Author sqs
Recipients debatem1, jcea, orsenthil, pitrou, sqs
Date 2011-05-04.23:57:20
SpamBayes Score 3.52446e-08
Marked as misclassified No
Message-id <1304553441.72.0.957716968847.issue11943@psf.upfronthosting.co.za>
In-reply-to
Content
I have updated the patch in hg to address the sections marked "TODO" (after I submitted a patch to OpenSSL that they depended on). I'll resubmit a patch here in a ~week addressing that issue and those below, to continue pushing this issue along.

pitrou: Thanks for your feedback.

> - the OpenSSL functions you are using (SSL_get_srp_username etc.) don't seem documented on openssl.org; this makes it harder to do a proper review

Yes...I'll submit some docs to OpenSSL on these functions.

> - what is an "SRP vbase"? is it something standardized, or OpenSSL-specific?
> - if server-side support needs a callback, I think it would be better to let users write their callback in Python, rather than force a hardwired implementation

An SRP "vbase" is OpenSSL's name for the SRP password (verifier) database. I will generalize this interface so that Python callbacks can be provided (in addition to using an OpenSSL verifier database).

> - no need to fill Misc/ACKS and Misc/NEWS by yourself, we can take care of that
> - ssl.wrap_socket() is the legacy API, I would rather add new features only to the SSLContext API

Got it.
History
Date User Action Args
2011-05-04 23:57:21sqssetrecipients: + sqs, jcea, orsenthil, pitrou, debatem1
2011-05-04 23:57:21sqssetmessageid: <1304553441.72.0.957716968847.issue11943@psf.upfronthosting.co.za>
2011-05-04 23:57:21sqslinkissue11943 messages
2011-05-04 23:57:20sqscreate