本文整理汇总了Python中twisted.internet.ssl.optionsForClientTLS方法的典型用法代码示例。如果您正苦于以下问题:Python ssl.optionsForClientTLS方法的具体用法?Python ssl.optionsForClientTLS怎么用?Python ssl.optionsForClientTLS使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类twisted.internet.ssl
的用法示例。
在下文中一共展示了ssl.optionsForClientTLS方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: integrationTest
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def integrationTest(self, hostName, expectedAddress, addressType):
"""
Wrap L{AgentTestsMixin.integrationTest} with TLS.
"""
authority, server = certificatesForAuthorityAndServer(hostName
.decode('ascii'))
def tlsify(serverFactory):
return TLSMemoryBIOFactory(server.options(), False, serverFactory)
def tlsagent(reactor):
from twisted.web.iweb import IPolicyForHTTPS
from zope.interface import implementer
@implementer(IPolicyForHTTPS)
class Policy(object):
def creatorForNetloc(self, hostname, port):
return optionsForClientTLS(hostname.decode("ascii"),
trustRoot=authority)
return client.Agent(reactor, contextFactory=Policy())
(super(AgentHTTPSTests, self)
.integrationTest(hostName, expectedAddress, addressType,
serverWrapper=tlsify,
createAgent=tlsagent,
scheme=b'https'))
示例2: integrationTest
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def integrationTest(self, hostName, expectedAddress, addressType):
"""
Wrap L{AgentTestsMixin.integrationTest} with TLS.
"""
certHostName = hostName.strip(b'[]')
authority, server = certificatesForAuthorityAndServer(certHostName
.decode('ascii'))
def tlsify(serverFactory):
return TLSMemoryBIOFactory(server.options(), False, serverFactory)
def tlsagent(reactor):
from twisted.web.iweb import IPolicyForHTTPS
from zope.interface import implementer
@implementer(IPolicyForHTTPS)
class Policy(object):
def creatorForNetloc(self, hostname, port):
return optionsForClientTLS(hostname.decode("ascii"),
trustRoot=authority)
return client.Agent(reactor, contextFactory=Policy())
(super(AgentHTTPSTests, self)
.integrationTest(hostName, expectedAddress, addressType,
serverWrapper=tlsify,
createAgent=tlsagent,
scheme=b'https'))
示例3: test_extraKeywords
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def test_extraKeywords(self):
"""
When passed a keyword parameter other than C{extraCertificateOptions},
L{sslverify.optionsForClientTLS} raises an exception just like a
normal Python function would.
"""
error = self.assertRaises(
TypeError,
sslverify.optionsForClientTLS,
hostname=u'alpha', someRandomThing=u'beta',
)
self.assertEqual(
str(error),
"optionsForClientTLS() got an unexpected keyword argument "
"'someRandomThing'"
)
示例4: test_butIfTheyDidItWouldWork
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def test_butIfTheyDidItWouldWork(self):
"""
L{ssl.optionsForClientTLS} should be using L{ssl.platformTrust} by
default, so if we fake that out then it should trust ourselves again.
"""
cProto, sProto, cWrapped, sWrapped, pump = self.serviceIdentitySetup(
u"valid.example.com",
u"valid.example.com",
useDefaultTrust=True,
fakePlatformTrust=True,
)
self.assertEqual(cWrapped.data,
b'greetings!')
cErr = cWrapped.lostReason
sErr = sWrapped.lostReason
self.assertIsNone(cErr)
self.assertIsNone(sErr)
示例5: test_clientPresentsCertificate
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def test_clientPresentsCertificate(self):
"""
When the server verifies and the client presents a valid certificate
for that verification by passing it to
L{sslverify.optionsForClientTLS}, communication proceeds.
"""
cProto, sProto, cWrapped, sWrapped, pump = self.serviceIdentitySetup(
u"valid.example.com",
u"valid.example.com",
validCertificate=True,
serverVerifies=True,
clientPresentsCertificate=True,
)
self.assertEqual(cWrapped.data,
b'greetings!')
cErr = cWrapped.lostReason
sErr = sWrapped.lostReason
self.assertIsNone(cErr)
self.assertIsNone(sErr)
示例6: test_clientPresentsBadCertificate
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def test_clientPresentsBadCertificate(self):
"""
When the server verifies and the client presents an invalid certificate
for that verification by passing it to
L{sslverify.optionsForClientTLS}, the connection cannot be established
with an SSL error.
"""
cProto, sProto, cWrapped, sWrapped, pump = self.serviceIdentitySetup(
u"valid.example.com",
u"valid.example.com",
validCertificate=True,
serverVerifies=True,
validClientCertificate=False,
clientPresentsCertificate=True,
)
self.assertEqual(cWrapped.data,
b'')
cErr = cWrapped.lostReason.value
sErr = sWrapped.lostReason.value
self.assertIsInstance(cErr, SSL.Error)
self.assertIsInstance(sErr, SSL.Error)
示例7: test_trustRootSelfSignedServerCertificate
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def test_trustRootSelfSignedServerCertificate(self):
"""
L{trustRootFromCertificates} called with a single self-signed
certificate will cause L{optionsForClientTLS} to accept client
connections to a server with that certificate.
