Drew's sslserv support into 2.1?

[Drew Csillag]

It has been *rightly* rejected by the BDFL for the following reasons:

   * M2Crypto does a *much* better job
   * If your server key is encrypted (it should be), it pops up a password
     prompt every time a connection is sslserv()'d which, in a word, sucks.

M2Crypto's Homepage is http://mars.post1.com/home/ngps/m2/.  Check it out.

Drew


On Tue, Feb 20, 2001 at 10:48:54AM +0000, Bryan Mongeau wrote:
> lorenzo at sancho.ccd.uniroma2.it wrote:
> 
> > On Sep 22, 2000 Drew Csillag posted a patch adding an sslserver
> > object to the socket module. Since it could be (very) useful, even
> > though we all know about the shortcomings of such basic support
> > when confronted with a complete support such as that which could
> > come from a real SSL module, I hope the patch would not be forgot,
> > and get in before 2.1 beta/freeze.
> > 
> > A nice time to all of the readers.
> > 
> > Lorenzo
> > 
> > 
> 
> Hi Lorenzo,
> 
> I am unfamiliar with the patch you mention. However, if it is anything like 
> Brian Gallew's patch for 2.0, it is based on OpenSSL/SSLeay. Granted the 
> functionality is nice, but do all users want to include such a large 
> external library?  Weigh the price of the code bloat vs. the amount of 
> people that will actually use it and I'm sure you'll conclude its status as 
> a patch is justified. Additionally, SSL socket support is already a trivial 
> matter with extensions like amkCrypto and M2Crypto.  Not to mention export 
> restrictions should it be incorporated into the code.
> 
> However, I would like to take a look at it. Do you have a link?
> 
> Regards,
> -- 
> <==================================>
> Bryan Mongeau
> Lead Developer, Director
> eEvolved Real-Time Technologies Inc.
> http://www.eevolved.com
> <==================================>
> 
> "Scientific beliefs are supported by evidence, and they get results. Myths 
> and faiths are not and do not" -- Richard Dawkins
> 

-- 
Drew Csillag