[Twisted-Python] Updated TLS patch

Skinny Puppy skin_pup-twisted at damnable.happypoo.com
Fri May 2 08:30:28 EDT 2003


Jp Calderone [exarkun at intarweb.us] wrote:
>   I've taken Jeremy Rossi's TLS patch and updated it for current CVS, and
> also cleaned up the parts of it that broke regular TCP when SSL was
> unavailable.
> 
>   What I have been completely unable to do is prevent this from introducing
> a branch/function call into the common path for doRead/doWrite, even when
> TLS is not in use.
> 
>   In order of desirability (imho), this can be fixed by:
> 
>     Rewrite tcp.py, more or less completely, *without* juggling methods as
> it currently does.
> 
>     Take the _TLS_* and _NOTLS_* functions and just inline them.
> 
>     Create a new transport, TLS, along with all the associated
> methods/functions (connect/listen/etc) so as to keep TLS code out of tcp.py
> entirely.
> 

The branch/function call can be avoided by replacing the doRead/doWrite/etc
methods in startTLS.  While this is still not very perty ;)

Example:

<CUT LOTS OF CODE>

    def startTLS(self, ctx):
        if not SSL:
            raise RuntimeException, "No SSL support available"
        assert not self.TLS

        self._startTLS()
        self.socket = SSL.Connection(ctx.getContext(), self.socket)

    def _startTLS(self):
        self.TLS = 1
        self.fileno = self.socket.fileno
        self.doRead = self._TLS_doRead
        self.doWrite = self._TLS_doWrite
        self._closeSocket = self._TLS_closeSocket

    def doRead(self):
        try:
            data = self.socket.recv(self.bufferSize)
        except socket.error, se:
            if se.args[0] == EWOULDBLOCK:
                return
            else:
                return main.CONNECTION_LOST
        if not data:
            return main.CONNECTION_LOST
        return self.protocol.dataReceived(data)
    
    def _TLS_doRead(self):
        if self.writeBlockedOnRead:
            self.writeBlockedOnRead = 0
            return self.doWrite()
        try:
            return self._NOTLS_doRead()
        except SSL.ZeroReturnError:
            # close SSL layer, since other side has done so, if we haven't
            if not self.sslShutdown:
                try:
                    self.socket.shutdown()
                    self.sslShutdown = 1
                except SSL.Error:
                    pass
            return main.CONNECTION_DONE
        except SSL.WantReadError:
            return
        except SSL.WantWriteError:
            self.readBlockedOnWrite = 1
            self.startWriting()
            return
        except SSL.Error:
            return main.CONNECTION_LOST

<CUT LOTS MORE CODE>


Jeremy




More information about the Twisted-Python mailing list