diff options
author | Lance Stout <lancestout@gmail.com> | 2012-07-29 21:28:31 -0700 |
---|---|---|
committer | Lance Stout <lancestout@gmail.com> | 2012-07-30 19:15:10 -0700 |
commit | 167d1ce97b35e5b0e9a4aed613617cbfa29298dd (patch) | |
tree | 2919a089d1f62e7b92feca39b128f151239ac29a /sleekxmpp/xmlstream | |
parent | 695cd95657585006a696243a1c8249f9d90b506e (diff) | |
download | slixmpp-167d1ce97b35e5b0e9a4aed613617cbfa29298dd.tar.gz slixmpp-167d1ce97b35e5b0e9a4aed613617cbfa29298dd.tar.bz2 slixmpp-167d1ce97b35e5b0e9a4aed613617cbfa29298dd.tar.xz slixmpp-167d1ce97b35e5b0e9a4aed613617cbfa29298dd.zip |
Add fields for setting client cert and key for SASL EXTERNAL.
Diffstat (limited to 'sleekxmpp/xmlstream')
-rw-r--r-- | sleekxmpp/xmlstream/xmlstream.py | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/sleekxmpp/xmlstream/xmlstream.py b/sleekxmpp/xmlstream/xmlstream.py index 4cc9e169..51dc25ed 100644 --- a/sleekxmpp/xmlstream/xmlstream.py +++ b/sleekxmpp/xmlstream/xmlstream.py @@ -138,6 +138,15 @@ class XMLStream(object): #: be consulted, even if they are not in the provided file. self.ca_certs = None + #: Path to a file containing a client certificate to use for + #: authenticating via SASL EXTERNAL. If set, there must also + #: be a corresponding `:attr:keyfile` value. + self.certfile = None + + #: Path to a file containing the private key for the selected + #: client certificate to use for authenticating via SASL EXTERNAL. + self.keyfile = None + #: The time in seconds to wait for events from the event queue, #: and also the time between checks for the process stop signal. self.wait_timeout = WAIT_TIMEOUT @@ -499,6 +508,8 @@ class XMLStream(object): cert_policy = ssl.CERT_REQUIRED ssl_socket = ssl.wrap_socket(self.socket, + certfile=self.certfile, + keyfile=self.keyfile, ca_certs=self.ca_certs, cert_reqs=cert_policy, do_handshake_on_connect=False) @@ -799,6 +810,8 @@ class XMLStream(object): cert_policy = ssl.CERT_REQUIRED ssl_socket = ssl.wrap_socket(self.socket, + certfile=self.certfile, + keyfile=self.keyfile, ssl_version=self.ssl_version, do_handshake_on_connect=False, ca_certs=self.ca_certs, |