def clientConnectionForTLS( self, tls_protocol: TLSMemoryBIOProtocol ) -> SSL.Connection: context = self._ctx connection = SSL.Connection(context, None) # as per twisted.internet.ssl.ClientTLSOptions, we set the application # data to our TLSMemoryBIOProtocol... connection.set_app_data(tls_protocol) # ... and we also gut-wrench a '_synapse_tls_verifier' attribute into the # tls_protocol so that the SSL context's info callback has something to # call to do the cert verification. tls_protocol._synapse_tls_verifier = self._verifier # type: ignore[attr-defined] return connection