Etienne said:
That is a good tip, very interesting. Do you mind explaining what you
did further?
My program (bitpim) manipulates the phonebook, wallpaper, ringtones
etc for US based CDMA cellphones (they behave very differently than
GSM phones used in the rest of the world
.
I wanted the ability to have the program and the phone on different
machines, including over the Internet (which would make development
easier).
I wanted to use XML-RPC to remote the various methods used when
talking to a port (open, close, read, write) as well as some
others I have (list available devices, read until certain criteria
are met). (Using XML-RPC meant I didn't have to reinvent the
wheel).
I wrote a program (named BitFling) that listens (by default on all
interfaces) for incoming connections and obeys commands sent by
XML-RPC. The BitPim program then makes a connection to this and
issues commands. Behind the scenes, everything is wrapped in
classes in BitPim so it can't tell the difference between a local
or remote port, and really doesn't need to care.
For this solution I obvious required security. I use certificates
(self signed) for BitFling with access granted using username
and password combinations. (You also have to list valid source
addresses).
You have to rework the existing XML-RPC client and server classes
to add the HTTP authentication. I then wrapped it all in SSL
using M2Crypto. Unfortunately the existing XML-RPC stuff goes
out of its way to do one transaction per connection. Additionally
M2Crypto doesn't implement the makefile method, which internal
has the same effects as a dup. I tried pretty hard to rework
the code to not rely on dup, not close connections etc, but
never could get everywhere.
Fortunately I found Paramiko and it was really easy to switch
to that. I didn't both with the HTTP layer and just send
the raw output of the XML-RPC encoding. SSH defines authentication
up front, rather than on every transaction like in HTTP. It also
has the idea of multiple named channels.
So I just use a channel named "bitfling" and use regular old
SSH password authentication.
Nie to know about Paramiko, it looks a little more lightweight than the
SSH that comes with Twisted, if one does not want to go the whole
Twisted route.
I really don't like Twisted anyway. My code naturally is
threaded as the device access doesn't have the equivlent of
polling methods. In theory I could run a background thread
that updates something else that emulates polling, but I
far prefer to just directly write the code I want executed
rather than the Twisted approach of giving a list of what
will be executed.
Curious how much it could be sped up by using OpenSSL
for the crypto operation in stead of PyCrypto.
You do know that pyCrypto uses native code? Paramiko
is all Python however. Consequently I don't think
there will be much performance difference between the
two. Paramiko itself is being repeatedly improved and
I think that will give the biggest performance improvements.
Roger
