Package tlslite :: Package integration :: Module HTTPTLSConnection :: Class HTTPTLSConnection
[show private | hide private]
[frames | no frames]

Class HTTPTLSConnection

   HTTPConnection --+    
                    |    
HTTPBaseTLSConnection --+
                        |
                       HTTPTLSConnection


This class extends HTTPBaseTLSConnection to support the common types of handshaking.
Method Summary
  __init__(self, host, port, username, password, sharedKey, certChain, privateKey, cryptoID, protocol, x509Fingerprint, x509TrustList, x509CommonName, settings)
Create a new HTTPTLSConnection.
    Inherited from HTTPBaseTLSConnection
  connect(self)
Connect to the host and port specified in __init__.
    Inherited from HTTPConnection
  close(self)
Close the connection to the HTTP server.
  endheaders(self)
Indicate that the last header line has been sent to the server.
  getresponse(self)
Get the response from the server.
  putheader(self, header, value)
Send a request header line to the server.
  putrequest(self, method, url, skip_host)
Send a request to the server.
  request(self, method, url, body, headers)
Send a complete request to the server.
  send(self, str)
Send `str' to the server.
  set_debuglevel(self, level)

Class Variable Summary
    Inherited from HTTPBaseTLSConnection
int default_port = 443                                                                   
    Inherited from HTTPConnection
int auto_open = 1                                                                     
int debuglevel = 0                                                                     
int strict = 0                                                                     

Method Details

__init__(self, host, port=None, username=None, password=None, sharedKey=None, certChain=None, privateKey=None, cryptoID=None, protocol=None, x509Fingerprint=None, x509TrustList=None, x509CommonName=None, settings=None)
(Constructor)

Create a new HTTPTLSConnection.

For client authentication, use one of these argument combinations:
  • username, password (SRP)
  • username, sharedKey (shared-key)
  • certChain, privateKey (certificate)
For server authentication, you can either rely on the implicit mutual authentication performed by SRP or shared-keys, or you can do certificate-based server authentication with one of these argument combinations:
  • cryptoID[, protocol] (requires cryptoIDlib)
  • x509Fingerprint
  • x509TrustList[, x509CommonName] (requires cryptlib_py)

Certificate-based server authentication is compatible with SRP or certificate-based client authentication. It is not compatible with shared-keys.

The constructor does not perform the TLS handshake itself, but simply stores these arguments for later. The handshake is performed only when this class needs to connect with the server. Thus you should be prepared to handle TLS-specific exceptions when calling methods inherited from httplib.HTTPConnection such as request(), connect(), and send(). See the client handshake functions in tlslite.TLSConnection.TLSConnection for details on which exceptions might be raised.
Parameters:
host - Server to connect to.
           (type=str)
port - Port to connect to.
           (type=int)
username - SRP or shared-key username. Requires the 'password' or 'sharedKey' argument.
           (type=str)
password - SRP password for mutual authentication. Requires the 'username' argument.
           (type=str)
sharedKey - Shared key for mutual authentication. Requires the 'username' argument.
           (type=str)
certChain - Certificate chain for client authentication. Requires the 'privateKey' argument. Excludes the SRP or shared-key related arguments.
           (type=tlslite.X509CertChain.X509CertChain or cryptoIDlib.CertChain.CertChain)
privateKey - Private key for client authentication. Requires the 'certChain' argument. Excludes the SRP or shared-key related arguments.
           (type=tlslite.utils.RSAKey.RSAKey)
cryptoID - cryptoID for server authentication. Mutually exclusive with the 'x509...' arguments.
           (type=str)
protocol - cryptoID protocol URI for server authentication. Requires the 'cryptoID' argument.
           (type=str)
x509Fingerprint - Hex-encoded X.509 fingerprint for server authentication. Mutually exclusive with the 'cryptoID' and 'x509TrustList' arguments.
           (type=str)
x509TrustList - A list of trusted root certificates. The other party must present a certificate chain which extends to one of these root certificates. The cryptlib_py module must be installed to use this parameter. Mutually exclusive with the 'cryptoID' and 'x509Fingerprint' arguments.
           (type=list of tlslite.X509.X509)
x509CommonName - The end-entity certificate's 'CN' field must match this value. For a web server, this is typically a server name such as 'www.amazon.com'. Mutually exclusive with the 'cryptoID' and 'x509Fingerprint' arguments. Requires the 'x509TrustList' argument.
           (type=str)
settings - Various settings which can be used to control the ciphersuites, certificate types, and SSL/TLS versions offered by the client.
           (type=tlslite.HandshakeSettings.HandshakeSettings)
Overrides:
tlslite.integration.HTTPTLSConnection.HTTPBaseTLSConnection.__init__

Generated by Epydoc 2.0 on Sun Mar 21 00:04:58 2004 http://epydoc.sf.net