Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Try and make TLS federation client code faster #4674

Merged
merged 3 commits into from Feb 19, 2019
Merged
Changes from 2 commits
Commits
File filter...
Filter file types
Jump to…
Jump to file or symbol
Failed to load files and symbols.
+7 −8
Diff settings

Always

Just for now

Copy path View file
@@ -0,0 +1 @@
Reduce the overhead of creating outbound federation connections over TLS by caching the TLS client options.

This comment has been minimized.

Copy link
@richvdh

richvdh Feb 19, 2019

Member

.feature, maybe? I think people should be excited about it

@@ -1,4 +1,5 @@
# Copyright 2014-2016 OpenMarket Ltd
# Copyright 2019 New Vector Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -11,6 +12,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

import logging

from zope.interface import implementer
@@ -105,9 +107,7 @@ def __init__(self, hostname, ctx):
self._hostnameBytes = _idnaBytes(hostname)
self._sendSNI = True

ctx.set_info_callback(
_tolerateErrors(self._identityVerifyingInfoCallback)
)
ctx.set_info_callback(_tolerateErrors(self._identityVerifyingInfoCallback))

def clientConnectionForTLS(self, tlsProtocol):
context = self._ctx
@@ -128,10 +128,8 @@ class ClientTLSOptionsFactory(object):

def __init__(self, config):
# We don't use config options yet
pass
self._options = CertificateOptions(verify=False)

def get_options(self, host):
return ClientTLSOptions(
host,
CertificateOptions(verify=False).getContext()
)
# Use _makeContext so that we get a fresh OpenSSL CTX each time.
return ClientTLSOptions(host, self._options._makeContext())
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.