{ "content": [ { "type": "text", "text": "# ssl (pydoc)\n\n**Summary:** ssl - This module provides some more Pythonic support for SSL.\n\n## Section Outline\n\n- **NAME** (2 lines)\n- **MODULE REFERENCE** (8 lines)\n- **DESCRIPTION** (87 lines)\n- **CLASSES** (29 lines) — 18 subsections\n - class AlertDescription (178 lines)\n - class DefaultVerifyPaths (127 lines)\n - class Options (58 lines)\n - class Purpose (36 lines)\n - class SSLCertVerificationError (92 lines)\n - class SSLContext (140 lines)\n - class SSLEOFError (91 lines)\n - class SSLError (84 lines)\n - class SSLErrorNumber (49 lines)\n - class SSLObject (110 lines)\n - class SSLSocket (406 lines)\n - class SSLSyscallError (91 lines)\n - class SSLWantReadError (92 lines)\n - class SSLWantWriteError (92 lines)\n - class SSLZeroReturnError (91 lines)\n - class TLSVersion (45 lines)\n - class VerifyFlags (46 lines)\n - class VerifyMode (37 lines)\n- **FUNCTIONS** (29 lines) — 7 subsections\n - cert_time_to_seconds (9 lines)\n - create_default_context (6 lines)\n - get_default_verify_paths (2 lines)\n - get_protocol_name (1 lines)\n - get_server_certificate (6 lines)\n - match_hostname (12 lines)\n - wrap_socket (1 lines)\n- **DATA** (89 lines)\n- **FILE** (3 lines)\n\n## Full Content\n\n### NAME\n\nssl - This module provides some more Pythonic support for SSL.\n\n### MODULE REFERENCE\n\nhttps://docs.python.org/3.10/library/ssl.html\n\nThe following documentation is automatically generated from the Python\nsource files. It may be incomplete, incorrect or include features that\nare considered implementation detail and may vary between Python\nimplementations. When in doubt, consult the module reference at the\nlocation listed above.\n\n### DESCRIPTION\n\nObject types:\n\nSSLSocket -- subtype of socket.socket which does SSL over the socket\n\nExceptions:\n\nSSLError -- exception raised for I/O errors\n\nFunctions:\n\ncerttimetoseconds -- convert time string used for certificate\nnotBefore and notAfter functions to integer\nseconds past the Epoch (the time values\nreturned from time.time())\n\ngetservercertificate (addr, sslversion, cacerts, timeout) -- Retrieve the\ncertificate from the server at the specified\naddress and return it as a PEM-encoded string\n\n\nInteger constants:\n\nSSLERRORZERORETURN\nSSLERRORWANTREAD\nSSLERRORWANTWRITE\nSSLERRORWANTX509LOOKUP\nSSLERRORSYSCALL\nSSLERRORSSL\nSSLERRORWANTCONNECT\n\nSSLERROREOF\nSSLERRORINVALIDERRORCODE\n\nThe following group define certificate requirements that one side is\nallowing/requiring from the other side:\n\nCERTNONE - no certificates from the other side are required (or will\nbe looked at if provided)\nCERTOPTIONAL - certificates are not required, but if provided will be\nvalidated, and if validation fails, the connection will\nalso fail\nCERTREQUIRED - certificates are required, and will be validated, and\nif validation fails, the connection will also fail\n\nThe following constants identify various SSL protocol variants:\n\nPROTOCOLSSLv2\nPROTOCOLSSLv3\nPROTOCOLSSLv23\nPROTOCOLTLS\nPROTOCOLTLSCLIENT\nPROTOCOLTLSSERVER\nPROTOCOLTLSv1\nPROTOCOLTLSv11\nPROTOCOLTLSv12\n\nThe following constants identify various SSL alert message descriptions as per\nhttp://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6\n\nALERTDESCRIPTIONCLOSENOTIFY\nALERTDESCRIPTIONUNEXPECTEDMESSAGE\nALERTDESCRIPTIONBADRECORDMAC\nALERTDESCRIPTIONRECORDOVERFLOW\nALERTDESCRIPTIONDECOMPRESSIONFAILURE\nALERTDESCRIPTIONHANDSHAKEFAILURE\nALERTDESCRIPTIONBADCERTIFICATE\nALERTDESCRIPTIONUNSUPPORTEDCERTIFICATE\nALERTDESCRIPTIONCERTIFICATEREVOKED\nALERTDESCRIPTIONCERTIFICATEEXPIRED\nALERTDESCRIPTIONCERTIFICATEUNKNOWN\nALERTDESCRIPTIONILLEGALPARAMETER\nALERTDESCRIPTIONUNKNOWNCA\nALERTDESCRIPTIONACCESSDENIED\nALERTDESCRIPTIONDECODEERROR\nALERTDESCRIPTIONDECRYPTERROR\nALERTDESCRIPTIONPROTOCOLVERSION\nALERTDESCRIPTIONINSUFFICIENTSECURITY\nALERTDESCRIPTIONINTERNALERROR\nALERTDESCRIPTIONUSERCANCELLED\nALERTDESCRIPTIONNORENEGOTIATION\nALERTDESCRIPTIONUNSUPPORTEDEXTENSION\nALERTDESCRIPTIONCERTIFICATEUNOBTAINABLE\nALERTDESCRIPTIONUNRECOGNIZEDNAME\nALERTDESCRIPTIONBADCERTIFICATESTATUSRESPONSE\nALERTDESCRIPTIONBADCERTIFICATEHASHVALUE\nALERTDESCRIPTIONUNKNOWNPSKIDENTITY\n\n### CLASSES\n\nssl.SSLContext(builtins.object)\nSSLContext\nbuiltins.OSError(builtins.Exception)\nSSLError\nSSLCertVerificationError(SSLError, builtins.ValueError)\nSSLEOFError\nSSLSyscallError\nSSLWantReadError\nSSLWantWriteError\nSSLZeroReturnError\nbuiltins.object\nSSLObject\nbuiltins.tuple(builtins.object)\nDefaultVerifyPaths\nenum.Enum(builtins.object)\n.Purpose(ASN1Object, enum.Enum)\nenum.IntEnum(builtins.int, enum.Enum)\nAlertDescription\nSSLErrorNumber\nTLSVersion\nVerifyMode\nenum.IntFlag(builtins.int, enum.Flag)\nOptions\nVerifyFlags\nsocket.socket(socket.socket)\nSSLSocket\nASN1Object(ASN1Object)\n.Purpose(ASN1Object, enum.Enum)\n\n#### class AlertDescription\n\n| AlertDescription(value, names=None, *, module=None, qualname=None, type=None, start=1)\n|\n| An enumeration.\n|\n| Method resolution order:\n| AlertDescription\n| enum.IntEnum\n| builtins.int\n| enum.Enum\n| builtins.object\n|\n| Data and other attributes defined here:\n|\n| ALERTDESCRIPTIONACCESSDENIED = value.\n|\n| This mapping lists all enum members, including aliases. Note that this\n| is a read-only view of the internal mapping.\n\nCertificateError = class SSLCertVerificationError(SSLError, builtins.ValueError)\n| A certificate could not be verified.\n|\n| Method resolution order:\n| SSLCertVerificationError\n| SSLError\n| builtins.OSError\n| builtins.ValueError\n| builtins.Exception\n| builtins.BaseException\n| builtins.object\n|\n| Data descriptors defined here:\n|\n| weakref\n| list of weak references to the object (if defined)\n|\n| ----------------------------------------------------------------------\n| Methods inherited from SSLError:\n|\n| str(self, /)\n| Return str(self).\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.OSError:\n|\n| init(self, /, *args, kwargs)\n| Initialize self. See help(type(self)) for accurate signature.\n|\n| reduce(...)\n| Helper for pickle.\n|\n| ----------------------------------------------------------------------\n| Static methods inherited from builtins.OSError:\n|\n| new(*args, kwargs) from builtins.type\n| Create and return a new object. See help(type) for accurate signature.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.OSError:\n|\n| characterswritten\n|\n| errno\n| POSIX exception code\n|\n| filename\n| exception filename\n|\n| filename2\n| second exception filename\n|\n| strerror\n| exception strerror\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.BaseException:\n|\n| delattr(self, name, /)\n| Implement delattr(self, name).\n|\n| getattribute(self, name, /)\n| Return getattr(self, name).\n|\n| repr(self, /)\n| Return repr(self).\n|\n| setattr(self, name, value, /)\n| Implement setattr(self, name, value).\n|\n| setstate(...)\n|\n| withtraceback(...)\n| Exception.withtraceback(tb) --\n| set self.traceback to tb and return self.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.BaseException:\n|\n| cause\n| exception cause\n|\n| context\n| exception context\n|\n| dict\n|\n| suppresscontext\n|\n| traceback\n|\n| args\n\n#### class DefaultVerifyPaths\n\n| DefaultVerifyPaths(cafile, capath, opensslcafileenv, opensslcafile, opensslcapathenv, opensslcapath)\n|\n| DefaultVerifyPaths(cafile, capath, opensslcafileenv, opensslcafile, opensslcapathenv, opensslcapath)\n|\n| Method resolution order:\n| DefaultVerifyPaths\n| builtins.tuple\n| builtins.object\n|\n| Methods defined here:\n|\n| getnewargs(self)\n| Return self as a plain tuple. Used by copy and pickle.\n|\n| repr(self)\n| Return a nicely formatted representation string\n|\n| asdict(self)\n| Return a new dict which maps field names to their values.\n|\n| replace(self, /, kwds)\n| Return a new DefaultVerifyPaths object replacing specified fields with new values\n|\n| ----------------------------------------------------------------------\n| Class methods defined here:\n|\n| make(iterable) from builtins.type\n| Make a new DefaultVerifyPaths object from a sequence or iterable\n|\n| ----------------------------------------------------------------------\n| Static methods defined here:\n|\n| new(cls, cafile, capath, opensslcafileenv, opensslcafile, opensslcapathenv, opensslcapath)\n| Create new instance of DefaultVerifyPaths(cafile, capath, opensslcafileenv, opensslcafile, opensslcapathenv, opensslcapath)\n|\n| ----------------------------------------------------------------------\n| Data descriptors defined here:\n|\n| cafile\n| Alias for field number 0\n|\n| capath\n| Alias for field number 1\n|\n| opensslcafileenv\n| Alias for field number 2\n|\n| opensslcafile\n| Alias for field number 3\n|\n| opensslcapathenv\n| Alias for field number 4\n|\n| opensslcapath\n| Alias for field number 5\n|\n| ----------------------------------------------------------------------\n| Data and other attributes defined here:\n|\n| matchargs = ('cafile', 'capath', 'opensslcafileenv', 'opensslc...\n|\n| fielddefaults = {}\n|\n| fields = ('cafile', 'capath', 'opensslcafileenv', 'opensslcafile',...\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.tuple:\n|\n| add(self, value, /)\n| Return self+value.\n|\n| contains(self, key, /)\n| Return key in self.\n|\n| eq(self, value, /)\n| Return self==value.\n|\n| ge(self, value, /)\n| Return self>=value.\n|\n| getattribute(self, name, /)\n| Return getattr(self, name).\n|\n| getitem(self, key, /)\n| Return self[key].\n|\n| gt(self, value, /)\n| Return self>value.\n|\n| hash(self, /)\n| Return hash(self).\n|\n| iter(self, /)\n| Implement iter(self).\n|\n| le(self, value, /)\n| Return self<=value.\n|\n| len(self, /)\n| Return len(self).\n|\n| lt(self, value, /)\n| Return self\n|\n| OPCIPHERSERVERPREFERENCE = \n|\n| OPNOCOMPRESSION = \n|\n| OPNORENEGOTIATION = \n|\n| OPNOSSLv2 = \n|\n| OPNOSSLv3 = \n|\n| OPNOTICKET = \n|\n| OPNOTLSv1 = \n|\n| OPNOTLSv11 = \n|\n| OPNOTLSv12 = \n|\n| OPNOTLSv13 = \n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from enum.Enum:\n|\n| name\n| The name of the Enum member.\n|\n| value\n| The value of the Enum member.\n|\n| ----------------------------------------------------------------------\n| Readonly properties inherited from enum.EnumMeta:\n|\n| members\n| Returns a mapping of member name->value.\n|\n| This mapping lists all enum members, including aliases. Note that this\n| is a read-only view of the internal mapping.\n\n#### class Purpose\n\n| Purpose(value, names=None, *, module=None, qualname=None, type=None, start=1)\n|\n| SSLContext purpose flags with X509v3 Extended Key Usage objects\n|\n| Method resolution order:\n| Purpose\n| ssl.ASN1Object\n| ssl.ASN1Object\n| builtins.tuple\n| enum.Enum\n| builtins.object\n|\n| Data and other attributes defined here:\n|\n| CLIENTAUTH = value.\n|\n| This mapping lists all enum members, including aliases. Note that this\n| is a read-only view of the internal mapping.\n\n#### class SSLCertVerificationError\n\n| A certificate could not be verified.\n|\n| Method resolution order:\n| SSLCertVerificationError\n| SSLError\n| builtins.OSError\n| builtins.ValueError\n| builtins.Exception\n| builtins.BaseException\n| builtins.object\n|\n| Data descriptors defined here:\n|\n| weakref\n| list of weak references to the object (if defined)\n|\n| ----------------------------------------------------------------------\n| Methods inherited from SSLError:\n|\n| str(self, /)\n| Return str(self).\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.OSError:\n|\n| init(self, /, *args, kwargs)\n| Initialize self. See help(type(self)) for accurate signature.\n|\n| reduce(...)\n| Helper for pickle.\n|\n| ----------------------------------------------------------------------\n| Static methods inherited from builtins.OSError:\n|\n| new(*args, kwargs) from builtins.type\n| Create and return a new object. See help(type) for accurate signature.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.OSError:\n|\n| characterswritten\n|\n| errno\n| POSIX exception code\n|\n| filename\n| exception filename\n|\n| filename2\n| second exception filename\n|\n| strerror\n| exception strerror\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.BaseException:\n|\n| delattr(self, name, /)\n| Implement delattr(self, name).\n|\n| getattribute(self, name, /)\n| Return getattr(self, name).\n|\n| repr(self, /)\n| Return repr(self).\n|\n| setattr(self, name, value, /)\n| Implement setattr(self, name, value).\n|\n| setstate(...)\n|\n| withtraceback(...)\n| Exception.withtraceback(tb) --\n| set self.traceback to tb and return self.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.BaseException:\n|\n| cause\n| exception cause\n|\n| context\n| exception context\n|\n| dict\n|\n| suppresscontext\n|\n| traceback\n|\n| args\n\n#### class SSLContext\n\n| SSLContext(protocol=None, *args, kwargs)\n|\n| An SSLContext holds various SSL-related configuration options and\n| data, such as certificates and possibly a private key.\n|\n| Method resolution order:\n| SSLContext\n| ssl.SSLContext\n| builtins.object\n|\n| Methods defined here:\n|\n| loaddefaultcerts(self, purpose=)\n|\n| setalpnprotocols(self, alpnprotocols)\n|\n| setnpnprotocols(self, npnprotocols)\n|\n| setservernamecallback(self, servernamecallback)\n|\n| wrapbio(self, incoming, outgoing, serverside=False, serverhostname=None, session=None)\n|\n| wrapsocket(self, sock, serverside=False, dohandshakeonconnect=True, suppressraggedeofs=True, serverhostname=None, session=None)\n|\n| ----------------------------------------------------------------------\n| Static methods defined here:\n|\n| new(cls, protocol=None, *args, kwargs)\n| Create and return a new object. See help(type) for accurate signature.\n|\n| ----------------------------------------------------------------------\n| Readonly properties defined here:\n|\n| protocol\n|\n| ----------------------------------------------------------------------\n| Data descriptors defined here:\n|\n| dict\n| dictionary for instance variables (if defined)\n|\n| weakref\n| list of weak references to the object (if defined)\n|\n| hostnamecheckscommonname\n|\n| maximumversion\n|\n| minimumversion\n|\n| options\n|\n| verifyflags\n|\n| verifymode\n|\n| ----------------------------------------------------------------------\n| Data and other attributes defined here:\n|\n| sslobjectclass = \n| This class implements an interface on top of a low-level SSL object as\n| implemented by OpenSSL. This object captures the state of an SSL connection\n| but does not provide any network IO itself. IO needs to be performed\n| through separate \"BIO\" objects which are OpenSSL's IO abstraction layer.\n|\n| This class does not have a public constructor. Instances are returned by\n| ``SSLContext.wrapbio``. This class is typically used by framework authors\n| that want to implement asynchronous IO for SSL through memory buffers.\n|\n| When compared to ``SSLSocket``, this object lacks the following features:\n|\n| * Any form of network IO, including methods such as ``recv`` and ``send``.\n| * The ``dohandshakeonconnect`` and ``suppressraggedeofs`` machinery.\n|\n|\n| sslsocketclass = \n| This class implements a subtype of socket.socket that wraps\n| the underlying OS socket in an SSL context when necessary, and\n| provides read and write methods over that channel.\n|\n|\n| ----------------------------------------------------------------------\n| Methods inherited from ssl.SSLContext:\n|\n| certstorestats(self, /)\n| Returns quantities of loaded X.509 certificates.\n|\n| X.509 certificates with a CA extension and certificate revocation lists\n| inside the context's cert store.\n|\n| NOTE: Certificates in a capath directory aren't loaded unless they have\n| been used at least once.\n|\n| getcacerts(self, /, binaryform=False)\n| Returns a list of dicts with information of loaded CA certs.\n|\n| If the optional argument is True, returns a DER-encoded copy of the CA\n| certificate.\n|\n| NOTE: Certificates in a capath directory aren't loaded unless they have\n| been used at least once.\n|\n| getciphers(self, /)\n|\n| loadcertchain(self, /, certfile, keyfile=None, password=None)\n|\n| loaddhparams(self, path, /)\n|\n| loadverifylocations(self, /, cafile=None, capath=None, cadata=None)\n|\n| sessionstats(self, /)\n|\n| setciphers(self, cipherlist, /)\n|\n| setdefaultverifypaths(self, /)\n|\n| setecdhcurve(self, name, /)\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from ssl.SSLContext:\n|\n| checkhostname\n|\n| keylogfilename\n|\n| numtickets\n| Control the number of TLSv1.3 session tickets\n|\n| posthandshakeauth\n|\n| securitylevel\n| The current security level\n|\n| snicallback\n| Set a callback that will be called when a server name is provided by the SSL/TLS client in the SNI extension.\n|\n| If the argument is None then the callback is disabled. The method is called\n| with the SSLSocket, the server name as a string, and the SSLContext object.\n| See RFC 6066 for details of the SNI extension.\n\n#### class SSLEOFError\n\n| SSL/TLS connection terminated abruptly.\n|\n| Method resolution order:\n| SSLEOFError\n| SSLError\n| builtins.OSError\n| builtins.Exception\n| builtins.BaseException\n| builtins.object\n|\n| Data descriptors defined here:\n|\n| weakref\n| list of weak references to the object (if defined)\n|\n| ----------------------------------------------------------------------\n| Methods inherited from SSLError:\n|\n| str(self, /)\n| Return str(self).\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.OSError:\n|\n| init(self, /, *args, kwargs)\n| Initialize self. See help(type(self)) for accurate signature.\n|\n| reduce(...)\n| Helper for pickle.\n|\n| ----------------------------------------------------------------------\n| Static methods inherited from builtins.OSError:\n|\n| new(*args, kwargs) from builtins.type\n| Create and return a new object. See help(type) for accurate signature.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.OSError:\n|\n| characterswritten\n|\n| errno\n| POSIX exception code\n|\n| filename\n| exception filename\n|\n| filename2\n| second exception filename\n|\n| strerror\n| exception strerror\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.BaseException:\n|\n| delattr(self, name, /)\n| Implement delattr(self, name).\n|\n| getattribute(self, name, /)\n| Return getattr(self, name).\n|\n| repr(self, /)\n| Return repr(self).\n|\n| setattr(self, name, value, /)\n| Implement setattr(self, name, value).\n|\n| setstate(...)\n|\n| withtraceback(...)\n| Exception.withtraceback(tb) --\n| set self.traceback to tb and return self.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.BaseException:\n|\n| cause\n| exception cause\n|\n| context\n| exception context\n|\n| dict\n|\n| suppresscontext\n|\n| traceback\n|\n| args\n\n#### class SSLError\n\n| An error occurred in the SSL implementation.\n|\n| Method resolution order:\n| SSLError\n| builtins.OSError\n| builtins.Exception\n| builtins.BaseException\n| builtins.object\n|\n| Methods defined here:\n|\n| str(self, /)\n| Return str(self).\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.OSError:\n|\n| init(self, /, *args, kwargs)\n| Initialize self. See help(type(self)) for accurate signature.\n|\n| reduce(...)\n| Helper for pickle.\n|\n| ----------------------------------------------------------------------\n| Static methods inherited from builtins.OSError:\n|\n| new(*args, kwargs) from builtins.type\n| Create and return a new object. See help(type) for accurate signature.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.OSError:\n|\n| characterswritten\n|\n| errno\n| POSIX exception code\n|\n| filename\n| exception filename\n|\n| filename2\n| second exception filename\n|\n| strerror\n| exception strerror\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.BaseException:\n|\n| delattr(self, name, /)\n| Implement delattr(self, name).\n|\n| getattribute(self, name, /)\n| Return getattr(self, name).\n|\n| repr(self, /)\n| Return repr(self).\n|\n| setattr(self, name, value, /)\n| Implement setattr(self, name, value).\n|\n| setstate(...)\n|\n| withtraceback(...)\n| Exception.withtraceback(tb) --\n| set self.traceback to tb and return self.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.BaseException:\n|\n| cause\n| exception cause\n|\n| context\n| exception context\n|\n| dict\n|\n| suppresscontext\n|\n| traceback\n|\n| args\n\n#### class SSLErrorNumber\n\n| SSLErrorNumber(value, names=None, *, module=None, qualname=None, type=None, start=1)\n|\n| An enumeration.\n|\n| Method resolution order:\n| SSLErrorNumber\n| enum.IntEnum\n| builtins.int\n| enum.Enum\n| builtins.object\n|\n| Data and other attributes defined here:\n|\n| SSLERROREOF = \n|\n| SSLERRORINVALIDERRORCODE = \n|\n| SSLERRORSYSCALL = \n|\n| SSLERRORWANTCONNECT = \n|\n| SSLERRORWANTREAD = \n|\n| SSLERRORWANTWRITE = \n|\n| SSLERRORWANTX509LOOKUP = \n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from enum.Enum:\n|\n| name\n| The name of the Enum member.\n|\n| value\n| The value of the Enum member.\n|\n| ----------------------------------------------------------------------\n| Readonly properties inherited from enum.EnumMeta:\n|\n| members\n| Returns a mapping of member name->value.\n|\n| This mapping lists all enum members, including aliases. Note that this\n| is a read-only view of the internal mapping.\n\n#### class SSLObject\n\n| SSLObject(*args, kwargs)\n|\n| This class implements an interface on top of a low-level SSL object as\n| implemented by OpenSSL. This object captures the state of an SSL connection\n| but does not provide any network IO itself. IO needs to be performed\n| through separate \"BIO\" objects which are OpenSSL's IO abstraction layer.\n|\n| This class does not have a public constructor. Instances are returned by\n| ``SSLContext.wrapbio``. This class is typically used by framework authors\n| that want to implement asynchronous IO for SSL through memory buffers.\n|\n| When compared to ``SSLSocket``, this object lacks the following features:\n|\n| * Any form of network IO, including methods such as ``recv`` and ``send``.\n| * The ``dohandshakeonconnect`` and ``suppressraggedeofs`` machinery.\n|\n| Methods defined here:\n|\n| init(self, *args, kwargs)\n| Initialize self. See help(type(self)) for accurate signature.\n|\n| cipher(self)\n| Return the currently selected cipher as a 3-tuple ``(name,\n| sslversion, secretbits)``.\n|\n| compression(self)\n| Return the current compression algorithm in use, or ``None`` if\n| compression was not negotiated or not supported by one of the peers.\n|\n| dohandshake(self)\n| Start the SSL/TLS handshake.\n|\n| getchannelbinding(self, cbtype='tls-unique')\n| Get channel binding data for current connection. Raise ValueError\n| if the requested `cbtype` is not supported. Return bytes of the data\n| or None if the data is not available (e.g. before the handshake).\n|\n| getpeercert(self, binaryform=False)\n| Returns a formatted version of the data in the certificate provided\n| by the other end of the SSL channel.\n|\n| Return None if no certificate was provided, {} if a certificate was\n| provided, but not validated.\n|\n| pending(self)\n| Return the number of bytes that can be read immediately.\n|\n| read(self, len=1024, buffer=None)\n| Read up to 'len' bytes from the SSL object and return them.\n|\n| If 'buffer' is provided, read into this buffer and return the number of\n| bytes read.\n|\n| selectedalpnprotocol(self)\n| Return the currently selected ALPN protocol as a string, or ``None``\n| if a next protocol was not negotiated or if ALPN is not supported by one\n| of the peers.\n|\n| selectednpnprotocol(self)\n| Return the currently selected NPN protocol as a string, or ``None``\n| if a next protocol was not negotiated or if NPN is not supported by one\n| of the peers.\n|\n| sharedciphers(self)\n| Return a list of ciphers shared by the client during the handshake or\n| None if this is not a valid server connection.\n|\n| unwrap(self)\n| Start the SSL shutdown handshake.\n|\n| verifyclientposthandshake(self)\n|\n| version(self)\n| Return a string identifying the protocol version used by the\n| current SSL channel.\n|\n| write(self, data)\n| Write 'data' to the SSL object and return the number of bytes\n| written.\n|\n| The 'data' argument must support the buffer interface.\n|\n| ----------------------------------------------------------------------\n| Readonly properties defined here:\n|\n| serverhostname\n| The currently set server hostname (for SNI), or ``None`` if no\n| server hostname is set.\n|\n| serverside\n| Whether this is a server-side socket.\n|\n| sessionreused\n| Was the client session reused during handshake\n|\n| ----------------------------------------------------------------------\n| Data descriptors defined here:\n|\n| dict\n| dictionary for instance variables (if defined)\n|\n| weakref\n| list of weak references to the object (if defined)\n|\n| context\n| The SSLContext that is currently in use.\n|\n| session\n| The SSLSession for client socket.\n\n#### class SSLSocket\n\n| SSLSocket(*args, kwargs)\n|\n| This class implements a subtype of socket.socket that wraps\n| the underlying OS socket in an SSL context when necessary, and\n| provides read and write methods over that channel.\n|\n| Method resolution order:\n| SSLSocket\n| socket.socket\n| socket.socket\n| builtins.object\n|\n| Methods defined here:\n|\n| init(self, *args, kwargs)\n| Initialize self. See help(type(self)) for accurate signature.\n|\n| accept(self)\n| Accepts a new connection from a remote client, and returns\n| a tuple containing that new connection wrapped with a server-side\n| SSL channel, and the address of the remote client.\n|\n| cipher(self)\n| Return the currently selected cipher as a 3-tuple ``(name,\n| sslversion, secretbits)``.\n|\n| compression(self)\n| Return the current compression algorithm in use, or ``None`` if\n| compression was not negotiated or not supported by one of the peers.\n|\n| connect(self, addr)\n| Connects to remote ADDR, and then wraps the connection in\n| an SSL channel.\n|\n| connectex(self, addr)\n| Connects to remote ADDR, and then wraps the connection in\n| an SSL channel.\n|\n| dohandshake(self, block=False)\n| Start the SSL/TLS handshake.\n|\n| dup(self)\n| dup() -> socket object\n|\n| Duplicate the socket. Return a new socket object connected to the same\n| system resource. The new socket is non-inheritable.\n|\n| getchannelbinding(self, cbtype='tls-unique')\n| Get channel binding data for current connection. Raise ValueError\n| if the requested `cbtype` is not supported. Return bytes of the data\n| or None if the data is not available (e.g. before the handshake).