Returns an ``ssl.SSLSocket`` wrapping the given socket. ``ssl_options`` may be either an `ssl.SSLContext` object or a dictionary (as accepted by `ssl_options_to_context`). Additional keyword arguments are passed to `ssl.SSLContext.wrap_socket`. .. versionchanged:: 6.2 Adde
(
socket: socket.socket,
ssl_options: Union[Dict[str, Any], ssl.SSLContext],
server_hostname: Optional[str] = None,
server_side: Optional[bool] = None,
**kwargs: Any,
)
| 641 | |
| 642 | |
| 643 | def ssl_wrap_socket( |
| 644 | socket: socket.socket, |
| 645 | ssl_options: Union[Dict[str, Any], ssl.SSLContext], |
| 646 | server_hostname: Optional[str] = None, |
| 647 | server_side: Optional[bool] = None, |
| 648 | **kwargs: Any, |
| 649 | ) -> ssl.SSLSocket: |
| 650 | """Returns an ``ssl.SSLSocket`` wrapping the given socket. |
| 651 | |
| 652 | ``ssl_options`` may be either an `ssl.SSLContext` object or a |
| 653 | dictionary (as accepted by `ssl_options_to_context`). Additional |
| 654 | keyword arguments are passed to `ssl.SSLContext.wrap_socket`. |
| 655 | |
| 656 | .. versionchanged:: 6.2 |
| 657 | |
| 658 | Added server_side argument. Omitting this argument will |
| 659 | result in a DeprecationWarning on Python 3.10. |
| 660 | """ |
| 661 | context = ssl_options_to_context(ssl_options, server_side=server_side) |
| 662 | if server_side is None: |
| 663 | server_side = False |
| 664 | assert ssl.HAS_SNI |
| 665 | # TODO: add a unittest for hostname validation (python added server-side SNI support in 3.4) |
| 666 | # In the meantime it can be manually tested with |
| 667 | # python3 -m tornado.httpclient https://sni.velox.ch |
| 668 | return context.wrap_socket( |
| 669 | socket, server_hostname=server_hostname, server_side=server_side, **kwargs |
| 670 | ) |