def _parseClientSSLOptions(kwargs):
"""
Parse common arguments for SSL endpoints, creating an L{CertificateOptions}
instance.
@param kwargs: A dict of keyword arguments to be parsed, potentially
containing keys C{certKey}, C{privateKey}, C{caCertsDir}, and
C{hostname}. See L{_parseClientSSL}.
@type kwargs: L{dict}
@return: The remaining arguments, including a new key C{sslContextFactory}.
"""
hostname = kwargs.pop('hostname', None)
clientCertificate = _privateCertFromPaths(kwargs.pop('certKey', None),
kwargs.pop('privateKey', None))
trustRoot = _parseTrustRootPath(kwargs.pop('caCertsDir', None))
if hostname is not None:
configuration = optionsForClientTLS(
_idnaText(hostname), trustRoot=trustRoot,
clientCertificate=clientCertificate
)
else:
# _really_ though, you should specify a hostname.
if clientCertificate is not None:
privateKeyOpenSSL = clientCertificate.privateKey.original
certificateOpenSSL = clientCertificate.original
else:
privateKeyOpenSSL = None
certificateOpenSSL = None
configuration = CertificateOptions(
trustRoot=trustRoot,
privateKey=privateKeyOpenSSL,
certificate=certificateOpenSSL,
)
kwargs['sslContextFactory'] = configuration
return kwargs
评论列表
文章目录
