You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

381 lines
13 KiB

4 years ago
  1. from __future__ import absolute_import
  2. import errno
  3. import warnings
  4. import hmac
  5. import socket
  6. from binascii import hexlify, unhexlify
  7. from hashlib import md5, sha1, sha256
  8. from ..exceptions import SSLError, InsecurePlatformWarning, SNIMissingWarning
  9. from ..packages import six
  10. SSLContext = None
  11. HAS_SNI = False
  12. IS_PYOPENSSL = False
  13. IS_SECURETRANSPORT = False
  14. # Maps the length of a digest to a possible hash function producing this digest
  15. HASHFUNC_MAP = {
  16. 32: md5,
  17. 40: sha1,
  18. 64: sha256,
  19. }
  20. def _const_compare_digest_backport(a, b):
  21. """
  22. Compare two digests of equal length in constant time.
  23. The digests must be of type str/bytes.
  24. Returns True if the digests match, and False otherwise.
  25. """
  26. result = abs(len(a) - len(b))
  27. for l, r in zip(bytearray(a), bytearray(b)):
  28. result |= l ^ r
  29. return result == 0
  30. _const_compare_digest = getattr(hmac, 'compare_digest',
  31. _const_compare_digest_backport)
  32. try: # Test for SSL features
  33. import ssl
  34. from ssl import wrap_socket, CERT_NONE, PROTOCOL_SSLv23
  35. from ssl import HAS_SNI # Has SNI?
  36. except ImportError:
  37. pass
  38. try:
  39. from ssl import OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_COMPRESSION
  40. except ImportError:
  41. OP_NO_SSLv2, OP_NO_SSLv3 = 0x1000000, 0x2000000
  42. OP_NO_COMPRESSION = 0x20000
  43. # Python 2.7 doesn't have inet_pton on non-Linux so we fallback on inet_aton in
  44. # those cases. This means that we can only detect IPv4 addresses in this case.
  45. if hasattr(socket, 'inet_pton'):
  46. inet_pton = socket.inet_pton
  47. else:
  48. # Maybe we can use ipaddress if the user has urllib3[secure]?
  49. try:
  50. import ipaddress
  51. def inet_pton(_, host):
  52. if isinstance(host, bytes):
  53. host = host.decode('ascii')
  54. return ipaddress.ip_address(host)
  55. except ImportError: # Platform-specific: Non-Linux
  56. def inet_pton(_, host):
  57. return socket.inet_aton(host)
  58. # A secure default.
  59. # Sources for more information on TLS ciphers:
  60. #
  61. # - https://wiki.mozilla.org/Security/Server_Side_TLS
  62. # - https://www.ssllabs.com/projects/best-practices/index.html
  63. # - https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
  64. #
  65. # The general intent is:
  66. # - Prefer TLS 1.3 cipher suites
  67. # - prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE),
  68. # - prefer ECDHE over DHE for better performance,
  69. # - prefer any AES-GCM and ChaCha20 over any AES-CBC for better performance and
  70. # security,
  71. # - prefer AES-GCM over ChaCha20 because hardware-accelerated AES is common,
  72. # - disable NULL authentication, MD5 MACs and DSS for security reasons.
  73. DEFAULT_CIPHERS = ':'.join([
  74. 'TLS13-AES-256-GCM-SHA384',
  75. 'TLS13-CHACHA20-POLY1305-SHA256',
  76. 'TLS13-AES-128-GCM-SHA256',
  77. 'ECDH+AESGCM',
  78. 'ECDH+CHACHA20',
  79. 'DH+AESGCM',
  80. 'DH+CHACHA20',
  81. 'ECDH+AES256',
  82. 'DH+AES256',
  83. 'ECDH+AES128',
  84. 'DH+AES',
  85. 'RSA+AESGCM',
  86. 'RSA+AES',
  87. '!aNULL',
  88. '!eNULL',
  89. '!MD5',
  90. ])
  91. try:
  92. from ssl import SSLContext # Modern SSL?
