[Security-sig] Unified TLS API for Python: Round 2
Christian Heimes
christian at cheimes.de
Thu Jan 26 03:50:10 EST 2017
On 2017-01-26 08:49, Nick Coghlan wrote:
[...]
> Option 5: as with Option 4, but the "ssl" module is also changed such
> that it *always* defines at least ssl.SSLError, ssl.SSLWantReadError,
> and ssl.SSLWantWriteError (and perhaps some of the other APIs that can
> be emulated atop the new tls abstraction), even if OpenSSL itself is
> unavailable
[...]
> Option 5 would cover even that last case: legacy API consumers that
> only relied on being able to catch the legacy exceptions would
> tolerate the use of non-OpenSSL backends even in environments where
> OpenSSL itself wasn't available
Hi Nick,
I'm a bit worried that option 5 is wasting resources and/or has unwanted
side effects. Import of ssl is costly because it also loads and
initializes OpenSSL. It's an unnecessary burden for applications that do
not wish to use OpenSSL (macOS SecureTransport, Windows SChannel) at all
or not the bundled OpenSSL version (static builds of cryptography).
How about we move the exceptions and the base class for the
TLSWrappedSocket to the `socket` module instead? In CPython the
exception would live in _socket and get exported as PyCapsule.
The socket module provides
class TLSError(OSError):
"""socket.TLSError"""
class TLWantWriteError(TLSError):
"""socket.TLSWantWriteError"""
class TLWantReadError(TLSError):
"""socket.TLSWantReadError"""
class AbstractSocket(meta=abc.ABCMeta)
"""socket.AbstractSockt"""
The tls module provides:
import socket
from socket import TLSError, TLSWantReadError, TLSWantWriteError
class TLSWrappedSocket(socket.AbstractSocket):
pass
Christian
More information about the Security-SIG
mailing list