[Twisted-Python] Twisted + tlslite

exarkun at divmod.com exarkun at divmod.com
Sat Mar 6 22:40:57 MST 2004


On Fri, 05 Mar 2004 22:33:48 -0800, Trevor Perrin <trevp at trevp.net> wrote:
>
> 
> Hi Twisted folks,
> 
> I recently wrote an SSL library in python [1] and got it working with 
> asyncore.  I'd like to make it useable with Twisted too.  The library has a 
> few nice features, so it wouldn't be totally redundant with Twisted's 
> current SSL support:
>   - it can run in pure python (slowly)
>   - it supports some nonstandard authentication methods (SRP, cryptoIDs, 
> and shared-keys)
> 
> As a proof-of-concept I did some blunt-object surgery, and got Twisted's 
> pre-configured web server using it for HTTPS.
> 
> To do a real integration, though, I think I'd need help: I'm a Twisted 
> newbie, and Twisted looks tightly-coupled with PyOpenSSL.  At least, 
> there's no easy way to "plug in" that I saw.  In the mailing list there was 
> talk about Jython/Java SSL [2].  That would have the same issues, I think, 
> so maybe they could be looked at together.
> 
> Anyways, if anyone's interested in discussing the details, let me know!

  I'm definitely interested in getting Twisted doing SSL with a pure-python SSL library.  I have only had time to look at TLSLite briefly, and probably won't have any time to attempt the integration for a little while (several weeks at the earliest, I imagine).  I might be able to offer some pointers though.

  One tip: don't try to integrate with the existing SSL code.  The implementation is very much a result of the API limitations of PyOpenSSL.  Preferably, a new implementation will provide SSL support as a protocol instead of a transport.  For examples of how this can be done, see twisted.protocols.policies.

  Jp




More information about the Twisted-Python mailing list