Use autofocus for all module documentation/docstrings (#737)

* Use autodoc for OpenSSL.crypto

* Use autodoc for the SSL.Context class

* Use autodoc for SSL.Connection

2 files changed, 21 insertions, 759 deletions

diff --git a/doc/api/crypto.rst b/doc/api/crypto.rst
index 7b21d4f..5cd7fd9 100644
--- a/doc/api/crypto.rst
+++ b/doc/api/crypto.rst
@@ -16,27 +16,9 @@
 Elliptic curves
 ---------------
 
-.. py:function:: get_elliptic_curves
-
-    Return a set of objects representing the elliptic curves supported in the
-    OpenSSL build in use.
-
-    The curve objects have a :py:class:`unicode` ``name`` attribute by which
-    they identify themselves.
-
-    The curve objects are useful as values for the argument accepted by
-    :py:meth:`Context.set_tmp_ecdh` to specify which elliptical curve should be
-    used for ECDHE key exchange.
-
-
-.. py:function:: get_elliptic_curve(name)
-
-    Return a single curve object selected by *name*.
-
-    See :py:func:`get_elliptic_curves` for information about curve objects.
-
-    If the named curve is not supported then :py:class:`ValueError` is raised.
+.. autofunction:: get_elliptic_curves
 
+.. autofunction:: get_elliptic_curve
 
 Serialization and deserialization
 ---------------------------------
@@ -54,42 +36,23 @@ The following serialization functions take one of these constants to determine t
 Certificates
 ~~~~~~~~~~~~
 
-.. py:function:: dump_certificate(type, cert)
-
-    Dump the certificate *cert* into a buffer string encoded with the type
-    *type*.
-
-.. py:function:: load_certificate(type, buffer)
+.. autofunction:: dump_certificate
 
-    Load a certificate (X509) from the string *buffer* encoded with the
-    type *type*.
+.. autofunction:: load_certificate
 
 Certificate signing requests
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-.. py:function:: dump_certificate_request(type, req)
+.. autofunction:: dump_certificate_request
 
-    Dump the certificate request *req* into a buffer string encoded with the
-    type *type*.
-
-.. py:function:: load_certificate_request(type, buffer)
-
-    Load a certificate request (X509Req) from the string *buffer* encoded with
-    the type *type*.
+.. autofunction:: load_certificate_request
 
 Private keys
 ~~~~~~~~~~~~
 
 .. autofunction:: dump_privatekey
 
-.. py:function:: load_privatekey(type, buffer[, passphrase])
-
-    Load a private key (PKey) from the string *buffer* encoded with the type
-    *type* (must be one of :py:const:`FILETYPE_PEM` and
-    :py:const:`FILETYPE_ASN1`).
-
-    *passphrase* must be either a string or a callback for providing the pass
-    phrase.
+.. autofunction:: load_privatekey
 
 Public keys
 ~~~~~~~~~~~
@@ -103,53 +66,18 @@ Certificate revocation lists
 
 .. autofunction:: dump_crl
 
-.. py:function:: load_crl(type, buffer)
-
-    Load Certificate Revocation List (CRL) data from a string *buffer*.
-    *buffer* encoded with the type *type*.  The type *type* must either
-    :py:const:`FILETYPE_PEM` or :py:const:`FILETYPE_ASN1`).
-
-
-.. py:function:: load_pkcs7_data(type, buffer)
-
-    Load pkcs7 data from the string *buffer* encoded with the type
-    *type*. The type *type* must either :py:const:`FILETYPE_PEM` or
-    :py:const:`FILETYPE_ASN1`).
-
+.. autofunction:: load_crl
 
-.. py:function:: load_pkcs12(buffer[, passphrase])
+.. autofunction:: load_pkcs7_data
 
-    Load pkcs12 data from the string *buffer*. If the pkcs12 structure is
-    encrypted, a *passphrase* must be included.  The MAC is always
-    checked and thus required.
-
-    See also the man page for the C function :py:func:`PKCS12_parse`.
+.. autofunction:: load_pkcs12
 
 Signing and verifying signatures
 --------------------------------
 
-.. py:function:: sign(key, data, digest)
-
-    Sign a data string using the given key and message digest.
