Make sni_handler an argument to BaseHandler.convert_to_ssl

2024-11-23 08:11:00 +00:00 · 2013-02-25 21:11:09 +13:00 · 2013-02-25 21:11:09 +13:00 · f30df13384
commit f30df13384
parent 97e11a219f
2 changed files with 16 additions and 20 deletions
--- a/netlib/tcp.py
+++ b/netlib/tcp.py
@ -254,15 +254,27 @@ class BaseHandler:
        self.ssl_established = False
        self.clientcert = None

-    def convert_to_ssl(self, cert, key, method=SSLv23_METHOD, options=None):
+    def convert_to_ssl(self, cert, key, method=SSLv23_METHOD, options=None, handle_sni=None):
        """
            method: One of SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, or TLSv1_METHOD
+            handle_sni: SNI handler, should take a connection object. Server
+            name can be retrieved like this:
+
+                            connection.get_servername()
+
+                        And you can specify the connection keys as follows:
+
+                            new_context = Context(TLSv1_METHOD)
+                            new_context.use_privatekey(key)
+                            new_context.use_certificate(cert)
+                            connection.set_context(new_context)
        """
        ctx = SSL.Context(method)
        if not options is None:
            ctx.set_options(options)
+        if handle_sni:
            # SNI callback happens during do_handshake()
-        ctx.set_tlsext_servername_callback(self.handle_sni)
+            ctx.set_tlsext_servername_callback(handle_sni)
        ctx.use_privatekey_file(key)
        ctx.use_certificate_file(cert)
        def ver(*args):
@ -290,23 +302,6 @@ class BaseHandler:
            # Remote has disconnected
            pass

-    def handle_sni(self, connection):
-        """
-            Called if the client has given a server name indication.
-
-            Server name can be retrieved like this:
-
-                connection.get_servername()
-
-            And you can specify the connection keys as follows:
-
-                new_context = Context(TLSv1_METHOD)
-                new_context.use_privatekey(key)
-                new_context.use_certificate(cert)
-                connection.set_context(new_context)
-        """
-        pass
-
    def handle(self): # pragma: no cover
        raise NotImplementedError

--- a/netlib/test.py
+++ b/netlib/test.py
@ -62,6 +62,7 @@ class TServer(tcp.TCPServer):
                self.ssl["key"],
                method = method,
                options = options,
+                handle_sni = getattr(h, "handle_sni", None)
            )
        h.handle()
        h.finish()