Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
C
cpython
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
cpython
Commits
a675c8b1
Commit
a675c8b1
authored
Jan 04, 2015
by
Benjamin Peterson
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
allow a SSLContext to be given to ftplib.FTP_TLS
parent
1eef4307
Changes
4
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
120 additions
and
37 deletions
+120
-37
Doc/library/ftplib.rst
Doc/library/ftplib.rst
+13
-5
Lib/ftplib.py
Lib/ftplib.py
+17
-5
Lib/test/test_ftplib.py
Lib/test/test_ftplib.py
+88
-27
Misc/NEWS
Misc/NEWS
+2
-0
No files found.
Doc/library/ftplib.rst
View file @
a675c8b1
...
@@ -55,18 +55,26 @@ The module defines the following items:
...
@@ -55,18 +55,26 @@ The module defines the following items:
*timeout* was added.
*timeout* was added.
.. class:: FTP_TLS([host[, user[, passwd[, acct[, keyfile[, certfile[,
timeout
]]]]]]])
.. class:: FTP_TLS([host[, user[, passwd[, acct[, keyfile[, certfile[,
context[, timeout]
]]]]]]])
A :class:`FTP` subclass which adds TLS support to FTP as described in
A :class:`FTP` subclass which adds TLS support to FTP as described in
:rfc:`4217`.
:rfc:`4217`.
Connect as usual to port 21 implicitly securing the FTP control connection
Connect as usual to port 21 implicitly securing the FTP control connection
before authenticating. Securing the data connection requires the user to
before authenticating. Securing the data connection requires the user to
explicitly ask for it by calling the :meth:`prot_p` method.
explicitly ask for it by calling the :meth:`prot_p` method. *context*
*keyfile* and *certfile* are optional -- they can contain a PEM formatted
is a :class:`ssl.SSLContext` object which allows bundling SSL configuration
private key and certificate chain file name for the SSL connection.
options, certificates and private keys into a single (potentially
long-lived) structure. Please read :ref:`ssl-security` for best practices.
*keyfile* and *certfile* are a legacy alternative to *context* -- they
can point to PEM-formatted private key and certificate chain files
(respectively) for the SSL connection.
.. versionadded:: 2.7
.. versionadded:: 2.7
.. versionchanged:: 2.7.10
The *context* parameter was added.
Here's a sample session using the :class:`FTP_TLS` class:
Here's a sample session using the :class:`FTP_TLS` class:
>>> from ftplib import FTP_TLS
>>> from ftplib import FTP_TLS
...
...
Lib/ftplib.py
View file @
a675c8b1
...
@@ -641,9 +641,21 @@ else:
...
@@ -641,9 +641,21 @@ else:
ssl_version
=
ssl
.
PROTOCOL_SSLv23
ssl_version
=
ssl
.
PROTOCOL_SSLv23
def
__init__
(
self
,
host
=
''
,
user
=
''
,
passwd
=
''
,
acct
=
''
,
keyfile
=
None
,
def
__init__
(
self
,
host
=
''
,
user
=
''
,
passwd
=
''
,
acct
=
''
,
keyfile
=
None
,
certfile
=
None
,
timeout
=
_GLOBAL_DEFAULT_TIMEOUT
):
certfile
=
None
,
context
=
None
,
timeout
=
_GLOBAL_DEFAULT_TIMEOUT
,
source_address
=
None
):
if
context
is
not
None
and
keyfile
is
not
None
:
raise
ValueError
(
"context and keyfile arguments are mutually "
"exclusive"
)
if
context
is
not
None
and
certfile
is
not
None
:
raise
ValueError
(
"context and certfile arguments are mutually "
"exclusive"
)
self
.
keyfile
=
keyfile
self
.
keyfile
=
keyfile
self
.
certfile
=
certfile
self
.
certfile
=
certfile
if
context
is
None
:
context
=
ssl
.
_create_stdlib_context
(
self
.
ssl_version
,
certfile
=
certfile
,
keyfile
=
keyfile
)
self
.
context
=
context
self
.
_prot_p
=
False
self
.
_prot_p
=
False
FTP
.
__init__
(
self
,
host
,
user
,
passwd
,
acct
,
timeout
)
FTP
.
__init__
(
self
,
host
,
user
,
passwd
,
acct
,
timeout
)
...
@@ -660,8 +672,8 @@ else:
...
@@ -660,8 +672,8 @@ else:
resp
=
self
.
voidcmd
(
'AUTH TLS'
)
resp
=
self
.
voidcmd
(
'AUTH TLS'
)
else
:
else
:
resp
=
self
.
voidcmd
(
'AUTH SSL'
)
resp
=
self
.
voidcmd
(
'AUTH SSL'
)
self
.
sock
=
s
sl
.
wrap_socket
(
self
.
sock
,
self
.
keyfile
,
self
.
certfile
,
self
.
sock
=
s
elf
.
context
.
wrap_socket
(
self
.
sock
,
ssl_version
=
self
.
ssl_version
)
server_hostname
=
self
.
host
)
self
.
file
=
self
.
sock
.
makefile
(
mode
=
'rb'
)
self
.
file
=
self
.
sock
.
makefile
(
mode
=
'rb'
)
return
resp
return
resp
...
@@ -692,8 +704,8 @@ else:
...
@@ -692,8 +704,8 @@ else:
def
ntransfercmd
(
self
,
cmd
,
rest
=
None
):
def
ntransfercmd
(
self
,
cmd
,
rest
=
None
):
conn
,
size
=
FTP
.
ntransfercmd
(
self
,
cmd
,
rest
)
conn
,
size
=
FTP
.
ntransfercmd
(
self
,
cmd
,
rest
)
if
self
.
_prot_p
:
if
self
.
_prot_p
:
conn
=
s
sl
.
wrap_socket
(
conn
,
self
.
keyfile
,
self
.
certfile
,
conn
=
s
elf
.
context
.
wrap_socket
(
conn
,
ssl_version
=
self
.
ssl_version
)
server_hostname
=
self
.
host
)
return
conn
,
size
return
conn
,
size
def
retrbinary
(
self
,
cmd
,
callback
,
blocksize
=
8192
,
rest
=
None
):
def
retrbinary
(
self
,
cmd
,
callback
,
blocksize
=
8192
,
rest
=
None
):
...
...
Lib/test/test_ftplib.py
View file @
a675c8b1
This diff is collapsed.
Click to expand it.
Misc/NEWS
View file @
a675c8b1
...
@@ -15,6 +15,8 @@ Core and Builtins
...
@@ -15,6 +15,8 @@ Core and Builtins
Library
Library
-------
-------
- Backport the context argument to ftplib.FTP_TLS.
- Issue #23111: Maximize compatibility in protocol versions of ftplib.FTP_TLS.
- Issue #23111: Maximize compatibility in protocol versions of ftplib.FTP_TLS.
- Issue #23112: Fix SimpleHTTPServer to correctly carry the query string and
- Issue #23112: Fix SimpleHTTPServer to correctly carry the query string and
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment