How to use asyncore with SSL?

Grant Edwards grant.b.edwards at gmail.com
Fri Jan 19 11:13:45 EST 2018 

On 2018-01-19, Marko Rauhamaa <marko at pacujo.net> wrote:
> Grant Edwards <grant.b.edwards at gmail.com>:
>
>> I've been trying to use the secure smtpd module from
>> https://github.com/bcoe/secure-smtpd, but the SSL support seems to be
>> fundamentally broken.
[...]
>> I'm trying to fix that, but I can't find any information or
>> documentation about using asyncore with SSL.
>
> I'm all in for asynchronous programming, but asyncore is a bit too naive
> of an approach and shouldn't be used for anything serious. Python3, of
> course, has the asyncio framework.

I would definitely not use it were I writing something from scratch.
But it's what's used by the only secure (SSL+AUTH) smtpd
implementation I can find.

> Additionally, I seem to recall Python's TLS support really supported
> synchronous processing only (based on some experimentation of my own). I
> hope I'm wrong on that.

That depends on what you mean by "support".  You can use ssl-wrapped
sockets in non-blocking mode to build an asynchronous application, but
the API and semantics for ssl-sockets in non-blocking mode are not
identical to plain TCP sockets, so the event-handling or dispatcher
needs to be SSL-aware (which asyn{core,chat} definitely are not).

>> Alternatively, a pointer to a simpler smtp server library that
>> supports SSL would be great. The use of asyncore and multiprocessing
>> process pools by this module is _way_ overkill for my needs and
>> results in something that 1) doesn't work, and 2) can't be debugged.
>
> Haven't tried it myself, but I supposed Twisted might be what you're
> looking for.

It is certianly more SSL-aware than asyncore:

  http://twistedmatrix.com/documents/current/core/howto/ssl.html

And it has smtp server-side support examples:

https://twistedmatrix.com/documents/current/mail/examples/#smtp-servers

> Myself, I've written several "asyncore" replacements in Python as
> well as an SMTP server for my personal email needs. You could also
> consider writing your own implementation.  For async, there's
> select.epoll and the like (assuming Linux), and SMTP is rather a
> simple protocol.

I don't think a simple, low-volume SMTP server needs to be
asynchronous.  The protocol is completely half-duplex command/response
so jumping through hoops to use an async framework seems pointless.
Adding in multiprocessing the way secure-smtpd is really over-the-top
unless you're designing for really high message volumes and connection
counts.

I plan on handling several messages per week and am fine with
supporting only one connection at a time.

So twisted may be overkill also, but at least it looks like it
supports SSL.

-- 
Grant Edwards               grant.b.edwards        Yow! I'm sitting on my
                                  at               SPEED QUEEN ... To me,
                              gmail.com            it's ENJOYABLE ... I'm WARM
                                                   ... I'm VIBRATORY ...

More information about the Python-list mailing list