Message104359
We should expose SSL contexts at the Python level, and rework SSL sockets to use those objects internally (rather than creating their own private context).
It would allow to:
- specify the various options iteratively, rather than having to dump them all in the wrap_socket() arguments
- add methods to query information about the current options, key/cert, etc.
- solve issue3823 (you can build the context first, passing it the key/cert info, then drop privileges before creating any sockets)
- more easily share and reuse configuration information
- possibly add more powerful functionality such as sessions
The way I see it, the existing wrap_socket() module-level function would be kept for compatibility; context objects would expose their own wrap_socket() method, without all the arguments of course. |
|
Date |
User |
Action |
Args |
2010-04-27 20:56:43 | pitrou | set | recipients:
+ pitrou, janssen, giampaolo.rodola |
2010-04-27 20:56:43 | pitrou | set | messageid: <1272401803.32.0.54226209996.issue8550@psf.upfronthosting.co.za> |
2010-04-27 20:56:40 | pitrou | link | issue8550 messages |
2010-04-27 20:56:40 | pitrou | create | |
|