-
-    *key* is a :py:class:`PKey` instance.  *data* is a ``str`` instance.
-    *digest* is a ``str`` naming a supported message digest type, for example
-    :py:const:`b"sha256"`.
-
-    .. versionadded:: 0.11
-
+.. autofunction:: sign
 
-.. py:function:: verify(certificate, signature, data, digest)
-
-    Verify the signature for a data string.
-
-    *certificate* is a :py:class:`X509` instance corresponding to the private
-    key which generated the signature.  *signature* is a *str* instance giving
-    the signature itself.  *data* is a *str* instance giving the data to which
-    the signature applies.  *digest* is a *str* instance naming the message
-    digest type of the signature, for example :py:const:`b"sha256"`.
-
-    .. versionadded:: 0.11
+.. autofunction:: verify
 
 
 .. _openssl-x509:
@@ -243,25 +171,8 @@ PKCS7 objects
 
 PKCS7 objects have the following methods:
 
-.. py:method:: PKCS7.type_is_signed()
-
-    FIXME
-
-.. py:method:: PKCS7.type_is_enveloped()
-
-    FIXME
-
-.. py:method:: PKCS7.type_is_signedAndEnveloped()
-
-    FIXME
-
-.. py:method:: PKCS7.type_is_data()
-
-    FIXME
-
-.. py:method:: PKCS7.get_type_name()
-
-    Get the type name of the PKCS7.
+.. autoclass:: PKCS7
+               :members:
 
 .. _openssl-pkcs12:
 
diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst
index d892dbb..c678b28 100644
--- a/doc/api/ssl.rst
+++ b/doc/api/ssl.rst
@@ -118,11 +118,7 @@ Context, Connection.
     for details.
 
 
-.. py:function:: SSLeay_version(type)
-
-    Retrieve a string describing some aspect of the underlying OpenSSL version.  The
-    type passed in should be one of the :py:const:`SSLEAY_*` constants defined in
-    this module.
+.. autofunction:: SSLeay_version
 
 
 .. py:data:: ContextType
@@ -130,23 +126,9 @@ Context, Connection.
     See :py:class:`Context`.
 
 
-.. py:class:: Context(method)
-
-    A class representing SSL contexts.  Contexts define the parameters of one or
-    more SSL connections.
-
-    *method* should be :py:const:`SSLv2_METHOD`, :py:const:`SSLv3_METHOD`,
-    :py:const:`SSLv23_METHOD`, :py:const:`TLSv1_METHOD`, :py:const:`TLSv1_1_METHOD`,
-    or :py:const:`TLSv1_2_METHOD`.
-
-
-.. py:class:: Session()
+.. autoclass:: Context
 
-    A class representing an SSL session.  A session defines certain connection
-    parameters which may be re-used to speed up the setup of subsequent
-    connections.
-
-    .. versionadded:: 0.14
+.. autoclass:: Session
 
 
 .. py:data:: ConnectionType
@@ -236,283 +218,8 @@ Context objects
 
 Context objects have the following methods:
 
-.. :py:class:: OpenSSL.SSL.Context
-
-.. py:method:: Context.check_privatekey()
-
-    Check if the private key (loaded with :py:meth:`use_privatekey`) matches the
-    certificate (loaded with :py:meth:`use_certificate`).  Returns
-    :py:data:`None` if they match, raises :py:exc:`Error` otherwise.
-
-
-.. py:method:: Context.get_app_data()
-
-    Retrieve application data as set by :py:meth:`set_app_data`.
-
-
-.. py:method:: Context.get_cert_store()
-
-    Retrieve the certificate store (a X509Store object) that the context uses.
-    This can be used to add "trusted" certificates without using the
-    :py:meth:`load_verify_locations` method.
-
-
-.. py:method:: Context.get_timeout()
-
-    Retrieve session timeout, as set by :py:meth:`set_timeout`. The default is 300
-    seconds.
-
-
-.. py:method:: Context.get_verify_depth()
-
-    Retrieve the Context object's verify depth, as set by
-    :py:meth:`set_verify_depth`.
