError(TLSError, socket.error): |
| 25 """An attempt was made to use the connection after it was closed.""" |
11 pass | 26 pass |
12 | 27 |
13 class TLSAbruptCloseError(TLSError): | 28 class TLSAbruptCloseError(TLSError): |
14 """The socket was closed without a proper TLS shutdown. | 29 """The socket was closed without a proper TLS shutdown. |
15 | 30 |
16 The TLS specification mandates that an alert of some sort | 31 The TLS specification mandates that an alert of some sort |
17 must be sent before the underlying socket is closed. If the socket | 32 must be sent before the underlying socket is closed. If the socket |
18 is closed without this, it could signify that an attacker is trying | 33 is closed without this, it could signify that an attacker is trying |
19 to truncate the connection. It could also signify a misbehaving | 34 to truncate the connection. It could also signify a misbehaving |
20 TLS implementation, or a random network failure. | 35 TLS implementation, or a random network failure. |
(...skipping 23 matching lines...) Expand all Loading... |
44 AlertDescription.access_denied: "access_denied",\ | 59 AlertDescription.access_denied: "access_denied",\ |
45 AlertDescription.decode_error: "decode_error",\ | 60 AlertDescription.decode_error: "decode_error",\ |
46 AlertDescription.decrypt_error: "decrypt_error",\ | 61 AlertDescription.decrypt_error: "decrypt_error",\ |
47 AlertDescription.export_restriction: "export_restriction",\ | 62 AlertDescription.export_restriction: "export_restriction",\ |
48 AlertDescription.protocol_version: "protocol_version",\ | 63 AlertDescription.protocol_version: "protocol_version",\ |
49 AlertDescription.insufficient_security: "insufficient_security",\ | 64 AlertDescription.insufficient_security: "insufficient_security",\ |
50 AlertDescription.internal_error: "internal_error",\ | 65 AlertDescription.internal_error: "internal_error",\ |
51 AlertDescription.inappropriate_fallback: "inappropriate_fallback",\ | 66 AlertDescription.inappropriate_fallback: "inappropriate_fallback",\ |
52 AlertDescription.user_canceled: "user_canceled",\ | 67 AlertDescription.user_canceled: "user_canceled",\ |
53 AlertDescription.no_renegotiation: "no_renegotiation",\ | 68 AlertDescription.no_renegotiation: "no_renegotiation",\ |
54 AlertDescription.unknown_srp_username: "unknown_srp_username",\ | 69 AlertDescription.unknown_psk_identity: "unknown_psk_identity"} |
55 AlertDescription.missing_srp_username: "missing_srp_username"} | |
56 | 70 |
57 class TLSLocalAlert(TLSAlert): | 71 class TLSLocalAlert(TLSAlert): |
58 """A TLS alert has been signalled by the local implementation. | 72 """A TLS alert has been signalled by the local implementation. |
59 | 73 |
60 @type description: int | 74 @type description: int |
61 @ivar description: Set to one of the constants in | 75 @ivar description: Set to one of the constants in |
62 L{tlslite.constants.AlertDescription} | 76 L{tlslite.constants.AlertDescription} |
63 | 77 |
64 @type level: int | 78 @type level: int |
65 @ivar level: Set to one of the constants in | 79 @ivar level: Set to one of the constants in |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
131 pass | 145 pass |
132 | 146 |
133 class TLSAuthorizationError(TLSAuthenticationError): | 147 class TLSAuthorizationError(TLSAuthenticationError): |
134 """The Checker was expecting the other party to authenticate with a | 148 """The Checker was expecting the other party to authenticate with a |
135 certificate chain that has a different authorization.""" | 149 certificate chain that has a different authorization.""" |
136 pass | 150 pass |
137 | 151 |
138 class TLSValidationError(TLSAuthenticationError): | 152 class TLSValidationError(TLSAuthenticationError): |
139 """The Checker has determined that the other party's certificate | 153 """The Checker has determined that the other party's certificate |
140 chain is invalid.""" | 154 chain is invalid.""" |
141 pass | 155 def __init__(self, msg, info=None): |
| 156 # Include a dict containing info about this validation failure |
| 157 TLSAuthenticationError.__init__(self, msg) |
| 158 self.info = info |
142 | 159 |
143 class TLSFaultError(TLSError): | 160 class TLSFaultError(TLSError): |
144 """The other party responded incorrectly to an induced fault. | 161 """The other party responded incorrectly to an induced fault. |
145 | 162 |
146 This exception will only occur during fault testing, when a | 163 This exception will only occur during fault testing, when a |
147 TLSConnection's fault variable is set to induce some sort of | 164 TLSConnection's fault variable is set to induce some sort of |
148 faulty behavior, and the other party doesn't respond appropriately. | 165 faulty behavior, and the other party doesn't respond appropriately. |
149 """ | 166 """ |
150 pass | 167 pass |
| 168 |
| 169 |
| 170 class TLSUnsupportedError(TLSError): |
| 171 """The implementation doesn't support the requested (or required) |
| 172 capabilities.""" |
| 173 pass |
OLD | NEW |