[Twisted-Python] Issue with TLS failure modes
Robert DiFalco
robert.difalco at gmail.com
Thu Aug 30 11:14:03 MDT 2018
I'm having an issue properly handling TLS failure modes. For example
consider the EchoServer and EchoClient code. If I use a TLS client with a
TCP4 server, I do not get a handshake exception until I abort the
connection. But I don't want to abort the connection unless I get a
handshake error.
What I'd like to do is to check the handshake status in my protocol before
my client sends bytes to the server. I'd like my send message to be able to
raise the <class 'OpenSSL.SSL.Error'>: [('SSL routines', 'ssl23_read', 'ssl
handshake failure'). But for some reason it seems to get lost until I abort
the connection. Does this sound familiar to anyone?
What I've done for now is setup a Timeout mixin so that after my
client.send, if I do not get an ACK back (which my particular protocol
does) within two minutes, I just abort the connection. This then calls
connectionLost with the correct SSL.Error. But if it's in the error queue
(and found during the course of abortConnection then isn't there a way to
find it sooner? Like before my timeout and before I call send on the client
protocol?
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20180830/16255fd6/attachment.html>
More information about the Twisted-Python
mailing list