Package tlslite :: Package integration :: Module httptlsconnection
[hide private]
[frames] | no frames]

Source Code for Module tlslite.integration.httptlsconnection

  1  # Authors:  
  2  #   Trevor Perrin 
  3  #   Kees Bos - Added ignoreAbruptClose parameter 
  4  #   Dimitris Moraitis - Anon ciphersuites 
  5  # 
  6  # See the LICENSE file for legal information regarding use of this file. 
  7   
  8  """TLS Lite + httplib.""" 
  9   
 10  import socket 
 11  import httplib 
 12  from tlslite.tlsconnection import TLSConnection 
 13  from tlslite.integration.clienthelper import ClientHelper 
 14   
 15   
16 -class HTTPTLSConnection(httplib.HTTPConnection, ClientHelper):
17 """This class extends L{httplib.HTTPConnection} to support TLS.""" 18
19 - def __init__(self, host, port=None, strict=None, 20 timeout=socket._GLOBAL_DEFAULT_TIMEOUT, 21 source_address=None, 22 username=None, password=None, 23 certChain=None, privateKey=None, 24 checker=None, 25 settings=None, 26 ignoreAbruptClose=False, 27 anon=False):
28 """Create a new HTTPTLSConnection. 29 30 For client authentication, use one of these argument 31 combinations: 32 - username, password (SRP) 33 - certChain, privateKey (certificate) 34 35 For server authentication, you can either rely on the 36 implicit mutual authentication performed by SRP 37 or you can do certificate-based server 38 authentication with one of these argument combinations: 39 - x509Fingerprint 40 41 Certificate-based server authentication is compatible with 42 SRP or certificate-based client authentication. 43 44 The constructor does not perform the TLS handshake itself, but 45 simply stores these arguments for later. The handshake is 46 performed only when this class needs to connect with the 47 server. Thus you should be prepared to handle TLS-specific 48 exceptions when calling methods inherited from 49 L{httplib.HTTPConnection} such as request(), connect(), and 50 send(). See the client handshake functions in 51 L{tlslite.TLSConnection.TLSConnection} for details on which 52 exceptions might be raised. 53 54 @type host: str 55 @param host: Server to connect to. 56 57 @type port: int 58 @param port: Port to connect to. 59 60 @type username: str 61 @param username: SRP username. Requires the 62 'password' argument. 63 64 @type password: str 65 @param password: SRP password for mutual authentication. 66 Requires the 'username' argument. 67 68 @type certChain: L{tlslite.x509certchain.X509CertChain} or 69 @param certChain: Certificate chain for client authentication. 70 Requires the 'privateKey' argument. Excludes the SRP arguments. 71 72 @type privateKey: L{tlslite.utils.rsakey.RSAKey} 73 @param privateKey: Private key for client authentication. 74 Requires the 'certChain' argument. Excludes the SRP arguments. 75 76 @type checker: L{tlslite.checker.Checker} 77 @param checker: Callable object called after handshaking to 78 evaluate the connection and raise an Exception if necessary. 79 80 @type settings: L{tlslite.handshakesettings.HandshakeSettings} 81 @param settings: Various settings which can be used to control 82 the ciphersuites, certificate types, and SSL/TLS versions 83 offered by the client. 84 85 @type ignoreAbruptClose: bool 86 @param ignoreAbruptClose: ignore the TLSAbruptCloseError on 87 unexpected hangup. 88 """ 89 if source_address: 90 httplib.HTTPConnection.__init__(self, host, port, strict, 91 timeout, source_address) 92 if not source_address: 93 httplib.HTTPConnection.__init__(self, host, port, strict, 94 timeout) 95 self.ignoreAbruptClose = ignoreAbruptClose 96 ClientHelper.__init__(self, 97 username, password, 98 certChain, privateKey, 99 checker, 100 settings, 101 anon)
102
103 - def connect(self):
104 httplib.HTTPConnection.connect(self) 105 self.sock = TLSConnection(self.sock) 106 self.sock.ignoreAbruptClose = self.ignoreAbruptClose 107 ClientHelper._handshake(self, self.sock)
108