Pyro5 icon indicating copy to clipboard operation
Pyro5 copied to clipboard

Published 20 hours ago verified publisher icon irmen

Allow providing factory functions for SSLContext creation for server and client sockets?

Open ztane opened this issue 1 year ago • 2 comments

We've got a need to heavily customize the SSLContext creation and parameters; however the current code does leave much to be desired. Could it be possible to allow setting a function that takes the config object and returns a SSLContext for both server and client socket; these could then default to two functions that do call socketutil.get_ssl_context(...) but it would be then easier to override for complex use cases?

ztane avatar Jan 15 '24 18:01 ztane

For now, you could just monkeypatch the current get_ssl_context function in the socketutil module, after importing Pyro5, and substitute it with your own?

You can start by looking at what it does currently https://github.com/irmen/Pyro5/blob/8db91b617dd08508053e54dea2a781749a00ffc8/Pyro5/socketutil.py#L528C1-L528C10 and write your own

def my_get_ssl_context(....)
 ....

Pyro5.socketutil.get_ssl_context = my_get_ssl_context

irmen avatar Jan 15 '24 20:01 irmen

Yes, that was our initial idea. Will go for that.

ztane avatar Jan 16 '24 06:01 ztane