예제 #1
0
    def convert_to_ssl(self, cert, key, **sslctx_kwargs):
        """
        Convert connection to SSL.
        For a list of parameters, see tls.create_server_context(...)
        """

        context = tls.create_server_context(cert=cert,
                                            key=key,
                                            **sslctx_kwargs)
        self.connection = SSL.Connection(context, self.connection)
        self.connection.set_accept_state()
        try:
            self.connection.do_handshake()
        except SSL.Error as v:
            raise exceptions.TlsException("SSL handshake error: %s" % repr(v))
        self.ssl_established = True
        cert = self.connection.get_peer_certificate()
        if cert:
            self.clientcert = certs.SSLCert(cert)
        self.rfile.set_descriptor(self.connection)
        self.wfile.set_descriptor(self.connection)
예제 #2
0
    def convert_to_ssl(self, cert, key, **sslctx_kwargs):
        """
        Convert connection to SSL.
        For a list of parameters, see tls.create_server_context(...)
        """

        context = tls.create_server_context(
            cert=cert,
            key=key,
            **sslctx_kwargs)
        self.connection = SSL.Connection(context, self.connection)
        self.connection.set_accept_state()
        try:
            self.connection.do_handshake()
        except SSL.Error as v:
            raise exceptions.TlsException("SSL handshake error: %s" % repr(v))
        self.ssl_established = True
        cert = self.connection.get_peer_certificate()
        if cert:
            self.clientcert = certs.SSLCert(cert)
        self.rfile.set_descriptor(self.connection)
        self.wfile.set_descriptor(self.connection)
예제 #3
0
 def create_client_proxy_ssl_conn(self,
                                  tls_start: tls.TlsStartData) -> None:
     tls_method, tls_options = net_tls.VERSION_CHOICES[
         ctx.options.ssl_version_client]
     cert, key, chain_file = self.get_cert(tls_start.context)
     ssl_ctx = net_tls.create_server_context(
         cert=cert,
         key=key,
         method=tls_method,
         options=tls_options,
         cipher_list=ctx.options.ciphers_client or DEFAULT_CLIENT_CIPHERS,
         dhparams=self.certstore.dhparams,
         chain_file=chain_file,
         alpn_select_callback=alpn_select_callback,
         extra_chain_certs=tls_start.context.server.certificate_list,
     )
     tls_start.ssl_conn = SSL.Connection(ssl_ctx)
     tls_start.ssl_conn.set_app_data(
         AppData(
             server_alpn=tls_start.context.server.alpn,
             http2=ctx.options.http2,
         ))
     tls_start.ssl_conn.set_accept_state()