I am implementing the XMPP protocol in Python (2.7 and 3.2) and I found one important thing stopping me from making the implementation fully compliant.
The current specification (RFC 6120) requires implementation of the SCRAM-SHA-1-PLUS SASL mechanism (RFC 5802), which, in turn, requires the 'tls-unique' channel binding (RFC 5929), which is defined as:
Description: The first TLS Finished message sent (note: the Finished struct, not the TLS record layer message containing it) in the most recent TLS handshake of the TLS connection being bound to
Python doesn't seem to provide this piece of information directly, but I know it may be obtained via the OpenSSL API, used internally by Python.
Is there any way to get the 'SSL' pointer for a SSL socket wrapper, so I could use it via the ctypes module or from my own extension module? I cannot find anything like that with the header files installed with Python.
Is there any third-party TLS module for Python providing such API, but keeping the general Python SSL API?
Or is the only way to do it, to extract the SSL code from Pyt开发者_StackOverflow社区hon and bundle a patched copy of it with my own package?
Update: I have created a Python feature request for this functionality: http://bugs.python.org/issue12551 I am still looking for a 'ready to use' solution, though.
It seems the easiest way to get the data from the Python SSLSocket is to fix the standard Python library. So I did it, the patch will be included in Python 3.3.
http://bugs.python.org/issue12551#msg140450
This hopefully will save you some time.
Python SASL resources:
- Suelta pure-python SASL library (probably your best bet)
- python-ldap's SASL implementation
- Apache qpidc's SASL wrapper around their compartmentalized Cyrus-SASL code.
- python-cyrus looks to be a fairly robust wrapper around Cyrus-SASL
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论