-
-
Notifications
You must be signed in to change notification settings - Fork 367
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pyOpenSSL in python 3 #1399
Comments
still nothing on this? |
So I noticed that you guys changed how wsgiserver was being called for py2 and py3. Just being left with zero response for months on end is a little unsettling even more so with py2 being sunset soon. |
Hi Red-M. Sorry, no still nothing. If you'd like to put together a patch to make pyOpenSSL work on Python 3, that would be great. |
I'll try to write some patches for this as this affects some of my own projects and affects my production. |
One thing I notice is that the pyopenssl support relies on the fact that the |
I've actually just recently found a performance bug with pyOpenSSL that was
so bad that I've switched to the builtin and done my changes on top of that.
In my testing the pyOpenSSL code was 23.5 times slower on just file
transfers (256KB/s compared to 6MB/s).
This was caused by something in that code causing a complete CPU core to be
wasted on this task.
If anyone wants the changes to implement SNI, NPN and good/better cipher
suites I can link the commit I added in to my software.
…On 10 January 2017 at 07:25, Jason R. Coombs ***@***.***> wrote:
One thing I notice is that the pyopenssl support relies on the fact that
the makefile is a class that can be subclassed, but on Python 3, that
functionality is provided as a factory function and not a class that can be
subclassed, so that's something that'll be a major impediment to this
effort.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#1399 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABZoEYGq0Nboad1yAyx-FsZO2BDuhlOMks5rQqXigaJpZM4Ic6Mx>
.
|
A bug in CherryPy < 9.0.0 prevents using pyOpenSSLAdapter with Python3. Here's the tail of the traceback got when importing this module: Traceback (most recent call last): ... from cherrypy.wsgiserver.ssl_pyopenssl import pyOpenSSLAdapter File "/usr/lib/python3/dist-packages/cherrypy/wsgiserver/ssl_pyopenssl.py", line 46, in <module> class SSL_fileobject(wsgiserver.CP_makefile): TypeError: function() argument 'code' must be code, not str See cherrypy/cherrypy#1399 for details. This patch enforces the use of the `BuiltinSSLAdapter` with CherryPy < 9 under python3.
* Shinken python 3 port This patch starts porting Shinken to pyhon3, with backward python2 compatibility * Use kill -0 rather than ps to check process status The `ps` command is not consistent across distributions: all versions do not have the same parameters. For instance, `ps -p` is not supported under BSD and alpine linux with its minimalist stdlib. It's preferable to use the `kill` command with signal `0` to check process status as it's universally the same across UNIX like systems. The init script has also been updated to use more universal commands (`ps` parameter, and `kill -0`) to make it more cross platform friendly. The shinken executables are also looked for in the `PATH` environment variable rather than looking for the `/usr/bin` directory. Coupled with the use of the `scripts` function detailed above, this make it possible to install and run shinken in virtualenvs. * Workaround a bug with CherryPy < 9 and python3 A bug in CherryPy < 9.0.0 prevents using pyOpenSSLAdapter with Python3. Here's the tail of the traceback got when importing this module: Traceback (most recent call last): ... from cherrypy.wsgiserver.ssl_pyopenssl import pyOpenSSLAdapter File "/usr/lib/python3/dist-packages/cherrypy/wsgiserver/ssl_pyopenssl.py", line 46, in <module> class SSL_fileobject(wsgiserver.CP_makefile): TypeError: function() argument 'code' must be code, not str See cherrypy/cherrypy#1399 for details. This patch enforces the use of the `BuiltinSSLAdapter` with CherryPy < 9 under python3. * Refactored the HTTP/serialization communications Python3 is more sensible to data types, and the way POST queries were made prevented the serialization/compression from working in binary mode. This patch refactores the way services communicate through HTTP, and encapsulates all the factorization operations in a dedicated module. This way, it'll be easier to change the serialization protocol in the future. * Added systemd unit management and optimized setup - Used more standard paths for shinken additional files (modules, doc, examples, and so on...) - Got rid of the optparse trick that was hiding the distutils command line parsing. - Replaced the post-install steps from the install phase by a postinstall command that can be run independently. - Factorized the configuration templates processing - Got rid of the `--update` mode that was introducing the risk of overwriting the running configuration - Isolated the distribution configuration in an examples directory * Sandboxes virtualenvs When installing from a virtualenv, install the files in the context of the virtualenv, rather in the system. As it's a more advanced use case, it's up to the admin to copy the necessary files outside of the virtualenv. * Made setup.py more os/dist aware - Declined default paths per linux/bsd distribution - Templated/parameterized init scripts/units to setup binaries absolute pathes - Templated/parameterized configuration file paths - Templated/parameterized default files paths - Added the ability to install config files from examples - Added the ability to install default files from examples - Added the ability to install init scripts from examples - Previous commands have no effect on Windows * Updated installation documentation Also fixed some obvious documentation syntax errors. * Fixed init scripts deployement for sysv in setup.py
Originally reported by: Red_M (Bitbucket: Red_M, GitHub: Unknown)
Support for this would be great as people moving to python 3 from python 2 should be able to keep all of their SSL code from 2.
The text was updated successfully, but these errors were encountered: