[Twisted-Python] Twisted+M2Crypto patch
James Y Knight
foom at fuhm.net
Wed Aug 11 15:40:00 MDT 2004
On Aug 11, 2004, at 3:49 PM, Heikki Toivonen wrote:
> I've been working on integrating M2Crypto to Twisted. M2Crypto is a
> Python wrapper for OpenSSL.
IMO, this patch is messy and should not be accepted. It makes the
twisted SSL implementation even more baroque than it already is by
interleaving m2crypto and pyopenssl support code together into one big
blob of insanity.
A switch to an alternative SSL implementation is only worthwhile if it
lets us get *rid* of all the SSL turds all over the generic tcp code.
SSL should be implementable as just another protocol. I believe that it
is currently the fault of PyOpenSSL not exposing the right OpenSSL APIs
for feeding data to it manually that Twisted's SSL is implemented the
way it is.
With a good SSL library API, the Twisted SSL implementation can be done
without any of the sorts of crazy hacks we currently have. See also
<http://trevp.net/tlslite/>, a pure python SSL impl which I believe
someone plugged into twisted in this fashion. I have not looked at it
myself, however.
Someone ought to figure out how to clean up the twisted API to use
TLSLite or M2Crypto or an improved PyOpenSSL, or all of the above, and
get rid of all the ugly code we currently have. (well -- of course some
of it will likely have to stay for backwards compatibility).
James
More information about the Twisted-Python
mailing list