bioopenssl: ssl protocol for asyncio but using pyOpenSSL
This is my first asyncio project. I will probably not finish it, but let me know if anyone's interested in picking up where I left off. It is `asyncio.sslproto`, but with all calls to `ssl` replaced with equivalent calls to pyOpenSSL's `OpenSSL.SSL` module. It passes some of the tests, I think it is basically working. This is useful because the built in `ssl` module is missing some features compared to pyopenssl. However the pyopenssl version would require additional work to do critical things like certificate and hostname checking. https://bitbucket.org/dholth/bioopenssl/src/default/ Thanks, Daniel Holth
Specifically I was interested in OCSP stapling. One might also be interested in certain other callbacks like the one needed to serve SNI on Python < 3.7. It's possible to load certs from memory instead of from the filesystem in pyOpenSSL. The most important missing piece is hostname verification; pyOpenSSL users tend to use https://pypi.org/project/service_identity/ for that.
participants (1)
-
Daniel Holth