SSLSocket.get_channel_binding(cb_type="tls-unique") Get channel binding data for current connection, as a bytes object. Returns None if not connected or the handshake has not been completed. The cb_type parameter allow selection of the desired channel binding type. Valid channel binding types are listed in the CHANNEL_BINDING_TYPES list. Currently only the ‘tls-unique’ channel binding, defined by RFC 5929, is supported. ValueError will be raised if an unsupported channel binding type is requ

SSLSocket.pending() Returns the number of already decrypted bytes available for read, pending on the connection.

SSLSocket.selected_alpn_protocol() Return the protocol that was selected during the TLS handshake. If SSLContext.set_alpn_protocols() was not called, if the other party does not support ALPN, if this socket does not support any of the client’s proposed protocols, or if the handshake has not happened yet, None is returned. New in version 3.5.

SSLSocket.cipher() Returns a three-value tuple containing the name of the cipher being used, the version of the SSL protocol that defines its use, and the number of secret bits being used. If no connection has been established, returns None.

SSLSocket.context The SSLContext object this SSL socket is tied to. If the SSL socket was created using the top-level wrap_socket() function (rather than SSLContext.wrap_socket()), this is a custom context object created for this SSL socket. New in version 3.2.

SSLSocket.do_handshake() Perform the SSL setup handshake. Changed in version 3.4: The handshake method also performs match_hostname() when the check_hostname attribute of the socket’s context is true. Changed in version 3.5: The socket timeout is no more reset each time bytes are received or sent. The socket timeout is now to maximum total duration of the handshake.

SSLSocket.compression() Return the compression algorithm being used as a string, or None if the connection isn’t compressed. If the higher-level protocol supports its own compression mechanism, you can use OP_NO_COMPRESSION to disable SSL-level compression. New in version 3.3.

class ssl.SSLSocket(socket.socket) SSL sockets provide the following methods of Socket Objects: accept() bind() close() connect() detach() fileno() getpeername(), getsockname() getsockopt(), setsockopt() gettimeout(), settimeout(), setblocking() listen() makefile() recv(), recv_into() (but passing a non-zero flags argument is not allowed) send(), sendall() (with the same limitation) sendfile() (but os.sendfile will be used for plain-text sockets only, else send() will be used) shutd

class ssl.SSLObject A reduced-scope variant of SSLSocket representing an SSL protocol instance that does not contain any network IO methods. This class is typically used by framework authors that want to implement asynchronous IO for SSL through memory buffers. This class implements an interface on top of a low-level SSL object as implemented by OpenSSL. This object captures the state of an SSL connection but does not provide any network IO itself. IO needs to be performed through separate “

library A string mnemonic designating the OpenSSL submodule in which the error occurred, such as SSL, PEM or X509. The range of possible values depends on the OpenSSL version. New in version 3.3.