Return-Path: X-Original-To: apmail-qpid-proton-archive@minotaur.apache.org Delivered-To: apmail-qpid-proton-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 18C6C109D3 for ; Wed, 11 Dec 2013 14:35:45 +0000 (UTC) Received: (qmail 17248 invoked by uid 500); 11 Dec 2013 14:35:45 -0000 Delivered-To: apmail-qpid-proton-archive@qpid.apache.org Received: (qmail 17160 invoked by uid 500); 11 Dec 2013 14:35:41 -0000 Mailing-List: contact proton-help@qpid.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: proton@qpid.apache.org Delivered-To: mailing list proton@qpid.apache.org Received: (qmail 16598 invoked by uid 99); 11 Dec 2013 14:35:38 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 11 Dec 2013 14:35:38 +0000 X-ASF-Spam-Status: No, hits=-5.0 required=5.0 tests=RCVD_IN_DNSWL_HI,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of kgiusti@redhat.com designates 209.132.183.24 as permitted sender) Received: from [209.132.183.24] (HELO mx3-phx2.redhat.com) (209.132.183.24) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 11 Dec 2013 14:35:31 +0000 Received: from zmail16.collab.prod.int.phx2.redhat.com (zmail16.collab.prod.int.phx2.redhat.com [10.5.83.18]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id rBBEZ92S011181; Wed, 11 Dec 2013 09:35:09 -0500 Date: Wed, 11 Dec 2013 09:35:09 -0500 (EST) From: Ken Giusti To: proton@qpid.apache.org, users@qpid.apache.org Message-ID: <1876103163.5208879.1386772509256.JavaMail.root@redhat.com> In-Reply-To: <2090977487.5189126.1386771505166.JavaMail.root@redhat.com> Subject: Python wrapper - SASL and SSL class API MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.5.82.12] X-Mailer: Zimbra 8.0.3_GA_5664 (ZimbraWebClient - FF25 (Linux)/8.0.3_GA_5664) Thread-Topic: Python wrapper - SASL and SSL class API Thread-Index: E732sYsHLWwvIHAzIMF16FhKlY9UxQ== X-Virus-Checked: Checked by ClamAV on apache.org Hi all - just wanted to get some opinions on $Subject: While I was trying to implement a fix for https://issues.apache.org/jira/browse/PROTON-476 I found that the lifecycle model for the python SASL and SSL objects differs for the C engine. I think the python wrapper's impl is buggy. In the C engine, these objects are singletons with respect to their associated transport - there can only be one SSL and SASL object associated with a given transport. This is enforce by the C api - the transport provides factory classes for these objects. The python wrapper doesn't enforce this. For both objects, a "public" constructor is supplied (I say "public" because it is exported by the wrapper's __all__ list). This makes it trivial for an application to construct multiple instances of SASL/SSL objects that reference the same underlying C object. While this can technically be done safely using reference counting, I think it may lead to unanticipated behavior - not to mention that it differs from the object model provide by the C engine. I'd like to fix this by modifying the python wrapper to remove the SSL and SASL objects from the __all__ list, and provide factory methods on the Transport class for creating instances of these objects. This would result in a change to the public API. Let me know what you think, thanks, -- -K