Add Context.set_tlsext_use_srtp (#734)

This allows negotiating SRTP keying material, which is useful when using DTLS-SRTP, as WebRTC does for example.
author: Jeremy Lainé <jeremy.laine@m4x.org> 2018-05-16 18:33:25 +0200
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2018-05-16 12:33:25 -0400
commit: 02261ad7a51f8cad31c548a67f8406a1ef5ff052 (patch)
tree: 51394a24919278755e2c09872f17ab4802758004 /src/OpenSSL/SSL.py
parent: 7cc15e8ce33f63cd09ba7f158b3ed9e4ed2aec92 (diff)
download: pyopenssl-02261ad7a51f8cad31c548a67f8406a1ef5ff052.tar.gz
1 files changed, 15 insertions, 0 deletions
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
index 1bf6450..8d8cfe3 100644
--- a/src/OpenSSL/SSL.py
+++ b/src/OpenSSL/SSL.py
@@ -1371,6 +1371,21 @@ class Context(object):
         _lib.SSL_CTX_set_tlsext_servername_callback(
             self._context, self._tlsext_servername_callback)
 
+    def set_tlsext_use_srtp(self, profiles):
+        """
+        Enable support for negotiating SRTP keying material.
+
+        :param bytes profiles: A colon delimited list of protection profile
+            names, like ``b'SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32'``.
+        :return: None
+        """
+        if not isinstance(profiles, bytes):
+            raise TypeError("profiles must be a byte string.")
+
+        _openssl_assert(
+            _lib.SSL_CTX_set_tlsext_use_srtp(self._context, profiles) == 0
+        )
+
     @_requires_npn
     def set_npn_advertise_callback(self, callback):
         """
author	Jeremy Lainé <jeremy.laine@m4x.org>	2018-05-16 18:33:25 +0200
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2018-05-16 12:33:25 -0400
commit	02261ad7a51f8cad31c548a67f8406a1ef5ff052 (patch)
tree	51394a24919278755e2c09872f17ab4802758004 /src/OpenSSL/SSL.py
parent	7cc15e8ce33f63cd09ba7f158b3ed9e4ed2aec92 (diff)
download	pyopenssl-02261ad7a51f8cad31c548a67f8406a1ef5ff052.tar.gz