Mailman 3 April 2017 - Twisted-web

Twisted Web Agent configurable Elliptic Curves settings
by Paul Tremberth Dec. 16, 2021

Dec. 16, 2021

Hello, The other day, we had a Scrapy user report an issue connecting to https://www.skelbiu.lt/ with OpenSSL 1.1 [1] To not mix scrapy's things with Twisted Web, I used this (adapted from official docs): #--------------- from __future__ import print_function from twisted.internet import reactor from twisted.web.client import Agent from twisted.web.http_headers import Headers agent = Agent(reactor) d = agent.request( 'GET', 'https://www.skelbiu.lt/', Headers({'User-Agent': ['Twisted Web Client Example']}), None) def cbResponse(ignored): print('Response received') d.addCallback(cbResponse) def cbShutdown(ignored): print(ignored) reactor.stop() d.addBoth(cbShutdown) reactor.run() #--------------- And I did get a Handshake failure too: $ python twistedtest.py [Failure instance: Traceback (failure with no frames): <class 'twisted.web._newclient.ResponseNeverReceived'>: [<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')]>] ] It seems this happens (at least) with OpenSSL 1.1.0e (currently in Debian 9 sid [2]) It does not happen (for me) with OpenSSL 1.0.2g for example. I dug into this this afternoon and narrowed it down to the use of _defaultCurveName = u"prime256v1" in twisted.internet._sslverify.py I tried patching the current trunk with _defaultCurveName = u"secp384r1" (the EC that ssllabs.com reports) and it did work. Looking at ClientHello messages for openssl 1.0.2 and 1.1 [4]: with 1.1, only 1 Elliptic Curve is sent by Twisted Web Agent, secp256r1 openssl v1.1 client uses 4 by default: ecdh_x25519, secp256r1, secp521r1, secp384r1 I was wondering what is the proper way to configure requested Elliptic Curves. I haven't seen any interface for this, contrary to ciphers with acceptableCiphers. Thank you for your input. Best, Paul. [1] https://github.com/scrapy/scrapy/issues/2717 [2] https://packages.debian.org/fr/source/sid/openssl [3] https://github.com/twisted/twisted/blob/78679af87e349721a167f35bef239e192e9… [4] https://github.com/scrapy/scrapy/issues/2717#issuecomment-297464034

2 2

Test
by Philippe Lafoucrière Aug. 5, 2021

Aug. 5, 2021

Hi all just a test

3 2

[ANN] txkube 0.1.0
by Jean-Paul Calderone April 10, 2017

April 10, 2017

Hello all, I'm pleased to announce the first release of txkube, a Twisted-based library for interacting with Kubernetes using the HTTP API. This release supports several of the most commonly used basic Kubernetes objects, including Services, ConfigMaps, Deployments, ReplicaSets, and Pods. While Kubernetes has many, many more object kinds, this collection of kinds already supports a very useful set of interactions. Here is an example of txkube usage, taken from the README: from __future__ import print_function from twisted.internet.task import react from txkube import v1, network_kubernetes_from_context @react def main(reactor): k8s = network_kubernetes_from_context(reactor, u"minikube") client = k8s.client() d = client.list(v1.Namespace) d.addCallback(print) return d You can download txkube from PyPI <https://pypi.python.org/pypi> ( https://pypi.python.org/pypi). You can contribute to its development on GitHub <https://github.com/LeastAuthority/txkube> ( https://github.com/LeastAuthority/txkube). Thanks to Least Authority Enterprises <https://leastauthority.com/> ( https://leastauthority.com/) for sponsoring this development. Jean-Paul Calderone http://as.ynchrono.us/

1 0

[ANN] txAWS 0.3.0
by Jean-Paul Calderone April 10, 2017

April 10, 2017

Hello all, I'm pleased to announce the release of txAWS 0.3.0. txAWS is a library for interacting with Amazon Web Services (AWS) using Twisted. You can download the release from PyPI <https://pypi.python.org/pypi/txAWS> (https://pypi.python.org/pypi/txAWS). txAWS development uses GitHub for issues and source control <https://github.com/twisted/txaws> (https://github.com/twisted/txaws). Since the last release, the following enhancements have been made: - Jean-Paul Calderone added basic Route53 support. - Mark Williams add Auth v4, now used by the S3 and Route53 support. - Francisco Souza added support for VPCs to some EC2 APIs. - Drew Smathers added multi-part S3 upload support. - Several people added other S3 client features such as pagination and streaming uploads. - *txaws.testing* now provides S3 and Route53 support. Additionally, the following APIs have been deprecated: - The *client* attribute of *txaws.client.base.BaseQuery* - The *date* attribute of *txaws.s3.client.Query* Thanks to everyone who contributed and to Least Authority Enterprises <https://leastauthority.com/> (<https://leastauthority.com/>) for sponsoring my work on this release. Jean-Paul Calderone

1 0