SSL module

Martin Sjögren martin at strakt.com
Thu Jul 5 04:10:33 EDT 2001 

Hey guys

The past few days I've been writing on a basic SSL module for Python,
written completely in C. Yep I'm getting paid to do it. ;)
It uses OpenSSL (of course?) and it's starting to take shape. Of course
there are a multitude of things not finished, a lot of the OpenSSL API
that I haven't included. Let's put it this way, it's doing what we (the
company I work for) need it to do. If someone wants to continue working on
it I'll be just as glad. I might continue working on it in my spare time
too.

I've written this thing as a submodule to the socket module. Unfortunately
(since the socket module has no C API) I had to place all my SSL code in
socketmodule.c, thereby bloating it even more. :(
The advantage is that the SSL.Connection object wraps (almost) all of the
socket methods, so that an SSL.Connection can be used interchangeably with
a socket object. There is one problem. I don't know how to deal with the
makefile() method, since I don't know what it'd mean with respect to an
SSL connection. Currently this raises a NotImplementedError exception.

The basic usage would be something like this:

from socket import SSL
ctx = SSl.Context(SSL.TLSv1_METHOD) # or SSLv[23]_METHOD
ctx.set_verify(SSL.VERIFY_PEER, mycallback)
ctx.use_privatekey(...)
...
sslconn = SSL.Connection(ctx)
sslconn.connect(('host.company.com', 1234))
...

Do you think there would be interest in introducing this into the standard
library? The current (2.1) SSL support in the socket module is - if I may
say so - laughable.

What I'd really need help with, is porting this to windows, I have no idea
how compatible this is, but since I've used only OpenSSL's and Python's
data types I don't think it should be a horrifying project. I don't have
access to a windows machine with OpenSSL and possibility to compile Python
though, so I really need help with this.

Note that the module is far from finished, I have issues with OpenSSL to
deal with, I have a lot of testing to do etc etc.

Where do I go now? How do I continue?

Martin

-- 
Martin Sjögren
  martin at strakt.com              ICQ : 41245059
  Phone: +46 (0)31 405242        Cell: +46 (0)739 169191
  GPG key: http://www.strakt.com/~martin/gpg.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 248 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-list/attachments/20010705/9100ab56/attachment.sig>

More information about the Python-list mailing list