ecdavis
commented
12 years ago Mostly done. A little bit more polish is required.
- StreamServer startTLS() should take kwargs, not a dictionary.
- The DATA_SSL_ENABLE token needs to be re-inserted into the send_buffer if a handshake fails.
- Stendec wonders if calling startTLS() when wrapping a pre-existing SSLSocket (i.e. when a Connection is created) is the right thing to do, rather than just jumping directly to do_handshake(). I think there's enough extra crap that needs to be done to justify calling startTLS().
- Stendec suggests replacing the _handle_read_event and _handle_write_event methods while the handshake is taking place for performance reasons. I doubt it will have any effect.
- sendfile() needs to somehow be replaced with its fallback alternative when SSL is enabled on a channel. Ew.
- An on_ssl_handshake_complete() callback should be added, perhaps?
What the title says. SSL support in core Pants.