Package tlslite :: Package integration :: Module httptlsconnection
[hide private]
[frames] | no frames]

Source Code for Module tlslite.integration.httptlsconnection

  1  # Author: Trevor Perrin 
  2  # See the LICENSE file for legal information regarding use of this file. 
  3   
  4  """TLS Lite + httplib.""" 
  5   
  6  import socket 
  7  import httplib 
  8  from tlslite.tlsconnection import TLSConnection 
  9  from tlslite.integration.clienthelper import ClientHelper 
 10   
 11   
12 -class HTTPTLSConnection(httplib.HTTPConnection, ClientHelper):
13 """This class extends L{httplib.HTTPConnection} to support TLS.""" 14
15 - def __init__(self, host, port=None, strict=None, 16 timeout=socket._GLOBAL_DEFAULT_TIMEOUT, 17 source_address=None, 18 username=None, password=None, 19 certChain=None, privateKey=None, 20 x509Fingerprint=None, 21 tackID=None, 22 hardTack=None, 23 settings = None):
24 """Create a new HTTPTLSConnection. 25 26 For client authentication, use one of these argument 27 combinations: 28 - username, password (SRP) 29 - certChain, privateKey (certificate) 30 31 For server authentication, you can either rely on the 32 implicit mutual authentication performed by SRP 33 or you can do certificate-based server 34 authentication with one of these argument combinations: 35 - x509Fingerprint 36 37 Certificate-based server authentication is compatible with 38 SRP or certificate-based client authentication. 39 40 The constructor does not perform the TLS handshake itself, but 41 simply stores these arguments for later. The handshake is 42 performed only when this class needs to connect with the 43 server. Thus you should be prepared to handle TLS-specific 44 exceptions when calling methods inherited from 45 L{httplib.HTTPConnection} such as request(), connect(), and 46 send(). See the client handshake functions in 47 L{tlslite.TLSConnection.TLSConnection} for details on which 48 exceptions might be raised. 49 50 @type host: str 51 @param host: Server to connect to. 52 53 @type port: int 54 @param port: Port to connect to. 55 56 @type username: str 57 @param username: SRP username. Requires the 58 'password' argument. 59 60 @type password: str 61 @param password: SRP password for mutual authentication. 62 Requires the 'username' argument. 63 64 @type certChain: L{tlslite.x509certchain.X509CertChain} or 65 @param certChain: Certificate chain for client authentication. 66 Requires the 'privateKey' argument. Excludes the SRP arguments. 67 68 @type privateKey: L{tlslite.utils.rsakey.RSAKey} 69 @param privateKey: Private key for client authentication. 70 Requires the 'certChain' argument. Excludes the SRP arguments. 71 72 @type x509Fingerprint: str 73 @param x509Fingerprint: Hex-encoded X.509 fingerprint for 74 server authentication. 75 76 @type tackID: str 77 @param tackID: TACK ID for server authentication. 78 79 @type hardTack: bool 80 @param hardTack: Whether to raise TackBreakSigError on TACK Break. 81 82 @type settings: L{tlslite.handshakesettings.HandshakeSettings} 83 @param settings: Various settings which can be used to control 84 the ciphersuites, certificate types, and SSL/TLS versions 85 offered by the client. 86 """ 87 if source_address: 88 httplib.HTTPConnection.__init__(self, host, port, strict, 89 timeout, source_address) 90 if not source_address: 91 httplib.HTTPConnection.__init__(self, host, port, strict, 92 timeout) 93 94 ClientHelper.__init__(self, 95 username, password, 96 certChain, privateKey, 97 x509Fingerprint, 98 tackID, 99 hardTack, 100 settings)
101
102 - def connect(self):
103 httplib.HTTPConnection.connect(self) 104 self.sock = TLSConnection(self.sock) 105 ClientHelper._handshake(self, self.sock)
106