SSL module
Martin Sjögren
martin at strakt.com
Thu Jul 5 04:10:33 EDT 2001
Hey guys
The past few days I've been writing on a basic SSL module for Python,
written completely in C. Yep I'm getting paid to do it. ;)
It uses OpenSSL (of course?) and it's starting to take shape. Of course
there are a multitude of things not finished, a lot of the OpenSSL API
that I haven't included. Let's put it this way, it's doing what we (the
company I work for) need it to do. If someone wants to continue working on
it I'll be just as glad. I might continue working on it in my spare time
too.
I've written this thing as a submodule to the socket module. Unfortunately
(since the socket module has no C API) I had to place all my SSL code in
socketmodule.c, thereby bloating it even more. :(
The advantage is that the SSL.Connection object wraps (almost) all of the
socket methods, so that an SSL.Connection can be used interchangeably with
a socket object. There is one problem. I don't know how to deal with the
makefile() method, since I don't know what it'd mean with respect to an
SSL connection. Currently this raises a NotImplementedError exception.
The basic usage would be something like this:
from socket import SSL
ctx = SSl.Context(SSL.TLSv1_METHOD) # or SSLv[23]_METHOD
ctx.set_verify(SSL.VERIFY_PEER, mycallback)
ctx.use_privatekey(...)
...
sslconn = SSL.Connection(ctx)
sslconn.connect(('host.company.com', 1234))
...
Do you think there would be interest in introducing this into the standard
library? The current (2.1) SSL support in the socket module is - if I may
say so - laughable.
What I'd really need help with, is porting this to windows, I have no idea
how compatible this is, but since I've used only OpenSSL's and Python's
data types I don't think it should be a horrifying project. I don't have
access to a windows machine with OpenSSL and possibility to compile Python
though, so I really need help with this.
Note that the module is far from finished, I have issues with OpenSSL to
deal with, I have a lot of testing to do etc etc.
Where do I go now? How do I continue?
Martin
--
Martin Sjögren
martin at strakt.com ICQ : 41245059
Phone: +46 (0)31 405242 Cell: +46 (0)739 169191
GPG key: http://www.strakt.com/~martin/gpg.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 248 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-list/attachments/20010705/9100ab56/attachment.sig>
More information about the Python-list
mailing list