[Twisted-Python] Detect SSL transport and get remote peer certificate in tcp.Server

Adi Roiban adi at roiban.ro
Wed Jun 13 06:39:42 EDT 2012


Hi,

I work at an experimental FTPS implementation for twisted.protocol.ftp

I use the following code for checking that the transport has TLS
started and to get the client certificate for certificate based
authentication:

    @property
    def is_ftps_command_active(self):
        '''Return `True` if current command connection is using SSL.'''
        return isinstance(self.transport.socket, SSL.Connection)

    def getPeerCertificate(self):
        '''Return the peer certificate if remote peer is on a SSL connection
        and has sent us a certificate.
        Return `None` otherwise.
        '''
        if not hasattr(self.transport, 'socket'):
            return None
        if not self.is_ftps_command_active:
            return None
        return self.transport.socket.get_peer_certificate()

The code works with Twisted 10, but after the Twisted TLS refactoring
in Twisted 12, the transport no longer uses a SSL.Connection.

Is there a way to get the remote peer certificate of a TLS transport
in Twisted 12?

Is there a way to check whether or not the transport has SSL enabled or not?

Many thanks!

-- 
Adi Roiban



More information about the Twisted-Python mailing list