  93. except ImportError:
  94. import sys
  95. class SSLContext(object): # Platform-specific: Python 2
  96. def __init__(self, protocol_version):
  97. self.protocol = protocol_version
  98. # Use default values from a real SSLContext
  99. self.check_hostname = False
  100. self.verify_mode = ssl.CERT_NONE
  101. self.ca_certs = None
  102. self.options = 0
  103. self.certfile = None
  104. self.keyfile = None
  105. self.ciphers = None
  106. def load_cert_chain(self, certfile, keyfile):
  107. self.certfile = certfile
  108. self.keyfile = keyfile
  109. def load_verify_locations(self, cafile=None, capath=None):
  110. self.ca_certs = cafile
  111. if capath is not None:
  112. raise SSLError("CA directories not supported in older Pythons")
  113. def set_ciphers(self, cipher_suite):
  114. self.ciphers = cipher_suite
  115. def wrap_socket(self, socket, server_hostname=None, server_side=False):
  116. warnings.warn(
  117. 'A true SSLContext object is not available. This prevents '
  118. 'urllib3 from configuring SSL appropriately and may cause '
  119. 'certain SSL connections to fail. You can upgrade to a newer '
  120. 'version of Python to solve this. For more information, see '
  121. 'https://urllib3.readthedocs.io/en/latest/advanced-usage.html'
  122. '#ssl-warnings',
  123. InsecurePlatformWarning
  124. )
  125. kwargs = {
  126. 'keyfile': self.keyfile,
  127. 'certfile': self.certfile,
  128. 'ca_certs': self.ca_certs,
  129. 'cert_reqs': self.verify_mode,
  130. 'ssl_version': self.protocol,
  131. 'server_side': server_side,
  132. }
  133. return wrap_socket(socket, ciphers=self.ciphers, **kwargs)
  134. def assert_fingerprint(cert, fingerprint):
  135. """
  136. Checks if given fingerprint matches the supplied certificate.
  137. :param cert:
  138. Certificate as bytes object.
  139. :param fingerprint:
  140. Fingerprint as string of hexdigits, can be interspersed by colons.
  141. """
  142. fingerprint = fingerprint.replace(':', '').lower()
  143. digest_length = len(fingerprint)
  144. hashfunc = HASHFUNC_MAP.get(digest_length)
  145. if not hashfunc:
  146. raise SSLError(
  147. 'Fingerprint of invalid length: {0}'.format(fingerprint))
  148. # We need encode() here for py32; works on py2 and p33.
  149. fingerprint_bytes = unhexlify(fingerprint.encode())
  150. cert_digest = hashfunc(cert).digest()
  151. if not _const_compare_digest(cert_digest, fingerprint_bytes):
  152. raise SSLError('Fingerprints did not match. Expected "{0}", got "{1}".'
  153. .format(fingerprint, hexlify(cert_digest)))
  154. def resolve_cert_reqs(candidate):
  155. """
  156. Resolves the argument to a numeric constant, which can be passed to
  157. the wrap_socket function/method from the ssl module.
  158. Defaults to :data:`ssl.CERT_NONE`.
  159. If given a string it is assumed to be the name of the constant in the
  160. :mod:`ssl` module or its abbreviation.
  161. (So you can specify `REQUIRED` instead of `CERT_REQUIRED`.
  162. If it's neither `None` nor a string we assume it is already the numeric
  163. constant which can directly be passed to wrap_socket.
  164. """
  165. if candidate is None:
  166. return CERT_NONE
  167. if isinstance(candidate, str):
  168. res = getattr(ssl, candidate, None)
  169. if res is None:
  170. res = getattr(ssl, 'CERT_' + candidate)
  171. return res
  172. return candidate
  173. def resolve_ssl_version(candidate):
  174. """
  175. like resolve_cert_reqs
  176. """
  177. if candidate is None:
  178. return PROTOCOL_SSLv23
  179. if isinstance(candidate, str):
  180. res = getattr(ssl, candidate, None)
  181. if res is None:
  182. res = getattr(ssl, 'PROTOCOL_' + candidate)
  183. return res
  184. return candidate
  185. def create_urllib3_context(ssl_version=None, cert_reqs=None,
  186. options=None, ciphers=None):
  187. """All arguments have the same meaning as ``ssl_wrap_socket``.
  188. By default, this function does a lot of the same work that
  189. ``ssl.create_default_context`` does on Python 3.4+. It:
  190. - Disables SSLv2, SSLv3, and compression
  191. - Sets a restricted set of server ciphers
  192. If you wish to enable SSLv3, you can do::
  193. from urllib3.util import ssl_
  194. context = ssl_.create_urllib3_context()
  195. context.options &= ~ssl_.OP_NO_SSLv3
  196. You can do the same to enable compression (substituting ``COMPRESSION``
  197. for ``SSLv3`` in the last line above).
  198. :param ssl_version:
  199. The desired protocol version to use. This will default to
  200. PROTOCOL_SSLv23 which will negotiate the highest protocol that both
  201. the server and your installation of OpenSSL support.
  202. :param cert_reqs:
  203. Whether to require the certificate verification. This defaults to
  204. ``ssl.CERT_REQUIRED``.
  205. :param options:
  206. Specific OpenSSL options. These default to ``ssl.OP_NO_SSLv2``,
  207. ``ssl.OP_NO_SSLv3``, ``ssl.OP_NO_COMPRESSION``.