\n|\n| getpeercert(self, binaryform=False)\n| Returns a formatted version of the data in the certificate provided\n| by the other end of the SSL channel.\n|\n| Return None if no certificate was provided, {} if a certificate was\n| provided, but not validated.\n|\n| pending(self)\n| Return the number of bytes that can be read immediately.\n|\n| read(self, len=1024, buffer=None)\n| Read up to LEN bytes and return them.\n| Return zero-length string on EOF.\n|\n| recv(self, buflen=1024, flags=0)\n| recv(buffersize[, flags]) -> data\n|\n| Receive up to buffersize bytes from the socket. For the optional flags\n| argument, see the Unix manual. When no data is available, block until\n| at least one byte is available or until the remote end is closed. When\n| the remote end is closed and all data is read, return the empty string.\n|\n| recvinto(self, buffer, nbytes=None, flags=0)\n| recvinto(buffer, [nbytes[, flags]]) -> nbytesread\n|\n| A version of recv() that stores its data into a buffer rather than creating\n| a new string. Receive up to buffersize bytes from the socket. If buffersize\n| is not specified (or 0), receive up to the size available in the given buffer.\n|\n| See recv() for documentation about the flags.\n|\n| recvfrom(self, buflen=1024, flags=0)\n| recvfrom(buffersize[, flags]) -> (data, address info)\n|\n| Like recv(buffersize, flags) but also return the sender's address info.\n|\n| recvfrominto(self, buffer, nbytes=None, flags=0)\n| recvfrominto(buffer[, nbytes[, flags]]) -> (nbytes, address info)\n|\n| Like recvinto(buffer[, nbytes[, flags]]) but also return the sender's address info.\n|\n| recvmsg(self, *args, kwargs)\n| recvmsg(bufsize[, ancbufsize[, flags]]) -> (data, ancdata, msgflags, address)\n|\n| Receive normal data (up to bufsize bytes) and ancillary data from the\n| socket. The ancbufsize argument sets the size in bytes of the\n| internal buffer used to receive the ancillary data; it defaults to 0,\n| meaning that no ancillary data will be received. Appropriate buffer\n| sizes for ancillary data can be calculated using CMSGSPACE() or\n| CMSGLEN(), and items which do not fit into the buffer might be\n| truncated or discarded. The flags argument defaults to 0 and has the\n| same meaning as for recv().\n|\n| The return value is a 4-tuple: (data, ancdata, msgflags, address).\n| The data item is a bytes object holding the non-ancillary data\n| received. The ancdata item is a list of zero or more tuples\n| (cmsglevel, cmsgtype, cmsgdata) representing the ancillary data\n| (control messages) received: cmsglevel and cmsgtype are integers\n| specifying the protocol level and protocol-specific type respectively,\n| and cmsgdata is a bytes object holding the associated data. The\n| msgflags item is the bitwise OR of various flags indicating\n| conditions on the received message; see your system documentation for\n| details. If the receiving socket is unconnected, address is the\n| address of the sending socket, if available; otherwise, its value is\n| unspecified.\n|\n| If recvmsg() raises an exception after the system call returns, it\n| will first attempt to close any file descriptors received via the\n| SCMRIGHTS mechanism.\n|\n| recvmsginto(self, *args, kwargs)\n| recvmsginto(buffers[, ancbufsize[, flags]]) -> (nbytes, ancdata, msgflags, address)\n|\n| Receive normal data and ancillary data from the socket, scattering the\n| non-ancillary data into a series of buffers. The buffers argument\n| must be an iterable of objects that export writable buffers\n| (e.g. bytearray objects); these will be filled with successive chunks\n| of the non-ancillary data until it has all been written or there are\n| no more buffers. The ancbufsize argument sets the size in bytes of\n| the internal buffer used to receive the ancillary data; it defaults to\n| 0, meaning that no ancillary data will be received. Appropriate\n| buffer sizes for ancillary data can be calculated using CMSGSPACE()\n| or CMSGLEN(), and items which do not fit into the buffer might be\n| truncated or discarded. The flags argument defaults to 0 and has the\n| same meaning as for recv().\n|\n| The return value is a 4-tuple: (nbytes, ancdata, msgflags, address).\n| The nbytes item is the total number of bytes of non-ancillary data\n| written into the buffers. The ancdata item is a list of zero or more\n| tuples (cmsglevel, cmsgtype, cmsgdata) representing the ancillary\n| data (control messages) received: cmsglevel and cmsgtype are\n| integers specifying the protocol level and protocol-specific type\n| respectively, and cmsgdata is a bytes object holding the associated\n| data. The msgflags item is the bitwise OR of various flags\n| indicating conditions on the received message; see your system\n| documentation for details. If the receiving socket is unconnected,\n| address is the address of the sending socket, if available; otherwise,\n| its value is unspecified.\n|\n| If recvmsginto() raises an exception after the system call returns,\n| it will first attempt to close any file descriptors received via the\n| SCMRIGHTS mechanism.\n|\n| selectedalpnprotocol(self)\n| Return the currently selected ALPN protocol as a string, or ``None``\n| if a next protocol was not negotiated or if ALPN is not supported by one\n| of the peers.\n|\n| selectednpnprotocol(self)\n| Return the currently selected NPN protocol as a string, or ``None``\n| if a next protocol was not negotiated or if NPN is not supported by one\n| of the peers.\n|\n| send(self, data, flags=0)\n| send(data[, flags]) -> count\n|\n| Send a data string to the socket. For the optional flags\n| argument, see the Unix manual. Return the number of bytes\n| sent; this may be less than len(data) if the network is busy.\n|\n| sendall(self, data, flags=0)\n| sendall(data[, flags])\n|\n| Send a data string to the socket. For the optional flags\n| argument, see the Unix manual. This calls send() repeatedly\n| until all data is sent. If an error occurs, it's impossible\n| to tell how much data has been sent.\n|\n| sendfile(self, file, offset=0, count=None)\n| Send a file, possibly by using os.sendfile() if this is a\n| clear-text socket. Return the total number of bytes sent.\n|\n| sendmsg(self, *args, kwargs)\n| sendmsg(buffers[, ancdata[, flags[, address]]]) -> count\n|\n| Send normal and ancillary data to the socket, gathering the\n| non-ancillary data from a series of buffers and concatenating it into\n| a single message. The buffers argument specifies the non-ancillary\n| data as an iterable of bytes-like objects (e.g. bytes objects).