SSLSocket.pending() Returns the number of already decrypted bytes available for read, pending on the connection.

SSLSocket.get_channel_binding(cb_type="tls-unique") Get channel binding data for current connection, as a bytes object. Returns None if not connected or the handshake has not been completed. The cb_type parameter allow selection of the desired channel binding type. Valid channel binding types are listed in the CHANNEL_BINDING_TYPES list. Currently only the ‘tls-unique’ channel binding, defined by RFC 5929, is supported. ValueError will be raised if an unsupported channel binding type is requ

SSLSocket.getpeercert(binary_form=False) If there is no certificate for the peer on the other end of the connection, return None. If the SSL handshake hasn’t been done yet, raise ValueError. If the binary_form parameter is False, and a certificate was received from the peer, this method returns a dict instance. If the certificate was not validated, the dict is empty. If the certificate was validated, it returns a dict with several keys, amongst them subject (the principal for which the certi

SSLSocket.do_handshake() Perform the SSL setup handshake. Changed in version 3.4: The handshake method also performs match_hostname() when the check_hostname attribute of the socket’s context is true. Changed in version 3.5: The socket timeout is no more reset each time bytes are received or sent. The socket timeout is now to maximum total duration of the handshake.

SSLSocket.context The SSLContext object this SSL socket is tied to. If the SSL socket was created using the top-level wrap_socket() function (rather than SSLContext.wrap_socket()), this is a custom context object created for this SSL socket. New in version 3.2.

SSLSocket.compression() Return the compression algorithm being used as a string, or None if the connection isn’t compressed. If the higher-level protocol supports its own compression mechanism, you can use OP_NO_COMPRESSION to disable SSL-level compression. New in version 3.3.

SSLSocket.cipher() Returns a three-value tuple containing the name of the cipher being used, the version of the SSL protocol that defines its use, and the number of secret bits being used. If no connection has been established, returns None.

class ssl.SSLSocket(socket.socket) SSL sockets provide the following methods of Socket Objects: accept() bind() close() connect() detach() fileno() getpeername(), getsockname() getsockopt(), setsockopt() gettimeout(), settimeout(), setblocking() listen() makefile() recv(), recv_into() (but passing a non-zero flags argument is not allowed) send(), sendall() (with the same limitation) sendfile() (but os.sendfile will be used for plain-text sockets only, else send() will be used) shutd

class ssl.SSLObject A reduced-scope variant of SSLSocket representing an SSL protocol instance that does not contain any network IO methods. This class is typically used by framework authors that want to implement asynchronous IO for SSL through memory buffers. This class implements an interface on top of a low-level SSL object as implemented by OpenSSL. This object captures the state of an SSL connection but does not provide any network IO itself. IO needs to be performed through separate “

reason A string mnemonic designating the reason this error occurred, for example CERTIFICATE_VERIFY_FAILED. The range of possible values depends on the OpenSSL version. New in version 3.3.