Hi, I have yet another patch for the ssl module, http://bugs.python.org/issue19500 . The patch adds support for SSL session resumption on the client side. A SSLContext automatically handles server-side session. SSL sessions speed up successive TLS connections to the same host considerable. My naïve benchmark shows about 15 to 20% performance improvements for short-lived connections to PyPI. In real-life applications with keep-alive, the speed-up will be a bit smaller. Cory expects that requests is going to be about 5% faster for subsequent requests. https://vincent.bernat.im/en/blog/2011-ssl-session-reuse-rfc5077.html has more information on the topic.
Why is session handling different on the client side? OpenSSL does not re-use sessions on the client side automatically. To use session resumptions a SSL_SESSION must be copied from an established SSLSocket to a new SSLSocket before the handshake. OpenSSL has further restrictions, e.g. both sockets must use the same SSLContext. Session cannot be shared between SSLContext. My patch takes care of these details. The basic features are pretty much done and tested. But I won't be able to write all documentation by the end of the week or to write a high-level mechanism to auto-reuse sessions. I still like to get the feature in before Monday. What do you think? Are you fine with low-level session feature and reduced documentation for the beta release? Christian _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