\n| The ancdata argument specifies the ancillary data (control messages)\n| as an iterable of zero or more tuples (cmsglevel, cmsgtype,\n| cmsgdata), where cmsglevel and cmsgtype are integers specifying the\n| protocol level and protocol-specific type respectively, and cmsgdata\n| is a bytes-like object holding the associated data. The flags\n| argument defaults to 0 and has the same meaning as for send(). If\n| address is supplied and not None, it sets a destination address for\n| the message. The return value is the number of bytes of non-ancillary\n| data sent.\n|\n| sendto(self, data, flagsoraddr, addr=None)\n| sendto(data[, flags], address) -> count\n|\n| Like send(data, flags) but allows specifying the destination address.\n| For IP sockets, the address is a pair (hostaddr, port).\n|\n| sharedciphers(self)\n| Return a list of ciphers shared by the client during the handshake or\n| None if this is not a valid server connection.\n|\n| shutdown(self, how)\n| shutdown(flag)\n|\n| Shut down the reading side of the socket (flag == SHUTRD), the writing side\n| of the socket (flag == SHUTWR), or both ends (flag == SHUTRDWR).\n|\n| unwrap(self)\n| Start the SSL shutdown handshake.\n|\n| verifyclientposthandshake(self)\n|\n| version(self)\n| Return a string identifying the protocol version used by the\n| current SSL channel.\n|\n| write(self, data)\n| Write DATA to the underlying SSL channel. Returns\n| number of bytes of DATA actually transmitted.\n|\n| ----------------------------------------------------------------------\n| Readonly properties defined here:\n|\n| sessionreused\n| Was the client session reused during handshake\n|\n| ----------------------------------------------------------------------\n| Data descriptors defined here:\n|\n| dict\n| dictionary for instance variables (if defined)\n|\n| context\n| The SSLContext that is currently in use.\n|\n| session\n| The SSLSession for client socket.\n|\n| ----------------------------------------------------------------------\n| Methods inherited from socket.socket:\n|\n| enter(self)\n|\n| exit(self, *args)\n|\n| getstate(self)\n|\n| repr(self)\n| Wrap repr() to reveal the real class name and socket\n| address(es).\n|\n| close(self)\n| close()\n|\n| Close the socket. It cannot be used after this call.\n|\n| detach(self)\n| detach() -> file descriptor\n|\n| Close the socket object without closing the underlying file descriptor.\n| The object cannot be used after this call, but the file descriptor\n| can be reused for other purposes. The file descriptor is returned.\n|\n| getinheritable(self)\n| Get the inheritable flag of the socket\n|\n| makefile(self, mode='r', buffering=None, *, encoding=None, errors=None, newline=None)\n| makefile(...) -> an I/O stream connected to the socket\n|\n| The arguments are as for io.open() after the filename, except the only\n| supported mode values are 'r' (default), 'w' and 'b'.\n|\n| setinheritable(self, inheritable)\n| Set the inheritable flag of the socket\n|\n| ----------------------------------------------------------------------\n| Readonly properties inherited from socket.socket:\n|\n| family\n| Read-only access to the address family for this socket.\n|\n| type\n| Read-only access to the socket type.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from socket.socket:\n|\n| weakref\n| list of weak references to the object (if defined)\n|\n| ----------------------------------------------------------------------\n| Methods inherited from socket.socket:\n|\n| del(...)\n|\n| getattribute(self, name, /)\n| Return getattr(self, name).\n|\n| bind(...)\n| bind(address)\n|\n| Bind the socket to a local address. For IP sockets, the address is a\n| pair (host, port); the host must refer to the local host. For raw packet\n| sockets the address is a tuple (ifname, proto [,pkttype [,hatype [,addr]]])\n|\n| fileno(...)\n| fileno() -> integer\n|\n| Return the integer file descriptor of the socket.\n|\n| getblocking(...)\n| getblocking()\n|\n| Returns True if socket is in blocking mode, or False if it\n| is in non-blocking mode.\n|\n| getpeername(...)\n| getpeername() -> address info\n|\n| Return the address of the remote endpoint. For IP sockets, the address\n| info is a pair (hostaddr, port).\n|\n| getsockname(...)\n| getsockname() -> address info\n|\n| Return the address of the local endpoint. The format depends on the\n| address family. For IPv4 sockets, the address info is a pair\n| (hostaddr, port).\n|\n| getsockopt(...)\n| getsockopt(level, option[, buffersize]) -> value\n|\n| Get a socket option. See the Unix manual for level and option.\n| If a nonzero buffersize argument is given, the return value is a\n| string of that length; otherwise it is an integer.\n|\n| gettimeout(...)\n| gettimeout() -> timeout\n|\n| Returns the timeout in seconds (float) associated with socket\n| operations. A timeout of None indicates that timeouts on socket\n| operations are disabled.\n|\n| listen(...)\n| listen([backlog])\n|\n| Enable a server to accept connections. If backlog is specified, it must be\n| at least 0 (if it is lower, it is set to 0); it specifies the number of\n| unaccepted connections that the system will allow before refusing new\n| connections. If not specified, a default reasonable value is chosen.\n|\n| sendmsgafalg(...)\n| sendmsgafalg([msg], *, op[, iv[, assoclen[, flags=MSGMORE]]])\n|\n| Set operation mode, IV and length of associated data for an AFALG\n| operation socket.\n|\n| setblocking(...)\n| setblocking(flag)\n|\n| Set the socket to blocking (flag is true) or non-blocking (false).\n| setblocking(True) is equivalent to settimeout(None);\n| setblocking(False) is equivalent to settimeout(0.0).\n|\n| setsockopt(...)\n| setsockopt(level, option, value: int)\n| setsockopt(level, option, value: buffer)\n| setsockopt(level, option, None, optlen: int)\n|\n| Set a socket option. See the Unix manual for level and option.\n| The value argument can either be an integer, a string buffer, or\n| None, optlen.\n|\n| settimeout(...)\n| settimeout(timeout)\n|\n| Set a timeout on socket operations. 'timeout' can be a float,\n| giving in seconds, or None. Setting a timeout of None disables\n| the timeout feature and is equivalent to setblocking(1).\n| Setting a timeout of zero is the same as setblocking(0).\n|\n| ----------------------------------------------------------------------\n| Static methods inherited from socket.socket:\n|\n| new(*args, kwargs) from builtins.type\n| Create and return a new object. See help(type) for accurate signature.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from socket.socket:\n|\n| proto\n| the socket protocol\n|\n| timeout\n| the socket timeout\n\n#### class SSLSyscallError\n\n| System error when attempting SSL operation.