mirror of https://github.com/jesopo/ircrobots
support specifying tls client keypair
This commit is contained in:
parent
0435404ec3
commit
9a2f2156fe
|
@ -3,3 +3,4 @@ from .server import Server
|
||||||
from .params import (ConnectionParams, SASLUserPass, SASLExternal, SASLSCRAM,
|
from .params import (ConnectionParams, SASLUserPass, SASLExternal, SASLSCRAM,
|
||||||
STSPolicy, ResumePolicy)
|
STSPolicy, ResumePolicy)
|
||||||
from .ircv3 import Capability
|
from .ircv3 import Capability
|
||||||
|
from .security import TLS
|
||||||
|
|
|
@ -1,7 +1,10 @@
|
||||||
import ssl
|
import ssl
|
||||||
|
from dataclasses import dataclass
|
||||||
|
from typing import Optional, Tuple
|
||||||
|
|
||||||
|
@dataclass
|
||||||
class TLS:
|
class TLS:
|
||||||
pass
|
client_keypair: Optional[Tuple[str, str]] = None
|
||||||
|
|
||||||
# tls without verification
|
# tls without verification
|
||||||
class TLSNoVerify(TLS):
|
class TLSNoVerify(TLS):
|
||||||
|
|
|
@ -43,6 +43,9 @@ class TCPTransport(ITCPTransport):
|
||||||
cur_ssl: Optional[SSLContext] = None
|
cur_ssl: Optional[SSLContext] = None
|
||||||
if tls is not None:
|
if tls is not None:
|
||||||
cur_ssl = tls_context(not isinstance(tls, TLSNoVerify))
|
cur_ssl = tls_context(not isinstance(tls, TLSNoVerify))
|
||||||
|
if tls.client_keypair is not None:
|
||||||
|
(client_cert, client_key) = tls.client_keypair
|
||||||
|
cur_ssl.load_cert_chain(client_cert, keyfile=client_key)
|
||||||
|
|
||||||
local_addr: Optional[Tuple[str, int]] = None
|
local_addr: Optional[Tuple[str, int]] = None
|
||||||
if not bindhost is None:
|
if not bindhost is None:
|
||||||
|
|
Loading…
Reference in New Issue