jshiffer/slixmpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

XMLStream: allow custom sslcontext provisioning (fixes #3582)

Browse Source 
For some applications that have strict requirements on blocking calls,
it might be beneficial to create the SSLContext in advance and
provide it to the client/componentxmpp instance that will be going
through kwargs until XMLStream.

The context will be reconfigured later on based on user parameters, but
it is highly recommended to set it up in a secure way.
This commit is contained in:
mathieui 2025-01-26 18:15:36 +01:00 committed by Link Mauve
parent 5ec378cccd
commit 0ff9e3661d
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
slixmpp/xmlstream/xmlstream.py
View File

@ -281,7 +281,8 @@ class XMLStream(asyncio.BaseProtocol):
__slow_tasks: List[Task] __slow_tasks: List[Task]
__queued_stanzas: List[Tuple[Union[StanzaBase, str], bool]] __queued_stanzas: List[Tuple[Union[StanzaBase, str], bool]]
def __init__(self, host: str = '', port: int = 0): def __init__(self, host: str = '', port: int = 0,
ssl_context: Optional[ssl.SSLContext] = None):
self.transport = None self.transport = None
self.socket = None self.socket = None
self._connect_loop_wait = 0 self._connect_loop_wait = 0
@ -298,9 +299,12 @@ class XMLStream(asyncio.BaseProtocol):
# A dict of {name: handle} # A dict of {name: handle}
self.scheduled_events = {} self.scheduled_events = {}
self.ssl_context = ssl.create_default_context() if ssl_context is None:
self.ssl_context.check_hostname = True self.ssl_context = ssl.create_default_context()
self.ssl_context.verify_mode = ssl.CERT_REQUIRED self.ssl_context.check_hostname = True
self.ssl_context.verify_mode = ssl.CERT_REQUIRED
else:
self.ssl_context = ssl_context
self.event_when_connected = "connected" self.event_when_connected = "connected"