Simple enhancement to the SSL support in module socket
:
- support for writing SSL servers (as well as clients)
- Py_*_ALLOW_THREADS arround blocking calls to openssl
- rsa temp key to work with older export netscape
- renamed attribute server to peer

This patch allows for powerfull application servers
like the following one to be accessed with "netscape
https://localhost:1443/"

from socket import *
p=socket(AF_INET,SOCK_STREAM)
p.bind(('localhost',1443))
p.listen(1)
while 1 :
        s,a = p.accept()
        c = sslserver(s,'server.key','server.crt')
        print "They said:", c.read()
        c.write('HTTP/1.0 200 OK\r\n')
        c.write('Content-Type: text/plain\r\n\r\n** Hi!
**')
        c.close()

TODO: a kind of makefile() on the ssl object like on a
socket would be welcome.

Have fun,

jh

Logged In: YES 
user_id=6380

Nice, but where's the documentation? (Thanks for the
docstrings though!) And the test suite?

Logged In: YES 
user_id=31392

Jozef-- are you going to contribute tests and documentation?

Logged In: YES 
user_id=300564

I'll submit a simple test with certificates and an enhanced
patch for 2.2a2 (does not patch cleanly any more) soon (this
week) [time and inet access issues].
I haven't written any doc.  There was none for ssl.  I know
that is no excuse...
Does some-one volonotere?

Logged In: YES 
user_id=31392

If you can provide test cases, I'll provide documentation. 
But hurry, if we don't get this done this week, we may miss
Python 2.2.

Logged In: YES 
user_id=300564

This patch now against Python 2.2a3 contains:
SSL server support (SSL_accept) [as before]
additionally:
allow threads around getaddrinfo &Co.
more verbose exc messages (for failures in ssl() and sslserver())
methods recv and send on ssl object as equivalents of read and write.
methods makefile on ssl object (a look-alike and does no dup!)
a client/server test (depends on os.fork())

Logged In: YES 
user_id=6380

Time to look at this again?

Logged In: YES 
user_id=163326

I don't think it is a good idea to add this. Python's
builtin client-side SSL support is already pretty weak. This
patch would add a minimal SSL server implementation, but it
shares some of the same weaknesses, like missing the ability
to set the SSL method (version 2, version 3, version 2 or
3). I'd recommend not adding any more SSL features at this
point, but for Python 2.2 only keeping the existing
client-side functionality and fixing any remaining bugs there.

I'm working on something that would hopefully be better in
the longrun: an SSL API that the various Python SSL modules
(m2crypto, POW, pyOpenSSL) can implement and Python will
then use one of these third-party modules for https,
smtp/tls etc. Sort of a plugin ability for an SSL module.
If you add stuff to the broken SSL API now, you'll either
have to carry it around for a long time or, if my proposal
get implemented and accepted, the workarounds will be clunkier.