[Twisted-Python] Can transport.write() to hostname instead of IP address?

[Glyph]

On Aug 17, 2018, at 9:24 AM, Sean DiZazzo <sean.dizazzo at gmail.com> wrote:
> 
> Starting to look over the docs and I realize I might have just been able to incorporate the `optionsForClientTLS` into what I was already using. 
> 
> I was using `reactor.connectSSL()` with a default ``ssl.ClientContextFactory()` so I think I can make my own sslClientContextFactory with `optionsForClientTLS(hostname=host)` and pass that in to connectSSL instead.
> 
> It would look something like this:
> 
> reactor.connectSSL(hostname, port, MyProtocolClientFactory(), optionsForClientTLS(hostname=hostname))
> 
> I'll give it a try and play around with it.  If it doesn't work, I'll head back over to the endpoint examples.

This should indeed work for now, but adopting endpoints is a more forward-looking approach; "connectSSL" is a much less flexible API, and will hopefully someday be removed.

For example:

You can't use connectSSL in combination with UNIX sockets
When we (one day) have a client version of the PROXY endpoint, you won't be able to use that with connectSSL
You can't do TLS-in-TLS tunneling with connectSSL for backhaul connections

It's just generally harder to switch to other secure transports if you're not using the endpoint APIs.

Thanks for using Twisted,

-glyph
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20180818/5ead7e09/attachment-0002.html>