[Twisted-Python] ldaptor authorizer / getObjectAtSSL

carball at hush.com carball at hush.com
Thu Dec 5 03:53:53 EST 2002

ok, got a ldap authorizer for pb working, using most of the code that's
in ldaptor-webui ( had to subclass some "auth stuff" in pb, as well
as roll my own pb.connect processing chain to bypass the md5 challenge/auth ) and now i'm passing the password in the clear
during login, which is not a good thing. . but i'm pretty sure
i have to do this. . ( any alternative suggestions? )

so now, i have a situation where SSL'itizing pb is a necessity
and i cant deploy my app without it. .

ppl say they are doing it, i know now that it is not a trivial thing
( got myself the orielly openssl book, to ease my understanding )

so i go to use pb.getObjectAtSSL, and i see that it's not passing
in a ctxFactory to reactor.connectSSL??

so i plug a ssl.ClientContextFactory in and try to run the pbsimple.py
and pbsimpleclient.py ( from docs/examples ) with the same setup as
echoserv_ssl.py and echoclient_ssl.py, to no avail. .

i ran a tcpdump, seems the client starts, the server responds,
the client says something back, and that's it. . the first deferred never returns, i do a ctrl-c and it runs the errback with a 'connection lost' failure. .


with all that out of the way, my questions:

has anyone written pb/ssl code that works?

what are the hurdles that must be cleared in order to get
tricky twisted protocols ( in this case i'm talking about
pb and ldaptor ) to work through SSL?

thank you

Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 

More information about the Twisted-Python mailing list