diff options
Diffstat (limited to 'doc/html/howto.ssl.html')
| -rw-r--r-- | doc/html/howto.ssl.html | 120 |
1 files changed, 58 insertions, 62 deletions
diff --git a/doc/html/howto.ssl.html b/doc/html/howto.ssl.html index e880fe8..f31f9db 100644 --- a/doc/html/howto.ssl.html +++ b/doc/html/howto.ssl.html @@ -1,50 +1,42 @@ - <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> - <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> - - <title>HOWTO: Programming SSL in Python with M2Crypto — M2Crypto documentation</title> - - <link rel="stylesheet" href="_static/default.css" type="text/css" /> + <title>HOWTO: Programming SSL in Python with M2Crypto — M2Crypto documentation</title> + <link rel="stylesheet" href="_static/alabaster.css" type="text/css" /> <link rel="stylesheet" href="_static/pygments.css" type="text/css" /> - <script type="text/javascript"> var DOCUMENTATION_OPTIONS = { - URL_ROOT: '', + URL_ROOT: './', VERSION: '', COLLAPSE_INDEX: false, FILE_SUFFIX: '.html', - HAS_SOURCE: true + HAS_SOURCE: true, + SOURCELINK_SUFFIX: '.txt' }; </script> <script type="text/javascript" src="_static/jquery.js"></script> <script type="text/javascript" src="_static/underscore.js"></script> <script type="text/javascript" src="_static/doctools.js"></script> - <link rel="top" title="M2Crypto documentation" href="index.html" /> + <link rel="index" title="Index" href="genindex.html" /> + <link rel="search" title="Search" href="search.html" /> + + <link rel="stylesheet" href="_static/custom.css" type="text/css" /> + + + <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" /> + </head> <body> - <div class="related"> - <h3>Navigation</h3> - <ul> - <li class="right" style="margin-right: 10px"> - <a href="genindex.html" title="General Index" - accesskey="I">index</a></li> - <li class="right" > - <a href="py-modindex.html" title="Python Module Index" - >modules</a> |</li> - <li><a href="index.html">M2Crypto documentation</a> »</li> - </ul> - </div> + <div class="document"> <div class="documentwrapper"> <div class="bodywrapper"> - <div class="body"> + <div class="body" role="main"> <div class="section" id="howto-programming-ssl-in-python-with-m2crypto"> <span id="howto-ssl"></span><h1>HOWTO: Programming SSL in Python with M2Crypto<a class="headerlink" href="#howto-programming-ssl-in-python-with-m2crypto" title="Permalink to this headline">¶</a></h1> @@ -74,21 +66,21 @@ v2, RSA, DSA, DH, symmetric ciphers, message digests and HMACs.</p> <p>M2Crypto was created during the time of Python 1.5, which features a module httplib providing client-side HTTP functionality. M2Crypto sports a httpslib based on httplib.</p> -<p>Beginning with version 2.0, Python’s socket module provided +<p>Beginning with version 2.0, Python’s socket module provided (rudimentary) SSL support. Also in the same version, httplib was enhanced with class HTTPConnection, which is more sophisticated than the old class HTTP, and HTTPSConnection, which does HTTPS.</p> <p>Subsequently, M2Crypto.httpslib grew a compatible (but not identical) class HTTPSConnection.</p> <p>The primary interface difference between the two HTTPSConnection classes -is that M2Crypto’s version accepts an M2Crypto.SSL.Context instance as a -parameter, whereas Python 2.x’s SSL support does not permit Pythonic +is that M2Crypto’s version accepts an M2Crypto.SSL.Context instance as a +parameter, whereas Python 2.x’s SSL support does not permit Pythonic control of the SSL context.</p> -<p>Within the implementations, Python’s <tt class="docutils literal"><span class="pre">HTTPSConnection</span></tt> employs a -<tt class="docutils literal"><span class="pre">FakeSocket</span></tt> object, which collects all input from the SSL connection -before returning it to the application as a <tt class="docutils literal"><span class="pre">StringIO</span></tt> buffer, whereas -M2Crypto’s <tt class="docutils literal"><span class="pre">HTTPSConnection</span></tt> uses a buffering -<tt class="docutils literal"><span class="pre">M2Crypto.BIO.IOBuffer</span></tt> object that works over the underlying +<p>Within the implementations, Python’s <code class="docutils literal"><span class="pre">HTTPSConnection</span></code> employs a +<code class="docutils literal"><span class="pre">FakeSocket</span></code> object, which collects all input from the SSL connection +before returning it to the application as a <code class="docutils literal"><span class="pre">StringIO</span></code> buffer, whereas +M2Crypto’s <code class="docutils literal"><span class="pre">HTTPSConnection</span></code> uses a buffering +<code class="docutils literal"><span class="pre">M2Crypto.BIO.IOBuffer</span></code> object that works over the underlying M2Crypto.SSL.Connection directly.</p> <p>Since then M2Crypto has gained a Twisted wrapper that allows securing Twisted SSL connections with M2Crypto.