[Twisted-Python] connectionMade, TLS and DoS protection timeouts
Tobias Oberstein
tobias.oberstein at tavendo.de
Thu Mar 1 11:11:03 EST 2012
> >I was wondering how I could protect a Twisted server from evil clients
> >initiating, but never completing a TLS handshake.
> >
> >connectionMade is only called when the TLS handshake has completed,
> >right?
>
> Actually, this is not right. It's sort of a wart, but connectionMade is called when
> the underlying TCP connection is established. The TLS handshake will always
> complete at some later time.
>
> One reason we (or at least I) have not yet really tried to change this is that
> doing so would make it harder to address just the problem you're talking about.
Thanks for clarifying!
So I guess I'll be fine with triggering a callLater of drop/abortConnection in
connectionMade. Good. Less code changes.
\Tobias
More information about the Twisted-Python
mailing list