[issue1251] ssl module doesn't support non-blocking handshakes

Chris Stawarz report at bugs.python.org
Fri Oct 12 19:19:51 CEST 2007 

Chris Stawarz added the comment:

> The loop in _ssl.c/do_handshake will never return WANT_READ or
> WANT_WRITE, so the loop in the test case, for instance, is  
> unnecessary.

I don't know why you think that, but it's easy enough to show that  
this statement is incorrect.  I've attached two scripts  
(nonblocking_handshake.py and blocking_handshake.py).  The first does  
basically the same thing as my test case, but connecting to a  
different server and with some print statements added.  Here's the  
output I get when I run it using an up-to-date trunk checkout with my  
patch applied:

$ ../build/bin/python2.6 nonblocking_handshake.py
starting handshake
need read
need read
need read
handshake complete

The second reproduces the situation that led me to file this bug  
report in the first place.  Here's what happens when I run it with an  
*unpatched* trunk build:

$ ../build/bin/python2.6 blocking_handshake.py
starting handshake
need read
Traceback (most recent call last):
   File "blocking_handshake.py", line 14, in <module>
     s = ssl.wrap_socket(s,cert_reqs=ssl.CERT_NONE)
   File "/Users/cstawarz/Documents/Code/Python/svn/build/lib/ 
python2.6/ssl.py", line 466, in wrap_socket
     ssl_version=ssl_version, ca_certs=ca_certs)
   File "/Users/cstawarz/Documents/Code/Python/svn/build/lib/ 
python2.6/ssl.py", line 103, in __init__
     cert_reqs, ssl_version, ca_certs)
ssl.SSLError: [Errno 1] _ssl.c:429: error:04077068:rsa  
routines:RSA_verify:bad signature

As you see, in both cases the handshaking fails with  
SSL_ERROR_WANT_READ.  But without the fixes introduced by my patch,  
there's no way to handle the error.

__________________________________
Tracker <report at bugs.python.org>
<http://bugs.python.org/issue1251>
__________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nonblocking_handshake.py
Type: text/x-python-script
Size: 685 bytes
Desc: not available
Url : http://mail.python.org/pipermail/python-bugs-list/attachments/20071012/a2b3e742/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: blocking_handshake.py
Type: text/x-python-script
Size: 602 bytes
Desc: not available
Url : http://mail.python.org/pipermail/python-bugs-list/attachments/20071012/a2b3e742/attachment-0001.bin

More information about the Python-bugs-list mailing list