1
2
3
4
5
6
7
8 """TLS Lite + httplib."""
9
10 import socket
11 import httplib
12 from tlslite.tlsconnection import TLSConnection
13 from tlslite.integration.clienthelper import ClientHelper
14
15
17 """This class extends L{httplib.HTTPConnection} to support TLS."""
18
19 - def __init__(self, host, port=None, strict=None,
20 timeout=socket._GLOBAL_DEFAULT_TIMEOUT,
21 source_address=None,
22 username=None, password=None,
23 certChain=None, privateKey=None,
24 checker=None,
25 settings=None,
26 ignoreAbruptClose=False,
27 anon=False):
28 """Create a new HTTPTLSConnection.
29
30 For client authentication, use one of these argument
31 combinations:
32 - username, password (SRP)
33 - certChain, privateKey (certificate)
34
35 For server authentication, you can either rely on the
36 implicit mutual authentication performed by SRP
37 or you can do certificate-based server
38 authentication with one of these argument combinations:
39 - x509Fingerprint
40
41 Certificate-based server authentication is compatible with
42 SRP or certificate-based client authentication.
43
44 The constructor does not perform the TLS handshake itself, but
45 simply stores these arguments for later. The handshake is
46 performed only when this class needs to connect with the
47 server. Thus you should be prepared to handle TLS-specific
48 exceptions when calling methods inherited from
49 L{httplib.HTTPConnection} such as request(), connect(), and
50 send(). See the client handshake functions in
51 L{tlslite.TLSConnection.TLSConnection} for details on which
52 exceptions might be raised.
53
54 @type host: str
55 @param host: Server to connect to.
56
57 @type port: int
58 @param port: Port to connect to.
59
60 @type username: str
61 @param username: SRP username. Requires the
62 'password' argument.
63
64 @type password: str
65 @param password: SRP password for mutual authentication.
66 Requires the 'username' argument.
67
68 @type certChain: L{tlslite.x509certchain.X509CertChain} or
69 @param certChain: Certificate chain for client authentication.
70 Requires the 'privateKey' argument. Excludes the SRP arguments.
71
72 @type privateKey: L{tlslite.utils.rsakey.RSAKey}
73 @param privateKey: Private key for client authentication.
74 Requires the 'certChain' argument. Excludes the SRP arguments.
75
76 @type checker: L{tlslite.checker.Checker}
77 @param checker: Callable object called after handshaking to
78 evaluate the connection and raise an Exception if necessary.
79
80 @type settings: L{tlslite.handshakesettings.HandshakeSettings}
81 @param settings: Various settings which can be used to control
82 the ciphersuites, certificate types, and SSL/TLS versions
83 offered by the client.
84
85 @type ignoreAbruptClose: bool
86 @param ignoreAbruptClose: ignore the TLSAbruptCloseError on
87 unexpected hangup.
88 """
89 if source_address:
90 httplib.HTTPConnection.__init__(self, host, port, strict,
91 timeout, source_address)
92 if not source_address:
93 httplib.HTTPConnection.__init__(self, host, port, strict,
94 timeout)
95 self.ignoreAbruptClose = ignoreAbruptClose
96 ClientHelper.__init__(self,
97 username, password,
98 certChain, privateKey,
99 checker,
100 settings,
101 anon)
102
108