Home
Ratchet Library :: API Reference
API  ·  Manual

Module ratchet.ssl.session

The ssl.session library provides an SSL encryption session. This session will apply to one encrypted session, such as a socket. These objects are not created directly, but are returned by ssl:create_session(). These functions can fail, see error handling section in manual for details.

Functions

client_handshake (self) Initiates the encryption handshake for the client-side connection, e.g.
get_cipher (self) Gets the current SSL cipher.
get_engine (self) Returns the communication engine powering the encrypted session, generally a socket object.
get_rfc2253 (self) Gets a RFC 2253 string representation of the remote peer certificate.
read (self, maxlen) Reads data on the encrypted session.
server_handshake (self) Initiates the encryption handshake for the server-side connection, e.g.
shutdown (self, the) Initiates a clean shutdown of the encryption session.
verify_certificate (self, host) Checks the remote peer's certificate against the trusted CAs, and optionally checks that Common-Name field of the certificate matches the given host.
write (self, data) Writes data on the encrypted session.


Functions

client_handshake (self)
Initiates the encryption handshake for the client-side connection, e.g. the socket that ran connect().

Parameters

  • self: the ssl session object.
get_cipher (self)
Gets the current SSL cipher.

Parameters

  • self: the ssl session object.

Return value:

current cipher name.
get_engine (self)
Returns the communication engine powering the encrypted session, generally a socket object.

Parameters

  • self: the ssl session object.

Return value:

the communication engine object.
get_rfc2253 (self)
Gets a RFC 2253 string representation of the remote peer certificate.

Parameters

  • self: the ssl session object.

Return value:

see RFC 2253.
read (self, maxlen)
Reads data on the encrypted session. This method is rarely called directly, as it is usually called by the communication engine itself. For example, with socket objects, calling recv() after encrypt() will actually call this method. The return value will be an empty string if the other side has shut down.

Parameters

  • self: the ssl session object.
  • maxlen: optional maximum number of bytes to read.

Return value:

string of data received on the session, or nil on timeout.
server_handshake (self)
Initiates the encryption handshake for the server-side connection, e.g. the socket returned by accept().

Parameters

  • self: the ssl session object.
shutdown (self, the)
Initiates a clean shutdown of the encryption session.

Parameters

  • self:
  • the: ssl session object.
verify_certificate (self, host)
Checks the remote peer's certificate against the trusted CAs, and optionally checks that Common-Name field of the certificate matches the given host.

Parameters

  • self: the ssl session object.
  • host: optional host to compare against "Common Name" field(s).

Return value:

a boolean if the peer provided a certificate, a boolean if the peer's certificate verified, and a boolean if host is provided and matches the certificate's "Common Name" field(s).
write (self, data)
Writes data on the encrypted session. This method is rarely called directly, as it is usually called by the communication engine itself. For example, with socket objects, calling send() after encrypt() will actually call this method.

Parameters

  • self: the ssl session object.
  • data: the data to send on the session.

Return value:

true if sent successfully, nil on timeout.