[Twisted-Python] Determine TLS version from within request handler ? (twisted web)

[Rob Meijer]

I'm using twisted web for an https connection. At first I start with
creating and configuring a ssl.DefaultOpenSSLContextFactory derived class
that disables SSLv2 and SSLv3. So (basically we're left with TLS1.0 and
up) and forces the use of a single strong (non RC4 but BEAST vulnerable)
cipher.

Than I have a http.HTTPFactory derived class with a 'buildProtocol'that
return a http.HTTPChannel derived object, that in turn returns a
http.Request derived object.

Than reactor.listenSSL is invoked with both the SSL factory and the HTTP
factory. Now my problem. I don't really understand how these two are
connected once the request handler gets invoked.

What I would like to do is that I would want to allow TLS1.0 users to use
the server, but only after explicitly agreeing that they understand the
risks involved with using an old BEAST vulnerable browser.

Is there any way to retrieve info on what TLS version has been negotiated
from within the HTTP request handler? I've been walking the 'self' object
a bit, and self.transport.getHandle() seems to have some tls stuff like
'get_cipher_list' and 'get_peer_certificate', but the simple TLS version
number does not seem to be available.

Is the twisted web API simply insuficient to retreive this information
from within the request handler, or am I missing something here?

T.I.A,

Rob