aboutsummaryrefslogtreecommitdiffstats
path: root/netlib/tcp.py
diff options
context:
space:
mode:
authorAldo Cortesi <aldo@nullcube.com>2014-03-07 16:38:50 +1300
committerAldo Cortesi <aldo@nullcube.com>2014-03-07 16:38:50 +1300
commit2a12aa3c47d57cc2d3a36f6726a5f081ca493457 (patch)
treef3522a95be2533f893859e940e23383b5591f6df /netlib/tcp.py
parent52b14aa1d1bbeb3e2b8c62ee9939b9575ee1840f (diff)
downloadmitmproxy-2a12aa3c47d57cc2d3a36f6726a5f081ca493457.tar.gz
mitmproxy-2a12aa3c47d57cc2d3a36f6726a5f081ca493457.tar.bz2
mitmproxy-2a12aa3c47d57cc2d3a36f6726a5f081ca493457.zip
Support Ephemeral Diffie-Hellman
Diffstat (limited to 'netlib/tcp.py')
-rw-r--r--netlib/tcp.py7
1 files changed, 6 insertions, 1 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py
index 83059bc2..078ac497 100644
--- a/netlib/tcp.py
+++ b/netlib/tcp.py
@@ -339,7 +339,10 @@ class BaseHandler(_Connection):
self.ssl_established = False
self.clientcert = None
- def convert_to_ssl(self, cert, key, method=SSLv23_METHOD, options=None, handle_sni=None, request_client_cert=False, cipher_list=None):
+ def convert_to_ssl(self, cert, key,
+ method=SSLv23_METHOD, options=None, handle_sni=None,
+ request_client_cert=False, cipher_list=None, dhparams=None
+ ):
"""
cert: A certutils.SSLCert object.
method: One of SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, or TLSv1_METHOD
@@ -377,6 +380,8 @@ class BaseHandler(_Connection):
ctx.set_tlsext_servername_callback(handle_sni)
ctx.use_privatekey(key)
ctx.use_certificate(cert.x509)
+ if dhparams:
+ SSL._lib.SSL_CTX_set_tmp_dh(ctx._context, dhparams)
if request_client_cert:
def ver(*args):
self.clientcert = certutils.SSLCert(args[1])
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-05 10:05:29 +0000