[issue1251] ssl module doesn't support non-blocking handshakes
Chris Stawarz
report at bugs.python.org
Fri Oct 12 19:19:51 CEST 2007
Chris Stawarz added the comment:
> The loop in _ssl.c/do_handshake will never return WANT_READ or
> WANT_WRITE, so the loop in the test case, for instance, is
> unnecessary.
I don't know why you think that, but it's easy enough to show that
this statement is incorrect. I've attached two scripts
(nonblocking_handshake.py and blocking_handshake.py). The first does
basically the same thing as my test case, but connecting to a
different server and with some print statements added. Here's the
output I get when I run it using an up-to-date trunk checkout with my
patch applied:
$ ../build/bin/python2.6 nonblocking_handshake.py
starting handshake
need read
need read
need read
handshake complete
The second reproduces the situation that led me to file this bug
report in the first place. Here's what happens when I run it with an
*unpatched* trunk build:
$ ../build/bin/python2.6 blocking_handshake.py
starting handshake
need read
Traceback (most recent call last):
File "blocking_handshake.py", line 14, in <module>
s = ssl.wrap_socket(s,cert_reqs=ssl.CERT_NONE)
File "/Users/cstawarz/Documents/Code/Python/svn/build/lib/
python2.6/ssl.py", line 466, in wrap_socket
ssl_version=ssl_version, ca_certs=ca_certs)
File "/Users/cstawarz/Documents/Code/Python/svn/build/lib/
python2.6/ssl.py", line 103, in __init__
cert_reqs, ssl_version, ca_certs)
ssl.SSLError: [Errno 1] _ssl.c:429: error:04077068:rsa
routines:RSA_verify:bad signature
As you see, in both cases the handshaking fails with
SSL_ERROR_WANT_READ. But without the fixes introduced by my patch,
there's no way to handle the error.
__________________________________
Tracker <report at bugs.python.org>
<http://bugs.python.org/issue1251>
__________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nonblocking_handshake.py
Type: text/x-python-script
Size: 685 bytes
Desc: not available
Url : http://mail.python.org/pipermail/python-bugs-list/attachments/20071012/a2b3e742/attachment.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: blocking_handshake.py
Type: text/x-python-script
Size: 602 bytes
Desc: not available
Url : http://mail.python.org/pipermail/python-bugs-list/attachments/20071012/a2b3e742/attachment-0001.bin
More information about the Python-bugs-list
mailing list