-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
New PEP 546: Backport MemoryBIO to Python 2.7 (#272)
* New PEP 546: Backport MemoryBIO to Python 2.7 * PEP 546: Alex Gaynor's review * PEP 546: Nick Coghlan's review: ensurepip * PEP 546: new Nick Coghlan's review
- Loading branch information
Showing
1 changed file
with
141 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,141 @@ | ||
| PEP: 546 | ||
| Title: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7 | ||
| Version: $Revision$ | ||
| Last-Modified: $Date$ | ||
| Author: Victor Stinner <victor.stinner@gmail.com>, | ||
| Status: Draft | ||
| Type: Standards Track | ||
| Content-Type: text/x-rst | ||
| Created: 30-May-2017 | ||
|
|
||
|
|
||
| Abstract | ||
| ======== | ||
|
|
||
| Backport ssl.MemoryBIO and ssl.SSLObject classes from Python 3 to Python | ||
| 2.7 to enhance the overall security of Python 2.7. | ||
|
|
||
|
|
||
| Rationale | ||
| ========= | ||
|
|
||
| While Python 2.7 is getting closer to its end-of-line (scheduled for | ||
| 2020), it is still used on production and the Python community is still | ||
| responsible for its security. And to facilitate the future adoption of | ||
| :pep:`543`, which will improve security for Python3 users. | ||
|
|
||
| This PEP does NOT propose a general exception for backporting new | ||
| features to Python 2.7 - every new feature proposed for backporting will | ||
| still need to be justified independently. In particular, it will need to | ||
| be explained why relying on an independently updated backport on the | ||
| Python Package Index instead is not an acceptable solution. | ||
|
|
||
|
|
||
| PEP 543 | ||
| ------- | ||
|
|
||
| The :pep:`543` defines a new TLS API for Python which would enhance the | ||
| Python security: give access to the root certificate authorities on | ||
| Windows and macOS by using native APIs, instead of OpenSSL. A side effect | ||
| is that it gives access to certificates installed locally by system | ||
| administrators, allowing to use "company certificates" without having to | ||
| modify each Python application and so validate correctly TLS | ||
| certificates (instead of having to ignore or bypass the TLS certificate | ||
| validation). | ||
|
|
||
| For practical reasons, Cory Benfield would like to first implement an | ||
| I/O-less class similar to ssl.MemoryBIO and ssl.SSLObject for the | ||
| :pep:`543`, and provide a second class based on the first one to use | ||
| sockets or file descriptors. This design would help to structure the code | ||
| to support more backends and simplify testing and auditing. Later, | ||
| optimized classes using directly sockets or file descriptors may be | ||
| added for performance. | ||
|
|
||
| While the :pep:`543` defines an API, the PEP would only make sense if it | ||
| comes with at least one complete and good implementation. The first | ||
| implementation will be based on the ``ssl`` module of the Python | ||
| standard library. | ||
|
|
||
| In a perfect world, all applications would already run on Python 3 since | ||
| Python 3.0 was released. In practice, many applications still run on | ||
| production on top of Python 2.7. To make the new TLS API more widely | ||
| used, it should be usable on all Python versions currently supported: | ||
| Python 2.7, 3.5, 3.6. Otherwise, some applications would have to wait | ||
| until they drop Python 2 support to be able to use the new TLS API. | ||
|
|
||
| Delaying adoption of the PEP 543 API means delaying the adoption for | ||
| security improvements for Python 3 users as well. | ||
|
|
||
|
|
||
| requests, pip and ensurepip | ||
| --------------------------- | ||
|
|
||
| There are plans afoot to look at moving Requests to a more event-loop-y | ||
| model, and doing so basically mandates a MemoryBIO. In the absence of a | ||
| Python 2.7 backport, Requests is required to basically use the same | ||
| solution that Twisted currently does: namely, a mandatory dependency on | ||
| `pyOpenSSL <https://pypi.python.org/pypi/pyOpenSSL>`_. | ||
|
|
||
| The `pip <https://pip.pypa.io/>`_ program has to embed all its | ||
| dependencies for pratical reason. Since pip depends on requests, it means | ||
| that it would have to embed a copy of pyOpenSSL. That would imply | ||
| usability pain to install pip. Currently, pip doesn't support embedding | ||
| C extensions which must be compiled on each platform and so require a C | ||
| compiler. | ||
|
|
||
| Since Python 2.7.9, Python embeds a copy of pip both for default | ||
| installation and for use in virtual environments: the new ``ensurepip`` | ||
| module. If pip ends up bundling PyOpenSSL, then Python will end up | ||
| bundling PyOpenSSL. Only backporting ``ssl.MemoryBIO`` and | ||
| ``ssl.SSLObject`` would avoid to have to embed pyOpenSSL to only include | ||
| the strict minimum features required by requests and fix the bootstrap | ||
| issue (python -> ensurepip -> pip -> requests -> MemoryBIO). | ||
|
|
||
|
|
||
| Changes | ||
| ======= | ||
|
|
||
| Add ``MemoryBIO`` and ``SSLObject`` classes to the ``ssl`` module of | ||
| Python 2.7. | ||
|
|
||
| The code will be backported and adapted from the master branch | ||
| (Python 3). | ||
|
|
||
| The backport also significantly reduced the size of the Python 2/Python | ||
| 3 difference of the ``_ssl`` module, which make maintenance easier. | ||
|
|
||
|
|
||
| Links | ||
| ===== | ||
|
|
||
| * :pep:`543` | ||
| * `[backport] ssl.MemoryBIO | ||
| <https://bugs.python.org/issue22559>`_: Implementation of this PEP | ||
| written by Alex Gaynor (first version written at October 2014) | ||
| * :pep:`466` | ||
|
|
||
|
|
||
| Discussions | ||
| =========== | ||
|
|
||
| * `[Python-Dev] Backport ssl.MemoryBIO on Python 2.7? | ||
| <https://mail.python.org/pipermail/python-dev/2017-May/147981.html>`_ | ||
| (May 2017) | ||
|
|
||
|
|
||
| Copyright | ||
| ========= | ||
|
|
||
| This document has been placed in the public domain. | ||
|
|
||
|
|
||
|
|
||
|
|
||
| .. | ||
| Local Variables: | ||
| mode: indented-text | ||
| indent-tabs-mode: nil | ||
| sentence-end-double-space: t | ||
| fill-column: 70 | ||
| coding: utf-8 | ||
| End: |