[Python-Dev] Summer of Code: Developing complete SSL support for Python
Gustavo J. A. M. Carneiro
gjc at inescporto.pt
Sun Jun 5 14:05:25 CEST 2005
On Sat, 2005-06-04 at 12:26 -0600, Shane Hathaway wrote:
> Florencio Cano Gabarda wrote:
> > I would like to do the new SSL module as good as possible. A piece of
> > art and efficiency if possible and obviusly having in mind all
> > programming standards.
>
> Guido and much of the community would certainly be appreciative of a new
> SSL module, especially if you can overcome the problems that plague
> M2Crypto.
>
> http://www.artima.com/weblogs/viewpost.jsp?thread=95863
>
> I would say that the criteria for success would be:
>
> 1) A module, expected to be included in the standard library, that makes
> it easy to create both client and server SSL sockets.
>
> 2) No leaks or segfaults.
>
> 3) An API that any programmer can use without knowing much about
> cryptography.
>
> I want to be able to write code that's as simple as this:
>
> import socket
> import ssl
>
> def open_ssl_socket(address):
> base = socket.socket()
> base.connect(address)
> sock = ssl.client(base)
> return sock
>
> def run_server(port, handler, pki_files):
> keys = ssl.load_keys(pki_files)
> s = socket.socket()
> s.bind(('', port))
> s.listen(5)
> while True:
> base, address = s.accept()
> sock = ssl.server(base, keys)
> handler(sock)
> sock.close()
>
> "pki_filenames" in the example is a list of key files, certificate
> files, certificiate signing requests, and perhaps other PKI files. I
> want the ssl module to figure out for itself what each file means, so
> that I as a mere human can forget about those details. :-) However, if
> there's any ambiguity in the set of files provided, the SSL module
> should throw an exception rather than try to guess the intent.
>
> If you're ambitious, you could also figure out how to make this work
> with non-blocking sockets. I believe Twisted has made progress there.
4. In the socket module documentation:
ssl(
sock[, keyfile, certfile])
Initiate a SSL connection over the socket sock. keyfile is the
name of a PEM formatted file that contains your private key.
certfile is a PEM formatted certificate chain file. On success,
a new SSLObject is returned.
Warning: This does not do any certificate verification!
I would make it a top priority to enable certificate verification in
ssl sockets. I don't see the point in doing SSL without certificate
verification. It's just false security. Maybe adding a callback asking
the application what to do if certificate validation fails, so that
application writers can show a GUI dialogue or something like that...
Best regards.
--
Gustavo J. A. M. Carneiro
<gjc at inescporto.pt> <gustavo at users.sourceforge.net>
The universe is always one step beyond logic
More information about the Python-Dev
mailing list