def __init__(self, sock,
keyfile, certfile, ca_certs,
do_handshake_on_connect, server_side):
self.sock = sock
self.engine = _get_ssl_context(keyfile, certfile, ca_certs).createSSLEngine()
self.engine.setUseClientMode(not server_side)
self.ssl_handler = SslHandler(self.engine)
self.already_handshaked = False
self.do_handshake_on_connect = do_handshake_on_connect
if self.do_handshake_on_connect and hasattr(self.sock, "connected") and self.sock.connected:
self.already_handshaked = True
print "Adding SSL handler to pipeline..."
self.sock.channel.pipeline().addFirst("ssl", self.ssl_handler)
self.sock._post_connect()
self.sock._notify_selectors()
self.sock._unlatch()
def handshake_step(x):
print "Handshaking result", x
if not hasattr(self.sock, "activity_latch"): # need a better discriminant
self.sock._post_connect()
self.sock._notify_selectors()
self.ssl_handler.handshakeFuture().addListener(handshake_step)
def initChannel(self, ch):
pipeline = ch.pipeline()
engine = SSLContext.getDefault().createSSLEngine()
engine.setUseClientMode(True);
pipeline.addLast("ssl", SslHandler(engine))
