Message327638
cpython has had TLS session support since 3.6, using the SSLContext.wrap_* methods. Unfortunately, this support is not available when using asyncio's create_connection.
While I've managed to monkeypatch asyncio.sslproto._SSLPipe from my own code (it's a filthy hack but it's short and it gets the job done) running on 3.6.6, I feel this should be properly supported out of the box.
A patch is ready (tests work), a github PR will be created shortly.
Notes in no particular order:
- argument and attribute naming is all over the place, but I could not decide between "sslsession" (matching "sslcontext") and "ssl_session" (matching "ssl_handshake_timeout") so I just picked one
- tested on jessie (with openssl 1.0.2 from jessie-backports) and on gentoo
- the new asyncio tests added in the patch are adapted from test_ssl.py's test_session, with the server-side stats left out. I felt they were not useful if one assumes that the hard work is done by SSLContext.wrap_*.
- I did not reuse test_asyncio.utils.run_test_server which AIUI creates a new server-side context for each incoming connection, thus breaking sessions completely
TIA for considering this bug and patch |
|
Date |
User |
Action |
Args |
2018-10-13 08:47:40 | RemiCardona | set | recipients:
+ RemiCardona, asvetlov, yselivanov |
2018-10-13 08:47:40 | RemiCardona | set | messageid: <1539420460.92.0.788709270274.issue34971@psf.upfronthosting.co.za> |
2018-10-13 08:47:40 | RemiCardona | link | issue34971 messages |
2018-10-13 08:47:40 | RemiCardona | create | |
|