Package M2Crypto :: Package SSL :: Module Context' :: Class Context
[frames] | no frames]

Class Context



'Context' for SSL connections.

Instance Methods
 
__del__(self)
 
__init__(self, protocol='sslv23', weak_crypto=None)
 
add_session(self, session)
 
close(self)
 
get_allow_unknown_ca(self)
Get the context's setting that accepts/rejects a peer certificate if the certificate's CA is unknown.
 
get_cert_store(self)
Get the certificate store associated with this context.
 
get_session_cache_mode(self)
 
get_session_timeout(self)
 
get_verify_depth(self)
 
get_verify_mode(self)
 
load_cert(self, certfile, keyfile=None, callback=<function passphrase_callback at 0x83b2a04>)
Load certificate and private key into the context.
 
load_cert_chain(self, certchainfile, keyfile=None, callback=<function passphrase_callback at 0x83b2a04>)
Load certificate chain and private key into the context.
 
load_client_CA(self, cafile)
Load CA certs into the context.
 
load_client_ca(self, cafile)
Load CA certs into the context.
 
load_verify_info(self, cafile=None, capath=None)
Load CA certs into the context.
 
load_verify_locations(self, cafile=None, capath=None)
Load CA certs into the context.
 
m2_ssl_ctx_free(...)
 
remove_session(self, session)
 
set_allow_unknown_ca(self, ok)
Set the context to accept/reject a peer certificate if the certificate's CA is unknown.
 
set_cipher_list(self, cipher_list)
 
set_client_CA_list_from_file(self, cafile)
Load CA certs into the context.
 
set_info_callback(self, callback=<function ssl_info_callback at 0x8412e64>)
Set a callback function that can be used to get state information about the SSL connections that are created from this context.
 
set_options(self, op)
 
set_session_cache_mode(self, mode)
 
set_session_id_ctx(self, id)
 
set_session_timeout(self, timeout)
 
set_tmp_dh(self, dhpfile)
Load ephemeral DH parameters into the context.
 
set_tmp_dh_callback(self, callback=None)
 
set_tmp_rsa(self, rsa)
Load ephemeral RSA key into the context.
 
set_tmp_rsa_callback(self, callback=None)
 
set_verify(self, mode, depth, callback=None)
Set verify options.
Method Details

get_cert_store(self)

 

Get the certificate store associated with this context.

Warning: The store is NOT refcounted, and as such can not be relied to be valid once the context goes away or is changed.

load_cert(self, certfile, keyfile=None, callback=<function passphrase_callback at 0x83b2a04>)

 

Load certificate and private key into the context.

Parameters:
  • certfile (str) - File that contains the PEM-encoded certificate.
  • keyfile (str) - File that contains the PEM-encoded private key. Default value of None indicates that the private key is to be found in 'certfile'.
  • callback - Callable object to be invoked if the private key is passphrase-protected. Default callback provides a simple terminal-style input for the passphrase.

load_cert_chain(self, certchainfile, keyfile=None, callback=<function passphrase_callback at 0x83b2a04>)

 

Load certificate chain and private key into the context.

Parameters:
  • certchainfile (str) - File object containing the PEM-encoded certificate chain.
  • keyfile (str) - File object containing the PEM-encoded private key. Default value of None indicates that the private key is to be found in 'certchainfile'.
  • callback - Callable object to be invoked if the private key is passphrase-protected. Default callback provides a simple terminal-style input for the passphrase.

load_client_CA(self, cafile)

 

Load CA certs into the context. These CA certs are sent to the peer during *SSLv3 certificate request*.

Parameters:
  • cafile (str) - File object containing one or more PEM-encoded CA certificates concatenated together.

load_client_ca(self, cafile)

 

Load CA certs into the context. These CA certs are sent to the peer during *SSLv3 certificate request*.

Parameters:
  • cafile (str) - File object containing one or more PEM-encoded CA certificates concatenated together.

load_verify_info(self, cafile=None, capath=None)

 

Load CA certs into the context. These CA certs are used during verification of the peer's certificate.

Parameters:
  • cafile (str) - File containing one or more PEM-encoded CA certificates concatenated together.
  • capath (str) - Directory containing PEM-encoded CA certificates (one certificate per file).

load_verify_locations(self, cafile=None, capath=None)

 

Load CA certs into the context. These CA certs are used during verification of the peer's certificate.

Parameters:
  • cafile (str) - File containing one or more PEM-encoded CA certificates concatenated together.
  • capath (str) - Directory containing PEM-encoded CA certificates (one certificate per file).

set_allow_unknown_ca(self, ok)

 

Set the context to accept/reject a peer certificate if the certificate's CA is unknown.

Parameters:
  • ok (boolean) - True to accept, False to reject.

set_client_CA_list_from_file(self, cafile)

 

Load CA certs into the context. These CA certs are sent to the peer during *SSLv3 certificate request*.

Parameters:
  • cafile (str) - File object containing one or more PEM-encoded CA certificates concatenated together.

set_info_callback(self, callback=<function ssl_info_callback at 0x8412e64>)

 

Set a callback function that can be used to get state information about the SSL connections that are created from this context.

Parameters:
  • callback - Callback function. The default prints information to stderr.

set_tmp_dh(self, dhpfile)

 

Load ephemeral DH parameters into the context.

Parameters:
  • dhpfile (str) - File object containing the PEM-encoded DH parameters.

set_tmp_rsa(self, rsa)

 

Load ephemeral RSA key into the context.

Parameters:
  • rsa - M2Crypto.RSA.RSA instance.

set_verify(self, mode, depth, callback=None)

 

Set verify options. Most applications will need to call this method with the right options to make a secure SSL connection.

Parameters:
  • mode (int) - The verification mode to use. Typically at least SSL.verify_peer is used. Clients would also typically add SSL.verify_fail_if_no_peer_cert.
  • depth (int) - The maximum allowed depth of the certificate chain returned by the peer.
  • callback - Callable that can be used to specify custom verification checks.