Re: [Python-Dev] peps: Specify start_serving(). Add Post-History.
On Fri, 21 Dec 2012 20:34:18 +0100 (CET)
guido.van.rossum
- In either case, once it has a socket, it will wrap it in a - transport, and then enter a loop accepting connections (the best way - to implement such a loop depends on the platform). Each time a - connection is accepted, a transport and protocol are created for it. + TBD: Support SSL? I don't even know how to do that synchronously, + and I suppose it needs a certificate.
You need a SSLContext, and that SSLContext must have a cert / key pair defined using the `load_cert_chain()` method. I supposed you meant "asynchronously", not "synchronously". The listening socket doesn't have to be a SSL socket, only the connected sockets need to be wrapped. The non-blocking handshake shouldn't be different (AFAICT) for a server SSL socket than for a client SSL socket. Regards Antoine.
I really meant *synchronously*... I usually start with working sync code
and then figure out what to do to make it async. I'll give what you suggest
a try.
--Guido van Rossum (sent from Android phone)
On Dec 21, 2012 11:54 AM, "Antoine Pitrou"
On Fri, 21 Dec 2012 20:34:18 +0100 (CET) guido.van.rossum
wrote: - In either case, once it has a socket, it will wrap it in a - transport, and then enter a loop accepting connections (the best way - to implement such a loop depends on the platform). Each time a - connection is accepted, a transport and protocol are created for it. + TBD: Support SSL? I don't even know how to do that synchronously, + and I suppose it needs a certificate.
You need a SSLContext, and that SSLContext must have a cert / key pair defined using the `load_cert_chain()` method.
I supposed you meant "asynchronously", not "synchronously". The listening socket doesn't have to be a SSL socket, only the connected sockets need to be wrapped. The non-blocking handshake shouldn't be different (AFAICT) for a server SSL socket than for a client SSL socket.
Regards
Antoine.
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/guido%40python.org
On Fri, 21 Dec 2012 12:37:25 -0800
Guido van Rossum
I really meant *synchronously*... I usually start with working sync code and then figure out what to do to make it async. I'll give what you suggest a try.
Ah. Then I hope the doc example can help you: http://docs.python.org/dev/library/ssl.html#server-side-operation Regards Antoine.
On Fri, Dec 21, 2012 at 1:00 PM, Antoine Pitrou
On Fri, 21 Dec 2012 12:37:25 -0800 Guido van Rossum
wrote: I really meant *synchronously*... I usually start with working sync code and then figure out what to do to make it async. I'll give what you suggest a try.
Ah. Then I hope the doc example can help you: http://docs.python.org/dev/library/ssl.html#server-side-operation
Heh. Thanks. However I wouldn't know where to get a certificate. And for unittests, distributing a certificate sounds like an obvious bad idea. :-) -- --Guido van Rossum (python.org/~guido)
2012/12/21 Guido van Rossum
On Fri, Dec 21, 2012 at 1:00 PM, Antoine Pitrou
wrote: On Fri, 21 Dec 2012 12:37:25 -0800 Guido van Rossum
wrote: I really meant *synchronously*... I usually start with working sync code and then figure out what to do to make it async. I'll give what you suggest a try.
Ah. Then I hope the doc example can help you: http://docs.python.org/dev/library/ssl.html#server-side-operation
Heh. Thanks. However I wouldn't know where to get a certificate. And for unittests, distributing a certificate sounds like an obvious bad idea. :-)
It's fairly easy to generate a "fake" self-signed one for testing purposes. We already have some in the test suite. -- Regards, Benjamin
participants (3)
-
Antoine Pitrou
-
Benjamin Peterson
-
Guido van Rossum