[Twisted-Python] Twisted+M2Crypto patch

Glyph Lefkowitz glyph at divmod.com
Wed Aug 11 17:50:13 EDT 2004


On Wed, 2004-08-11 at 17:40, James Y Knight wrote:
> On Aug 11, 2004, at 3:49 PM, Heikki Toivonen wrote:
> > I've been working on integrating M2Crypto to Twisted. M2Crypto is a 
> > Python wrapper for OpenSSL.
> 
> IMO, this patch is messy and should not be accepted.

I agree, for your stated reasons.

> A switch to an alternative SSL implementation is only worthwhile if it 
> lets us get *rid* of all the SSL turds all over the generic tcp code. 
> SSL should be implementable as just another protocol. I believe that it 
> is currently the fault of PyOpenSSL not exposing the right OpenSSL APIs 
> for feeding data to it manually that Twisted's SSL is implemented the 
> way it is.

In a sense, this is true, but there is also a fault of Twisted's API:
there needs to be a standard, robust, well-documented way to plug a new
transport type into the reactor.  (With one caveat: the current TLS
hacks are totally insane and are likely to remain that way; there's not
much to be done about that.)

So, PyOpenSSL should plug into the reactor as a transport, but all other
(saner) Python SSL implementations ought to plug in as a protocol.

-- 
  _  \ Glyph Lefkowitz   |"Strange is the night where black stars rise,
 / \  \ glyph at divmod.com | And strange moons circle through the skies,
 ` _o_ \-----------------+ But stranger still is, Lost Carcosa"
  ( ._\ \ - Cassilda's Song, "The King in Yellow", Act 1, Scene 2





More information about the Twisted-Python mailing list