Heikki Toivonen wrote: > runningwild wrote: > > This is the first time I have cared about httplib's HTTPSConnection. > > Please note that the Python builtin SSL support is not really secure. It > does not make sure that you connect to the site you think you are > connecting to, for example. > > If you really need secure SSL (what is the point of SSL if not secure I > ask) you should look at other Python modules. There are several to > choose from, for example M2Crypto (I am the maintainer of that), TLS > Lite, PyOpenSSL, PyOpenSSL-extended, and possibly others that I am > forgetting right now. > > -- > Heikki Toivonen
Thanks Heikki, I downloaded the varioius packages and read through the source code and docs that came with them. I am trying to get M2Crypto to work on my workstation. (WinXP/Cygwin, Python 2.4.4 under cygwin) Everything seemed to compile and install correctly. When I try to run https_cli.py however I get the following exception: LOOP: SSL connect: before/connect initialization INFO: SSL connect: SSLv2 write client hello A Traceback (most recent call last): File "https_cli.py", line 41, in ? test_httpslib() File "https_cli.py", line 21, in test_httpslib h.endheaders() File "/usr/local/lib/python2.4/httplib.py", line 798, in endheaders self._send_output() File "/usr/local/lib/python2.4/httplib.py", line 679, in _send_output self.send(msg) File "/usr/local/lib/python2.4/httplib.py", line 646, in send self.connect() File "/usr/local/lib/python2.4/site-packages/M2Crypto/httpslib.py", line 43, in connect self.sock.connect((self.host, self.port)) File "/usr/local/lib/python2.4/site-packages/M2Crypto/SSL/Connection.py", line 154, in connect ret = self.connect_ssl() File "/usr/local/lib/python2.4/site-packages/M2Crypto/SSL/Connection.py", line 147, in connect_ssl return m2.ssl_connect(self.ssl) M2Crypto.SSL.SSLError: no ciphers available The no ciphers available seems to be comming from the ssl installation so I decided to test it with a different client. %links https://localhost:9443/ This worked just fine showing me the directory listing and allowing me to navigate. This was also true for firefox when connecting to https://localhost:9443/ from the server in demos/httts.howto/orig_https_srv.py Any idea what is going on here? -- http://mail.python.org/mailman/listinfo/python-list