  208. :param ciphers:
  209. Which cipher suites to allow the server to select.
  210. :returns:
  211. Constructed SSLContext object with specified options
  212. :rtype: SSLContext
  213. """
  214. context = SSLContext(ssl_version or ssl.PROTOCOL_SSLv23)
  215. context.set_ciphers(ciphers or DEFAULT_CIPHERS)
  216. # Setting the default here, as we may have no ssl module on import
  217. cert_reqs = ssl.CERT_REQUIRED if cert_reqs is None else cert_reqs
  218. if options is None:
  219. options = 0
  220. # SSLv2 is easily broken and is considered harmful and dangerous
  221. options |= OP_NO_SSLv2
  222. # SSLv3 has several problems and is now dangerous
  223. options |= OP_NO_SSLv3
  224. # Disable compression to prevent CRIME attacks for OpenSSL 1.0+
  225. # (issue #309)
  226. options |= OP_NO_COMPRESSION
  227. context.options |= options
  228. context.verify_mode = cert_reqs
  229. if getattr(context, 'check_hostname', None) is not None: # Platform-specific: Python 3.2
  230. # We do our own verification, including fingerprints and alternative
  231. # hostnames. So disable it here
  232. context.check_hostname = False
  233. return context
  234. def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=None,
  235. ca_certs=None, server_hostname=None,
  236. ssl_version=None, ciphers=None, ssl_context=None,
  237. ca_cert_dir=None):
  238. """
  239. All arguments except for server_hostname, ssl_context, and ca_cert_dir have
  240. the same meaning as they do when using :func:`ssl.wrap_socket`.
  241. :param server_hostname:
  242. When SNI is supported, the expected hostname of the certificate
  243. :param ssl_context:
  244. A pre-made :class:`SSLContext` object. If none is provided, one will
  245. be created using :func:`create_urllib3_context`.
  246. :param ciphers:
  247. A string of ciphers we wish the client to support.
  248. :param ca_cert_dir:
  249. A directory containing CA certificates in multiple separate files, as
  250. supported by OpenSSL's -CApath flag or the capath argument to
  251. SSLContext.load_verify_locations().
  252. """
  253. context = ssl_context
  254. if context is None:
  255. # Note: This branch of code and all the variables in it are no longer
  256. # used by urllib3 itself. We should consider deprecating and removing
  257. # this code.
  258. context = create_urllib3_context(ssl_version, cert_reqs,
  259. ciphers=ciphers)
  260. if ca_certs or ca_cert_dir:
  261. try:
  262. context.load_verify_locations(ca_certs, ca_cert_dir)
  263. except IOError as e: # Platform-specific: Python 2.7
  264. raise SSLError(e)
  265. # Py33 raises FileNotFoundError which subclasses OSError
  266. # These are not equivalent unless we check the errno attribute
  267. except OSError as e: # Platform-specific: Python 3.3 and beyond
  268. if e.errno == errno.ENOENT:
  269. raise SSLError(e)
  270. raise
  271. elif getattr(context, 'load_default_certs', None) is not None:
  272. # try to load OS default certs; works well on Windows (require Python3.4+)
  273. context.load_default_certs()
  274. if certfile:
  275. context.load_cert_chain(certfile, keyfile)
  276. # If we detect server_hostname is an IP address then the SNI
  277. # extension should not be used according to RFC3546 Section 3.1
  278. # We shouldn't warn the user if SNI isn't available but we would
  279. # not be using SNI anyways due to IP address for server_hostname.
  280. if ((server_hostname is not None and not is_ipaddress(server_hostname))
  281. or IS_SECURETRANSPORT):
  282. if HAS_SNI and server_hostname is not None:
  283. return context.wrap_socket(sock, server_hostname=server_hostname)
  284. warnings.warn(
  285. 'An HTTPS request has been made, but the SNI (Server Name '
  286. 'Indication) extension to TLS is not available on this platform. '
  287. 'This may cause the server to present an incorrect TLS '
  288. 'certificate, which can cause validation failures. You can upgrade to '
  289. 'a newer version of Python to solve this. For more information, see '
  290. 'https://urllib3.readthedocs.io/en/latest/advanced-usage.html'
  291. '#ssl-warnings',
  292. SNIMissingWarning
  293. )
  294. return context.wrap_socket(sock)
  295. def is_ipaddress(hostname):
  296. """Detects whether the hostname given is an IP address.
  297. :param str hostname: Hostname to examine.
  298. :return: True if the hostname is an IP address, False otherwise.
  299. """
  300. if six.PY3 and isinstance(hostname, bytes):
  301. # IDN A-label bytes are ASCII compatible.
  302. hostname = hostname.decode('ascii')
  303. families = [socket.AF_INET]
  304. if hasattr(socket, 'AF_INET6'):
  305. families.append(socket.AF_INET6)
  306. for af in families:
  307. try:
  308. inet_pton(af, hostname)
  309. except (socket.error, ValueError, OSError):
  310. pass
  311. else:
  312. return True
  313. return False