Snakelets via SSL

[Roland Heiber]

Hi,

after Irmen de Jong did another fine release with Snakelets-1.38 i just
did a dirty hack for using snakelets with SSL-support. SSL-support is
added through the use of tlslite from Trevor Perrin. You'll have to
download and install it from http://trevp.net/tlslite/. Furthermore you
need a key-pair in your serverdir, easily generetad with openssl.

Just snip the patch below and use it against snakeserver/server.py (with
standard *nix patch).

HtH, Roland

---- SNIP BELOW, SAVE AS ssl.patch ----
961d
927a

def handshake(self, tlsConnection):
try:
tlsConnection.handshakeServer(certChain=certChain,
privateKey=privateKey,
sessionCache=sessionCache)
tlsConnection.ignoreAbruptClose = True
return True
except (SyntaxError, TLSError), error:
print "Handshake failure:", str(error)
return False


..
908c
if IS_SSL:
tlsConnection = TLSConnection(request)
if self.handshake(tlsConnection) == True:
self.RequestHandlerClass(tlsConnection,
client_address, self)
tlsConnection.close()
else:
self.RequestHandlerClass(request, client_address, self)
..
889c
if IS_SSL:
tlsConnection = TLSConnection(request)
if self.handshake(tlsConnection) == True:
self.RequestHandlerClass(tlsConnection,
client_address, self)
tlsConnection.close()
else:
self.RequestHandlerClass(request, client_address, self)
..
21a
IS_SSL=True
try:
from tlslite.api import *
except ImportError:
IS_SSL=False

if IS_SSL:
s = open("./localhost.crt").read()
x509 = X509()
x509.parse(s)
certChain = X509CertChain([x509])

s = open("./localhost.private.key").read()
privateKey = parsePEMKey(s, private=True)

sessionCache = SessionCache()

..

 

[Irmen de Jong]

Hi,

after Irmen de Jong did another fine release with Snakelets-1.38 i just
did a dirty hack for using snakelets with SSL-support. SSL-support is
added through the use of tlslite from Trevor Perrin. You'll have to
download and install it from http://trevp.net/tlslite/. Furthermore you
need a key-pair in your serverdir, easily generetad with openssl.

Just snip the patch below and use it against snakeserver/server.py (with
standard *nix patch).

[...]

Hey, thanks a lot! I must confess that I'm not knowledgeable in
this field (HTTPS/SSL) so I really appreciate it that you did
some work on this.

However, may I ask you to re-submit the patch but this time
in the patch tracker on SF; http://sourceforge.net/tracker/?group_id=41175
because news/mail clients often mangle source code.

--Irmen

 

[Irmen de Jong]

Hi,

after Irmen de Jong did another fine release with Snakelets-1.38 i just
did a dirty hack for using snakelets with SSL-support. SSL-support is
added through the use of tlslite from Trevor Perrin. You'll have to
download and install it from http://trevp.net/tlslite/. Furthermore you
need a key-pair in your serverdir, easily generetad with openssl.

Just snip the patch below and use it against snakeserver/server.py (with
standard *nix patch).

[...]

Hey, thanks a lot! I must confess that I'm not knowledgeable in
this field (HTTPS/SSL) so I really appreciate it that you did
some work on this.

However, may I ask you to re-submit the patch but this time
in the patch tracker on SF; http://sourceforge.net/tracker/?group_id=41175
because news/mail clients often mangle source code.

--Irmen

 

[Roland Heiber]

However, may I ask you to re-submit the patch but this time
in the patch tracker on SF; http://sourceforge.net/tracker/?group_id=41175
because news/mail clients often mangle source code.

Hi,

I re-submited it as requested. It's just a quick hack, but maybe it's
worth trying.

HtH, Roland