HEX
Server: Apache
System: Linux server2.voipitup.com.au 4.18.0-553.104.1.lve.el8.x86_64 #1 SMP Tue Feb 10 20:07:30 UTC 2026 x86_64
User: posscale (1027)
PHP: 8.2.29
Disabled: exec,passthru,shell_exec,system
$ pwd: /usr/lib64/python3.6/site-packages/M2Crypto/SSL/
Upload Files
File: //usr/lib64/python3.6/site-packages/M2Crypto/SSL/cb.py
from __future__ import absolute_import

"""SSL callbacks

Copyright (c) 1999-2003 Ng Pheng Siong. All rights reserved."""

import sys

from M2Crypto import m2, util
if util.py27plus:
    from typing import Any, List  # noqa

__all__ = ['unknown_issuer', 'ssl_verify_callback_stub', 'ssl_verify_callback',
           'ssl_verify_callback_allow_unknown_ca', 'ssl_info_callback']


def ssl_verify_callback_stub(ssl_ctx_ptr, x509_ptr, errnum, errdepth, ok):
    # Deprecated
    return ok

unknown_issuer = [
    m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
    m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
    m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE,
    m2.X509_V_ERR_CERT_UNTRUSTED,
]


def ssl_verify_callback(ssl_ctx_ptr, x509_ptr, errnum, errdepth, ok):
    # type: (bytes, bytes, int, int, int) -> int
    # Deprecated

    from M2Crypto.SSL.Context import Context
    ssl_ctx = Context.ctxmap()[int(ssl_ctx_ptr)]
    if errnum in unknown_issuer:
        if ssl_ctx.get_allow_unknown_ca():
            sys.stderr.write("policy: %s: permitted...\n" %
                             (m2.x509_get_verify_error(errnum)))
            sys.stderr.flush()
            ok = 1
    # CRL checking goes here...
    if ok:
        if ssl_ctx.get_verify_depth() >= errdepth:
            ok = 1
        else:
            ok = 0
    return ok


def ssl_verify_callback_allow_unknown_ca(ok, store):
    # type: (int, Any) -> int
    errnum = store.get_error()
    if errnum in unknown_issuer:
        ok = 1
    return ok


# Cribbed from OpenSSL's apps/s_cb.c.
def ssl_info_callback(where, ret, ssl_ptr):
    # type: (int, int, bytes) -> None

    w = where & ~m2.SSL_ST_MASK
    if w & m2.SSL_ST_CONNECT:
        state = "SSL connect"
    elif w & m2.SSL_ST_ACCEPT:
        state = "SSL accept"
    else:
        state = "SSL state unknown"

    if where & m2.SSL_CB_LOOP:
        sys.stderr.write("LOOP: %s: %s\n" %
                         (state, m2.ssl_get_state_v(ssl_ptr)))
        sys.stderr.flush()
        return

    if where & m2.SSL_CB_EXIT:
        if not ret:
            sys.stderr.write("FAILED: %s: %s\n" %
                             (state, m2.ssl_get_state_v(ssl_ptr)))
            sys.stderr.flush()
        else:
            sys.stderr.write("INFO: %s: %s\n" %
                             (state, m2.ssl_get_state_v(ssl_ptr)))
            sys.stderr.flush()
        return

    if where & m2.SSL_CB_ALERT:
        if where & m2.SSL_CB_READ:
            w = 'read'
        else:
            w = 'write'
        sys.stderr.write("ALERT: %s: %s: %s\n" %
                         (w, m2.ssl_get_alert_type_v(ret),
                          m2.ssl_get_alert_desc_v(ret)))
        sys.stderr.flush()
        return
@ Telegram