class documentation

Client creator for TLS.

Private implementation type (not exposed to applications) for public optionsForClientTLS API.

Method __init__ Initialize ClientTLSOptions.
Method clientConnectionForTLS Create a TLS connection for a client.
Method _identityVerifyingInfoCallback info_callback <http://pythonhosted.org/pyOpenSSL/api/ssl.html#OpenSSL.SSL.Context.set_info_callback> for pyOpenSSL that verifies the hostname in the presented certificate matches the one passed to this ...
Instance Variable _ctx The context to use for new connections.
Instance Variable _hostname The hostname to verify, as specified by the application, as some human-readable text.
Instance Variable _hostnameASCII The hostname, as transcoded into IDNA ASCII-range unicode code points. This is pre-transcoded because the service_identity package is rather strict about requiring the idna package from PyPI for internationalized domain names, rather than working with Python's built-in (but sometimes broken) IDNA encoding...
Instance Variable _hostnameBytes The hostname to verify, decoded into IDNA-encoded bytes. This is passed to APIs which think that hostnames are bytes, such as OpenSSL's SNI implementation.
Instance Variable _hostnameIsDnsName Whether or not the _hostname is a DNSName. Will be False if _hostname is an IP address or True if _hostname is a DNSName
def __init__(self, hostname, ctx): (source)

Initialize ClientTLSOptions.

Parameters
hostname:unicodeThe hostname to verify as input by a human.
ctx:OpenSSL.SSL.Context.an OpenSSL.SSL.Context to use for new connections.
def clientConnectionForTLS(self, tlsProtocol): (source)

Create a TLS connection for a client.

Parameters
tlsProtocol:twisted.protocols.tls.TLSMemoryBIOProtocolthe TLS protocol initiating the connection.
Returns
OpenSSL.SSL.Connectionthe configured client connection.
Note
This will call set_app_data on its connection. If you're delegating to this implementation of this method, don't ever call set_app_data or set_info_callback on the returned connection, or you'll break the implementation of various features of this class.
def _identityVerifyingInfoCallback(self, connection, where, ret): (source)

info_callback <http://pythonhosted.org/pyOpenSSL/api/ssl.html#OpenSSL.SSL.Context.set_info_callback> for pyOpenSSL that verifies the hostname in the presented certificate matches the one passed to this ClientTLSOptions.

Parameters
connection:OpenSSL.SSL.Connectionthe connection which is handshaking.
where:intflags indicating progress through a TLS handshake.
ret:ignoredignored

The context to use for new connections.

The hostname to verify, as specified by the application, as some human-readable text.

_hostnameASCII: unicode = (source)

The hostname, as transcoded into IDNA ASCII-range unicode code points. This is pre-transcoded because the service_identity package is rather strict about requiring the idna package from PyPI for internationalized domain names, rather than working with Python's built-in (but sometimes broken) IDNA encoding. ASCII values, however, will always work.

_hostnameBytes: bytes = (source)

The hostname to verify, decoded into IDNA-encoded bytes. This is passed to APIs which think that hostnames are bytes, such as OpenSSL's SNI implementation.

_hostnameIsDnsName: bool = (source)

Whether or not the _hostname is a DNSName. Will be False if _hostname is an IP address or True if _hostname is a DNSName