[Twisted-Python] txsni + alpn + acme (letsencrypt)
Daniel Holth
dholth at gmail.com
Sat Mar 23 16:39:07 MDT 2019
Wow! Such broken. I was starting to get suspicious of openssl myself.
Poor documentation about the rules on context switching and whether
doing things in a certain order should trigger callbacks.
At least you can get a cert when the ALPN / ACME certificate (and
DEFAULT?) is the only one provided by twisted. If the several attempts
they make came from the same IP address that might be one way to hack
it.
If it gets that bad I'll put the ClientHello regex next to the
regex-based pkcs parser from my rsalette library :)
Fixing the http-01 challenge is a very rational suggestion.
Thanks!
Daniel
More information about the Twisted-Python
mailing list