[Stackless] Encrypted Sockets
Phoenix Sol
burninglabs at gmail.com
Thu Jan 10 05:04:12 CET 2008
So, I'm not sure if anyone is interested, but I patched stacklesssocket to
support TLSLite, and it seems to be working. It uses the normal
socket.ssl() interface.
Arnar: passing a stacklesssocket to socket.ssl() didn't work, since
socket.ssl wraps a socket with a blocking interface from _ssl.c.
Stacklesssocket likes to be on top ;-)
I just gave stacklesssocket a ssl() function which replaces the default
dispatcher with one inheriting the
tlslite.integration.TLSAsyncDispatcherMixin.
I wish I wasn't instantiating a dispatcher, killing it, and instantiating
another for every tls connection, but it was a quick way to get urllib (and
therefore, boto <http://code.google.com/p/boto/>) to work. This little
inefficiency can be avoided, of course, with a little more effort, i.e.
building it by hand, instead of using ssl().
___Here are the
additions:________________________________________________________
# TLSLite Optional
try:
from tlslite.api import *
tls_enabled = True
except ImportError:
tls_enabled = False
#
# Replace a stacklessocket's dispatcher with one inheriting
# tlslite.integration.TLSDispatcherMixIn
#
def ssl(sock, keyfile=None, certfile=None):
if tls_enabled:
sock.dispatcher = TLSDispatcher(self.sock, keyfile, certfile)
return sock
else:
print "SSL Support requires TLSLite!"
return None
#
# Adds TLSAsyncDispatcherMixIn methods to the stacklesssocket dispatcher.
#
class TLSDispatcher(TLSAsyncDispatcherMixIn, dispatcher):
def __init__(self, sock, keyfile, certfile):
dispatcher.__init__(self, sock)
TLSAsyncDispatcherMixIn.__init__(self, sock)
# Do I want this?
self.tlsConnection.ignoreAbruptClose = True
if keyfile and certfile:
x509 = X509()
key = file(keyfile).read()
cert = file(certfile).read()
x509.parse(cert)
certChain = X509CertChain([x509])
privateKey = parsePEMKey(key, private=True)
self.setHandshakeOp(handshakeClientCert(certChain=certChain,
privateKey=privateKey,
async=True))
else:
self.setHandshakeOp(handshakeClientUnknown(async=True))
________________________________________________________________________________
____Here's a test
script:________________________________________________________
import sys
import stacklesssocket
import stackless
sys.modules["socket"] = stacklesssocket
import urllib
import time
url = "
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpi
"
def download(uri):
t1 = time.time()
f = urllib.urlopen(uri)
s = f.read()
t2 = time.time()
print "Downloaded", uri, "in", "%.1f" % (t2-t1), "seconds"
return t2-t1
print " === Serial === "
t1 = time.time()
for d in xrange(10):
download(url)
t2 = time.time()
print " --->", t2-t1
print " === Parallel === "
for d in xrange(10):
stackless.tasklet(download)(url)
t1 = time.time()
stackless.run()
t2 = time.time()
print " --->", t2-t1
______________________________________________________________________
root at domU-12-31-36-00-2D-01:/usr/local/legion# stackless ssl_test.py
=== Serial ===
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
0.5 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
0.7 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.1 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.0 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
0.7 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
0.9 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.3 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.5 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.6 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.3 seconds
---> 10.5861570835
=== Parallel ===
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
0.7 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
0.6 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
0.4 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
0.6 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.1 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.0 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
0.7 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.0 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.2 seconds
Downloaded
https://addons.mozilla.org/en-US/firefox/downloads/file/16347/web_developer-1.1.4-fx+fl.xpiin
1.4 seconds
---> 8.78113698959
______________________________________________________________________________________________________________
I also tested X509 Certificate Authentication (with boto, which also uses
urllib).
It works on my cloud.
Much Respect,
Phoenix Sol
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stackless.com/pipermail/stackless/attachments/20080109/8a9fae59/attachment.htm>
More information about the Stackless
mailing list