[Buildbot-devel] slave connection over ssl possible?

Andy Howell AndyHowell at austin.rr.com
Wed Oct 7 15:33:47 UTC 2009


Dustin J. Mitchell wrote:
> On Wed, Oct 7, 2009 at 10:02 AM, Andy Howell <AndyHowell at austin.rr.com> wrote:
>>        That makes sense. I've that while traveling to tunnel into my network. I've found that
>> ssh can hang or drop the connection fairly regularly. For a long running application like
>> a buildbot slave, that could make reliability an issue.
> 
> This is going to apply to any TCP connection when travelling.
> Buildbot, like most apps, assumes that it can maintain an open TCP
> connection between master and slaves.
> 
> You may also want to consider writing a patch for buildbot to use SSL
> on both ends of the connection.  I know that Python supports it
> natively, where available, and if I recall Twisted has an interface to
> it.  I don't know about certificate validation and all that, but at
> the least you could get basic encryption working to prevent idle
> snooping.
> 
> Dustin
> 

Dustin,

	I'm working on a patch now. I'm at the low end of the learning curve here, so its going a 
bit slowly. Any suggestions for buildbot debugging strategies / tools?

Stopping snooping is all I'm after. My goal is to have the master running with a 
self-signed certificate, and the slaves just connecting over the SSL. I'll continue using 
the twisted's authentication mechanism. I'm not worried about certificate validation.

Thanks,

	Andy







More information about the devel mailing list