-
-
-.. py:method:: Context.get_verify_mode()
-
-    Retrieve the Context object's verify mode, as set by :py:meth:`set_verify`.
-
-
-.. automethod:: Context.load_client_ca
-
-
-.. py:method:: Context.set_client_ca_list(certificate_authorities)
-
-    Replace the current list of preferred certificate signers that would be
-    sent to the client when requesting a client certificate with the
-    *certificate_authorities* sequence of :py:class:`OpenSSL.crypto.X509Name`'s.
-
-    .. versionadded:: 0.10
-
-
-.. py:method:: Context.add_client_ca(certificate_authority)
-
-    Extract a :py:class:`OpenSSL.crypto.X509Name` from the *certificate_authority*
-    :py:class:`OpenSSL.crypto.X509` certificate and add it to the list of preferred
-    certificate signers sent to the client when requesting a client certificate.
-
-    .. versionadded:: 0.10
-
-
-.. py:method:: Context.load_verify_locations(pemfile, capath)
-
-    Specify where CA certificates for verification purposes are located. These
-    are trusted certificates. Note that the certificates have to be in PEM
-    format.  If capath is passed, it must be a directory prepared using the
-    ``c_rehash`` tool included with OpenSSL.  Either, but not both, of
-    *pemfile* or *capath* may be :py:data:`None`.
-
-
-.. py:method:: Context.set_default_verify_paths()
-
-    Specify that the platform provided CA certificates are to be used for verification purposes.
-    This method has some caveats related to the binary wheels that cryptography (pyOpenSSL's primary dependency) ships:
-
-    * macOS will only load certificates using this method if the user has the ``openssl@1.1`` `Homebrew <https://brew.sh>`_ formula installed in the default location.
-    * Windows will not work.
-    * manylinux1 cryptography wheels will work on most common Linux distributions in pyOpenSSL 17.1.0 and above.
-      pyOpenSSL detects the manylinux1 wheel and attempts to load roots via a fallback path.
-
-
-.. py:method:: Context.load_tmp_dh(dhfile)
-
-    Load parameters for Ephemeral Diffie-Hellman from *dhfile*.
-
-
-.. py:method:: Context.set_tmp_ecdh(curve)
-
-   Select a curve to use for ECDHE key exchange.
-
-   The valid values of *curve* are the objects returned by
-   :py:func:`OpenSSL.crypto.get_elliptic_curves` or
-   :py:func:`OpenSSL.crypto.get_elliptic_curve`.
-
-
-.. py:method:: Context.set_app_data(data)
-
-    Associate *data* with this Context object. *data* can be retrieved
-    later using the :py:meth:`get_app_data` method.
-
-
-.. automethod:: Context.set_cipher_list
-
-.. py:method:: Context.set_info_callback(callback)
-
-    Set the information callback to *callback*. This function will be called
-    from time to time during SSL handshakes.
-
-    *callback* should take three arguments: a Connection object and two integers.
-    The first integer specifies where in the SSL handshake the function was
-    called, and the other the return code from a (possibly failed) internal
-    function call.
-
-
-.. py:method:: Context.set_options(options)
-
-    Add SSL options. Options you have set before are not cleared!
-    This method should be used with the :py:const:`OP_*` constants.
-
-
-.. py:method:: Context.set_mode(mode)
-
-   Add SSL mode. Modes you have set before are not cleared!  This method should
-   be used with the :py:const:`MODE_*` constants.
-
-
-.. py:method:: Context.set_passwd_cb(callback[, userdata])
-
-    Set the passphrase callback to *callback*. This function will be called
-    when a private key with a passphrase is loaded. *callback* must accept
-    three positional arguments.  First, an integer giving the maximum length of
-    the passphrase it may return.  If the returned passphrase is longer than
-    this, it will be truncated.  Second, a boolean value which will be true if
-    the user should be prompted for the passphrase twice and the callback should
-    verify that the two values supplied are equal. Third, the value given as the
-    *userdata* parameter to :py:meth:`set_passwd_cb`.  The *callback* must return
-    a byte string. If an error occurs, *callback* should return a false value
-    (e.g. an empty string).