</p> @@ -99,9 +91,9 @@ Twisted SSL connections with M2Crypto.</p> by John Viega, Matt Messier and Pravir Chandra, ISBN 059600270X.</p> <p>Using M2Crypto does not automatically make an SSL connection secure. There are various steps that need to be made before we can make that -claim. Let’s see how a simple client can establish a secure +claim. Let’s see how a simple client can establish a secure connection:</p> -<div class="highlight-python"><div class="highlight"><pre><span></span><span class="n">ctx</span> <span class="o">=</span> <span class="n">SSL</span><span class="o">.</span><span class="n">Context</span><span class="p">()</span> +<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">ctx</span> <span class="o">=</span> <span class="n">SSL</span><span class="o">.</span><span class="n">Context</span><span class="p">()</span> <span class="n">ctx</span><span class="o">.</span><span class="n">set_verify</span><span class="p">(</span><span class="n">SSL</span><span class="o">.</span><span class="n">verify_peer</span> <span class="o">|</span> <span class="n">SSL</span><span class="o">.</span><span class="n">verify_fail_if_no_peer_cert</span><span class="p">,</span> <span class="n">depth</span><span class="o">=</span><span class="mi">9</span><span class="p">)</span> <span class="k">if</span> <span class="n">ctx</span><span class="o">.</span><span class="n">load_verify_locations</span><span class="p">(</span><span class="s1">'ca.pem'</span><span class="p">)</span> <span class="o">!=</span> <span class="mi">1</span><span class="p">:</span> <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s1">'No CA certs'</span><span class="p">)</span> <span class="n">s</span> <span class="o">=</span> <span class="n">SSL</span><span class="o">.</span><span class="n">Connection</span><span class="p">(</span><span class="n">ctx</span><span class="p">)</span> @@ -150,7 +142,7 @@ above on how to make them secure.</p> </div> <div class="section" id="ssldump"> <h1>ssldump<a class="headerlink" href="#ssldump" title="Permalink to this headline">¶</a></h1> -<p>ssldump “is an SSLv3/TLS network protocol analyser. It identifies TCP +<p>ssldump “is an SSLv3/TLS network protocol analyser. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If @@ -158,7 +150,7 @@ provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic.</p> <p>If linked with OpenSSL, ssldump can display certificates in decoded form and decrypt traffic (provided that it has the appropriate keying -material).”</p> +material).”</p> <p>ssldump is written by Eric Rescorla.</p> </div> @@ -166,7 +158,7 @@ material).”</p> </div> </div> </div> - <div class="sphinxsidebar"> + <div class="sphinxsidebar" role="navigation" aria-label="main navigation"> <div class="sphinxsidebarwrapper"> <h3><a href="index.html">Table Of Contents</a></h3> <ul> @@ -177,44 +169,48 @@ material).”</p> <li><a class="reference internal" href="#code-samples">Code Samples</a></li> <li><a class="reference internal" href="#ssldump">ssldump</a></li> </ul> - - <h3>This Page</h3> - <ul class="this-page-menu"> - <li><a href="_sources/howto.ssl.txt" - rel="nofollow">Show Source</a></li> - </ul> -<div id="searchbox" style="display: none"> +<div class="relations"> +<h3>Related Topics</h3> +<ul> + <li><a href="index.html">Documentation overview</a><ul> + </ul></li> +</ul> +</div> + <div role="note" aria-label="source link"> + <h3>This Page</h3> + <ul class="this-page-menu"> + <li><a href="_sources/howto.ssl.rst.txt" + rel="nofollow">Show Source</a></li> + </ul> + </div> +<div id="searchbox" style="display: none" role="search"> <h3>Quick search</h3> <form class="search" action="search.html" method="get"> - <input type="text" name="q" /> - <input type="submit" value="Go" /> + <div><input type="text" name="q" /></div> + <div><input type="submit" value="Go" /></div> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> - <p class="searchtip" style="font-size: 90%"> - Enter search terms or a module, class or function name. - </p> </div> <script type="text/javascript">$('#searchbox').show(0);</script> </div> </div> <div class="clearer"></div> </div> - <div class="related"> - <h3>Navigation</h3> - <ul> - <li class="right" style="margin-right: 10px"> - <a href="genindex.html" title="General Index" - >index</a></li> - <li class="right" > - <a href="py-modindex.html" title="Python Module Index" - >modules</a> |</li> - <li><a href="index.html">M2Crypto documentation</a> »</li> - </ul> - </div> <div class="footer"> - © Copyright 2017, Matej Cepl <mcepl@cepl.eu>. - Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3. + ©2017, Matej Cepl <mcepl@cepl.eu>. + + | + Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.4</a> + & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.9</a> + + | + <a href="_sources/howto.ssl.rst.txt" + rel="nofollow">Page source</a> </div> + + + + </body> </html>
\ No newline at end of file |