The cleaned up pull request should be really easy to try, with a dehydrated:(basedir) string port. Go get some certs people!
On Sun, Mar 24, 2019, 00:55 Glyph <gl...@twistedmatrix.com> wrote: > I think ACME_TLS_1 is a sufficiently high-entropy string that the > likelihood of brokenness from this approach is basically zero. > > -g > > On Mar 23, 2019, at 9:20 PM, Daniel Holth <dho...@gmail.com> wrote: > > All we have to do is have some kind of per connection certificate store or > flag. If acme is in the first packet and the special certificate exists, > send it. Otherwise send the normal certificate, for a very short window of > possible brokenness. Letsencrypt may or may not require correct alpn > negotiation. Should be simple. > > I'm happy running the acme client separately and listing my domain instead > of doing it all on demand inside twisted. > > > On Sat, Mar 23, 2019, 23:59 Glyph <gl...@twistedmatrix.com> wrote: > >> >> >> > On Mar 23, 2019, at 4:06 PM, Daniel Holth <dho...@gmail.com> wrote: >> > >> > HOLY REGEX BATMAN >> > >> > class _ConnectionProxy(object): >> > >> > def bio_write(self, buf): >> > if ACME_TLS_1 in buf: >> > self.acme_tls_1 = True >> > self.bio_write = self._obj.bio_write >> > return self._obj.bio_write(buf) >> > Now we can choose the acme certificate store in the sni callback and >> > make letsencrypt happy! >> >> 1. Gross >> 2. Hooray! >> >> -g >> >> _______________________________________________ >> Twisted-Python mailing list >> Twisted-Python@twistedmatrix.com >> https://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python >> > _______________________________________________ > Twisted-Python mailing list > Twisted-Python@twistedmatrix.com > https://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python > > > _______________________________________________ > Twisted-Python mailing list > Twisted-Python@twistedmatrix.com > https://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python >
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com https://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python