\n|\n| Method resolution order:\n| SSLSyscallError\n| SSLError\n| builtins.OSError\n| builtins.Exception\n| builtins.BaseException\n| builtins.object\n|\n| Data descriptors defined here:\n|\n| weakref\n| list of weak references to the object (if defined)\n|\n| ----------------------------------------------------------------------\n| Methods inherited from SSLError:\n|\n| str(self, /)\n| Return str(self).\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.OSError:\n|\n| init(self, /, *args, kwargs)\n| Initialize self. See help(type(self)) for accurate signature.\n|\n| reduce(...)\n| Helper for pickle.\n|\n| ----------------------------------------------------------------------\n| Static methods inherited from builtins.OSError:\n|\n| new(*args, kwargs) from builtins.type\n| Create and return a new object. See help(type) for accurate signature.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.OSError:\n|\n| characterswritten\n|\n| errno\n| POSIX exception code\n|\n| filename\n| exception filename\n|\n| filename2\n| second exception filename\n|\n| strerror\n| exception strerror\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.BaseException:\n|\n| delattr(self, name, /)\n| Implement delattr(self, name).\n|\n| getattribute(self, name, /)\n| Return getattr(self, name).\n|\n| repr(self, /)\n| Return repr(self).\n|\n| setattr(self, name, value, /)\n| Implement setattr(self, name, value).\n|\n| setstate(...)\n|\n| withtraceback(...)\n| Exception.withtraceback(tb) --\n| set self.traceback to tb and return self.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.BaseException:\n|\n| cause\n| exception cause\n|\n| context\n| exception context\n|\n| dict\n|\n| suppresscontext\n|\n| traceback\n|\n| args\n\n#### class SSLWantReadError\n\n| Non-blocking SSL socket needs to read more data\n| before the requested operation can be completed.\n|\n| Method resolution order:\n| SSLWantReadError\n| SSLError\n| builtins.OSError\n| builtins.Exception\n| builtins.BaseException\n| builtins.object\n|\n| Data descriptors defined here:\n|\n| weakref\n| list of weak references to the object (if defined)\n|\n| ----------------------------------------------------------------------\n| Methods inherited from SSLError:\n|\n| str(self, /)\n| Return str(self).\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.OSError:\n|\n| init(self, /, *args, kwargs)\n| Initialize self. See help(type(self)) for accurate signature.\n|\n| reduce(...)\n| Helper for pickle.\n|\n| ----------------------------------------------------------------------\n| Static methods inherited from builtins.OSError:\n|\n| new(*args, kwargs) from builtins.type\n| Create and return a new object. See help(type) for accurate signature.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.OSError:\n|\n| characterswritten\n|\n| errno\n| POSIX exception code\n|\n| filename\n| exception filename\n|\n| filename2\n| second exception filename\n|\n| strerror\n| exception strerror\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.BaseException:\n|\n| delattr(self, name, /)\n| Implement delattr(self, name).\n|\n| getattribute(self, name, /)\n| Return getattr(self, name).\n|\n| repr(self, /)\n| Return repr(self).\n|\n| setattr(self, name, value, /)\n| Implement setattr(self, name, value).\n|\n| setstate(...)\n|\n| withtraceback(...)\n| Exception.withtraceback(tb) --\n| set self.traceback to tb and return self.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.BaseException:\n|\n| cause\n| exception cause\n|\n| context\n| exception context\n|\n| dict\n|\n| suppresscontext\n|\n| traceback\n|\n| args\n\n#### class SSLWantWriteError\n\n| Non-blocking SSL socket needs to write more data\n| before the requested operation can be completed.\n|\n| Method resolution order:\n| SSLWantWriteError\n| SSLError\n| builtins.OSError\n| builtins.Exception\n| builtins.BaseException\n| builtins.object\n|\n| Data descriptors defined here:\n|\n| weakref\n| list of weak references to the object (if defined)\n|\n| ----------------------------------------------------------------------\n| Methods inherited from SSLError:\n|\n| str(self, /)\n| Return str(self).\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.OSError:\n|\n| init(self, /, *args, kwargs)\n| Initialize self. See help(type(self)) for accurate signature.\n|\n| reduce(...)\n| Helper for pickle.\n|\n| ----------------------------------------------------------------------\n| Static methods inherited from builtins.OSError:\n|\n| new(*args, kwargs) from builtins.type\n| Create and return a new object. See help(type) for accurate signature.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.OSError:\n|\n| characterswritten\n|\n| errno\n| POSIX exception code\n|\n| filename\n| exception filename\n|\n| filename2\n| second exception filename\n|\n| strerror\n| exception strerror\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.BaseException:\n|\n| delattr(self, name, /)\n| Implement delattr(self, name).\n|\n| getattribute(self, name, /)\n| Return getattr(self, name).\n|\n| repr(self, /)\n| Return repr(self).\n|\n| setattr(self, name, value, /)\n| Implement setattr(self, name, value).\n|\n| setstate(...)\n|\n| withtraceback(...)\n| Exception.withtraceback(tb) --\n| set self.traceback to tb and return self.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.BaseException:\n|\n| cause\n| exception cause\n|\n| context\n| exception context\n|\n| dict\n|\n| suppresscontext\n|\n| traceback\n|\n| args\n\n#### class SSLZeroReturnError\n\n| SSL/TLS session closed cleanly.\n|\n| Method resolution order:\n| SSLZeroReturnError\n| SSLError\n| builtins.OSError\n| builtins.Exception\n| builtins.BaseException\n| builtins.object\n|\n| Data descriptors defined here:\n|\n| weakref\n| list of weak references to the object (if defined)\n|\n| ----------------------------------------------------------------------\n| Methods inherited from SSLError:\n|\n| str(self, /)\n| Return str(self).\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.OSError:\n|\n| init(self, /, *args, kwargs)\n| Initialize self. See help(type(self)) for accurate signature.\n|\n| reduce(...)\n| Helper for pickle.\n|\n| ----------------------------------------------------------------------\n| Static methods inherited from builtins.OSError:\n|\n| new(*args, kwargs) from builtins.type\n| Create and return a new object. See help(type) for accurate signature.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.OSError:\n|\n| characterswritten\n|\n| errno\n| POSIX exception code\n|\n| filename\n| exception filename\n|\n| filename2\n| second exception filename\n|\n| strerror\n| exception strerror\n|\n| ----------------------------------------------------------------------\n| Methods inherited from builtins.BaseException:\n|\n| delattr(self, name, /)\n| Implement delattr(self, name).