start_tls() difficult when using asyncio.start_server() #79156
Comments
|
There does not seem to be a public API for replacing the transport of the StreamReader / StreamWriter provided to the callback of a call to asyncio.start_server(). The only way I have found to use the new SSL transport is to update protected members of the StreamReaderProtocol object, e.g.: async def callback(reader, writer):
loop = asyncio.get_event_loop()
transport = writer.transport
protocol = transport.get_protocol()
new_transport = await loop.start_tls(
transport, protocol, ssl_context, server_side=True)
protocol._stream_reader = StreamReader(loop=loop)
protocol._client_connected_cb = do_stuff_after_start_tls
protocol.connection_made(new_transport)
async def do_stuff_after_start_tls(ssl_reader, ssl_writer): ... |
|
Thanks for raising the problem. https://github.com/asvetlov/cpython/blob/async-streams/Lib/asyncio/streams.py#L801-L812 is a draft. A help is very appreciated. |
|
One thing: I'm -1 on adding starttls to current stream api; let's add it only to the new one (same for sendfile) |
|
I added start_tls() to StreamWriter. My implementation returns a new StreamWriter that should be used from then on, but it could be adapted to modify the current writer in-place (let me know). I've added docs, an integration test, and done some additional "real-world" testing with an IMAP server I work on. Specifically, "openssl s_client -connect xxx -starttls imap" works like a charm, and no errors/warnings are logged on disconnect. |
|
I believe stream transport should be replaced. Also please take a look at bpo-36889 for merging StreamWriter and StreamReader. Anyway, please keep your PR open at least. Another thing that should be done before 3.8 feature freeze is support for sendfile in streams API. Hopefully, it is much simpler: no need for transport changing etc. |
|
Fixed by bpo-36889 |
|
bpo-36889 was reverted, so this is not resolved. I'm guessing this needs to be moved to 3.9 now too. Is my original PR worth revisiting? https://github.com/python/cpython/pull/13143/files |
|
I think it should be closed; Yuri thinks that current streams API is frozen for the sake of shiny brand new streams (don't exist yet). |
|
https://discuss.python.org/t/need-reconsideration-of-bpo-34975-add-start-tls-method-to-streams-api/14720 would like to see this reconsidered. reopening. |
The existing event loop `start_tls()` method is not sufficient for connections using the streams API. The existing StreamReader works because the new transport passes received data to the original protocol. The StreamWriter must then write data to the new transport, and the StreamReaderProtocol must be updated to close the new transport correctly. The new StreamWriter `start_tls()` updates itself and the reader protocol to the new SSL transport. Co-authored-by: Ian Good <icgood@gmail.com>
|
Fixed by #91453 |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: