httplib and HTTPS Connections

runningwild sparkytwobillion at gmail.com
Wed Oct 18 17:17:57 EDT 2006 

Heikki Toivonen wrote:
> runningwild wrote:
> > This is the first time I have cared about httplib's HTTPSConnection.
>
> Please note that the Python builtin SSL support is not really secure. It
> does not make sure that you connect to the site you think you are
> connecting to, for example.
>
> If you really need secure SSL (what is the point of SSL if not secure I
> ask) you should look at other Python modules. There are several to
> choose from, for example M2Crypto (I am the maintainer of that), TLS
> Lite, PyOpenSSL, PyOpenSSL-extended, and possibly others that I am
> forgetting right now.
>
> --
>   Heikki Toivonen

Thanks Heikki,

I downloaded the varioius packages and read through the source code and
docs that came with them.

I am trying to get M2Crypto to work on my workstation. (WinXP/Cygwin,
Python 2.4.4 under cygwin)

Everything seemed to compile and install correctly.

When I try to run https_cli.py however I get the following exception:

LOOP: SSL connect: before/connect initialization
INFO: SSL connect: SSLv2 write client hello A
Traceback (most recent call last):
  File "https_cli.py", line 41, in ?
    test_httpslib()
  File "https_cli.py", line 21, in test_httpslib
    h.endheaders()
  File "/usr/local/lib/python2.4/httplib.py", line 798, in endheaders
    self._send_output()
  File "/usr/local/lib/python2.4/httplib.py", line 679, in _send_output
    self.send(msg)
  File "/usr/local/lib/python2.4/httplib.py", line 646, in send
    self.connect()
  File "/usr/local/lib/python2.4/site-packages/M2Crypto/httpslib.py",
line 43, in connect
    self.sock.connect((self.host, self.port))
  File
"/usr/local/lib/python2.4/site-packages/M2Crypto/SSL/Connection.py",
line 154, in connect
    ret = self.connect_ssl()
  File
"/usr/local/lib/python2.4/site-packages/M2Crypto/SSL/Connection.py",
line 147, in connect_ssl
    return m2.ssl_connect(self.ssl)
M2Crypto.SSL.SSLError: no ciphers available

The no ciphers available seems to be comming from the ssl installation
so I decided to test it with a different client.

%links https://localhost:9443/

This worked just fine showing me the directory listing and allowing me
to navigate.
This was also true for firefox when connecting to
https://localhost:9443/ from the server in
demos/httts.howto/orig_https_srv.py

Any idea what is going on here?

More information about the Python-list mailing list