twisted.internet._sslverify.ClientTLSOptions

class documentation

class ClientTLSOptions: (source)

Constructor: ClientTLSOptions(createConnection, hostname, sendServerName)

Implements interfaces: twisted.internet.interfaces.IOpenSSLClientConnectionCreator

Client creator for TLS.

Private implementation type (not exposed to applications) for public optionsForClientTLS API.

Method	`__init__`	Initialize `ClientTLSOptions`.
Method	`clientConnectionForTLS`	Create a TLS connection for a client.
Instance Variable	`_createConnection`	A callable that creates a mostly-configured OpenSSL connection, modulo the hostname stuff that `ClientTLSOptions` is responsible for.
Instance Variable	`_hostname`	The hostname to verify, as specified by the application, as some human-readable text.
Instance Variable	`_hostnameASCII`	The hostname, as transcoded into IDNA ASCII-range unicode code points. This is pre-transcoded because the `service_identity` package is rather strict about requiring the `idna` package from PyPI for internationalized domain names, rather than working with Python's built-in (but sometimes broken) IDNA encoding...
Instance Variable	`_hostnameBytes`	The hostname to verify, decoded into IDNA-encoded bytes. This is passed to APIs which think that hostnames are bytes, such as OpenSSL's SNI implementation.
Instance Variable	`_hostnameIsDnsName`	Whether or not the `_hostname` is a DNSName. Will be `False` if `_hostname` is an IP address or `True` if `_hostname` is a DNSName
Instance Variable	`_sendServerName`	Whether the hostname will be sent via the TLS Server Name Indication extension.

def __init__(self, createConnection: Callable[[TLSMemoryBIOProtocol], SSL.Connection], hostname: str, sendServerName: bool | None = None): (source) ¶

Initialize ClientTLSOptions.

Parameters
createConnection:`Callable[[TLSMemoryBIOProtocol], SSL.Connection]`	A callable which can create a mostly-configured `SSL.Connection`, modulo hostname verification.
hostname:`str`	The hostname to verify as input by a human.
sendServerName:`bool \| None`	Should the server name be sent to the peer? `None` means "follow the specification", which will send it if it's a valid DNS name and refrain from sending it if it's an IP address; `True` means always send, and `False` means never send.

def clientConnectionForTLS(self, tlsProtocol: TLSMemoryBIOProtocol) -> Connection: (source) ¶

from twisted.internet.interfaces.IOpenSSLClientConnectionCreator

Create a TLS connection for a client.

Parameters
tlsProtocol:`TLSMemoryBIOProtocol`	the TLS protocol initiating the connection.

Returns
`Connection`	the configured client connection.

_createConnection: Callable[[TLSMemoryBIOProtocol], SSL.Connection] = (source) ¶

A callable that creates a mostly-configured OpenSSL connection, modulo the hostname stuff that ClientTLSOptions is responsible for.

_hostname: str = (source) ¶

The hostname to verify, as specified by the application, as some human-readable text.

_hostnameASCII: str = (source) ¶

The hostname, as transcoded into IDNA ASCII-range unicode code points. This is pre-transcoded because the service_identity package is rather strict about requiring the idna package from PyPI for internationalized domain names, rather than working with Python's built-in (but sometimes broken) IDNA encoding. ASCII values, however, will always work.

_hostnameBytes: bytes = (source) ¶

The hostname to verify, decoded into IDNA-encoded bytes. This is passed to APIs which think that hostnames are bytes, such as OpenSSL's SNI implementation.

_hostnameIsDnsName: bool = (source) ¶

Whether or not the _hostname is a DNSName. Will be False if _hostname is an IP address or True if _hostname is a DNSName

_sendServerName: bool = (source) ¶

Whether the hostname will be sent via the TLS Server Name Indication extension.