diff options
author | Cory Benfield <lukasaoz@gmail.com> | 2016-03-29 11:21:04 +0100 |
---|---|---|
committer | Cory Benfield <lukasaoz@gmail.com> | 2016-03-29 11:21:04 +0100 |
commit | e6f3588e88eb8073384fd59009c37b4ad7f51d9b (patch) | |
tree | 9f2886c80b9f59677e40f5074688b19d59a1e885 /src/OpenSSL/SSL.py | |
parent | d16b93b43373f3bee6652495b8a379a2fc3b79c4 (diff) | |
download | pyopenssl-e6f3588e88eb8073384fd59009c37b4ad7f51d9b.tar.gz |
Raise NotImplementedError when SNI not present.
Diffstat (limited to 'src/OpenSSL/SSL.py')
-rw-r--r-- | src/OpenSSL/SSL.py | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py index 800ae1e..9eac166 100644 --- a/src/OpenSSL/SSL.py +++ b/src/OpenSSL/SSL.py @@ -436,6 +436,22 @@ def _requires_alpn(func): return wrapper +def _requires_sni(func): + """ + Wraps any function that requires SNI support in OpenSSL, ensuring that + NotImplementedError is raised if SNI support is not present. This applies + to OpenSSL versions older than 1.0.0. + """ + @wraps(func) + def wrapper(*args, **kwargs): + if not _lib.Cryptography_HAS_TLSEXT_HOSTNAME: + raise NotImplementedError("SNI not available: OpenSSL too old.") + + return func(*args, **kwargs) + + return wrapper + + class Session(object): pass @@ -991,6 +1007,7 @@ class Context(object): return _lib.SSL_CTX_set_mode(self._context, mode) + @_requires_sni def set_tlsext_servername_callback(self, callback): """ Specify a callback function to be called when clients specify a server @@ -1209,6 +1226,7 @@ class Connection(object): _lib.SSL_set_SSL_CTX(self._ssl, context._context) self._context = context + @_requires_sni def get_servername(self): """ Retrieve the servername extension value if provided in the client hello @@ -1224,6 +1242,7 @@ class Connection(object): return _ffi.string(name) + @_requires_sni def set_tlsext_host_name(self, name): """ Set the value of the servername extension to send in the client hello. |