On Fri, 05 Mar 2004 22:33:48 -0800, Trevor Perrin <trevp(a)trevp.net> wrote:
> Hi Twisted folks,
> I recently wrote an SSL library in python  and got it working with
> asyncore. I'd like to make it useable with Twisted too. The library has a
> few nice features, so it wouldn't be totally redundant with Twisted's
> current SSL support:
> - it can run in pure python (slowly)
> - it supports some nonstandard authentication methods (SRP, cryptoIDs,
> and shared-keys)
> As a proof-of-concept I did some blunt-object surgery, and got Twisted's
> pre-configured web server using it for HTTPS.
> To do a real integration, though, I think I'd need help: I'm a Twisted
> newbie, and Twisted looks tightly-coupled with PyOpenSSL. At least,
> there's no easy way to "plug in" that I saw. In the mailing list there was
> talk about Jython/Java SSL . That would have the same issues, I think,
> so maybe they could be looked at together.
> Anyways, if anyone's interested in discussing the details, let me know!
I'm definitely interested in getting Twisted doing SSL with a pure-python SSL library. I have only had time to look at TLSLite briefly, and probably won't have any time to attempt the integration for a little while (several weeks at the earliest, I imagine). I might be able to offer some pointers though.
One tip: don't try to integrate with the existing SSL code. The implementation is very much a result of the API limitations of PyOpenSSL. Preferably, a new implementation will provide SSL support as a protocol instead of a transport. For examples of how this can be done, see twisted.protocols.policies.