[Twisted-Python] Detect SSL transport and get remote peer certificate in tcp.Server
exarkun at twistedmatrix.com
exarkun at twistedmatrix.com
Wed Jun 13 05:15:50 MDT 2012
On 10:39 am, adi at roiban.ro wrote:
>Hi,
>
>I work at an experimental FTPS implementation for twisted.protocol.ftp
>
>I use the following code for checking that the transport has TLS
>started and to get the client certificate for certificate based
>authentication:
>
> @property
> def is_ftps_command_active(self):
> '''Return `True` if current command connection is using SSL.'''
> return isinstance(self.transport.socket, SSL.Connection)
Instead, check `ISSLTransport.providedBy(self.transport)`.
`ISSLTransport` comes from `twisted.internet.interfaces`.
> def getPeerCertificate(self):
> '''Return the peer certificate if remote peer is on a SSL
>connection
> and has sent us a certificate.
> Return `None` otherwise.
> '''
> if not hasattr(self.transport, 'socket'):
> return None
> if not self.is_ftps_command_active:
> return None
> return self.transport.socket.get_peer_certificate()
Heh. :) Instead, use `transport.getPeerCertificate()`.
`getPeerCertificate` is a method specified by `ISSLTransport`.
Jean-Paul
More information about the Twisted-Python
mailing list