"""
key, cert = makeCertificate(O=b"Server Test Certificate", CN=b"server")
selfSigned = sslverify.PrivateCertificate.fromCertificateAndKeyPair(
sslverify.Certificate(cert),
sslverify.KeyPair(key),
)
trust = sslverify.trustRootFromCertificates([selfSigned])
# Since we trust this exact certificate, connections to this server
# should succeed.
sProto, cProto, sWrap, cWrap, pump = loopbackTLSConnectionInMemory(
trustRoot=trust,
privateKey=selfSigned.privateKey.original,
serverCertificate=selfSigned.original,
)
self.assertEqual(cWrap.data, b'greetings!')
self.assertIsNone(cWrap.lostReason)
示例8: test_trustRootCertificateAuthorityTrustsConnection
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def test_trustRootCertificateAuthorityTrustsConnection(self):
"""
L{trustRootFromCertificates} called with certificate A will cause
L{optionsForClientTLS} to accept client connections to a server with
certificate B where B is signed by A.
"""
caCert, serverCert = certificatesForAuthorityAndServer()
trust = sslverify.trustRootFromCertificates([caCert])
# Since we've listed the CA's certificate as a trusted cert, a
# connection to the server certificate it signed should succeed.
sProto, cProto, sWrap, cWrap, pump = loopbackTLSConnectionInMemory(
trustRoot=trust,
privateKey=serverCert.privateKey.original,
serverCertificate=serverCert.original,
)
self.assertEqual(cWrap.data, b'greetings!')
self.assertIsNone(cWrap.lostReason)
示例9: add_connection
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def add_connection(self, id_, url):
"""
Convenience function to connect and store the resulting
connector.
"""
if not url.startswith("wss://"):
raise ValueError("expected wss:// URL prefix")
hostname = url[6:]
factory = self.factories[id_]
options = ssl.optionsForClientTLS(hostname=hostname) # for TLS SNI
self._conns[id_] = connectWS(factory, options)
示例10: creatorForNetloc
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def creatorForNetloc(self, hostname, port):
return optionsForClientTLS(
u"control-service",
trustRoot=self.ca_certificate,
clientCertificate=self.client_credential.private_certificate())
示例11: __init__
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def __init__(self, xs, required=True, configurationForTLS=None):
"""
@param configurationForTLS: An object which creates appropriately
configured TLS connections. This is passed to C{startTLS} on the
transport and is preferably created using
L{twisted.internet.ssl.optionsForClientTLS}. If C{None}, the
default is to verify the server certificate against the trust roots
as provided by the platform. See
L{twisted.internet._sslverify.platformTrust}.
@type configurationForTLS: L{IOpenSSLClientConnectionCreator} or
C{None}
"""
super(TLSInitiatingInitializer, self).__init__(
xs, required=required)
self._configurationForTLS = configurationForTLS
示例12: onProceed
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def onProceed(self, obj):
"""
Proceed with TLS negotiation and reset the XML stream.
"""
self.xmlstream.removeObserver('/failure', self.onFailure)
if self._configurationForTLS:
ctx = self._configurationForTLS
else:
ctx = ssl.optionsForClientTLS(self.xmlstream.otherEntity.host)
self.xmlstream.transport.startTLS(ctx)
self.xmlstream.reset()
self.xmlstream.sendHeader()
self._deferred.callback(Reset)
示例13: test_bytesFailFast
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def test_bytesFailFast(self):
"""
If you pass L{bytes} as the hostname to
L{sslverify.optionsForClientTLS} it immediately raises a L{TypeError}.
"""
error = self.assertRaises(
TypeError,
sslverify.optionsForClientTLS, b'not-actually-a-hostname.com'
)
expectedText = (
"optionsForClientTLS requires text for host names, not " +
bytes.__name__
)
self.assertEqual(str(error), expectedText)
示例14: test_IPv4AddressHostname
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def test_IPv4AddressHostname(self):
"""
If you pass an IPv4 address to L{sslverify.optionsForClientTLS}
L{_hostnameIsDnsName} will be False
"""
options = sslverify.optionsForClientTLS(u'127.0.0.1')
self.assertFalse(options._hostnameIsDnsName)
示例15: test_IPv6AddressHostname
# 需要导入模块: from twisted.internet import ssl [as 别名]
# 或者: from twisted.internet.ssl import optionsForClientTLS [as 别名]
def test_IPv6AddressHostname(self):
"""
If you pass an IPv6 address to L{sslverify.optionsForClientTLS}
L{_hostnameIsDnsName} will be False
"""
options = sslverify.optionsForClientTLS(u'::1')
self.assertFalse(options._hostnameIsDnsName)