docs/ussl: Add basic description of axTLS-based modussl.

In particular, disclose the fact that server certificates are not validated.
2016-05-22 23:56:22 +03:00 · 2016-05-22 23:56:22 +03:00 · bca4c9e465
parent cb7693bab4
commit bca4c9e465
1 changed files with 61 additions and 38 deletions
--- a/docs/library/ussl.rst
+++ b/docs/library/ussl.rst
@ -8,6 +8,29 @@ This module provides access to Transport Layer Security (often known as
 “Secure Sockets Layer”) encryption and peer authentication facilities for
 network sockets, both client-side and server-side.

+.. only:: not port_wipy
+
+    Functions
+    ---------
+
+    .. function:: ssl.wrap_socket(sock, server_side=False)
+
+       Takes a stream `sock` (usually usocket.socket instance of ``SOCK_STREAM`` type),
+       and returns an instance of ssl.SSLSocket, which wraps the underlying stream in
+       an SSL context. Returned object has the usual stream interface methods like
+       `read()`, `write()`, etc. In MicroPython, the returned object does not expose
+       socket interface and methods like `recv()`, `send()`. In particular, a
+       server-side SSL socket should be created from a normal socket returned from
+       `accept()` on a non-SSL listening server socket.
+
+    .. warning::
+
+       Currently, this function does NOT validate server certificates, which makes
+       an SSL connection established prone to man-in-the-middle attacks.
+
+
+.. only:: port_wipy
+
    Functions
    ---------