Part of twisted.protocols.tls View Source View In Hierarchy
TLSMemoryBIOProtocolis a protocol wrapper which uses OpenSSL via a memory BIO to encrypt bytes written to it before sending them on to the underlying transport and decrypts bytes received from the underlying transport before delivering them to the wrapped protocol.
In addition to producer events from the underlying transport, the need
to wait for reads before a write can proceed means the
may also want to pause a producer. Pause/resume events are therefore
merged using the
wrapper. Non-streaming (pull) producers are supported by wrapping them
|Method||makeConnection||Connect this wrapper to the given transport and initialize the necessary
|Method||dataReceived||Deliver any received bytes to the receive BIO and then read and deliver to the application any application-level data which becomes available as a result of this.|
|Method||connectionLost||Handle the possible repetition of calls to this method (due to either the underlying transport going away or due to an error at the TLS layer) and make sure the base implementation only gets invoked once.|
|Method||loseConnection||Send a TLS close alert and close the underlying connection.|
|Method||abortConnection||Tear down TLS state so that if the connection is aborted mid-handshake we don't deliver any further data from the application.|
|Method||failVerification||Abort the connection during connection setup, giving a reason that certificate verification failed.|
|Method||write||Process the given application bytes and send any resulting TLS traffic which arrives in the send BIO.|
|Method||writeSequence||Write a sequence of application bytes by joining them into one string
and passing them to
|Instance Variable||_lostTLSConnection||A flag indicating whether connection loss has already been dealt with
|Instance Variable||_writeBlockedOnRead||A flag indicating whether further writing must wait for data to be received
|Instance Variable||_connectWrapped||A flag indicating whether or not to call
|Instance Variable||_handshakeDone||A flag indicating whether or not the handshake is known to have completed
|Instance Variable||_reason||If an unexpected
|Instance Variable||_producer||The current producer registered via
|Method||_flushSendBIO||Read any bytes out of the send BIO and write them to the underlying transport.|
|Method||_shutdownTLS||Initiate, or reply to, the shutdown handshake of the TLS layer.|
|Method||_tlsShutdownFinished||Called when TLS connection has gone away; tell underlying transport to disconnect.|
|Method||_write||Process the given application bytes and send any resulting TLS traffic which arrives in the send BIO.|
Inherited from ProtocolWrapper:
|Method||logPrefix||Use a customized log prefix mentioning both the wrapped protocol and the current one.|
|Method||connectionMade||Called when a connection is made.|
OpenSSL.SSL.Connectioninstance which is encrypted and decrypting this connection.
True) or not (
False). TLS disconnection is distinct from the underlying connection being lost.
True) or not (
strof application-level (cleartext) data which is waiting for
_writeBlockedOnReadto be reset to
Falseso it can be passed to and perhaps accepted by
makeConnectionon the wrapped protocol. This is for the reactor's
twisted.internet.interfaces.ITLSTransport.startTLSimplementation, since it has a protocol which it has already called
makeConnectionon, and which has no interest in a new transport. See #3821.
True) or not (
False). This is used to control error reporting behavior. If the handshake has not completed, the underlying
OpenSSL.SSL.Errorwill be passed to the application's
connectionLostmethod. If it has completed, any unexpected
OpenSSL.SSL.Errorwill be turned into a
ConnectionLost. This is weird; however, it is simply an attempt at a faithful re-implementation of the behavior provided by
OpenSSL.SSL.Erroroccurs which causes the connection to be lost, it is saved here. If appropriate, this may be used as the reason passed to the application protocol's
Noneif no producer has been registered or a previous one was unregistered.
abortConnectionhas been called. No further data will be received to the wrapped protocol's
OpenSSL.SSL.Connectionobject being used to encrypt and decrypt this connection.
This is done for the benefit of
only. A different system handle may be returned by future versions of this
OpenSSL.SSL.Connectionwith a memory BIO.
|Parameters||reason||The reason that the verification failed; reported to the application
loseConnection was called, subsequent calls to
write will drop the bytes on the floor.
This may be called by
dataReceived with bytes that were
loseConnection was called, which is why this
function doesn't check for disconnection but accepts the bytes