[Buildbot-devel] slave connection over ssl possible?

[Brian Warner]

The last time I put thought into this (a few years ago), my intention
was to add Foolscap support. (disclaimer: I wrote foolscap). It's almost
exactly the same API as PB, by design, and provides strong encryption
and authentication in both directions, running on top of SSL but with
sensible capability-oriented access-control on top (no certificate
authorities).

The biggest change would be configuration. Each slave would get a
"FURL", which is like a URL but also contains the cryptographic goo
needed to make sure you're talking securely to the right party. The
'buildbot create-slave' command would take a FURL instead of the
host/port/name/passwd 4-tuple. The master.cfg c['buildslaves'] entry
would need to change, probably just to indicate that you want to use
Foolscap for this slave. At some point during startup, the buildmaster
would write each slave's FURLs out to a file (maybe the logfile) and
you'd cut-and-paste that to give to the buildslave admin for their
setup.

For more details, check out the Foolscap home page at
http://foolscap.lothar.com/trac . The biggest downside of adding this to
buildbot would be the extra dependency load (foolscap and
python-openssl). But I think we could do it in such a way that it only
got imported if you actually use those features.

cheers,
 -Brian