-
-
-.. py:method:: Context.set_session_cache_mode(mode)
-
-    Set the behavior of the session cache used by all connections using this
-    Context.  The previously set mode is returned.  See :py:const:`SESS_CACHE_*`
-    for details about particular modes.
-
-    .. versionadded:: 0.14
-
-
-.. py:method:: Context.get_session_cache_mode()
-
-    Get the current session cache mode.
-
-    .. versionadded:: 0.14
-
-
-.. automethod:: Context.set_session_id
-
-
-.. py:method:: Context.set_timeout(timeout)
-
-    Set the timeout for newly created sessions for this Context object to
-    *timeout*. *timeout* must be given in (whole) seconds. The default
-    value is 300 seconds. See the OpenSSL manual for more information (e.g.
-    :manpage:`SSL_CTX_set_timeout(3)`).
-
-
-.. py:method:: Context.set_verify(mode, callback)
-
-    Set the verification flags for this Context object to *mode* and specify
-    that *callback* should be used for verification callbacks. *mode* should be
-    one of :py:const:`VERIFY_NONE` and :py:const:`VERIFY_PEER`. If
-    :py:const:`VERIFY_PEER` is used, *mode* can be OR:ed with
-    :py:const:`VERIFY_FAIL_IF_NO_PEER_CERT` and :py:const:`VERIFY_CLIENT_ONCE`
-    to further control the behaviour.
-
-    *callback* should take five arguments: A Connection object, an X509 object,
-    and three integer variables, which are in turn potential error number, error
-    depth and return code. *callback* should return true if verification passes
-    and false otherwise.
-
-
-.. py:method:: Context.set_verify_depth(depth)
-
-    Set the maximum depth for the certificate chain verification that shall be
-    allowed for this Context object.
-
-
-.. py:method:: Context.use_certificate(cert)
-
-    Use the certificate *cert* which has to be a X509 object.
-
-
-.. py:method:: Context.add_extra_chain_cert(cert)
-
-    Adds the certificate *cert*, which has to be a X509 object, to the
-    certificate chain presented together with the certificate.
-
-
-.. py:method:: Context.use_certificate_chain_file(file)
-
-    Load a certificate chain from *file* which must be PEM encoded.
-
-
-.. py:method:: Context.use_privatekey(pkey)
-
-    Use the private key *pkey* which has to be a PKey object.
-
-
-.. py:method:: Context.use_certificate_file(file[, format])
-
-    Load the first certificate found in *file*. The certificate must be in the
-    format specified by *format*, which is either :py:const:`FILETYPE_PEM` or
-    :py:const:`FILETYPE_ASN1`. The default is :py:const:`FILETYPE_PEM`.
-
-
-.. py:method:: Context.use_privatekey_file(file[, format])
-
-    Load the first private key found in *file*. The private key must be in the
-    format specified by *format*, which is either :py:const:`FILETYPE_PEM` or
-    :py:const:`FILETYPE_ASN1`. The default is :py:const:`FILETYPE_PEM`.
-
-
-.. py:method:: Context.set_tlsext_servername_callback(callback)
-
-    Specify a one-argument callable to use as the TLS extension server name
-    callback.  When a connection using the server name extension is made using
-    this context, the callback will be invoked with the :py:class:`Connection`
-    instance.
-
-    .. versionadded:: 0.13
-
-
-.. py:method:: Context.set_npn_advertise_callback(callback)
-
-    Specify a callback function that will be called when offering `Next
-    Protocol Negotiation
-    <https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-03>`_ as a server.
-
-    *callback* should be the callback function.  It will be invoked with one
-    argument, the :py:class:`Connection` instance.  It should return a list of
-    bytestrings representing the advertised protocols, like
-    ``[b'http/1.1', b'spdy/2']``.
-
-    .. versionadded:: 0.15
-
-
-.. py:method:: Context.set_npn_select_callback(callback):
-
-    Specify a callback function that will be called when a server offers Next
-    Protocol Negotiation options.
