diff options
Diffstat (limited to 'netlib/tcp.py')
| -rw-r--r-- | netlib/tcp.py | 35 |
1 files changed, 15 insertions, 20 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py index d909a5a4..485d821f 100644 --- a/netlib/tcp.py +++ b/netlib/tcp.py @@ -254,15 +254,27 @@ class BaseHandler: self.ssl_established = False self.clientcert = None - def convert_to_ssl(self, cert, key, method=SSLv23_METHOD, options=None): + def convert_to_ssl(self, cert, key, method=SSLv23_METHOD, options=None, handle_sni=None): """ method: One of SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, or TLSv1_METHOD + handle_sni: SNI handler, should take a connection object. Server + name can be retrieved like this: + + connection.get_servername() + + And you can specify the connection keys as follows: + + new_context = Context(TLSv1_METHOD) + new_context.use_privatekey(key) + new_context.use_certificate(cert) + connection.set_context(new_context) """ ctx = SSL.Context(method) if not options is None: ctx.set_options(options) - # SNI callback happens during do_handshake() - ctx.set_tlsext_servername_callback(self.handle_sni) + if handle_sni: + # SNI callback happens during do_handshake() + ctx.set_tlsext_servername_callback(handle_sni) ctx.use_privatekey_file(key) ctx.use_certificate_file(cert) def ver(*args): @@ -290,23 +302,6 @@ class BaseHandler: # Remote has disconnected pass - def handle_sni(self, connection): - """ - Called if the client has given a server name indication. - - Server name can be retrieved like this: - - connection.get_servername() - - And you can specify the connection keys as follows: - - new_context = Context(TLSv1_METHOD) - new_context.use_privatekey(key) - new_context.use_certificate(cert) - connection.set_context(new_context) - """ - pass - def handle(self): # pragma: no cover raise NotImplementedError |