ssl.OP_NO_SSLv2

ssl.OP_NO_SSLv2 Prevents an SSLv2 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing SSLv2 as the protocol version. New in version 3.2.

ssl.MemoryBIO.write_eof()

write_eof() Write an EOF marker to the memory BIO. After this method has been called, it is illegal to call write(). The attribute eof will become true after all data currently in the buffer has been read.

ssl.MemoryBIO.write()

write(buf) Write the bytes from buf to the memory BIO. The buf argument must be an object supporting the buffer protocol. The return value is the number of bytes written, which is always equal to the length of buf.

ssl.MemoryBIO.read()

read(n=-1) Read up to n bytes from the memory buffer. If n is not specified or negative, all bytes are returned.

ssl.MemoryBIO.pending

pending Return the number of bytes currently in the memory buffer.

ssl.MemoryBIO.eof

eof A boolean indicating whether the memory BIO is current at the end-of-file position.

ssl.MemoryBIO

class ssl.MemoryBIO A memory buffer that can be used to pass data between Python and an SSL protocol instance. pending Return the number of bytes currently in the memory buffer. eof A boolean indicating whether the memory BIO is current at the end-of-file position. read(n=-1) Read up to n bytes from the memory buffer. If n is not specified or negative, all bytes are returned. write(buf) Write the bytes from buf to the memory BIO. The buf argument must be an object suppor

ssl.match_hostname()

ssl.match_hostname(cert, hostname) Verify that cert (in decoded format as returned by SSLSocket.getpeercert()) matches the given hostname. The rules applied are those for checking the identity of HTTPS servers as outlined in RFC 2818 and RFC 6125. In addition to HTTPS, this function should be suitable for checking the identity of servers in various SSL-based protocols such as FTPS, IMAPS, POPS and others. CertificateError is raised on failure. On success, the function returns nothing: >&g

ssl.get_server_certificate()

ssl.get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None) Given the address addr of an SSL-protected server, as a (hostname, port-number) pair, fetches the server’s certificate, and returns it as a PEM-encoded string. If ssl_version is specified, uses that version of the SSL protocol to attempt to connect to the server. If ca_certs is specified, it should be a file containing a list of root certificates, the same format as used for the same parameter in wrap_socket(). The

ssl.get_default_verify_paths()

ssl.get_default_verify_paths() Returns a named tuple with paths to OpenSSL’s default cafile and capath. The paths are the same as used by SSLContext.set_default_verify_paths(). The return value is a named tuple DefaultVerifyPaths: cafile - resolved path to cafile or None if the file doesn’t exist, capath - resolved path to capath or None if the directory doesn’t exist, openssl_cafile_env - OpenSSL’s environment key that points to a cafile, openssl_cafile - hard coded path to a cafile, o