Home | Trees | Indices | Help |
---|
|
This class handles data transmission for a TLS connection.
Its only subclass is tlslite.TLSConnection.TLSConnection. We've separated the code in this class from TLSConnection to make things more readable.
|
|||
|
|||
str |
|
||
iterable |
|
||
|
|||
iterable |
|
||
|
|||
iterable |
|
||
str |
|
||
str |
|
||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
str |
|
||
|
|||
|
|||
|
|||
socket._fileobject
|
|
||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
Inherited from |
|
|||
str or None |
allegedSrpUsername This is set to the SRP username asserted by the client, whether the handshake succeeded or not. |
||
bool |
closeSocket If the socket should be closed when the connection is closed, defaults to True (writable). |
||
bool |
closed If this connection is closed. |
||
bool |
encryptThenMAC Whether the connection uses the encrypt-then-MAC construct for CBC cipher suites, will be False also if connection uses RC4 or AEAD. |
||
bool |
ignoreAbruptClose If an abrupt close of the socket should raise an error (writable). |
||
int |
recordSize maimum size of data to be sent in a single record layer message. |
||
bool |
resumed If this connection is based on a resumed session. |
||
tlslite.Session.Session |
session The session corresponding to this connection. |
||
socket.socket |
sock The underlying socket object. |
||
tuple |
version The TLS version being used for this connection. |
|
|||
_client Boolean stating if the endpoint acts as a client |
|||
Inherited from |
|
x.__init__(...) initializes x; see help(type(x)) for signature
|
Read some data from the TLS connection. This function will block until at least 'min' bytes are available (or the connection is closed). If an exception is raised, the connection will have been automatically closed.
|
Start a read operation on the TLS connection. This function returns a generator which behaves similarly to read(). Successive invocations of the generator will return 0 if it is waiting to read from the socket, 1 if it is waiting to write to the socket, or a string if the read operation has completed.
|
Write some data to the TLS connection. This function will block until all the data has been sent. If an exception is raised, the connection will have been automatically closed.
|
Start a write operation on the TLS connection. This function returns a generator which behaves similarly to write(). Successive invocations of the generator will return 1 if it is waiting to write to the socket, or will raise StopIteration if the write operation has completed.
|
Close the TLS connection. This function will block until it has exchanged close_notify alerts with the other party. After doing so, it will shut down the TLS connection. Further attempts to read through this connection will return "". Further attempts to write through this connection will raise ValueError. If makefile() has been called on this connection, the connection will be not be closed until the connection object and all file objects have been closed. Even if an exception is raised, the connection will have been closed.
|
Start a close operation on the TLS connection. This function returns a generator which behaves similarly to close(). Successive invocations of the generator will return 0 if it is waiting to read from the socket, 1 if it is waiting to write to the socket, or will raise StopIteration if the close operation has completed.
|
Get the name of the cipher implementation used with this connection.
|
Get the name of the cipher used with this connection.
|
Close the TLS connection. This function will block until it has exchanged close_notify alerts with the other party. After doing so, it will shut down the TLS connection. Further attempts to read through this connection will return "". Further attempts to write through this connection will raise ValueError. If makefile() has been called on this connection, the connection will be not be closed until the connection object and all file objects have been closed. Even if an exception is raised, the connection will have been closed.
|
Get the name of this TLS version.
|
Get some data from the TLS connection (socket emulation).
|
Send data to the TLS connection (socket emulation).
|
Send data to the TLS connection (socket emulation).
|
Add bytes to the front of the socket read buffer for future reading. Be careful using this in the context of select(...): if you unread the last data from a socket, that won't wake up selected waiters, and those waiters may hang forever. |
|
allegedSrpUsernameThis is set to the SRP username asserted by the client, whether the handshake succeeded or not. If the handshake fails, this can be inspected to determine if a guessing attack is in progress against a particular user account.
|
closeSocketIf the socket should be closed when the connection is closed, defaults to True (writable).If you set this to True, TLS Lite will assume the responsibility of closing the socket when the TLS Connection is shutdown (either through an error or through the user calling close()). The default is False.
|
encryptThenMACWhether the connection uses the encrypt-then-MAC construct for CBC cipher suites, will be False also if connection uses RC4 or AEAD.
|
ignoreAbruptCloseIf an abrupt close of the socket should raise an error (writable).If you set this to True, TLS Lite will not raise a tlslite.errors.TLSAbruptCloseError exception if the underlying socket is unexpectedly closed. Such an unexpected closure could be caused by an attacker. However, it also occurs with some incorrect TLS implementations. You should set this to True only if you're not worried about an attacker truncating the connection, and only if necessary to avoid spurious errors. The default is False.
|
recordSizemaimum size of data to be sent in a single record layer message. Note that after encryption is established (generally after handshake protocol has finished) the actual amount of data written to network socket will be larger because of the record layer header, padding or encryption overhead. It can be set to low value (so that there is no fragmentation on Ethernet, IP and TCP level) at the beginning of connection to reduce latency and set to protocol max (2**14) to maximise throughput after sending few kiB of data. Setting to values greater than 2**14 will cause the connection to be dropped by RFC compliant peers.
|
sessionThe session corresponding to this connection.Due to TLS session resumption, multiple connections can correspond to the same underlying session.
|
versionThe TLS version being used for this connection.(3,0) means SSL 3.0, and (3,1) means TLS 1.0.
|
|
_clientBoolean stating if the endpoint acts as a client
|
Home | Trees | Indices | Help |
---|
Generated by Epydoc 3.0.1 on Sat Oct 10 14:21:21 2015 | http://epydoc.sourceforge.net |