[Python-Dev] Memory BIO for _ssl

Antoine Pitrou antoine at python.org
Mon Jul 7 01:49:23 CEST 2014 


Hi,

Le 05/07/2014 14:04, Geert Jansen a écrit :
> Since I need this for my Gruvi async framework, I want to volunteer to
> write a patch. It should be useful as well to Py3K's asyncio and other
> async frameworks. It would be good to get some feedback before I start
> on this.

Thanks for volunteering! This would be a very welcome addition.
Thoughts:

> I was thinking of the following approach:
>
>   * Add a new type to _ssl: PySSLMemoryBIO
>   * PySSLMemoryBIO has a public constructor, and at least the following
> methods: puts() puts_eof() and gets(). I aligned the terminology with
> the method names in OpenSSL. puts_eof() does a
> BIO_set_mem_eof_return(-1).

Hmm... I haven't looked in detail, but at least I'd like those to be 
called read() and write() (and write_eof()), like most other I/O methods 
in Python.
Or if we want to avoid confusion, add an explicit suffix (write_incoming?).

>   * All accesses to the memory BIO as non-blocking.

Sounds sensible indeed (otherwise what would they wait for?).

>   * Update PySSLSocket to add support for SSL_set_bio(). The fact that
> the memory BIO is non-blocking makes it easier. None of the logic in
> and around check_socket_and_wait_for_timeout() for example needs to be
> changed. For the parts that deal with the socket directly, and that
> are in the code path for non-blocking IO, I think the preference would
> be i) try to change the code to use BIO methods that works for both
> sockets and memory BIOs, and ii) if not possible, special case it.

That sounds good in the principle. I don't enough about memory BIOs to 
know whether you will have issues doing so :-)

>   * At this point the PySSLSocket name is a bit of a misnomer as it
> does more than sockets. Probably not an issue.

Agreed.

>   * Add a method _wrap_bio(rbio, wbio, ...) to _SSLContext.
>   * Expose the low-level methods via the "ssl" module.
>
> Creating an SSLSocket with a memory BIO would work something like this:
>
>    context = SSLContext()
>    rbio = ssl.MemoryBIO()
>    wbio = ssl.MemoryBIO()
>    sslsock = ssl.wrap_bio(rbio, wbio)

The one thing I find confusing is the r(ead)bio / w(rite)bio terminology 
(because you actually read and write from both). Perhaps incoming and 
outgoing would be clearer.

Regards

Antoine.

More information about the Python-Dev mailing list