hi there, folks:
I'd really like to release 0.7.0 but I would like it to be at least a
little bit tested before I do so. Could those of you with CVS trees check
everything out and see if it performs as advertised? Deeper bugs than
that will have to wait for the next release, but I'd at least like to know
if it works for someone other than me.
______ __ __ _____ _ _
| ____ | \_/ |_____] |_____|
|_____| |_____ | | | |
@ t w i s t e d m a t r i x . c o m
Sadly the txkube test suite is still pretty busted against Twisted 17.5.
It was broken for a long time with Twisted 17.1 as well. I'm not sure if
these are exactly the same problems or not but they look somewhat related.
If anyone feels like getting to the bottom of this, I'd appreciate it.
I'm trying to force Klein to use HTTPS, and so far I have a custom error
handler which redirects the user to the HTTPs version of the page via a
check_secure function which takes the request object and raises the
right error if request.isSecure() is False.
Is there a better global way to enforce HTTPS with any part of Klein or
I'm running Twisted 17.5.0 on Python 3.5.3 and want to create a TLS
server with Twisted. I strictly sticked to the example of
http://twistedmatrix.com/documents/current/core/howto/ssl.html, but TLS
server is not running properly.
Despite the server starts correctly, it doesn't offer any cipher suites
to the client, no matter what kind of client is trying to connect. Any
time a client connects, the connection is immediately aborted by server
with the error message of:
<class 'OpenSSL.SSL.Error'>: [('SSL
routines','tls_post_process_client_hello',no shared cipher')]
I tried to connect to server with the TLS echo client example of
echoclient_ssl.py, with openssl s_client command and with nmap by using
the --ssl-enum-ciphers script. Each time it failed with the above error
If I do not use the options offered by ssl.CertificateOptions() as
suggested in the example, but instead create a
ssl.DefaultOpenSSLContextFactory() where I provide the privateKey and
Certificate as filename-strings, the server works correctly and offers
the intended cipher suites.
But I need to create the SSLContext from a OpenSSL PKey-Object (private
Key) and a OpenSSL Certificate-Object. Therefore I adjusted the server
code of the TLS server example to:
certificate = ssl.Certificate(cert_obj)
privkey = ssl.KeyPair(pkey) # pkey is the OpenSSL PKey object
factory = protocol.Factory.forProtocol(Echo)
Again, the server starts, but it does not provide cipher suites so that
no client can connect. Same as above!
Appreciate any help!
I'm in a position that is probably increasingly common. I'm working on a
project that has a dependency that uses asyncio (kademlia).
However, I much prefer to use Twisted.
What's are some best practices for this at the moment?
Justin Myles Holmes
With HTTP/1.1, I used to be able to call request.transport.getPeerCertificate(). When the client uses HTTP/2, however, it seems that request.transport is None. How does one access the transport with HTTP/2? Thank you... Lance