Re: [Python-Dev] Withdraw PEP 546? Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7

2018-06-05 Thread Victor Stinner 
So sorry for Python 2.7, I just rejected my PEP 546, no ssl.MemoryBIO for you!
https://www.python.org/dev/peps/pep-0546/#rejection-notice

The workaround is to use PyOpenSSL on Python 2.7.

Victor

2018-05-30 16:28 GMT+02:00 Victor Stinner :
> Hi,
>
> tl; dr I will withdraw the PEP 546 in one week if noboy shows up to
> finish the implementation.
>
>
> Last year,I wrote the PEP 546 with Cory Benfield:
> "Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7"
> https://www.python.org/dev/peps/pep-0546/
>
> The plan was to get a Python 2.7 implementation of Cory's PEP 543:
> "A Unified TLS API for Python"
> https://www.python.org/dev/peps/pep-0543/
>
> Sadly, it seems like Cory is no longer available to work on the projec
> (PEP 543 is still a draft)t.
>
> The PEP 546 is implemented:
> https://github.com/python/cpython/pull/2133
>
> Well, I closed it, but you can still get it as a patch with:
> https://patch-diff.githubusercontent.com/raw/python/cpython/pull/2133.patch
>
> But tests fail on Travis CI whereas I'm unable to reproduce the issue
> on my laptop (on Fedora). The failure seems to depend on the version
> of OpenSSL. Christian Heimes has a "multissl" tool which automates
> tests on multiple OpenSSL versions, but I failed to find time to try
> this tool.
>
> Time flies and one year later, the PR of the PEP 546 is still not
> merged, tests are still failing.
>
> One month ago, when 2.7.15 has been released, Benjamin Peterson,
> Python 2.7 release manager, simply proposed:
> "The lack of movement for a year makes me wonder if PEP 546 should be
> moved to Withdrawn status."
>
> Since again, I failed to find time to look at the test_ssl failure, I
> plan to withdraw the PEP next week if nobody shows up :-( Sorry Python
> 2.7!
>
> Does anyone would benefit of MemoryBIO in Python 2.7? Twisted,
> asyncio, trio, urllib3, anyone else? If yes, who is volunteer to
> finish the MemoryBIO backport (and maintain it)?
>
> Victor
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Withdraw PEP 546? Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7

2018-06-01 Thread Antoine Pitrou 


+1 for withdrawing it.  It's much too late in the 2.7 maintenance
schedule to start bothering with such a large and perilous backport.

Regards

Antoine.



On Wed, 30 May 2018 16:28:22 +0200
Victor Stinner  wrote:
> Hi,
> 
> tl; dr I will withdraw the PEP 546 in one week if noboy shows up to
> finish the implementation.
> 
> 
> Last year,I wrote the PEP 546 with Cory Benfield:
> "Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7"
> https://www.python.org/dev/peps/pep-0546/
> 
> The plan was to get a Python 2.7 implementation of Cory's PEP 543:
> "A Unified TLS API for Python"
> https://www.python.org/dev/peps/pep-0543/
> 
> Sadly, it seems like Cory is no longer available to work on the projec
> (PEP 543 is still a draft)t.
> 
> The PEP 546 is implemented:
> https://github.com/python/cpython/pull/2133
> 
> Well, I closed it, but you can still get it as a patch with:
> https://patch-diff.githubusercontent.com/raw/python/cpython/pull/2133.patch
> 
> But tests fail on Travis CI whereas I'm unable to reproduce the issue
> on my laptop (on Fedora). The failure seems to depend on the version
> of OpenSSL. Christian Heimes has a "multissl" tool which automates
> tests on multiple OpenSSL versions, but I failed to find time to try
> this tool.
> 
> Time flies and one year later, the PR of the PEP 546 is still not
> merged, tests are still failing.
> 
> One month ago, when 2.7.15 has been released, Benjamin Peterson,
> Python 2.7 release manager, simply proposed:
> "The lack of movement for a year makes me wonder if PEP 546 should be
> moved to Withdrawn status."
> 
> Since again, I failed to find time to look at the test_ssl failure, I
> plan to withdraw the PEP next week if nobody shows up :-( Sorry Python
> 2.7!
> 
> Does anyone would benefit of MemoryBIO in Python 2.7? Twisted,
> asyncio, trio, urllib3, anyone else? If yes, who is volunteer to
> finish the MemoryBIO backport (and maintain it)?
> 
> Victor



___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Withdraw PEP 546? Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7

2018-05-31 Thread Donald Stufft 


> On May 31, 2018, at 10:22 AM, Nick Coghlan  wrote:
> 
> On 31 May 2018 at 19:34, Nathaniel Smith  > wrote:
> On Wed, May 30, 2018, 14:21 Victor Stinner  > wrote:
> MemoryBIO was the key feature which allowed to implement TLS for the
> ProactorEventLoop (IOCP) of asyncio.
> 
> MemoryBIO is definitely super useful for async libraries – trio uses it, 
> asyncio uses it, twisted uses it (via pyopenssl). But I don't know of anyone 
> who currently needs it but hasn't already found a way to get it.
> 
> I think one of the other key things that changed is pip gaining its own 
> native support for using the SecureTransport API on Mac OS X.
> 
> So yeah, unless someone from PyCA chimes in to say that the PEP still offers 
> benefits that we can't get another way, withdrawing PEP 546 as "Overtaken by 
> events" probably makes sense.
> 


I think it still provides benefits FWIW, pip’s SecureTransport shim is a slow 
as hell ctypes hack that is slow enough we *only* use it when the ``ssl`` 
library wouldn’t be able to connect anyways and that doesn’t help Windows. OTOH 
I don’t think it’s super useful without PEP 543 also.

