diff options
author | Maximilian Hils <git@maximilianhils.com> | 2022-05-13 05:53:44 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-05-13 11:53:44 +0800 |
commit | b31622b369618746e54242ebfcc305154bf0ef59 (patch) | |
tree | 282921166cdadf03476a6c12d960dd92bb42751e /src/OpenSSL | |
parent | 3e4d61ab10a74510dd14b232d46d5eed87eddd09 (diff) | |
download | pyopenssl-b31622b369618746e54242ebfcc305154bf0ef59.tar.gz |
add `Connection.set_verify`, fix #255 (#1073)
* add `Connection.set_verify`, fix #255
* show that it works with cryptography main
* Revert "show that it works with cryptography main"
This reverts commit fb0136a8e5aa5d2c6e0c16f8f4ecee2f3c72a16b.
* make it black
Diffstat (limited to 'src/OpenSSL')
-rw-r--r-- | src/OpenSSL/SSL.py | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py index d100e6c..f470460 100644 --- a/src/OpenSSL/SSL.py +++ b/src/OpenSSL/SSL.py @@ -1745,6 +1745,35 @@ class Connection: return _ffi.string(name) + def set_verify(self, mode, callback=None): + """ + Override the Context object's verification flags for this specific + connection. See :py:meth:`Context.set_verify` for details. + """ + if not isinstance(mode, int): + raise TypeError("mode must be an integer") + + if callback is None: + self._verify_helper = None + self._verify_callback = None + _lib.SSL_set_verify(self._ssl, mode, _ffi.NULL) + else: + if not callable(callback): + raise TypeError("callback must be callable") + + self._verify_helper = _VerifyHelper(callback) + self._verify_callback = self._verify_helper.callback + _lib.SSL_set_verify(self._ssl, mode, self._verify_callback) + + def get_verify_mode(self): + """ + Retrieve the Connection object's verify mode, as set by + :meth:`set_verify`. + + :return: The verify mode + """ + return _lib.SSL_get_verify_mode(self._ssl) + def set_ciphertext_mtu(self, mtu): """ For DTLS, set the maximum UDP payload size (*not* including IP/UDP |