[Twisted-Python] Aborting a connection attempt when HTTPS client detected on HTTP only server?

[Michael Schlenker]

Hi,

I have a probably small issue i need to solve:

There is some kind of client that tries a HTTPS connection first and
falls back to HTTP if it does not work/times out, because the server
does not support SSL. (yes, i know that logic/procedure is kind of
stupid from a security point of view, but sadly i cannot change it).

When the server is proxied by Apache, this leads to immediate abortion
of the connection, but when i connect directly to the server built with
Twisted web module, it hangs until a timeout. The client in this case is
some libcurl based C++ code using the Windows SChannel SSL API.

I now want to have it fail immediately with Twisted too, instead of
waiting for the SSL layer on the client side to time out.

I found some patch that handles the inverse problem (detect HTTP to
HTTPS port):
http://twistedmatrix.com/trac/ticket/490

Is there some pre-made solution, or would i have to hook into the
connection setup of twisted.web and check the first few bytes for the
signs of an SSL Handshake signature?

Michael

-- 
Michael Schlenker
Software Architect

CONTACT Software GmbH           Tel.:   +49 (421) 20153-80
Wiener Straße 1-3               Fax:    +49 (421) 20153-41
28359 Bremen
http://www.contact.de/          E-Mail: msc at contact.de

Sitz der Gesellschaft: Bremen
Geschäftsführer: Karl Heinz Zachries, Ralf Holtgrefe
Eingetragen im Handelsregister des Amtsgerichts Bremen unter HRB 13215