Issue 8806: ftplib should support SSL contexts (original) (raw)

Created on 2010-05-24 16:07 by pitrou, last changed 2022-04-11 14:57 by admin. This issue is now closed.

Files
File name Uploaded Description Edit
ftplib.patch giampaolo.rodola,2010-05-24 20:23
Messages (8)
msg106366 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2010-05-24 16:07
3.2 introduces SSL contexts, which allow bundling SSL configuration options, certificates and private keys into a single (potentially long-lived) structure. http://docs.python.org/dev/py3k/library/ssl.html#ssl.SSLContext The FTP_TLS constructor should allow passing an SSL context object instead of a key/cert pair.
msg106379 - (view) Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) Date: 2010-05-24 18:48
I'm assigning this one to me. Btw, before writing anything I think it would be better to decide what to do first, possibly by adopting the same approach everywhere (smtplib, imaplib, poplib, urllib and http.client). My proposal: - the user should still be able to use keyfile and certfile if desired, they're quicker to use and backward compatibility must be maintained. - SSL context can be provided by passing a new "context" argument to the constructor. - if context arg is passed FTP_TLS.ssl_version should be ignored and SSLContext.protocol used instead - keyfile/certfile and context arguments should be mutually exclusive (ValueError) Makes sense?
msg106380 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2010-05-24 18:56
> My proposal: > > - the user should still be able to use keyfile and certfile if desired, they're quicker to use and backward compatibility must be maintained. > > - SSL context can be provided by passing a new "context" argument to the constructor. > > - if context arg is passed FTP_TLS.ssl_version should be ignored and SSLContext.protocol used instead > > - keyfile/certfile and context arguments should be mutually exclusive (ValueError) > > > Makes sense? Entirely sense to me :)
msg106384 - (view) Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) Date: 2010-05-24 20:23
Patch in attachment.
msg106390 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2010-05-24 21:00
> Patch in attachment. You could add checks for: self.assertIs(self.client.sock.context, ctx) [...] self.assertIs(sock.context, ctx) (I know, the "context" attribute isn't documented, I'm going to fix this)
msg106541 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2010-05-26 16:44
> (I know, the "context" attribute isn't documented, I'm going to fix > this) Now documented at: http://docs.python.org/dev/py3k/library/ssl.html#ssl.SSLSocket.context
msg106542 - (view) Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) Date: 2010-05-26 16:50
If you're fine with the current patch I can go on and commit it (including the context attribute test).
msg106562 - (view) Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) Date: 2010-05-26 18:07
Committed in r81548.
History
Date User Action Args
2022-04-11 14:57:01 admin set github: 53052
2010-05-26 18:07:22 giampaolo.rodola set status: open -> closedmessages: + resolution: fixedcomponents: + Library (Lib)
2010-05-26 16:50:42 giampaolo.rodola set messages: +
2010-05-26 16:44:18 pitrou set messages: +
2010-05-24 21:00:03 pitrou set messages: +
2010-05-24 20:23:03 giampaolo.rodola set files: + ftplib.patchkeywords: + patchmessages: +
2010-05-24 18:56:23 pitrou set messages: +
2010-05-24 18:48:24 giampaolo.rodola set assignee: giampaolo.rodolamessages: +
2010-05-24 18:17:14 giampaolo.rodola set nosy: + janssen
2010-05-24 16:07:41 pitrou create