\n|\n| getattribute(self, name, /)\n| Return getattr(self, name).\n|\n| repr(self, /)\n| Return repr(self).\n|\n| setattr(self, name, value, /)\n| Implement setattr(self, name, value).\n|\n| setstate(...)\n|\n| withtraceback(...)\n| Exception.withtraceback(tb) --\n| set self.traceback to tb and return self.\n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from builtins.BaseException:\n|\n| cause\n| exception cause\n|\n| context\n| exception context\n|\n| dict\n|\n| suppresscontext\n|\n| traceback\n|\n| args\n\n#### class TLSVersion\n\n| TLSVersion(value, names=None, *, module=None, qualname=None, type=None, start=1)\n|\n| An enumeration.\n|\n| Method resolution order:\n| TLSVersion\n| enum.IntEnum\n| builtins.int\n| enum.Enum\n| builtins.object\n|\n| Data and other attributes defined here:\n|\n| MAXIMUMSUPPORTED = \n|\n| MINIMUMSUPPORTED = \n|\n| SSLv3 = \n|\n| TLSv1 = \n|\n| TLSv11 = \n|\n| TLSv12 = \n|\n| TLSv13 = \n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from enum.Enum:\n|\n| name\n| The name of the Enum member.\n|\n| value\n| The value of the Enum member.\n|\n| ----------------------------------------------------------------------\n| Readonly properties inherited from enum.EnumMeta:\n|\n| members\n| Returns a mapping of member name->value.\n|\n| This mapping lists all enum members, including aliases. Note that this\n| is a read-only view of the internal mapping.\n\n#### class VerifyFlags\n\n| VerifyFlags(value, names=None, *, module=None, qualname=None, type=None, start=1)\n|\n| An enumeration.\n|\n| Method resolution order:\n| VerifyFlags\n| enum.IntFlag\n| builtins.int\n| enum.Flag\n| enum.Enum\n| builtins.object\n|\n| Data and other attributes defined here:\n|\n| VERIFYALLOWPROXYCERTS = \n|\n| VERIFYCRLCHECKCHAIN = \n|\n| VERIFYCRLCHECKLEAF = \n|\n| VERIFYDEFAULT = \n|\n| VERIFYX509PARTIALCHAIN = \n|\n| VERIFYX509TRUSTEDFIRST = value.\n|\n| This mapping lists all enum members, including aliases. Note that this\n| is a read-only view of the internal mapping.\n\n#### class VerifyMode\n\n| VerifyMode(value, names=None, *, module=None, qualname=None, type=None, start=1)\n|\n| An enumeration.\n|\n| Method resolution order:\n| VerifyMode\n| enum.IntEnum\n| builtins.int\n| enum.Enum\n| builtins.object\n|\n| Data and other attributes defined here:\n|\n| CERTNONE = \n|\n| CERTOPTIONAL = \n|\n| CERTREQUIRED = \n|\n| ----------------------------------------------------------------------\n| Data descriptors inherited from enum.Enum:\n|\n| name\n| The name of the Enum member.\n|\n| value\n| The value of the Enum member.\n|\n| ----------------------------------------------------------------------\n| Readonly properties inherited from enum.EnumMeta:\n|\n| members\n| Returns a mapping of member name->value.\n|\n| This mapping lists all enum members, including aliases. Note that this\n| is a read-only view of the internal mapping.\n\n### FUNCTIONS\n\nDERcerttoPEMcert(dercertbytes)\nTakes a certificate in binary DER format and returns the\nPEM version of it as a string.\n\nPEMcerttoDERcert(pemcertstring)\nTakes a certificate in ASCII PEM format and returns the\nDER-encoded version of it as a byte sequence\n\nRANDadd(string, entropy, /)\nMix string into the OpenSSL PRNG state.\n\nentropy (a float) is a lower bound on the entropy contained in\nstring. See RFC 4086.\n\nRANDbytes(n, /)\nGenerate n cryptographically strong pseudo-random bytes.\n\nRANDpseudobytes(n, /)\nGenerate n pseudo-random bytes.\n\nReturn a pair (bytes, iscryptographic). iscryptographic is True\nif the bytes generated are cryptographically strong.\n\nRANDstatus()\nReturns True if the OpenSSL PRNG has been seeded with enough data and False if not.\n\nIt is necessary to seed the PRNG with RANDadd() on some platforms before\nusing the ssl() function.\n\n#### cert_time_to_seconds\n\nReturn the time in seconds since the Epoch, given the timestring\nrepresenting the \"notBefore\" or \"notAfter\" date from a certificate\nin ``\"%b %d %H:%M:%S %Y %Z\"`` strptime format (C locale).\n\n\"notBefore\" or \"notAfter\" dates must use UTC (RFC 5280).\n\nMonth is one of: Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec\nUTC should be specified as GMT (see ASN1TIMEprint())\n\n#### create_default_context\n\nCreate a SSLContext object with default settings.\n\nNOTE: The protocol and settings may change anytime without prior\ndeprecation. The values represent a fair balance between maximum\ncompatibility and security.\n\n#### get_default_verify_paths\n\nReturn paths to default cafile and capath.\n\n#### get_protocol_name\n\n#### get_server_certificate\n\nRetrieve the certificate from the server at the specified address,\nand return it as a PEM-encoded string.\nIf 'cacerts' is specified, validate the server cert against it.\nIf 'sslversion' is specified, use it in the connection attempt.\nIf 'timeout' is specified, use it in the connection attempt.\n\n#### match_hostname\n\nVerify that *cert* (in decoded format as returned by\nSSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125\nrules are followed.\n\nThe function matches IP addresses rather than dNSNames if hostname is a\nvalid ipaddress string. IPv4 addresses are supported on all platforms.\nIPv6 addresses are supported on platforms with IPv6 support (AFINET6\nand inetpton).\n\nCertificateError is raised on failure. On success, the function\nreturns nothing.\n\n#### wrap_socket\n\n### DATA\n\nALERTDESCRIPTIONACCESSDENIED = \nCERTOPTIONAL = \nCERTREQUIRED = \nCHANNELBINDINGTYPES = ['tls-unique']\nHASALPN = True\nHASECDH = True\nHASNEVERCHECKCOMMONNAME = True\nHASNPN = False\nHASSNI = True\nHASSSLv2 = False\nHASSSLv3 = False\nHASTLSv1 = True\nHASTLSv11 = True\nHASTLSv12 = True\nHASTLSv13 = True\nOPENSSLVERSION = 'OpenSSL 3.0.2 15 Mar 2022'\nOPENSSLVERSIONINFO = (3, 0, 0, 2, 0)\nOPENSSLVERSIONNUMBER = 805306400\nOPALL = \nOPCIPHERSERVERPREFERENCE = \nOPNOCOMPRESSION = \nOPNORENEGOTIATION = \nOPNOSSLv2 = \nOPNOSSLv3 = \nOPNOTICKET = \nOPNOTLSv1 = \nOPNOTLSv11 = \nOPNOTLSv12 = \nOPNOTLSv13 = \nOPSINGLEDHUSE = \nOPSINGLEECDHUSE = \nPEMFOOTER = '-----END CERTIFICATE-----'\nPEMHEADER = '-----BEGIN CERTIFICATE-----'\nPROTOCOLSSLv23 = \nPROTOCOLTLS = \nPROTOCOLTLSCLIENT = \nPROTOCOLTLSSERVER = \nPROTOCOLTLSv1 = \nPROTOCOLTLSv11 = \nPROTOCOLTLSv12 = \nSOCKSTREAM = \nSOLSOCKET = 1\nSOTYPE = 3\nSSLERROREOF = \nSSLERRORINVALIDERRORCODE = \nSSLERRORSYSCALL = \nSSLERRORWANTCONNECT = \nSSLERRORWANTREAD = \nSSLERRORWANTWRITE = \nSSLERRORWANTX509LOOKUP = \nVERIFYALLOWPROXYCERTS = \nVERIFYCRLCHECKCHAIN = \nVERIFYCRLCHECKLEAF = \nVERIFYDEFAULT = \nVERIFYX509PARTIALCHAIN = \nVERIFYX509TRUSTEDFIRST =