Remove avoidable imports from OpenSSL

Fixes #38

netlib/tcp.py

@@ -1,6 +1,12 @@
 from __future__ import (absolute_import, print_function, division)
-import select, socket, threading, sys, time, traceback
+import select
+import socket
+import sys
+import threading
+import time
+import traceback
 from OpenSSL import SSL
+
 from . import certutils
 
 
@@ -11,35 +17,6 @@ SSLv3_METHOD = SSL.SSLv3_METHOD
 SSLv23_METHOD = SSL.SSLv23_METHOD
 TLSv1_METHOD = SSL.TLSv1_METHOD
 
-OP_ALL = SSL.OP_ALL
-OP_CIPHER_SERVER_PREFERENCE = SSL.OP_CIPHER_SERVER_PREFERENCE
-OP_COOKIE_EXCHANGE = SSL.OP_COOKIE_EXCHANGE
-OP_DONT_INSERT_EMPTY_FRAGMENTS = SSL.OP_DONT_INSERT_EMPTY_FRAGMENTS
-OP_EPHEMERAL_RSA = SSL.OP_EPHEMERAL_RSA
-OP_MICROSOFT_BIG_SSLV3_BUFFER = SSL.OP_MICROSOFT_BIG_SSLV3_BUFFER
-OP_MICROSOFT_SESS_ID_BUG = SSL.OP_MICROSOFT_SESS_ID_BUG
-try:
-    OP_MSIE_SSLV2_RSA_PADDING = SSL.OP_MSIE_SSLV2_RSA_PADDING
-except AttributeError:
-    pass
-OP_NETSCAPE_CA_DN_BUG = SSL.OP_NETSCAPE_CA_DN_BUG
-OP_NETSCAPE_CHALLENGE_BUG = SSL.OP_NETSCAPE_CHALLENGE_BUG
-OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = SSL.OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
-OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = SSL.OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
-OP_NO_QUERY_MTU = SSL.OP_NO_QUERY_MTU
-OP_NO_SSLv2 = SSL.OP_NO_SSLv2
-OP_NO_SSLv3 = SSL.OP_NO_SSLv3
-OP_NO_TICKET = SSL.OP_NO_TICKET
-OP_NO_TLSv1 = SSL.OP_NO_TLSv1
-OP_PKCS1_CHECK_1 = SSL.OP_PKCS1_CHECK_1
-OP_PKCS1_CHECK_2 = SSL.OP_PKCS1_CHECK_2
-OP_SINGLE_DH_USE = SSL.OP_SINGLE_DH_USE
-OP_SSLEAY_080_CLIENT_DH_BUG = SSL.OP_SSLEAY_080_CLIENT_DH_BUG
-OP_SSLREF2_REUSE_CERT_TYPE_BUG = SSL.OP_SSLREF2_REUSE_CERT_TYPE_BUG
-OP_TLS_BLOCK_PADDING_BUG = SSL.OP_TLS_BLOCK_PADDING_BUG
-OP_TLS_D5_BUG = SSL.OP_TLS_D5_BUG
-OP_TLS_ROLLBACK_BUG = SSL.OP_TLS_ROLLBACK_BUG
-
 
 class NetLibError(Exception): pass
 class NetLibDisconnect(NetLibError): pass
@@ -251,7 +228,8 @@ class _Connection(object):
 
     def close(self):
         """
-            Does a hard close of the socket, i.e. a shutdown, followed by a close.
+            Does a hard close of the socket, i.e. a shutdown, followed by a
+            close.
         """
         try:
             if self.ssl_established:
@@ -273,6 +251,7 @@ class _Connection(object):
 class TCPClient(_Connection):
     rbufsize = -1
     wbufsize = -1
+
     def __init__(self, address, source_address=None):
         self.address = Address.wrap(address)
         self.source_address = Address.wrap(source_address) if source_address else None
@@ -284,6 +263,8 @@ class TCPClient(_Connection):
     def convert_to_ssl(self, cert=None, sni=None, method=TLSv1_METHOD, options=None, cipher_list=None):
         """
             cert: Path to a file containing both client cert and private key.
+
+            options: A bit field consisting of OpenSSL.SSL.OP_* values
         """
         context = SSL.Context(method)
         if cipher_list:
@@ -358,12 +339,16 @@ class BaseHandler(_Connection):
                            dhparams=None, ca_file=None):
         """
             cert: A certutils.SSLCert object.
+
             method: One of SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, or TLSv1_METHOD
+
             handle_sni: SNI handler, should take a connection object. Server
             name can be retrieved like this:
 
                     connection.get_servername()
 
+            options: A bit field consisting of OpenSSL.SSL.OP_* values
+
             And you can specify the connection keys as follows:
 
                     new_context = Context(TLSv1_METHOD)

test/test_tcp.py

@@ -123,7 +123,7 @@ class TestServerSSL(test.ServerTestBase):
     def test_echo(self):
         c = tcp.TCPClient(("127.0.0.1", self.port))
         c.connect()
-        c.convert_to_ssl(sni="foo.com", options=tcp.OP_ALL)
+        c.convert_to_ssl(sni="foo.com", options=SSL.OP_ALL)
         testval = "echo!\n"
         c.wfile.write(testval)
         c.wfile.flush()