Path: csiph.com!newsfeed.hal-mli.net!feeder3.hal-mli.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!newsfeed.xs4all.nl!newsfeed4.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.000 X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; 'python.': 0.02; 'url:pypi': 0.03; 'handler': 0.04; 'case.': 0.05; 'guido': 0.05; 'say,': 0.05; 'socket': 0.05; 'apis': 0.07; 'pypi': 0.07; 'referring': 0.07; 'subject:ANN': 0.07; 'python': 0.09; 'callable': 0.09; 'callback': 0.09; 'descriptor': 0.09; 'here?': 0.09; 'loop.': 0.09; 'outlined': 0.09; 'pep': 0.09; 'protocols.': 0.09; 'rfc': 0.09; 'rossum': 0.09; 'timeout': 0.09; 'url:donations': 0.09; 'url:github': 0.09; 'yeah,': 0.09; 'cc:addr :python-list': 0.10; 'url:psf': 0.10; 'assume': 0.11; ':-)': 0.13; 'apache': 0.13; '(the': 0.15; 'applies': 0.15; 'interfaces': 0.15; 'packages.': 0.15; 'passing': 0.15; "(it's": 0.16; '0.1.0': 0.16; 'af_inet,': 0.16; 'asyncore': 0.16; 'considers': 0.16; 'expires,': 0.16; 'handle,': 0.16; 'hopeful': 0.16; 'iteration': 0.16; 'iteration.': 0.16; 'module).': 0.16; 'polling': 0.16; 'section).': 0.16; 'sock': 0.16; 'socket.': 0.16; 'tcp': 0.16; 'timeout,': 0.16; 'udp,': 0.16; 'url:checkout': 0.16; 'from:addr:python.org': 0.17; 'wrote:': 0.17; 'certainly': 0.17; 'implementing': 0.17; 'library,': 0.17; 'pfxlen:0': 0.17; 'specify': 0.17; 'ssl': 0.17; 'jan': 0.18; 'obviously': 0.18; '>>>': 0.18; 'sender:addr:gmail.com': 0.18; 'module': 0.19; 'community.': 0.20; 'equivalent': 0.20; 'parameters': 0.20; 'sort': 0.21; 'bit': 0.21; 'import': 0.21; 'not,': 0.21; 'facility': 0.22; 'occurs': 0.22; 'cc:2**0': 0.23; 'monday,': 0.23; 'nearly': 0.23; "python's": 0.23; 'sets': 0.23; 'somewhere': 0.24; 'cc:no real name:2**0': 0.24; 'pass': 0.25; 'cc:addr:python.org': 0.25; 'header:In-Reply-To:1': 0.25; 'am,': 0.27; 'environment.': 0.27; 'implemented': 0.27; 'separate': 0.27; '(as': 0.27; 'message-id:@mail.gmail.com': 0.27; 'interface': 0.27; "doesn't": 0.28; 'all.': 0.28; 'forces': 0.29; 'i/o': 0.29; 'peer': 0.29; 'protocols': 0.29; 'ray': 0.29; 'socket,': 0.29; 'url:mailman': 0.29; 'url:code': 0.29; 'van': 0.29; 'source': 0.29; "i'm": 0.29; 'becomes': 0.30; 'hosted': 0.30; 'url:source': 0.30; 'function': 0.30; 'code': 0.31; '(and': 0.32; 'problem.': 0.32; 'server.': 0.32; 'url:python': 0.32; 'url:listinfo': 0.32; 'skip:s 30': 0.33; 'received:google.com': 0.34; 'project': 0.34; 'loss': 0.34; 'minimum': 0.34; 'server': 0.35; 'whatever': 0.35; 'protocol': 0.35; 'open': 0.35; 'doing': 0.35; 'pm,': 0.35; 'received:209.85.220': 0.35; "won't": 0.35; 'received:209.85': 0.35; 'something': 0.35; 'there': 0.35; 'next': 0.35; 'our': 0.65; 'license': 0.65; 'reached': 0.65; 'url:0': 0.67; 'sounds': 0.71; 'manner': 0.74; 'absolutely': 0.84; '2013': 0.84; 'complexity': 0.84; 'feedback,': 0.84; 'lost,': 0.84; 'omission': 0.84; 'tie': 0.84; 'url:python-announce-list': 0.84; 'expires': 0.91; 'gladly': 0.91 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; bh=X20qsgp6Q4pVwBBDl4iLvKdcE0GmyPuSTI0tu9LheLM=; b=0jOHGiLk6W4xYlRWLGSxpXR8zPBwQDhzhDQ03akwqtpFqIFTJoVFYjCJOhQ7i7UysD j9eWUtqgtX3/mtJXssknHo5IkaqJqWJQpP0Vlq6ZQHgIGriLbMv+MaDRjciiRGgo7Ui3 VjHrT3hcOwsbmFFe0EsCEEGvzgxhsP+PFd+1kHJjX/k35XDWXj0MvFywXQz9b2gYor8n sE+5ircacTzYBL5B+PEBZ67q4xIpN91/exeMAE5KLgHV1dOiJscuuJr5xyownw2X/V85 qSCo1O+8/bfcBFiF/H3A1Qp4WHL1A1yqVKQIUbURVtm5EmkvN8ijmf/P49ut24WaSFUL V2Iw== MIME-Version: 1.0 Sender: gvanrossum@gmail.com In-Reply-To: References: From: Guido van Rossum Date: Tue, 8 Jan 2013 21:09:33 -0800 X-Google-Sender-Auth: 5dgHPrfr2GQ843sTLVwlo0_k89U Subject: Re: ANN: PyDTLS To: rbit Content-Type: text/plain; charset=ISO-8859-1 Cc: python-list@python.org X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 129 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1357708196 news.xs4all.nl 6947 [2001:888:2000:d::a6]:52274 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:36472 On Tue, Jan 8, 2013 at 8:39 PM, rbit wrote: > Thank you. I will gladly port to Python 3 if there is interest from > the community. Python 3 is where it's at! :-) > Regarding PEP 3156: asynchronous use of unreliable network protocols > makes for an interesting use case. In particular, it forces > applications to deal with packet loss under some circumstances. But don't you have to deal with that when doing synchronous I/O as well? It's a datagram protocol after all. > One > such situation occurs during DTLS's handshaking phase: if no response > is received from the peer after some period