twisted.protocols.tls

module documentation

(source)

Implementation of a TLS transport (ISSLTransport) as an IProtocol layered on top of any ITransport implementation, based on OpenSSL's memory BIO features.

TLSMemoryBIOFactory is a WrappingFactory which wraps protocols created by the factory it wraps with TLSMemoryBIOProtocol. TLSMemoryBIOProtocol intercedes between the underlying transport and the wrapped protocol to implement SSL and TLS. Typical usage of this module looks like this:

    from twisted.protocols.tls import TLSMemoryBIOFactory
    from twisted.internet.protocol import ServerFactory
    from twisted.internet.ssl import PrivateCertificate
    from twisted.internet import reactor

    from someapplication import ApplicationProtocol

    serverFactory = ServerFactory()
    serverFactory.protocol = ApplicationProtocol
    certificate = PrivateCertificate.loadPEM(certPEMData)
    contextFactory = certificate.options()
    tlsFactory = TLSMemoryBIOFactory(contextFactory, False, serverFactory)
    reactor.listenTCP(12345, tlsFactory)
    reactor.run()

This API offers somewhat more flexibility than twisted.internet.interfaces.IReactorSSL; for example, a TLSMemoryBIOProtocol instance can use another instance of TLSMemoryBIOProtocol as its transport, yielding TLS over TLS - useful to implement onion routing. It can also be used to run TLS over unusual transports, such as UNIX sockets and stdio.

Class	`BufferingTLSTransport`	A TLS transport implemented by wrapping buffering around a `TLSMemoryBIOProtocol`.
Class	`TLSMemoryBIOFactory`	`TLSMemoryBIOFactory` adds TLS to connections.
Class	`TLSMemoryBIOProtocol`	`TLSMemoryBIOProtocol` is a protocol wrapper which uses OpenSSL via a memory BIO to encrypt bytes written to it before sending them on to the underlying transport and decrypts bytes received from the underlying transport before delivering them to the wrapped protocol.
Class	`_AggregateSmallWrites`	Aggregate small writes so they get written in large batches.
Class	`_ContextFactoryToConnectionFactory`	Adapter wrapping a `twisted.internet.interfaces.IOpenSSLContextFactory` into a `IOpenSSLClientConnectionCreator` or `IOpenSSLServerConnectionCreator`.
Class	`_ProducerMembrane`	Stand-in for producer registered with a `TLSMemoryBIOProtocol` transport.
Function	`_get_default_clock`	Return the default reactor.
Function	`_representsEOF`	Does the given OpenSSL.SSL.Error represent an end-of-file?

def _get_default_clock() -> IReactorTime: (source) ¶

Return the default reactor.

This is a function so it can be monkey-patched in tests, specifically twisted.web.test.test_agent.

def _representsEOF(exceptionObject: Error) -> bool: (source) ¶

Does the given OpenSSL.SSL.Error represent an end-of-file?