Hello,
A couple of days ago I asked on Stack Overflow about returning a deferred
from an SNI callback and have pyOpenSSL wait for it to fire before
continuing handling the request.
Thanks to some pointers by Gyph I've found a solution ("workaround") for my
problem, involving a fake TLSMemoryBIOProtocol to handle the client hello
until the SNI is received, firing the SNI callback, waiting for it to
callback and then re-feeding the resulting context to the real
TLSMemoryBIOProtocol.
The implementation of this solution is available at
https://gist.github.com/GaretJax/124c523a62ba48c9eec1, and I'd like to
contribute it back to Twisted, however, it has no unit tests and needs some
design decisions/validation.
I've opened a ticket to track it at
https://twistedmatrix.com/trac/ticket/8065. Real-life impediments
permitting, I'm willing to work on it and get the feature supported in
Twisted core.
Anyone willing to help me getting a proper patch?
Best,
Jonathan
P.S.: A big shout-out to Twisted for its excellent TLS support out of the
box. We got a straight A rating out of the box on ssl labs!
_______________________________________________
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
