XMLStream: allow custom sslcontext provisioning (fixes #3582)

For some applications that have strict requirements on blocking calls, it might be beneficial to create the SSLContext in advance and provide it to the client/componentxmpp instance that will be going through kwargs until XMLStream. The context will be reconfigured later on based on user parameters, but it is highly recommended to set it up in a secure way.
2025-01-26 18:15:36 +01:00 · 2025-01-26 18:15:36 +01:00 · 0ff9e3661d
commit 0ff9e3661d
parent 5ec378cccd
1 changed files with 8 additions and 4 deletions
--- a/slixmpp/xmlstream/xmlstream.py
+++ b/slixmpp/xmlstream/xmlstream.py
@ -281,7 +281,8 @@ class XMLStream(asyncio.BaseProtocol):
    __slow_tasks: List[Task]
    __queued_stanzas: List[Tuple[Union[StanzaBase, str], bool]]

-    def __init__(self, host: str = '', port: int = 0):
+    def __init__(self, host: str = '', port: int = 0,
+                 ssl_context: Optional[ssl.SSLContext] = None):
        self.transport = None
        self.socket = None
        self._connect_loop_wait = 0
@ -298,9 +299,12 @@ class XMLStream(asyncio.BaseProtocol):
        # A dict of {name: handle}
        self.scheduled_events = {}

+        if ssl_context is None:
            self.ssl_context = ssl.create_default_context()
            self.ssl_context.check_hostname = True
            self.ssl_context.verify_mode = ssl.CERT_REQUIRED
+        else:
+            self.ssl_context = ssl_context

        self.event_when_connected = "connected"