On Oct 25, 2015, at 4:54 AM, Jonathan Stoppani <jonathan@stoppani.name> wrote:Hello,A couple of days ago I asked on Stack Overflow about returning a deferred from an SNI callback and have pyOpenSSL wait for it to fire before continuing handling the request.Thanks to some pointers by Gyph I've found a solution ("workaround") for my problem, involving a fake TLSMemoryBIOProtocol to handle the client hello until the SNI is received, firing the SNI callback, waiting for it to callback and then re-feeding the resulting context to the real TLSMemoryBIOProtocol.
The implementation of this solution is available at https://gist.github.com/GaretJax/124c523a62ba48c9eec1, and I'd like to contribute it back to Twisted, however, it has no unit tests and needs some design decisions/validation.
I've opened a ticket to track it at https://twistedmatrix.com/trac/ticket/8065. Real-life impediments permitting, I'm willing to work on it and get the feature supported in Twisted core.
Anyone willing to help me getting a proper patch?
P.S.: A big shout-out to Twisted for its excellent TLS support out of the box. We got a straight A rating out of the box on ssl labs!