[Python-checkins] r81548 - in python/branches/py3k: Doc/library/ftplib.rst Lib/ftplib.py Lib/test/test_ftplib.py Misc/NEWS

giampaolo.rodola python-checkins at python.org
Wed May 26 20:06:04 CEST 2010

• Previous message: [Python-checkins] r81547 - in python/branches/py3k: Lib/test/test_winreg.py Misc/NEWS PC/winreg.c
• Next message: [Python-checkins] r81548 - in python/branches/py3k: Doc/library/ftplib.rst Lib/ftplib.py Lib/test/test_ftplib.py Misc/NEWS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Author: giampaolo.rodola
Date: Wed May 26 20:06:04 2010
New Revision: 81548
Log:
Fix issue #8806: add SSL contexts support to ftplib
Modified:
 python/branches/py3k/Doc/library/ftplib.rst
 python/branches/py3k/Lib/ftplib.py
 python/branches/py3k/Lib/test/test_ftplib.py
 python/branches/py3k/Misc/NEWS
Modified: python/branches/py3k/Doc/library/ftplib.rst
==============================================================================
--- python/branches/py3k/Doc/library/ftplib.rst	(original)
+++ python/branches/py3k/Doc/library/ftplib.rst	Wed May 26 20:06:04 2010
@@ -65,7 +65,7 @@
 Support for the :keyword:`with` statement was added.
 
 
-.. class:: FTP_TLS(host='', user='', passwd='', acct='', [keyfile[, certfile[, timeout]]])
+.. class:: FTP_TLS(host='', user='', passwd='', acct='', [keyfile[, certfile[, context[, timeout]]]])
 
 A :class:`FTP` subclass which adds TLS support to FTP as described in
 :rfc:`4217`.
@@ -74,6 +74,9 @@
 explicitly ask for it by calling the :meth:`prot_p` method.
 *keyfile* and *certfile* are optional -- they can contain a PEM formatted
 private key and certificate chain file name for the SSL connection.
+ *context* parameter is a :class:`ssl.SSLContext` object which allows
+ bundling SSL configuration options, certificates and private keys into a
+ single (potentially long-lived) structure.
 
 .. versionadded:: 3.2
 
Modified: python/branches/py3k/Lib/ftplib.py
==============================================================================
--- python/branches/py3k/Lib/ftplib.py	(original)
+++ python/branches/py3k/Lib/ftplib.py	Wed May 26 20:06:04 2010
@@ -638,9 +638,17 @@
 ssl_version = ssl.PROTOCOL_TLSv1
 
 def __init__(self, host='', user='', passwd='', acct='', keyfile=None,
- certfile=None, timeout=_GLOBAL_DEFAULT_TIMEOUT):
+ certfile=None, context=None,
+ timeout=_GLOBAL_DEFAULT_TIMEOUT):
+ if context is not None and keyfile is not None:
+ raise ValueError("context and keyfile arguments are mutually "
+ "exclusive")
+ if context is not None and certfile is not None:
+ raise ValueError("context and certfile arguments are mutually "
+ "exclusive")
 self.keyfile = keyfile
 self.certfile = certfile
+ self.context = context
 self._prot_p = False
 FTP.__init__(self, host, user, passwd, acct, timeout)
 
@@ -657,8 +665,12 @@
 resp = self.voidcmd('AUTH TLS')
 else:
 resp = self.voidcmd('AUTH SSL')
- self.sock = ssl.wrap_socket(self.sock, self.keyfile, self.certfile,
- ssl_version=self.ssl_version)
+ if self.context is not None:
+ self.sock = self.context.wrap_socket(self.sock)
+ else:
+ self.sock = ssl.wrap_socket(self.sock, self.keyfile,
+ self.certfile,
+ ssl_version=self.ssl_version)
 self.file = self.sock.makefile(mode='r', encoding=self.encoding)
 return resp
 
@@ -689,8 +701,11 @@
 def ntransfercmd(self, cmd, rest=None):
 conn, size = FTP.ntransfercmd(self, cmd, rest)
 if self._prot_p:
- conn = ssl.wrap_socket(conn, self.keyfile, self.certfile,
- ssl_version=self.ssl_version)
+ if self.context is not None:
+ conn = self.context.wrap_socket(conn)
+ else:
+ conn = ssl.wrap_socket(conn, self.keyfile, self.certfile,
+ ssl_version=self.ssl_version)
 return conn, size
 
 def retrbinary(self, cmd, callback, blocksize=8192, rest=None):
Modified: python/branches/py3k/Lib/test/test_ftplib.py
==============================================================================
--- python/branches/py3k/Lib/test/test_ftplib.py	(original)
+++ python/branches/py3k/Lib/test/test_ftplib.py	Wed May 26 20:06:04 2010
@@ -719,6 +719,29 @@
 finally:
 self.client.ssl_version = ssl.PROTOCOL_TLSv1
 
+ def test_context(self):
+ self.client.quit()
+ ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
+ self.assertRaises(ValueError, ftplib.FTP_TLS, keyfile=CERTFILE,
+ context=ctx)
+ self.assertRaises(ValueError, ftplib.FTP_TLS, certfile=CERTFILE,
+ context=ctx)
+ self.assertRaises(ValueError, ftplib.FTP_TLS, certfile=CERTFILE,
+ keyfile=CERTFILE, context=ctx)
+
+ self.client = ftplib.FTP_TLS(context=ctx, timeout=2)
+ self.client.connect(self.server.host, self.server.port)
+ self.assertNotIsInstance(self.client.sock, ssl.SSLSocket)
+ self.client.auth()
+ self.assertIs(self.client.sock.context, ctx)
+ self.assertIsInstance(self.client.sock, ssl.SSLSocket)
+
+ self.client.prot_p()
+ sock = self.client.transfercmd('list')
+ self.assertIs(self.client.sock.context, ctx)
+ self.assertIsInstance(sock, ssl.SSLSocket)
+ sock.close()
+
 
 class TestTimeouts(TestCase):
 
Modified: python/branches/py3k/Misc/NEWS
==============================================================================
--- python/branches/py3k/Misc/NEWS	(original)
+++ python/branches/py3k/Misc/NEWS	Wed May 26 20:06:04 2010
@@ -392,6 +392,8 @@
 Library
 -------
 
+- Issue #8806: add SSL contexts support to ftplib.
+
 - Issue #4769: Fix main() function of the base64 module, use sys.stdin.buffer
 and sys.stdout.buffer (instead of sys.stdin and sys.stdout) to use the bytes
 API

---

• Previous message: [Python-checkins] r81547 - in python/branches/py3k: Lib/test/test_winreg.py Misc/NEWS PC/winreg.c
• Next message: [Python-checkins] r81548 - in python/branches/py3k: Doc/library/ftplib.rst Lib/ftplib.py Lib/test/test_ftplib.py Misc/NEWS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-checkins mailing list