diff options
author | Jean-Paul Calderone <exarkun@twistedmatrix.com> | 2015-04-13 12:26:09 -0400 |
---|---|---|
committer | Jean-Paul Calderone <exarkun@twistedmatrix.com> | 2015-04-13 12:26:09 -0400 |
commit | 8654f785ccd96a0d6cfb33d521dd891a9178380d (patch) | |
tree | 5cb5b7ca7b0441d6a168eb5af16bc7e58684fd48 /doc | |
parent | 6043279aead4412ada76177012cd34949e20d38c (diff) | |
parent | d1182e98f5837456d792b2421dde45f86e3fc06d (diff) | |
download | pyopenssl-8654f785ccd96a0d6cfb33d521dd891a9178380d.tar.gz |
Merge remote-tracking branch 'origin/master' into 159-crl-export-digest
Diffstat (limited to 'doc')
-rw-r--r-- | doc/api/crypto.rst | 44 | ||||
-rw-r--r-- | doc/api/ssl.rst | 44 |
2 files changed, 86 insertions, 2 deletions
diff --git a/doc/api/crypto.rst b/doc/api/crypto.rst index c5b7c33..fb254cf 100644 --- a/doc/api/crypto.rst +++ b/doc/api/crypto.rst @@ -42,7 +42,17 @@ .. py:data:: X509StoreType - A Python type object representing the X509Store object type. + See :py:class:`X509Store` + + +.. py:data X509Store + + A class representing the X.509 store. + + +.. py:data:: X509StoreContext + + A class representing the X.509 store context. .. py:data:: PKeyType @@ -257,7 +267,7 @@ X509 objects have the following methods: Return the signature algorithm used in the certificate. If the algorithm is undefined, raise :py:data:`ValueError`. - ..versionadded:: 0.13 + .. versionadded:: 0.13 .. py:method:: X509.get_subject() @@ -526,6 +536,36 @@ The X509Store object has currently just one method: Add the certificate *cert* to the certificate store. +X509StoreContextError objects +----------------------------- + +The X509StoreContextError is an exception raised from +`X509StoreContext.verify_certificate` in circumstances where a certificate +cannot be verified in a provided context. + +The certificate for which the verification error was detected is given by the +``certificate`` attribute of the exception instance as a :class:`X509` +instance. + +Details about the verification error are given in the exception's ``args`` attribute. + + +X509StoreContext objects +------------------------ + +The X509StoreContext object is used for verifying a certificate against a set +of trusted certificates. + + +.. py:method:: X509StoreContext.verify_certificate() + + Verify a certificate in the context of this initialized `X509StoreContext`. + On error, raises `X509StoreContextError`, otherwise does nothing. + + .. versionadded:: 0.15 + + + .. _openssl-pkey: PKey objects diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst index a75af1f..e6a0775 100644 --- a/doc/api/ssl.rst +++ b/doc/api/ssl.rst @@ -472,6 +472,33 @@ Context objects have the following methods: .. versionadded:: 0.13 +.. py:method:: Context.set_npn_advertise_callback(callback) + + Specify a callback function that will be called when offering `Next + Protocol Negotiation + <https://technotes.googlecode.com/git/nextprotoneg.html>`_ as a server. + + *callback* should be the callback function. It will be invoked with one + argument, the :py:class:`Connection` instance. It should return a list of + bytestrings representing the advertised protocols, like + ``[b'http/1.1', b'spdy/2']``. + + .. versionadded:: 0.15 + + +.. py:method:: Context.set_npn_select_callback(callback): + + Specify a callback function that will be called when a server offers Next + Protocol Negotiation options. + + *callback* should be the callback function. It will be invoked with two + arguments: the :py:class:`Connection`, and a list of offered protocols as + bytestrings, e.g. ``[b'http/1.1', b'spdy/2']``. It should return one of + those bytestrings, the chosen protocol. + + .. versionadded:: 0.15 + + .. _openssl-session: Session objects @@ -614,6 +641,14 @@ Connection objects have the following methods: by *bufsize*. +.. py:method:: Connection.recv_into(buffer[, nbytes[, flags]]) + + Receive data from the Connection and copy it directly into the provided + buffer. The return value is the number of bytes read from the connection. + The maximum amount of data to be received at once is specified by *nbytes*. + *flags* is accepted for compatibility with ``socket.recv_into`` but its + value is ignored. + .. py:method:: Connection.bio_write(bytes) If the Connection was created with a memory BIO, this method can be used to add @@ -806,6 +841,15 @@ Connection objects have the following methods: .. versionadded:: 0.15 +.. py:method:: Connection.get_next_proto_negotiated(): + + Get the protocol that was negotiated by Next Protocol Negotiation. Returns + a bytestring of the protocol name. If no protocol has been negotiated yet, + returns an empty string. + + .. versionadded:: 0.15 + + .. Rubric:: Footnotes .. [#connection-context-socket] Actually, all that is required is an object that |