-
-    *callback* should be the callback function.  It will be invoked with two
-    arguments: the :py:class:`Connection`, and a list of offered protocols as
-    bytestrings, e.g. ``[b'http/1.1', b'spdy/2']``.  It should return one of
-    those bytestrings, the chosen protocol.
-
-    .. versionadded:: 0.15
-
-.. py:method:: Context.set_alpn_protos(protos)
-
-    Specify the protocols that the client is prepared to speak after the TLS
-    connection has been negotiated using Application Layer Protocol
-    Negotiation.
-
-    *protos* should be a list of protocols that the client is offering, each
-    as a bytestring. For example, ``[b'http/1.1', b'spdy/2']``.
-
-
-.. py:method:: Context.set_alpn_select_callback(callback)
-
-    Specify a callback function that will be called on the server when a client
-    offers protocols using Application Layer Protocol Negotiation.
-
-    *callback* should be the callback function. It will be invoked with two
-    arguments: the :py:class:`Connection` and a list of offered protocols as
-    bytestrings, e.g. ``[b'http/1.1', b'spdy/2']``. It should return one of
-    these bytestrings, the chosen protocol.
-
+.. autoclass:: OpenSSL.SSL.Context
+               :members:
 
 .. _openssl-session:
 
@@ -529,364 +236,8 @@ Connection objects
 
 Connection objects have the following methods:
 
-.. py:method:: Connection.accept()
-
-    Call the :py:meth:`accept` method of the underlying socket and set up SSL on the
-    returned socket, using the Context object supplied to this Connection object at
-    creation. Returns a pair *(conn, address)*. where *conn* is the new
-    Connection object created, and *address* is as returned by the socket's
-    :py:meth:`accept`.
-
-
-.. py:method:: Connection.bind(address)
-
-    Call the :py:meth:`bind` method of the underlying socket.
-
-
-.. py:method:: Connection.close()
-
-    Call the :py:meth:`close` method of the underlying socket. Note: If you want
-    correct SSL closure, you need to call the :py:meth:`shutdown` method first.
-
-
-.. py:method:: Connection.connect(address)
-
-    Call the :py:meth:`connect` method of the underlying socket and set up SSL on the
-    socket, using the Context object supplied to this Connection object at
-    creation.
-
-
-.. py:method:: Connection.connect_ex(address)
-
-    Call the :py:meth:`connect_ex` method of the underlying socket and set up SSL on
-    the socket, using the Context object supplied to this Connection object at
-    creation. Note that if the :py:meth:`connect_ex` method of the socket doesn't
-    return 0, SSL won't be initialized.
-
-
-.. py:method:: Connection.do_handshake()
-
-    Perform an SSL handshake (usually called after :py:meth:`renegotiate` or one of
-    :py:meth:`set_accept_state` or :py:meth:`set_accept_state`). This can raise the
-    same exceptions as :py:meth:`send` and :py:meth:`recv`.
-
-
-.. py:method:: Connection.fileno()
-
-    Retrieve the file descriptor number for the underlying socket.
-
-
-.. py:method:: Connection.listen(backlog)
-
-    Call the :py:meth:`listen` method of the underlying socket.
-
-
-.. py:method:: Connection.get_app_data()
-
-    Retrieve application data as set by :py:meth:`set_app_data`.
-
-
-.. automethod:: Connection.get_cipher_list
-
-
-.. py:method:: Connection.get_protocol_version()
-
-    Retrieve the version of the SSL or TLS protocol used by the Connection.
-    For example, it will return ``0x769`` for connections made over TLS
-    version 1.
-
-
-.. py:method:: Connection.get_protocol_version_name()
-
-    Retrieve the version of the SSL or TLS protocol used by the Connection as
-    a unicode string. For example, it will return ``TLSv1`` for connections
-    made over TLS version 1, or ``Unknown`` for connections that were not
-    successfully established.
-
-
-.. py:method:: Connection.get_client_ca_list()
-
-    Retrieve the list of preferred client certificate issuers sent by the server
-    as :py:class:`OpenSSL.crypto.X509Name` objects.
-
-    If this is a client :py:class:`Connection`, the list will be empty until the
-    connection with the server is established.
