def upgrade_to_tls(self, options=None): assert ssl, 'tls_v1 requires Python 2.6+ or Python 2.5 w/ pip install ssl' # in order to upgrade to TLS we need to *replace* the IOStream... # # first remove the event handler for the currently open socket # so that when we add the socket to the new SSLIOStream below, # it can re-add the appropriate event handlers. self.io_loop.remove_handler(self.socket.fileno()) opts = {'cert_reqs': ssl.CERT_REQUIRED, 'ca_certs': default_ca_certs()} opts.update(options or {}) self.socket = ssl.wrap_socket( self.socket, ssl_version=ssl.PROTOCOL_TLSv1, do_handshake_on_connect=False, **opts) self.stream = tornado.iostream.SSLIOStream( self.socket, io_loop=self.io_loop) self.stream.set_close_callback(self._socket_close) # now that the IOStream has been swapped we can kickstart # the SSL handshake self.stream._do_ssl_handshake()
def upgrade_to_tls(self, options=None): # in order to upgrade to TLS we need to *replace* the IOStream... # # first remove the event handler for the currently open socket # so that when we add the socket to the new SSLIOStream below, # it can re-add the appropriate event handlers. self.io_loop.remove_handler(self.socket.fileno()) opts = { 'cert_reqs': ssl.CERT_REQUIRED, 'ca_certs': default_ca_certs() } opts.update(options or {}) self.socket = ssl.wrap_socket(self.socket, ssl_version=ssl.PROTOCOL_TLSv1, do_handshake_on_connect=False, **opts) self.stream = tornado.iostream.SSLIOStream(self.socket, io_loop=self.io_loop) self.stream.set_close_callback(self._socket_close) # now that the IOStream has been swapped we can kickstart # the SSL handshake self.stream._do_ssl_handshake()