[Python-Dev] Memory BIO for _ssl

2014-07-05 Thread Geert Jansen 
Hi,

the topic of a memory BIO for the _ssl module in the stdlib was
discussed before here:

http://mail.python.org/pipermail/python-ideas/2012-November/017686.html

Since I need this for my Gruvi async framework, I want to volunteer to
write a patch. It should be useful as well to Py3K's asyncio and other
async frameworks. It would be good to get some feedback before I start
on this.

I was thinking of the following approach:

 * Add a new type to _ssl: PySSLMemoryBIO
 * PySSLMemoryBIO has a public constructor, and at least the following
methods: puts() puts_eof() and gets(). I aligned the terminology with
the method names in OpenSSL. puts_eof() does a
BIO_set_mem_eof_return(-1).
 * All accesses to the memory BIO as non-blocking.
 * Update PySSLSocket to add support for SSL_set_bio(). The fact that
the memory BIO is non-blocking makes it easier. None of the logic in
and around check_socket_and_wait_for_timeout() for example needs to be
changed. For the parts that deal with the socket directly, and that
are in the code path for non-blocking IO, I think the preference would
be i) try to change the code to use BIO methods that works for both
sockets and memory BIOs, and ii) if not possible, special case it.
 * At this point the PySSLSocket name is a bit of a misnomer as it
does more than sockets. Probably not an issue.
 * Add a method _wrap_bio(rbio, wbio, ...) to _SSLContext.
 * Expose the low-level methods via the "ssl" module.

Creating an SSLSocket with a memory BIO would work something like this:

  context = SSLContext()
  rbio = ssl.MemoryBIO()
  wbio = ssl.MemoryBIO()
  sslsock = ssl.wrap_bio(rbio, wbio)

To pass SSL data from the network and decrypt it into application
level data (and potentially new SSL level data):

  rbio.puts(ssldata)
  appdata = sslsock.read()
  ssldata = wbio.gets()

I currently have a utility class in my async IO framework (gruvi.io)
called SslPipe that does the above, but it uses a socketpair instead
of a memory BIO, and hence it works with the current _ssl. See here:

https://github.com/geertj/gruvi/blob/master/gruvi/ssl.py#L86

This approach, while fine and very fast on Linux, gives me problems on
Windows. It appears that on some older Windows versions, when I write
data to one side of an (emulated) socket pair, it takes some time for
it to become available at the other side. That breaks the synchronous
interface that I need in order for this to work. And I can't fully
work around it as I do not know in all situations whether or not to
expect data on the socketpair. A memory BIO should be the right
solution to this.

Any feedback?

Regards,
Geert
___
Python-Dev mailing list
[email protected]
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] Pending issues

2014-07-05 Thread Mark Lawrence 
The following is a list of the 18 pending issues on the bug tracker. 
All have been in this state for at least one month so I'm assuming that 
they can be closed or they wouldn't have been set to pending in the 
first place.  Can somebody take a look at them with a view to closing 
them or setting them back to open if needed.


16221tokenize.untokenize() "compat" mode misses the encoding when
 using an iterator
15600expose the finder details used by the FileFinder path hook
12588test_capi.test_subinterps() failed on OpenBSD (powerpc)
7979 connect_ex returns 103 often
17668re.split loses characters matching ungrouped parts of a pattern
11204re module: strange behaviour of space inside {m, n}
14518Add bcrypt $2a$ to crypt.py
15883Add Py_errno to work around multiple CRT issue
19919SSL: test_connect_ex_error fails with EWOULDBLOCK
20026sqlite: handle correctly invalid isolation_level
18228AIX locale parsing failure
1602742  itemconfigure returns incorrect text property of text items
19954test_tk floating point exception on my gentoo box with tk 8.6.1
21084IDLE can't deal with characters above the range (U+-U+)
20997Wrong URL fragment identifier in search result
6895 locale._parse_localename fails when localename does
 not contain encoding information
1669539  Improve Windows os.path.join (ntpath.join) "smart" joining
21231Issue a python 3 warning when old style classes are defined.

--
My fellow Pythonistas, ask not what our language can do for you, ask 
what you can do for our language.


Mark Lawrence

---
This email is free from viruses and malware because avast! Antivirus protection 
is active.
http://www.avast.com


___
Python-Dev mailing list
[email protected]
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com