support specifying tls client keypair

This commit is contained in:
jesopo 2023-02-06 19:42:27 +00:00
parent 0435404ec3
commit 9a2f2156fe
3 changed files with 8 additions and 1 deletions

View File

@ -3,3 +3,4 @@ from .server import Server
from .params import (ConnectionParams, SASLUserPass, SASLExternal, SASLSCRAM,
STSPolicy, ResumePolicy)
from .ircv3 import Capability
from .security import TLS

View File

@ -1,7 +1,10 @@
import ssl
from dataclasses import dataclass
from typing import Optional, Tuple
@dataclass
class TLS:
pass
client_keypair: Optional[Tuple[str, str]] = None
# tls without verification
class TLSNoVerify(TLS):

View File

@ -43,6 +43,9 @@ class TCPTransport(ITCPTransport):
cur_ssl: Optional[SSLContext] = None
if tls is not None:
cur_ssl = tls_context(not isinstance(tls, TLSNoVerify))
if tls.client_keypair is not None:
(client_cert, client_key) = tls.client_keypair
cur_ssl.load_cert_chain(client_cert, keyfile=client_key)
local_addr: Optional[Tuple[str, int]] = None
if not bindhost is None: