Open alex-robbins opened 7 years ago
pfalcon
commented
7 years ago Somehow I missed this ticket, sorry. Lack of "micropython-ssl" is indeed an oversight, I added dummy implementation of it in ea60d9d71f11b66c7a2d67c9ca54061e459bcc1c. I'll review your other points as time permits, sorry for the further delays.
alex-robbins
commented
7 years ago No worries about delays; I have other things on my list right now too. Since you've added the ssl package, I might submit a pull request implementing "Use case 1", as I described above, since that seems pretty straightforward and uncontroversial.
In the mean time, I'll keep an eye out for your comments. Thanks.
pfalcon
commented
7 years ago So, the aim of micropython-lib is to implement as complete as possible Python stdlib, so in general, this work is welcome. One thing to keep in mind, also in general, is that at last time, there's growing interest to use more of micropython-lib on baremetal targets, the outcome being that the idea that it'll run only on unix, in "unlimited" resources, no longer should be counted on. Nothing of that directly applies to the proposal above, just general things to keep in mind.
So, "Use case 1" indeed can be implemented seamlessly, and I don't see big problems with proposed plan for "Use case 2", just everything needs to be done step by step.
pfalcon
commented
7 years ago Thanks for looking into that btw!
alex-robbins
commented
7 years ago +1 for supporting bare metal ports. It also helps to highlight inconsistencies between ports of MicroPython proper.
As for doing everything step by step, I'm with you there too.
alex-robbins
commented
6 years ago Pull request incoming for "Use case 1", described above. Have not worked yet on Use case 2.
Would you be open to adding a
micropython-sslpackage that wrapsussl, similarly to howmicropython-socketwrapsusocket? I can think of two use cases for this, as discussed below. I'd be happy to contribute the code for this, but I want to make sure it's something you'd be receptive to first, especially considering that it would be a new package.Use case 1: Drop default arguments
According to the docs for most (or maybe all) ports, the signature for
wrap_socketisssl.wrap_socket(sock, server_side=False, keyfile=None, certfile=None, cert_reqs=CERT_NONE, ca_certs=None), with the caveat thatIndeed, most ports (it seems) do not support nearly so many of these. On Unix, for example, even the
keyfileandcertfilearguments are not accepted.Note though, that even
ussl.wrap_socket(s, keyfile=None)does not work, even though it should be equivalent toussl.wrap_socket(s). The proposedmicropython-sslpackage could provide anssl.wrap_socketfunction that drops keyword arguments whose values are the default (i.e.ssl.wrap_socket(s, keyfile=None)results in a call toussl.wrap_socket(s)).This would be useful for user-defined libraries that accept a
keyfileparameter from their callers and pass this towrap_socket. (It would provide better compatibility across MicroPython ports and with CPython, without growing MicroPython proper.)Use case 2: Allow SSL-wrapping of
micropython-socketsocketsDue to micropython/micropython#2749, and the fact that
socket.socketis a subclass ofusocket.socket,micropython-socketsockets cannot be passed toussl.wrap_socket(attempts to do so cause a crash, for now). This makes themicropython-socketpackage almost entirely unusable with SSL.If
micropython-socketwere modified, though, to wrap instances ofusocket.socket, rather than subclassing it, then the proposedmicropython-sslpackage could provide awrap_socketfunction that retrieves the underlyingusocket.socketinstance from any passed-insocket.sockets before forwarding toussl.Perhaps there's a better solution, but this is the only one I can think of besides fixing it in MicroPython proper, as was said here. That might take a while though; even in CPython subclassing native objects has limitations. This solution would affect the result of
issubclass(socket.socket, usocket.socket), but I doubt anyone's relying on that (just a guess, though).Maintainers: What say you? Would this be useful?