Use, or subclass, me to implement a command that starts TLS.
Callers of StartTLS may pass several special arguments, which affect the TLS negotiation:
Each of those special parameters may also be present as a key in the response dictionary.
| Class Variable | arguments | Undocumented |
| Class Variable | response | Undocumented |
| Method | __init__ | Create a StartTLS command. (This is private. Use AMP.callRemote.) |
| Instance Variable | certificate | Undocumented |
| Instance Variable | authorities | Undocumented |
| Method | _doCommand | When a StartTLS command is sent, prepare to start TLS, but don't actually do it; wait for the acknowledgement, then initiate the TLS handshake. |
Inherited from Command:
| Class Variable | errors | A mapping of subclasses of Exception to wire-protocol tags for errors represented as strs. Responders which raise keys from this dictionary will have the error translated to the corresponding tag on the wire. Invokers which receive Deferreds from invoking this command with BoxDispatcher.callRemote will potentially receive Failures with keys from this mapping as their value. This mapping is inherited; if you declare a command which handles FooError as 'FOO_ERROR', then subclass it and specify BarError as 'BAR_ERROR', responders to the subclass may raise either FooError or BarError, and invokers must be able to deal with either of those exceptions. |
| Class Variable | fatalErrors | like 'errors', but errors in this list will always terminate the connection, despite being of a recognizable error type. |
| Class Variable | commandType | The type of Box used to issue commands; useful only for protocol-modifying behavior like startTLS or protocol switching. Defaults to a plain vanilla Box. |
| Class Variable | responseType | The type of Box used to respond to this command; only useful for protocol-modifying behavior like startTLS or protocol switching. Defaults to a plain vanilla Box. |
| Instance Variable | requiresAnswer | a boolean; defaults to True. Set it to False on your subclass if you want callRemote to return None. Note: this is a hint only to the client side of the protocol. The return-type of a command responder method must always be a dictionary adhering to the contract specified by response, because clients are always free to request a response if they want one. |
| Class | __metaclass__ | Metaclass hack to establish reverse-mappings for 'errors' and 'fatalErrors' as class vars. |
| Class Variable | extra | Undocumented |
| Instance Variable | structured | Undocumented |
| Class Method | makeResponse | Serialize a mapping of arguments using this Command's response schema. |
| Class Method | makeArguments | Serialize a mapping of arguments using this Command's argument schema. |
| Class Method | parseResponse | Parse a mapping of serialized arguments using this Command's response schema. |
| Class Method | parseArguments | Parse a mapping of serialized arguments using this Command's argument schema. |
| Class Method | responder | Declare a method to be a responder for a particular command. |
Create a StartTLS command. (This is private. Use AMP.callRemote.)
| Parameters | tls_localCertificate | the PrivateCertificate object to use to secure the connection. If it's None, or unspecified, an ephemeral DH key is used instead. |
| tls_verifyAuthorities | a list of Certificate objects which represent root certificates to verify our peer with. | |
| kw | Undocumented |
When a StartTLS command is sent, prepare to start TLS, but don't actually do it; wait for the acknowledgement, then initiate the TLS handshake.