On Fri, 05 Mar 2004 22:33:48 -0800, Trevor Perrin <trevp@trevp.net> wrote:

Hi Twisted folks,

I recently wrote an SSL library in python [1] and got it working with asyncore. I'd like to make it useable with Twisted too. The library has a few nice features, so it wouldn't be totally redundant with Twisted's current SSL support: - it can run in pure python (slowly) - it supports some nonstandard authentication methods (SRP, cryptoIDs, and shared-keys)

As a proof-of-concept I did some blunt-object surgery, and got Twisted's pre-configured web server using it for HTTPS.

To do a real integration, though, I think I'd need help: I'm a Twisted newbie, and Twisted looks tightly-coupled with PyOpenSSL. At least, there's no easy way to "plug in" that I saw. In the mailing list there was talk about Jython/Java SSL [2]. That would have the same issues, I think, so maybe they could be looked at together.

Anyways, if anyone's interested in discussing the details, let me know!

I'm definitely interested in getting Twisted doing SSL with a pure-python SSL library. I have only had time to look at TLSLite briefly, and probably won't have any time to attempt the integration for a little while (several weeks at the earliest, I imagine). I might be able to offer some pointers though. One tip: don't try to integrate with the existing SSL code. The implementation is very much a result of the API limitations of PyOpenSSL. Preferably, a new implementation will provide SSL support as a protocol instead of a transport. For examples of how this can be done, see twisted.protocols.policies. Jp