___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Withdraw PEP 546? Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7

2018-05-31 Thread Nick Coghlan 
On 31 May 2018 at 19:34, Nathaniel Smith  wrote:

> On Wed, May 30, 2018, 14:21 Victor Stinner  wrote:
>
>> MemoryBIO was the key feature which allowed to implement TLS for the
>> ProactorEventLoop (IOCP) of asyncio.
>>
>
> MemoryBIO is definitely super useful for async libraries – trio uses it,
> asyncio uses it, twisted uses it (via pyopenssl). But I don't know of
> anyone who currently needs it but hasn't already found a way to get it.
>

I think one of the other key things that changed is pip gaining its own
native support for using the SecureTransport API on Mac OS X.

So yeah, unless someone from PyCA chimes in to say that the PEP still
offers benefits that we can't get another way, withdrawing PEP 546 as
"Overtaken by events" probably makes sense.

Cheers,
Nick.

-- 
Nick Coghlan   |   ncogh...@gmail.com   |   Brisbane, Australia
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Withdraw PEP 546? Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7

2018-05-31 Thread Nathaniel Smith 
On Wed, May 30, 2018, 14:21 Victor Stinner  wrote:

> 2018-05-30 18:02 GMT+02:00 Nathaniel Smith :
> > On Wed, May 30, 2018, 07:30 Victor Stinner  wrote:
> >>
> >> Does anyone would benefit of MemoryBIO in Python 2.7? Twisted,
> >> asyncio, trio, urllib3, anyone else?
> >
> > Asyncio and trio are strongly py3-only. Twisted's TLS functionality is
> built
> > around pyopenssl, so the stdlib ssl module doesn't affect them. Urllib3
> uses
> > the socket-wrapping APIs, not MemoryBIO. So fwiw I don't think any of
> those
> > projects would benefit.
>
> MemoryBIO was the key feature which allowed to implement TLS for the
> ProactorEventLoop (IOCP) of asyncio.
>

MemoryBIO is definitely super useful for async libraries – trio uses it,
asyncio uses it, twisted uses it (via pyopenssl). But I don't know of
anyone who currently needs it but hasn't already found a way to get it.

I'm not sure that the Python 2.7 ssl module is a drop-in replacement
> for pyopenssl.
>

No, their APIs are totally different, for better or worse.

-n

>
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Withdraw PEP 546? Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7

2018-05-30 Thread Victor Stinner 
2018-05-30 18:02 GMT+02:00 Nathaniel Smith :
> On Wed, May 30, 2018, 07:30 Victor Stinner  wrote:
>>
>> Does anyone would benefit of MemoryBIO in Python 2.7? Twisted,
>> asyncio, trio, urllib3, anyone else?
>
> Asyncio and trio are strongly py3-only. Twisted's TLS functionality is built
> around pyopenssl, so the stdlib ssl module doesn't affect them. Urllib3 uses
> the socket-wrapping APIs, not MemoryBIO. So fwiw I don't think any of those
> projects would benefit.

MemoryBIO was the key feature which allowed to implement TLS for the
ProactorEventLoop (IOCP) of asyncio.

I'm not sure that the Python 2.7 ssl module is a drop-in replacement
for pyopenssl.

Victor
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Withdraw PEP 546? Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7

2018-05-30 Thread Nathaniel Smith 
On Wed, May 30, 2018, 07:30 Victor Stinner  wrote:

> Does anyone would benefit of MemoryBIO in Python 2.7? Twisted,
> asyncio, trio, urllib3, anyone else?


Asyncio and trio are strongly py3-only. Twisted's TLS functionality is
built around pyopenssl, so the stdlib ssl module doesn't affect them.
Urllib3 uses the socket-wrapping APIs, not MemoryBIO. So fwiw I don't think
any of those projects would benefit.

-n
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] Withdraw PEP 546? Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7

2018-05-30 Thread Victor Stinner 
Hi,

tl; dr I will withdraw the PEP 546 in one week if noboy shows up to
finish the implementation.


Last year,I wrote the PEP 546 with Cory Benfield:
"Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7"
https://www.python.org/dev/peps/pep-0546/

The plan was to get a Python 2.7 implementation of Cory's PEP 543:
"A Unified TLS API for Python"
https://www.python.org/dev/peps/pep-0543/

Sadly, it seems like Cory is no longer available to work on the projec
(PEP 543 is still a draft)t.

The PEP 546 is implemented:
https://github.com/python/cpython/pull/2133

Well, I closed it, but you can still get it as a patch with:
https://patch-diff.githubusercontent.com/raw/python/cpython/pull/2133.patch

But tests fail on Travis CI whereas I'm unable to reproduce the issue
on my laptop (on Fedora). The failure seems to depend on the version
of OpenSSL. Christian Heimes has a "multissl" tool which automates
tests on multiple OpenSSL versions, but I failed to find time to try
this tool.

Time flies and one year later, the PR of the PEP 546 is still not
merged, tests are still failing.

One month ago, when 2.7.15 has been released, Benjamin Peterson,
Python 2.7 release manager, simply proposed:
"The lack of movement for a year makes me wonder if PEP 546 should be
moved to Withdrawn status."

Since again, I failed to find time to look at the test_ssl failure, I
plan to withdraw the PEP next week if nobody shows up :-( Sorry Python
2.7!

Does anyone would benefit of MemoryBIO in Python 2.7? Twisted,
asyncio, trio, urllib3, anyone else? If yes, who is volunteer to
finish the MemoryBIO backport (and maintain it)?

Victor
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com