[Python-Dev] PEP 543-conform TLS library
In case you never received a reply, you can try emailing Christian and Cory
directly for an answer.
On Fri, 26 Oct 2018 at 13:20, Mathias Laurin <mathias.laurin at gmail.com>
> Hello Python Dev,
> I posted the following to python-ideas but here may be
> a more suitable place. I apologize if cross posting
> bothers anyone.
> I have implemented an (I believe) PEP 543-conform TLS library
> and released TLS support in the latest version yesterday:
> As far as I know, I am the first one to follow PEP 543. So one
> point is that the API works. However, I have a couple of
> questions regarding the PEP:
> - I do not know what to do in `TLSWrappedBuffer.do_handshake()`.
> The full TLS handshake requires writing to the server, reading
> back, etc., (ClientHello, ServerHello, KeyExchange, etc.),
> which cannot be accomplished in a single buffer.
> For now, I am doing the handshake in
> `TLSWrappedSocket.do_handshake()`: I set the BIO to using the
> socket directly, then perform the handshake on the socket thus
> entirely bypassing the TLSWrappedBuffer. Once this is done, I
> swap the BIO to using the buffer and go on encrypting and
> decrypting from the buffer. That is, the encrypted
> communication is buffered.
> - The PEP sometimes mentions an "input buffer" and an "output
> buffer", and some other times just "the buffer". I believe
> that both implementations are possible. That is, with two
> different buffers for input and output, or a single one.
> I have implemented it with a single circular buffer (that is a
> stream after all). What the PEP is expecting is nonetheless
> not clear to me.
> So, can anybody clarify these two points from the PEP?
> Or should I just address Cory Benfield (who does not seem very
> active anymore lately) and Christian Heimes directly?
> Python-Dev mailing list
> Python-Dev at python.org
-------------- next part --------------
An HTML attachment was scrubbed...