[PYTHON-CRYPTO] Added M2Crypto wrapper for Twisted, some significant changes

Heikki Toivonen heikki at OSAFOUNDATION.ORG
Thu Apr 14 01:43:53 CEST 2005 

I just checked in changes that make it possible to use M2Crypto[1] with
Twisted[2] so that M2Crypto takes care of the SSL part in
communications. This code has been in use in Chandler[3], in IMAP and
SMTP code. I have also done a trivial WebDAV HTTP test with this
wrapper. This has only been tested in a client, so I would be surprised
if it worked in a server without some additional tweaks.

Some changes were required in other parts of M2Crypto, changing existing
  functionality, so take note.

Also the new code has a bunch of XXX comments where I am not sure what
the best course of action would be. The use of Checker especially really
grates on me, but I decided to check this in now rather than leave this
in limbo indefinitely (it has been in Chandler tree for over 4 months).
We'd need some samples on how to use this as well.

Let me know if you experience any trouble.

Thanks to Trevor Perrin for blazing the way with his TLS Lite[4]
package: it showed me how to write an SSL wrapper for Twisted. Trevor's
code is for server, and I was unable to get it to work for client.

ChangeLog:

- X509.get_ext raises LookupError if extension not found
- SSL.Checker and SSL.TwistedProtocolWrapper are new files that provide
checking SSL connection and the actual Twisted wrapper
- Wrapped BIO_s_bio(), bio_ctrl_wpending(),
bio_ctrl_get_write_guarantee(), bio_make_bio_pair(),
bio_set_write_buf_size(), bio_should_retry(), bio_should_read(),
bio_should_write() methods
- bio_read, bio_write, bio_gets now raise exceptions on error (were
silent before)
- provided constants SSL_MODE_ENABLE_PARTIAL_WRITE,
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER, SSL_MODE_AUTO_RETRY
- wrapped methods ssl_set_mode(), ssl_get_mode(), ssl_is_init_finished()
- added and modified some tests (need samples on using the twisted
wrapper, though)

[1]: http://sandbox.rulemaker.net/ngps/m2/
[2]: http://twistedmatrix.com/
[3]: http://www.osafoundation.org/
[4]: http://trevp.net/tlslite/

--
   Heikki Toivonen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20050413/033e3506/attachment.pgp>

More information about the python-crypto mailing list