Skip to content

extmod/uasyncio: Add ssl support to start_server. #7315

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

extmod/uasyncio: Add ssl support to start_server. #7315

wants to merge 1 commit into from

Conversation

nniro
Copy link

@nniro nniro commented May 25, 2021
edited
Loading

here's example code starting a server with ssl.

(N.B. This code assumes the private key and certificate were previously created)

import ussl as ssl

basePath = "./"

with open(basePath + b"cert.key", "rb") as fd:
    sslKey = fd.read()
with open(basePath + b"cert.cert", "rb") as fd:
    sslCert = fd.read()

context = lambda sock: ssl.wrap_socket(sock, server_side=1, key=sslKey, cert=sslCert)

server = await asyncio.start_server(lambda r, w: handler(r, w)
	, '0.0.0.0', 1965
	, ssl=context)

I noticed there is a much more complete open PR to solve this issue in #5840 . My PR is just an attempt to solve the same issue just from a different angle.

@tve please review this.

This PR works in the unix port but it needs further changes for the esp32 port. In the esp32 port, I noticed that mbedtls wasn't working correctly (esp-idf seems to require a specific (older) micropython version. Or was it the reverse?) and thus decided to try axtls. I had a lot more success with axtls but it still required some code changes to make it work.

edit : I fixed the pasted example code formatting.

@nniro
Copy link
Author

nniro commented May 25, 2021

To make it work with axtls on the esp32, I had to toggle blocking to false in this code :

micropython/extmod/modussl_axtls.c

Lines 120 to 132 in 3b950ed

STATIC mp_obj_ssl_socket_t *ussl_socket_new(mp_obj_t sock, struct ssl_args *args) {
#if MICROPY_PY_USSL_FINALISER
mp_obj_ssl_socket_t *o = m_new_obj_with_finaliser(mp_obj_ssl_socket_t);
#else
mp_obj_ssl_socket_t *o = m_new_obj(mp_obj_ssl_socket_t);
#endif
o->base.type = &ussl_socket_type;
o->buf = NULL;
o->bytes_left = 0;
o->sock = sock;
o->blocking = true;
uint32_t options = SSL_SERVER_VERIFY_LATER;

@dpgeorge
Copy link
Member

I noticed there is a much more complete open PR to solve this issue in #5840 . My PR is just an attempt to solve the same issue just from a different angle.

Yes, there is #5840. But IIRC, there is code in that PR which is not actually needed for SSL+uasyncio. And simpler is always better.

@nniro
extmod/uasyncio: Add ssl support to start_server.
6330552 
here's example code starting a server with ssl.

(N.B. This code assumes the private key
	and certificate were previously created)

import ussl as ssl

basePath = "./"

with open(basePath + b"cert.key", "rb") as fd:
    sslKey = fd.read()
with open(basePath + b"cert.cert", "rb") as fd:
    sslCert = fd.read()

context = lambda sock: ssl.wrap_socket(sock
	, server_side=1, key=sslKey, cert=sslCert)

server = await asyncio.start_server(lambda r, w: handler(r, w)
	, '0.0.0.0', 1965
	, ssl=context)
@dpgeorge dpgeorge added the extmod Relates to extmod/ directory in source label Oct 15, 2021
@Carglglz Carglglz mentioned this pull request Jan 21, 2022
Closed
@dpgeorge dpgeorge mentioned this pull request Jul 16, 2022
Closed
tannewt added a commit to tannewt/circuitpython that referenced this pull request Dec 19, 2022
@tannewt
Merge pull request micropython#7315 from RetiredWizard/BPI-LED-defini…
c97d238 
…tion

Update mpconfigboard.h with LED definition for BPI Picow_s3
@Carglglz Carglglz mentioned this pull request Dec 7, 2023
Merged
1 task
@dpgeorge
Copy link
Member

Closing in favour of #11897.

@dpgeorge dpgeorge closed this Dec 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
extmod Relates to extmod/ directory in source
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nniro @dpgeorge