-
-
Notifications
You must be signed in to change notification settings - Fork 171
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
http / websockify ssl support #1213
Comments
Worth revisiting now that #1252 is done. |
2016-09-01 05:28:35: antoine uploaded file
|
AFAICT, the big problem with SSL sockets (#1252) is that we cannot peek at the data: ValueError: non-zero flags not allowed in calls to recv() on <class 'ssl.SSLSocket'> That's unfortunate since openssl does have a:
And pyOpenSSL does have support for it: Add support for SSL_peek. If the SSL connection is for xpra's protocol, all is well and we just process it like normal socket data. |
2016-09-01 07:25:40: antoine uploaded file
|
Also a blocker for wss client support: #1271#comment:4. |
2016-09-08 09:34:45: antoine commented
|
2016-09-16 02:48:06: afarr commented
|
SSL closed at last. Thanks! As for sha1, see https://security.googleblog.com/2014/09/gradually-sunsetting-sha-1.html - I believe the encryption documentation edit solves this. |
Split from #1136, see
1136/web-ssl.patch
Could be related to #1211, there's something fishy going on with non-blocking sockets (they're blocking).
The text was updated successfully, but these errors were encountered: