Hi there, We just released an SSL scanner we've been working on for a while. It's written in Python and based on OpenSSL.
Long story short, in order to scan for "newer" issues (like insecure renegotiation), I needed access to OpenSSL APIs that aren't exposed by M2Crypto or PyOpenSSL and direct access to low level functions. Eventually, it became clear that I had to write my own OpenSSL wrapper... I think the result is interesting: SSL is done using a Python socket for network transmission and an OpenSSL BIO pair for encryption/decryption, all in Python using ctypes to call OpenSSL functions. It's a bit like writing C in Python, but clearly not as bad :) Some of you might be interested in looking at the code (nothing too crazy, but I thought it was cool...). Regardless of the implementation details, it's also a nice tool to scan SSL servers for various misconfigurations. So check it out if you're interested ! It's here: http://code.google.com/p/sslyze/ Feedback appreciated too. Thanks,