-
-    If this is a server :py:class:`Connection`, return the list of certificate
-    authorities that will be sent or has been sent to the client, as controlled
-    by this :py:class:`Connection`'s :py:class:`Context`.
-
-    .. versionadded:: 0.10
-
-
-.. py:method:: Connection.get_context()
-
-    Retrieve the Context object associated with this Connection.
-
-
-.. py:method:: Connection.set_context(context)
-
-    Specify a replacement Context object for this Connection.
-
-
-.. py:method:: Connection.get_peer_certificate()
-
-    Retrieve the other side's certificate (if any)
-
-
-.. py:method:: Connection.get_peer_cert_chain()
-
-    Retrieve the tuple of the other side's certificate chain (if any)
-
-
-.. py:method:: Connection.getpeername()
-
-    Call the :py:meth:`getpeername` method of the underlying socket.
-
-
-.. py:method:: Connection.getsockname()
-
-    Call the :py:meth:`getsockname` method of the underlying socket.
-
-
-.. py:method:: Connection.getsockopt(level, optname[, buflen])
-
-    Call the :py:meth:`getsockopt` method of the underlying socket.
-
-
-.. py:method:: Connection.pending()
-
-    Retrieve the number of bytes that can be safely read from the SSL buffer
-    (**not** the underlying transport buffer).
-
-
-.. py:method:: Connection.recv(bufsize[, flags])
-
-    Receive data from the Connection. The return value is a string representing the
-    data received. The maximum amount of data to be received at once, is specified
-    by *bufsize*. The only supported flag is ``MSG_PEEK``, all other flags are
-    ignored.
-
-
-.. py:method:: Connection.recv_into(buffer[, nbytes[, flags]])
-
-    Receive data from the Connection and copy it directly into the provided
-    buffer. The return value is the number of bytes read from the connection.
-    The maximum amount of data to be received at once is specified by *nbytes*.
-    The only supported flag is ``MSG_PEEK``, all other flags are ignored.
-
-.. py:method:: Connection.bio_write(bytes)
-
-    If the Connection was created with a memory BIO, this method can be used to add
-    bytes to the read end of that memory BIO.  The Connection can then read the
-    bytes (for example, in response to a call to :py:meth:`recv`).
-
-
-.. automethod:: Connection.renegotiate
-
-.. automethod:: Connection.renegotiate_pending
-
-.. automethod:: Connection.total_renegotiations
-
-.. py:method:: Connection.send(string)
-
-    Send the *string* data to the Connection.
-
-
-.. py:method:: Connection.bio_read(bufsize)
-
-    If the Connection was created with a memory BIO, this method can be used to
-    read bytes from the write end of that memory BIO.  Many Connection methods will
-    add bytes which must be read in this manner or the buffer will eventually fill
-    up and the Connection will be able to take no further actions.
-
-
-.. py:method:: Connection.sendall(string)
-
-    Send all of the *string* data to the Connection. This calls :py:meth:`send`
-    repeatedly until all data is sent. If an error occurs, it's impossible to tell
-    how much data has been sent.
-
-
-.. py:method:: Connection.set_accept_state()
-
-    Set the connection to work in server mode. The handshake will be handled
-    automatically by read/write.
-
-
-.. py:method:: Connection.set_app_data(data)
-
-    Associate *data* with this Connection object. *data* can be retrieved
-    later using the :py:meth:`get_app_data` method.
-
-
-.. py:method:: Connection.set_connect_state()
-
-    Set the connection to work in client mode. The handshake will be handled
-    automatically by read/write.
-
-
-.. py:method:: Connection.setblocking(flag)
-
-    Call the :py:meth:`setblocking` method of the underlying socket.
-
-
-.. py:method:: Connection.setsockopt(level, optname, value)
-
-    Call the :py:meth:`setsockopt` method of the underlying socket.
-
-
-.. py:method:: Connection.shutdown()
-
-    Send the shutdown message to the Connection. Returns true if the shutdown
-    message exchange is completed and false otherwise (in which case you call
-    :py:meth:`recv` or :py:meth:`send` when the connection becomes
-    readable/writeable.
