1
2
3
4
5
6
7
8
9 """TLS Lite + httplib."""
10
11 import socket
12 try:
13 import httplib
14 except ImportError:
15
16 from http import client as httplib
17 from tlslite.tlsconnection import TLSConnection
18 from tlslite.integration.clienthelper import ClientHelper
19
20
22 """This class extends L{httplib.HTTPConnection} to support TLS."""
23
24 - def __init__(self, host, port=None, strict=None,
25 timeout=socket._GLOBAL_DEFAULT_TIMEOUT,
26 source_address=None,
27 username=None, password=None,
28 certChain=None, privateKey=None,
29 checker=None,
30 settings=None,
31 ignoreAbruptClose=False,
32 anon=False):
33 """Create a new HTTPTLSConnection.
34
35 For client authentication, use one of these argument
36 combinations:
37 - username, password (SRP)
38 - certChain, privateKey (certificate)
39
40 For server authentication, you can either rely on the
41 implicit mutual authentication performed by SRP
42 or you can do certificate-based server
43 authentication with one of these argument combinations:
44 - x509Fingerprint
45
46 Certificate-based server authentication is compatible with
47 SRP or certificate-based client authentication.
48
49 The constructor does not perform the TLS handshake itself, but
50 simply stores these arguments for later. The handshake is
51 performed only when this class needs to connect with the
52 server. Thus you should be prepared to handle TLS-specific
53 exceptions when calling methods inherited from
54 L{httplib.HTTPConnection} such as request(), connect(), and
55 send(). See the client handshake functions in
56 L{tlslite.TLSConnection.TLSConnection} for details on which
57 exceptions might be raised.
58
59 @type host: str
60 @param host: Server to connect to.
61
62 @type port: int
63 @param port: Port to connect to.
64
65 @type username: str
66 @param username: SRP username. Requires the
67 'password' argument.
68
69 @type password: str
70 @param password: SRP password for mutual authentication.
71 Requires the 'username' argument.
72
73 @type certChain: L{tlslite.x509certchain.X509CertChain} or
74 @param certChain: Certificate chain for client authentication.
75 Requires the 'privateKey' argument. Excludes the SRP arguments.
76
77 @type privateKey: L{tlslite.utils.rsakey.RSAKey}
78 @param privateKey: Private key for client authentication.
79 Requires the 'certChain' argument. Excludes the SRP arguments.
80
81 @type checker: L{tlslite.checker.Checker}
82 @param checker: Callable object called after handshaking to
83 evaluate the connection and raise an Exception if necessary.
84
85 @type settings: L{tlslite.handshakesettings.HandshakeSettings}
86 @param settings: Various settings which can be used to control
87 the ciphersuites, certificate types, and SSL/TLS versions
88 offered by the client.
89
90 @type ignoreAbruptClose: bool
91 @param ignoreAbruptClose: ignore the TLSAbruptCloseError on
92 unexpected hangup.
93 """
94 if source_address:
95 httplib.HTTPConnection.__init__(self,
96 host=host,
97 port=port,
98 timeout=timeout,
99 source_address=source_address)
100 if not source_address:
101 httplib.HTTPConnection.__init__(self,
102 host=host,
103 port=port,
104 timeout=timeout)
105 self.ignoreAbruptClose = ignoreAbruptClose
106 ClientHelper.__init__(self,
107 username, password,
108 certChain, privateKey,
109 checker,
110 settings,
111 anon,
112 host)
113
119