Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
# The goal here to differentiate rejected SSL handshakes (which will
# raise SSLHandshakeRejected) from random network errors
except socket.error as e:
for error_msg in self.HANDSHAKE_REJECTED_SOCKET_ERRORS.keys():
if error_msg in str(e.args):
raise SSLHandshakeRejected('TCP - ' + self.HANDSHAKE_REJECTED_SOCKET_ERRORS[error_msg])
raise # Unknown socket error
except IOError as e:
if 'Nassl SSL handshake failed' in str(e.args):
raise SSLHandshakeRejected('TLS - Unexpected EOF')
raise
except _nassl.OpenSSLError as e:
clientCertCaList = self.get_client_CA_list()
if clientCertCaList: # Server wants a client certificate
raise ClientAuthenticationError(clientCertCaList)
for error_msg in self.HANDSHAKE_REJECTED_SSL_ERRORS.keys():
if error_msg in str(e.args):
raise SSLHandshakeRejected('TLS - ' + self.HANDSHAKE_REJECTED_SSL_ERRORS[error_msg])
raise # Unknown SSL error if we get there
if args_command_list.key:
try:
open(args_command_list.key,"r")
except:
raise CommandLineParsingError('Could not open the client private key file "' + str(args_command_list.key) + '"')
# Try to load the cert and key in OpenSSL
try:
sslClient = SslClient()
sslClient.use_private_key(args_command_list.cert,
args_command_list.certform,
args_command_list.key,
args_command_list.keyform,
args_command_list.keypass)
except _nassl.OpenSSLError as e:
if 'bad decrypt' in str(e.args):
raise CommandLineParsingError('Could not decrypt the private key. Wrong passphrase ?')
raise CommandLineParsingError('Could not load the certificate or the private key. Passphrase needed ?')
# HTTP CONNECT proxy
shared_settings['https_tunnel_host'] = None
if args_command_list.https_tunnel:
# Parse the proxy URL
parsedUrl = urlparse(args_command_list.https_tunnel)
if not parsedUrl.netloc:
raise CommandLineParsingError(
'Invalid Proxy URL for --https_tunnel, discarding all tasks.')