Reputation: 715
Python Twisted How To Set the SSL Method for twisted.web.client.Agent using new IPolicyForHTTPS?
The Twisted howto docs for using Agent over SSL suggest using creating a ContextFactory, but the API docs for t.w.c.Agent show that the contextFactory argument is now supposed to be an object that implements t.w.i.IPolicyForHTTPS. The source code looks like it wraps old ContextFactories to implement the new interface, but it issues a deprecation warning.
How is one supposed to set the SSL method (e.g. SSLv3), using the new interface?
Using the old ContextFactory, I can understand where my code can receive a PyOpenSSL OpenSSL.SSL.Context and set the SSL method using that object. Using the new interface, it is not clear to me where my code can set the SSL method.
Upvotes: 2
Views: 1178
Answers (1)
Reputation: 26
If you really need to set the SSL method (the default is TLS 1.0 or higher), you will need to subclass twisted.web.client.BrowserLikePolicyForHTTPS (untested):
from OpenSSL import SSL
from twisted.internet import reactor, ssl
from twisted.web import client
class MyPolicy(client.BrowserLikePolicyForHTTPS):
def creatorForNetloc(self, hostname, port):
return ssl.optionsForClientTLS(
hostname.decode("ascii"),
extraCertificateOptions={'method': SSL.SSLv3_METHOD},
trustRoot=self._trustRoot
)
myAgent = client.Agent(reactor, contextFactory=MyPolicy())
Upvotes: 1
Related Questions
- Disable SSL certificate check Twisted Agents
- Python Twisted framework HTTP client
- How can I add SSL capabilities in twisted portforward proxy
- HTTPS request in twisted that checks the certificate
- Twisted Python How To Create a twisted.web.client.BrowserLikePolicyForHTTPS with a custom trustRoot?
- Can SSL context options be set when using Twisted endpoints?
- Convert HTTP Proxy to HTTPS Proxy in Twisted
- twisted passing certificate to ssl handler
- Access socket options for twisted.web.client.Agent
- Making HTTPS Requests in Twisted