twisted.internet._sslverify.ClientTLSOptions(object)
class documentationtwisted.internet._sslverify
View Source
(View In Hierarchy)
Implements interfaces: twisted.internet.interfaces.IOpenSSLClientConnectionCreator
Client creator for TLS.
Private implementation type (not exposed to applications) for public optionsForClientTLS
API.
Method | __init__ | Initialize ClientTLSOptions . |
Method | clientConnectionForTLS | Create a TLS connection for a client. |
Instance Variable | _ctx | The context to use for new connections. (type: OpenSSL.SSL.Context ) |
Instance Variable | _hostname | The hostname to verify, as specified by the application, as some
human-readable text. (type: unicode ) |
Instance Variable | _hostnameBytes | The hostname to verify, decoded into IDNA-encoded bytes. This is passed to
APIs which think that hostnames are bytes, such as OpenSSL's SNI
implementation. (type: bytes ) |
Instance Variable | _hostnameASCII | The hostname, as transcoded into IDNA ASCII-range unicode code points.
This is pre-transcoded because the service_identity package is
rather strict about requiring the idna package from PyPI for
internationalized domain names, rather than working with Python's built-in
(but sometimes broken) IDNA encoding. ASCII values, however, will always
work. (type: unicode ) |
Instance Variable | _sendSNI | Whether or not to send the SNI with the handshake. Will be False
if _hostname is an IP address or True
if _hostname is a DNSName (type: bool ) |
Method | _identityVerifyingInfoCallback | No summary |
unicode
)
bytes
)
service_identity
package is
rather strict about requiring the idna
package from PyPI for
internationalized domain names, rather than working with Python's built-in
(but sometimes broken) IDNA encoding. ASCII values, however, will always
work. (type: unicode
)
Initialize ClientTLSOptions
.
Parameters | hostname | The hostname to verify as input by a human. (type: unicode ) |
ctx | an OpenSSL.SSL.Context
to use for new connections. (type: OpenSSL.SSL.Context .) |
Create a TLS connection for a client.
Parameters | tlsProtocol | the TLS protocol initiating the connection. (type: twisted.protocols.tls.TLSMemoryBIOProtocol ) |
Returns | the configured client connection. (type: OpenSSL.SSL.Connection ) | |
Note | This will call set_app_data on its connection. If you're
delegating to this implementation of this method, don't ever call
set_app_data or set_info_callback on the returned
connection, or you'll break the implementation of various features of this
class. |
info_callback
<http://pythonhosted.org/pyOpenSSL/api/ssl.html#OpenSSL.SSL.Context.set_info_callback>
for pyOpenSSL that verifies the hostname in the presented certificate
matches the one passed to this ClientTLSOptions
.
Parameters | connection | the connection which is handshaking. (type: OpenSSL.SSL.Connection ) |
where | flags indicating progress through a TLS handshake. (type: int ) | |
ret | ignored (type: ignored) |