Package tlslite :: Package integration :: Module clienthelper :: Class ClientHelper
[hide private]
[frames] | no frames]

type ClientHelper

source code

Known Subclasses:

This is a helper class used to integrate TLS Lite with various TLS clients (e.g. poplib, smtplib, httplib, etc.)

Instance Methods [hide private]
 
__init__(self, username=None, password=None, certChain=None, privateKey=None, checker=None, settings=None, anon=False, host=None)
For client authentication, use one of these argument combinations:
source code
 
_handshake(self, tlsConnection) source code
Static Methods [hide private]
 
_isIP(address)
Return True if the address is an IPv4 address
source code
Method Details [hide private]

__init__(self, username=None, password=None, certChain=None, privateKey=None, checker=None, settings=None, anon=False, host=None)
(Constructor)

source code 

For client authentication, use one of these argument combinations:

  • username, password (SRP)
  • certChain, privateKey (certificate)

For server authentication, you can either rely on the implicit mutual authentication performed by SRP, or you can do certificate-based server authentication with one of these argument combinations:

  • x509Fingerprint

Certificate-based server authentication is compatible with SRP or certificate-based client authentication.

The constructor does not perform the TLS handshake itself, but simply stores these arguments for later. The handshake is performed only when this class needs to connect with the server. Then you should be prepared to handle TLS-specific exceptions. See the client handshake functions in tlslite.TLSConnection.TLSConnection for details on which exceptions might be raised.

Parameters:
  • username (str) - SRP username. Requires the 'password' argument.
  • password (str) - SRP password for mutual authentication. Requires the 'username' argument.
  • certChain (tlslite.x509certchain.X509CertChain) - Certificate chain for client authentication. Requires the 'privateKey' argument. Excludes the SRP arguments.
  • privateKey (tlslite.utils.rsakey.RSAKey) - Private key for client authentication. Requires the 'certChain' argument. Excludes the SRP arguments.
  • checker (tlslite.checker.Checker) - Callable object called after handshaking to evaluate the connection and raise an Exception if necessary.
  • settings (tlslite.handshakesettings.HandshakeSettings) - Various settings which can be used to control the ciphersuites, certificate types, and SSL/TLS versions offered by the client.
  • anon (bool) - set to True if the negotiation should advertise only anonymous TLS ciphersuites. Mutually exclusive with client certificate authentication or SRP authentication
  • host (str or None) - the hostname that the connection is made to. Can be an IP address (in which case the SNI extension won't be sent). Can include the port (in which case the port will be stripped and ignored).
Overrides: object.__init__