[Buildbot-devel] slave connection over ssl possible?

Andy Howell AndyHowell at austin.rr.com
Wed Oct 7 15:33:47 UTC 2009

Dustin J. Mitchell wrote:
> On Wed, Oct 7, 2009 at 10:02 AM, Andy Howell <AndyHowell at austin.rr.com> wrote:
>>        That makes sense. I've that while traveling to tunnel into my network. I've found that
>> ssh can hang or drop the connection fairly regularly. For a long running application like
>> a buildbot slave, that could make reliability an issue.
> This is going to apply to any TCP connection when travelling.
> Buildbot, like most apps, assumes that it can maintain an open TCP
> connection between master and slaves.
> You may also want to consider writing a patch for buildbot to use SSL
> on both ends of the connection.  I know that Python supports it
> natively, where available, and if I recall Twisted has an interface to
> it.  I don't know about certificate validation and all that, but at
> the least you could get basic encryption working to prevent idle
> snooping.
> Dustin


	I'm working on a patch now. I'm at the low end of the learning curve here, so its going a 
bit slowly. Any suggestions for buildbot debugging strategies / tools?

Stopping snooping is all I'm after. My goal is to have the master running with a 
self-signed certificate, and the slaves just connecting over the SSL. I'll continue using 
the twisted's authentication mechanism. I'm not worried about certificate validation.



More information about the devel mailing list