2929
3030#include "py/objtuple.h"
3131#include "py/objlist.h"
32+ #include "py/objproperty.h"
3233#include "py/runtime.h"
3334#include "py/mperrno.h"
3435
@@ -51,6 +52,66 @@ STATIC mp_obj_t ssl_sslcontext_make_new(const mp_obj_type_t *type, size_t n_args
5152 return MP_OBJ_FROM_PTR (s );
5253}
5354
55+ //| def load_verify_locations(self, cadata: Optional[str] = None) -> None:
56+ //| """Load a set of certification authority (CA) certificates used to validate
57+ //| other peers' certificates."""
58+ //|
59+
60+ STATIC mp_obj_t ssl_sslcontext_load_verify_locations (size_t n_args , const mp_obj_t * pos_args , mp_map_t * kw_args ) {
61+ enum { ARG_cadata };
62+ static const mp_arg_t allowed_args [] = {
63+ { MP_QSTR_cadata , MP_ARG_KW_ONLY | MP_ARG_OBJ , {.u_obj = mp_const_none } },
64+ };
65+ ssl_sslcontext_obj_t * self = MP_OBJ_TO_PTR (pos_args [0 ]);
66+
67+ mp_arg_val_t args [MP_ARRAY_SIZE (allowed_args )];
68+ mp_arg_parse_all (n_args - 1 , pos_args + 1 , kw_args , MP_ARRAY_SIZE (allowed_args ), allowed_args , args );
69+
70+ const char * cadata = mp_obj_str_get_str (args [ARG_cadata ].u_obj );
71+
72+ common_hal_ssl_sslcontext_load_verify_locations (self , cadata );
73+ return mp_const_none ;
74+ }
75+ STATIC MP_DEFINE_CONST_FUN_OBJ_KW (ssl_sslcontext_load_verify_locations_obj , 1 , ssl_sslcontext_load_verify_locations );
76+
77+ //| def set_default_verify_paths(self) -> None:
78+ //| """Load a set of default certification authority (CA) certificates."""
79+ //|
80+
81+ STATIC mp_obj_t ssl_sslcontext_set_default_verify_paths (size_t n_args , const mp_obj_t * pos_args , mp_map_t * kw_args ) {
82+ ssl_sslcontext_obj_t * self = MP_OBJ_TO_PTR (pos_args [0 ]);
83+
84+ common_hal_ssl_sslcontext_set_default_verify_paths (self );
85+ return mp_const_none ;
86+ }
87+ STATIC MP_DEFINE_CONST_FUN_OBJ_KW (ssl_sslcontext_set_default_verify_paths_obj , 1 , ssl_sslcontext_set_default_verify_paths );
88+
89+ //| check_hostname: bool
90+ //| """Whether to match the peer certificate's hostname."""
91+ //|
92+
93+ STATIC mp_obj_t ssl_sslcontext_get_check_hostname (mp_obj_t self_in ) {
94+ ssl_sslcontext_obj_t * self = MP_OBJ_TO_PTR (self_in );
95+
96+ return mp_obj_new_bool (common_hal_ssl_sslcontext_get_check_hostname (self ));
97+ }
98+ STATIC MP_DEFINE_CONST_FUN_OBJ_1 (ssl_sslcontext_get_check_hostname_obj , ssl_sslcontext_get_check_hostname );
99+
100+ STATIC mp_obj_t ssl_sslcontext_set_check_hostname (mp_obj_t self_in , mp_obj_t value ) {
101+ ssl_sslcontext_obj_t * self = MP_OBJ_TO_PTR (self_in );
102+
103+ common_hal_ssl_sslcontext_set_check_hostname (self , mp_obj_is_true (value ));
104+ return mp_const_none ;
105+ }
106+ STATIC MP_DEFINE_CONST_FUN_OBJ_2 (ssl_sslcontext_set_check_hostname_obj , ssl_sslcontext_set_check_hostname );
107+
108+ const mp_obj_property_t ssl_sslcontext_check_hostname_obj = {
109+ .base .type = & mp_type_property ,
110+ .proxy = {(mp_obj_t )& ssl_sslcontext_get_check_hostname_obj ,
111+ (mp_obj_t )& ssl_sslcontext_set_check_hostname_obj ,
112+ MP_ROM_NONE },
113+ };
114+
54115//| def wrap_socket(self, sock: socketpool.Socket, *, server_side: bool = False, server_hostname: Optional[str] = None) -> ssl.SSLSocket:
55116//| """Wraps the socket into a socket-compatible class that handles SSL negotiation.
56117//| The socket must be of type SOCK_STREAM."""
@@ -85,6 +146,9 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_KW(ssl_sslcontext_wrap_socket_obj, 1, ssl_sslcont
85146
86147STATIC const mp_rom_map_elem_t ssl_sslcontext_locals_dict_table [] = {
87148 { MP_ROM_QSTR (MP_QSTR_wrap_socket ), MP_ROM_PTR (& ssl_sslcontext_wrap_socket_obj ) },
149+ { MP_ROM_QSTR (MP_QSTR_load_verify_locations ), MP_ROM_PTR (& ssl_sslcontext_load_verify_locations_obj ) },
150+ { MP_ROM_QSTR (MP_QSTR_set_default_verify_paths ), MP_ROM_PTR (& ssl_sslcontext_set_default_verify_paths_obj ) },
151+ { MP_ROM_QSTR (MP_QSTR_check_hostname ), MP_ROM_PTR (& ssl_sslcontext_check_hostname_obj ) },
88152};
89153
90154STATIC MP_DEFINE_CONST_DICT (ssl_sslcontext_locals_dict , ssl_sslcontext_locals_dict_table );
0 commit comments