Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Python > Multi-threaded SSL

Reply
Thread Tools

Multi-threaded SSL

 
 
Kris Kowal
Guest
Posts: n/a
 
      02-18-2006
Dear Ophidians,

I'm attempting to create an SSL secured, AJAX chat server. I'm moving
on the hypothesis that I'll need to hang an XMLHttpRequest response
blocking on the server until a new message is ready to be dispatched.
This means that my server must be able to handle many open SSL sockets
in separate threads.

I started with Twisted, but, having looked as far as I can see, SSL is
either not implemented, or not documented for that library. There are
hints that it's in the works, but that's all. So, I've moved on.

I'm using PyOpenSSL on a Debian box, and I started with the ActiveState
Cookbook article,
http://aspn.activestate.com/ASPN/Coo.../Recipe/442473 The SSL
server works very well as suggested in this article.

Starting with this code and adding threads, I've been trying to make
simultaneous HTTP requests operate in parallel on the server. To test,
I've added in turn busy and sleepy waiting to the GET processing
segment of the request handler. The threads work fine; every time the
server accepts a connection, it clearly starts accepting connections in
a new thread. However, the problem runs deeper than I can see. The
SSL listening socket blocks on accept in all threads until the one open
SSL connection finishes its waiting, responds, and closes. This means
that I can only have one client waiting for a response at a time.

Is there a limitation of SSL, or this SSL implementation, or something
else preventing me from having multiple connections waiting for
responses simultaneously?

Many thanks,
Kris Kowal

 
Reply With Quote
 
 
 
 
Alex Martelli
Guest
Posts: n/a
 
      02-18-2006
Kris Kowal <(E-Mail Removed)> wrote:
...
> I started with Twisted, but, having looked as far as I can see, SSL is
> either not implemented, or not documented for that library. There are
> hints that it's in the works, but that's all. So, I've moved on.


??? SSL is fully implemented in Twisted, AFAIK. Is the example at
<http://twistedmatrix.com/projects/co...ples/echoserv_
ssl.py> at all unclear or mysterious, for example?


Alex
 
Reply With Quote
 
 
 
 
cowbertvonmoo@gmail.com
Guest
Posts: n/a
 
      02-18-2006
Thanks Alex. I hadn't noticed that example. I gave it a shot and
still have the synchronization problems. While this may be because of
a lack of understanding of twisted threads (again, perhaps I'm just not
looking in the right places, but even the the API reference is sparse
of explanation), I strongly suspect that there's something going on at
a lower level, like the Open SSL wrapper or Open SSL on the system
level. At this point, I'd just like to know if I should cut my losses
and try a very rapid polling solution (*cringes*). Here are my
attempts:

Twisted SSL Foray:
http://cixar.com/svn/mage/twisted_ssl_foray.py
http://cixar.com/websvn/filedetails.....py&rev=0&sc=0

Bare SSL Foray:
http://cixar.com/svn/mage/bare_ssl_foray.py
http://cixar.com/websvn/filedetails.....py&rev=0&sc=0

In the twisted example, I'm logging before and after I start sleeping
in the process request section to note whether the pages are being
processed in parallel. They aren't. My log message order for two
asynchronous page requests should look like:

start (first)
start (second)
stop (first)
stop (second)

But I'm rather getting:

start (first)
stop (first)
start (second)
stop (second)

Again, grateful for your help,
Kris Kowal.

 
Reply With Quote
 
Heikki Toivonen
Guest
Posts: n/a
 
      02-22-2006
Kris Kowal wrote:
> I started with Twisted, but, having looked as far as I can see, SSL is
> either not implemented, or not documented for that library. There are
> hints that it's in the works, but that's all. So, I've moved on.
>
> I'm using PyOpenSSL on a Debian box, and I started with the ActiveState


Twisted actually supports SSL if you have PyOpenSSL installed. Alex
already pointed that out.

If you want to work with Twisted, alternative solutions for the SSL part
could be TLS Lite (see http://trevp.net/tlslite/) or M2Crypto
(http://wiki.osafoundation.org/bin/vi...s/MeTooCrypto), both of
which provide an alternative SSL transport implementation for Twisted.

--
Heikki Toivonen
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
"Failed set trust point in ssl context" when using SSL communication emukang Java 0 12-20-2005 04:54 PM
Response.Redirect from SSL to non SSL with port drops port. Sean Wolfe ASP .Net 1 04-28-2005 07:49 PM
SSL with backend SSL on CSS 11500 Olivier PELERIN Cisco 0 08-30-2004 08:30 PM
How to imbed non-SSL links within SSL pages without using code CW ASP .Net 2 05-02-2004 01:40 PM
From non-ssl area to ssl ara with a virtual href path? 620 ASP .Net 2 01-06-2004 09:58 PM



Advertisments