"Matthias Kluwe" <[EMAIL PROTECTED]> writes: > Hmm. I tried > > server.sock.realsock.shutdown(2) > before server.quit() with the result of
I don't think that's exactly what you want. You need to send a specific TLS message BEFORE shutting down the socket, to tell the other end that the TLS connection is ending. That tells the server that it shouldn't accept a TLS session resumption later. The close notify message is required because if you don't send it, an attacker could truncate one of your TLS messages by cutting your connection. Basically the socket library's SSL implementation is pretty crude. You might try http://trevp.net/tlslite for a pure-Python implementation that's also still missing stuff, but is getting there. -- http://mail.python.org/mailman/listinfo/python-list