STINNER Victor added the comment:
For STARTTLS, see also this issue:
https://code.google.com/p/tulip/issues/detail?id=79
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22560
___
Changes by STINNER Victor victor.stin...@gmail.com:
Removed file: http://bugs.python.org/file37637/sslproto-4.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22560
___
STINNER Victor added the comment:
Oh, I wrote the patch for Tulip. Patch regenerated to use Python paths.
--
Added file: http://bugs.python.org/file37638/sslproto-4.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22560
STINNER Victor added the comment:
I updated sslproto3.patch with my remarks: sslproto-4.patch
Main differences with sslproto3.patch (unsorted):
* write_eof raises NotImplementedError
* fix write_buffer_size: use data, not offset
* use tuples in the write backlog
* data_received exits the loop
STINNER Victor added the comment:
I prefer to use the same code on all platforms. I don't like the idea of SSL
bugs specific to Windows.
With this change, it becomes possible to support STARTTLS. IMO supporting
this feature is more important than performance, even if I only expect a low
Antoine Pitrou added the comment:
Antoine, can you please elaborate the rationale of your patch?
The patch adds SSL support for proactor-based event loops (any event loop
supporting plain sockets, actually, so it could also work for libuv etc.).
Is the legacy code only used on Python 3.4
Antoine Pitrou added the comment:
Note this could probably help
https://twitter.com/icgood/status/549915951165358080, which Victor seems to
care about :-)
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22560
Antoine Pitrou added the comment:
Ping :-)
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22560
___
___
Python-bugs-list mailing list
Guido van Rossum added the comment:
Maybe we should just accept this without review? I really don't have time to
review 600+ lines of code, sorry.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22560
STINNER Victor added the comment:
Sorry for the delay. I understood that the change targets the proactor event
loop, and I was busy to fix annoying random bugs in this code (it's not done
yet, see for example the issue #23095 for the most recent bug). Windows is not
my favorite OS, I am less
Guido van Rossum added the comment:
Oh, I think I understand how this could help STARTTLS. Glyph once explained it
to me. STARTTLS takes an existing non-TLS Transport and layers a TLS Transport
on top of it. This requires the TLS layer to read/write from the underlying
Transport using the
STINNER Victor added the comment:
FYI Twisted supports SSL with IOCP using pyOpenSSL 0.10 (released in 2009) or
newer. The support is based on twisted.protocols.tls.TLSMemoryBIOFactory.
It looks like the memory BIO implementation is now preferred on all platforms.
See the
STINNER Victor added the comment:
Note this could probably help
https://twitter.com/icgood/status/549915951165358080, which Victor seems to
care about :-)
Copy of the tweet: @gvanrossum Will we be seeing TLS upgrade support (e.g.
STARTTLS) soon in asyncio / tulip? All threads and issues
STINNER Victor added the comment:
Maybe we should just accept this without review? I really don't have time to
review 600+ lines of code, sorry.
SSL/TLS is very important and the patch is large, a review is required. I
posted a first review with a lot of comments.
--
Antoine Pitrou added the comment:
From issue 22768:
Maybe
transport.get_extra_info('socket').getpeercert(True)
would be okay, no patch needed?
That will be problematic with issue22560. The clear-text socket object and the
SSL object become unrelated, and it would be logical for
STINNER Victor added the comment:
I will try to take a look next week.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22560
___
___
Antoine Pitrou added the comment:
Does someone want to review this?
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22560
___
___
Antoine Pitrou added the comment:
Here is an updated patch. It hooks into the Proactor event loop (tested under
Windows) and also adds a fallback for older Pythons (with tests).
--
Added file: http://bugs.python.org/file36945/sslproto3.patch
___
Changes by Antoine Pitrou pit...@free.fr:
--
stage: - patch review
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22560
___
___
Python-bugs-list
Antoine Pitrou added the comment:
Or perhaps the code can be kept identical with the exception of the
sslproto.py file, and conditional import of the latter?
I think that's reasonable, yes. The _SelectorSslTransport is still there and
can be used if the ssl module is not recent enough.
New submission from Antoine Pitrou:
Now that #21965 is implemented, it is possible to improve SSL support in
asyncio by making it independent of how the underlying event loop works (e.g.
whether it is a Unix-like reactor or a proactor).
--
messages: 228628
nosy: geertj,
Changes by Antoine Pitrou pit...@free.fr:
--
components: +asyncio
type: - enhancement
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22560
___
___
Antoine Pitrou added the comment:
Here is a proof-of-concept patch. I've only tested it under Linux, but it
should be possible to write a simple _make_ssl_transport() for the
BaseProactorEventLoop.
--
keywords: +patch
nosy: +sbt
Added file:
Guido van Rossum added the comment:
This is awesome news!
Since this is 3.5 only, I guess this means the end of my attempts to keep the
asyncio source code identical in the Tulip repo (from which I occasionally
create builds that work with Python 3.3) and in the 3.4 and 3.5 branches. I
24 matches
Mail list logo