[Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7

Nick Coghlan ncoghlan at gmail.com
Thu Jun 8 09:33:50 EDT 2017

On 8 June 2017 at 21:30, Victor Stinner <victor.stinner at gmail.com> wrote:
> Maybe the intent of my PEP is unclear: the goal is not to allow
> Requests to require MemoryBIO, but to get a wide adoption of a future
> implementation of the new TLS API (PEP). IMHO having an implementation
> working on the latest Python 2.7 version should make it possible to
> use it on some kinds of applications.
> I should take time to read the last messages in this thread and try to
> summarize them in the PEP ;-)

I think the short version of the main unanswered questions would be:

1. How hard would it be to define a full wheel-installable
"backport.ssl" module that made the latest 3.x ssl module API
available to Python 2 applications?
2. Given such a module, how hard would it be to add an "install()"
function that added it to sys.modules as the "ssl" module?

While that wouldn't allow pip or requests to depend on it without some
solution to the bootstrapping problem, it would clearly separate the
two questions, and also give us an architecture closer to the way
importlib2 works (i.e. if you want to make that the implementation of
import in a Python 2 application, you have to explicitly enable it at
runtime, but you can also install it whenever you want, rather than
having to rely on your Python implementation to provide it).

We'd also still be left with the probably of figuring out how to
handle Jython, but I figure we can consider that part of the
bootstrapping problem: how to let applications reliably get hold of
"backport.ssl" under a name provided by the host Python 2.7
implementation, rather than the normal pip-installable name.


Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia

More information about the Python-Dev mailing list