of time, we must assume > that our most recent datagram has been lost, and so we need to > retransmit. Is this something the transport can handle, or does the protocol (and hence the application) need to be involved here? > The event loop interface as outlined in the PEP makes this > a bit difficult (as did the asyncore module). One possible way to make > things easier would be by adding two parameters to add_reader: a > callable to retrieve the current timeout, and a callable that is > invoked if that timeout expires before the descriptor becomes > readable. Each loop iteration would then collect all given timeouts, > and pass the minimum of that set to whatever polling facility it > invokes. If that timeout expires, the corresponding timeout handler > would be invoked prior to the next loop iteration. Hm, this would add a fair amount of complexity to the event loop. It's true that I don't have the complete story for timeouts yet, but I am hopeful that things like this can be implemented by using call_later() with some callback that does the retransmit (and resets some internal state), and cancelling that callback whenever a packet is received (i.e. in the protocol's datagram_received() method). > The PEP also considers only stream transports when referring to > "transport." Datagram transports do not, for example, have the > property that calling t.write(b'abc'); t.write(b'def') is equivalent > to calling t.write(b'abcdef'). Yeah, obviously this invariant only applies to stream protocols. The PEP currently doesn't really specify datagram support (it's just in the Open Issues section). > I'm not sure what sort of impact this > omission of datagram transports has for an implementation. Though I > would certainly like to see datagram transports be treated as > first-class citizens, despite not being nearly used as often as stream > transports. I would hope that an implementer of, say, RTP over UDP, > can tie into the same event loop as someone implementing a > single-process, single-threaded Web server. Yeah, at the level of the eventloop proper (the APIs that deal with callbacks, not futures, transports and protocols) datagrams won't be a problem. There will have to be separate specifications for the transport and protocol interfaces used with datagrams. > Implementing DTLS as a tulip transport sounds interesting. Is the > tulip package available somewhere so that I can try it out? Absolutely -- it is very much in flux, but you can check out the latest source from http://code.google.com/p/tulip/source/checkout using Mercurial. --Guido > Ray > > On Tue, Jan 8, 2013 at 6:53 AM, Guido van Rossum wrote: >> This sounds exciting. Are you considering a Python 3 port? It might make a >> nice demo of PEP 3156. >> >> >> On Monday, January 7, 2013, rbit wrote: >>> >>> I would like to announce Datagram Transport Layer Security for >>> Python. From the top of the project README: >>> >>> PyDTLS brings Datagram Transport Layer Security (DTLS - RFC 6347: >>> http://tools.ietf.org/html/rfc6347) to the Python environment. In a >>> nutshell, DTLS brings security (encryption, server authentication, >>> user authentication, and message authentication) to UDP datagram >>> payloads in a manner equivalent to what SSL/TLS does for TCP stream >>> content. >>> >>> DTLS is now very easy to use in Python. If you're familiar with the >>> ssl module in Python's standard library, you already know how. All it >>> takes is passing a datagram/UDP socket to the *wrap_socket* function >>> instead of a stream/TCP socket. Here's how one sets up the client side >>> of a connection: >>> >>> import ssl >>> from socket import socket, AF_INET, SOCK_DGRAM >>> from dtls import do_patch >>> do_patch() >>> sock = ssl.wrap_socket(socket(AF_INET, SOCK_DGRAM)) >>> sock.connect(('foo.bar.com', 1234)) >>> sock.send('Hi there') >>> >>> The project is hosted at https://github.com/rbit/pydtls, and licensed >>> under >>> the Apache license 2.0. PyPI has packages. I can be reached >>> at code AT liquibits DOT com for questions, feedback, etc. >>> >>>

Dtls 0.1.0 - >>> Datagram Transport Layer Security for Python. (07-Jan-13) >>> -- >>> http://mail.python.org/mailman/listinfo/python-announce-list >>> >>> Support the Python Software Foundation: >>> http://www.python.org/psf/donations/ >> >> >> >> -- >> --Guido van Rossum (python.org/~guido) >> >> -- >> http://mail.python.org/mailman/listinfo/python-list >> -- --Guido van Rossum (python.org/~guido)