-
-
-.. py:method:: Connection.get_shutdown()
-
-    Get the shutdown state of the Connection.  Returns a bitvector of either or
-    both of *SENT_SHUTDOWN* and *RECEIVED_SHUTDOWN*.
-
-
-.. py:method:: Connection.set_shutdown(state)
-
-    Set the shutdown state of the Connection.  *state* is a bitvector of
-    either or both of *SENT_SHUTDOWN* and *RECEIVED_SHUTDOWN*.
-
-
-.. py:method:: Connection.sock_shutdown(how)
-
-    Call the :py:meth:`shutdown` method of the underlying socket.
-
-
-.. py:method:: Connection.bio_shutdown()
-
-    If the Connection was created with a memory BIO, this method can be used to
-    indicate that *end of file* has been reached on the read end of that memory
-    BIO.
-
-
-.. automethod:: Connection.get_state_string
-
-.. py:method:: Connection.client_random()
-
-    Retrieve the random value used with the client hello message.
-
-
-.. py:method:: Connection.server_random()
-
-    Retrieve the random value used with the server hello message.
-
-
-.. py:method:: Connection.master_key()
-
-    Retrieve the value of the master key for this session.
-
-
-.. py:method:: Connection.want_read()
-
-    Checks if more data has to be read from the transport layer to complete an
-    operation.
-
-
-.. py:method:: Connection.want_write()
-
-    Checks if there is data to write to the transport layer to complete an
-    operation.
-
-
-.. py:method:: Connection.set_tlsext_host_name(name)
-
-    Specify the byte string to send as the server name in the client hello message.
-
-    .. versionadded:: 0.13
-
-
-.. py:method:: Connection.get_servername()
-
-    Get the value of the server name received in the client hello message.
-
-    .. versionadded:: 0.13
-
-
-.. py:method:: Connection.get_session()
-
-    Get a :py:class:`Session` instance representing the SSL session in use by
-    the connection, or :py:obj:`None` if there is no session.
-
-    .. versionadded:: 0.14
-
-
-.. py:method:: Connection.set_session(session)
-
-    Set a new SSL session (using a :py:class:`Session` instance) to be used by
-    the connection.
-
-    .. versionadded:: 0.14
-
-
-.. py:method:: Connection.get_finished()
-
-    Obtain latest TLS Finished message that we sent, or :py:obj:`None` if
-    handshake is not completed.
-
-    .. versionadded:: 0.15
-
-
-.. py:method:: Connection.get_peer_finished()
-
-    Obtain latest TLS Finished message that we expected from peer, or
-    :py:obj:`None` if handshake is not completed.
-
-    .. versionadded:: 0.15
-
-
-.. py:method:: Connection.get_cipher_name()
-
-    Obtain the name of the currently used cipher.
-
-    .. versionadded:: 0.15
-
-
-.. py:method:: Connection.get_cipher_bits()
-
-    Obtain the number of secret bits of the currently used cipher.
-
-    .. versionadded:: 0.15
-
-
-.. py:method:: Connection.get_cipher_version()
-
-    Obtain the protocol name of the currently used cipher.
-
-    .. versionadded:: 0.15
-
-
-.. py:method:: Connection.get_next_proto_negotiated():
-
-    Get the protocol that was negotiated by Next Protocol Negotiation. Returns
-    a bytestring of the protocol name. If no protocol has been negotiated yet,
-    returns an empty string.
-
-    .. versionadded:: 0.15
-
-.. py:method:: Connection.set_alpn_protos(protos)
-
-    Specify the protocols that the client is prepared to speak after the TLS
-    connection has been negotiated using Application Layer Protocol
-    Negotiation.
-
-    *protos* should be a list of protocols that the client is offering, each
-    as a bytestring. For example, ``[b'http/1.1', b'spdy/2']``.
-
-
-.. py:method:: Connection.get_alpn_proto_negotiated()
-
-    Get the protocol that was negotiated by Application Layer Protocol
-    Negotiation. Returns a bytestring of the protocol name. If no protocol has
-    been negotiated yet, returns an empty string.
+.. autoclass:: OpenSSL.SSL.Connection
+               :members:
 
 
 .. Rubric:: Footnotes