[New-bugs-announce] [issue34971] add support for tls/ssl sessions in asyncio

[Rémi Cardona]

New submission from Rémi Cardona <remi2402 at free.fr>:

cpython has had TLS session support since 3.6, using the SSLContext.wrap_* methods. Unfortunately, this support is not available when using asyncio's create_connection.

While I've managed to monkeypatch asyncio.sslproto._SSLPipe from my own code (it's a filthy hack but it's short and it gets the job done) running on 3.6.6, I feel this should be properly supported out of the box.

A patch is ready (tests work), a github PR will be created shortly.

Notes in no particular order:
- argument and attribute naming is all over the place, but I could not decide between "sslsession" (matching "sslcontext") and "ssl_session" (matching "ssl_handshake_timeout") so I just picked one
- tested on jessie (with openssl 1.0.2 from jessie-backports) and on gentoo
- the new asyncio tests added in the patch are adapted from test_ssl.py's test_session, with the server-side stats left out. I felt they were not useful if one assumes that the hard work is done by SSLContext.wrap_*.
- I did not reuse test_asyncio.utils.run_test_server which AIUI creates a new server-side context for each incoming connection, thus breaking sessions completely

TIA for considering this bug and patch

----------
components: asyncio
messages: 327638
nosy: RemiCardona, asvetlov, yselivanov
priority: normal
severity: normal
status: open
title: add support for tls/ssl sessions in asyncio
type: enhancement

_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue34971>
_______________________________________