Message391533
Funny, I was actually looking at this a bit last week, because I was trying to figure out if I could trick `ssl` into doing DTLS...
The two big problems I ran into are:
- for DTLS you need to instantiate the SSLContext with PROTOCOL_DTLS, and idk how you create a Python ssl._SSLMethod object for a random pointer.
- You need to somehow find the libssl symbols, and it's not clear how to do that in a safe and portable way.
The second issue seems like the big blocker. Your example does `ctypes.CDLL("libssl.so.1.1")`, but there's no guarantee that this will find the same libssl that the `ssl` module is linked against. (And if you get the wrong one then everything will probably explode.)
And like you say, `ctypes.CDLL(ssl._ssl.__file__)` also works, by taking advantage of how ELF shared libraries tend to reexport all the symbols they import, but... this is an ELF-specific thing. It doesn't work on Windows or macOS.
So to me the first question would be: is it possible to offer a utility function that reliably gives users a handle to the right libssl, on all systems and build configurations? If not then I don't see how this could work. |
|
Date |
User |
Action |
Args |
2021-04-21 17:36:59 | njs | set | recipients:
+ njs, christian.heimes, steve.dower |
2021-04-21 17:36:59 | njs | set | messageid: <1619026619.95.0.321040239273.issue43902@roundup.psfhosted.org> |
2021-04-21 17:36:59 | njs | link | issue43902 messages |
2021-04-21 17:36:59 | njs | create | |
|