bpo-31386: Custom wrap_bio and wrap_socket type (#3426)

SSLSocket.wrap_bio() and SSLSocket.wrap_socket() hard-code SSLObject and SSLSocket as return types. In the light of future deprecation of ssl.wrap_socket() module function and direct instantiation of SSLSocket, it is desirable to make the return type of SSLSocket.wrap_bio() and SSLSocket.wrap_socket() customizable. Signed-off-by: Christian Heimes <christian@python.org>
2025-11-01 18:51:43 +00:00 · 2017-09-15 20:26:05 +02:00 · 2017-09-15 20:26:05 +02:00 · 4df60f18c6
commit 4df60f18c6
parent ff70289002
4 changed files with 67 additions and 13 deletions
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@ -1593,8 +1593,9 @@ to speed up repeated connections from the same clients.
      do_handshake_on_connect=True, suppress_ragged_eofs=True, \
      server_hostname=None, session=None)

-   Wrap an existing Python socket *sock* and return an :class:`SSLSocket`
-   object.  *sock* must be a :data:`~socket.SOCK_STREAM` socket; other socket
+   Wrap an existing Python socket *sock* and return an instance of
+   :attr:`SSLContext.sslsocket_class` (default :class:`SSLSocket`).
+   *sock* must be a :data:`~socket.SOCK_STREAM` socket; other socket
   types are unsupported.

   The returned SSL socket is tied to the context, its settings and
@ -1617,12 +1618,25 @@ to speed up repeated connections from the same clients.
   .. versionchanged:: 3.6
      *session* argument was added.

+    .. versionchanged:: 3.7
+      The method returns on instance of :attr:`SSLContext.sslsocket_class`
+      instead of hard-coded :class:`SSLSocket`.
+
+.. attribute:: SSLContext.sslsocket_class
+
+   The return type of :meth:`SSLContext.wrap_sockets`, defaults to
+   :class:`SSLSocket`. The attribute can be overridden on instance of class
+   in order to return a custom subclass of :class:`SSLSocket`.
+
+   .. versionadded:: 3.7
+
 .. method:: SSLContext.wrap_bio(incoming, outgoing, server_side=False, \
                                server_hostname=None, session=None)

-   Create a new :class:`SSLObject` instance by wrapping the BIO objects
-   *incoming* and *outgoing*. The SSL routines will read input data from the
-   incoming BIO and write data to the outgoing BIO.
+   Wrap the BIO objects *incoming* and *outgoing* and return an instance of
+   attr:`SSLContext.sslobject_class` (default :class:`SSLObject`). The SSL
+   routines will read input data from the incoming BIO and write data to the
+   outgoing BIO.

   The *server_side*, *server_hostname* and *session* parameters have the
   same meaning as in :meth:`SSLContext.wrap_socket`.
@ -1630,6 +1644,18 @@ to speed up repeated connections from the same clients.
   .. versionchanged:: 3.6
      *session* argument was added.

+   .. versionchanged:: 3.7
+      The method returns on instance of :attr:`SSLContext.sslobject_class`
+      instead of hard-coded :class:`SSLObject`.
+
+.. attribute:: SSLContext.sslobject_class
+
+   The return type of :meth:`SSLContext.wrap_bio`, defaults to
+   :class:`SSLObject`. The attribute can be overridden on instance of class
+   in order to return a custom subclass of :class:`SSLObject`.
+
+   .. versionadded:: 3.7
+
 .. method:: SSLContext.session_stats()

   Get statistics about the SSL sessions created or managed by this context.