SSL problem
Martin v. Loewis
martin at v.loewis.de
Thu Jan 3 21:01:23 EST 2002
Michel Van den Bergh <vdbergh at luc.ac.be> writes:
> Needless to say that Netscape and Konqueror can access this URL without
> problems.
> The same script works fine for other URLs.
>
> Am I doing something wrong? Is there a way of debugging https
> connections?
IMO, this is a bug in IIS, which is (probably) the server on the end
of your connection (didn't check). See
http://sourceforge.net/tracker/?group_id=5470&atid=105470&func=detail&aid=494762
for the analysis done so far. What happens is that IIS closes the
connection without performing an SSL connection shutdown (it just
sends the end of the underlying TCP connection). OpenSSL reports that
as an error. Python 2.1 treats this error as the end of the
conversation; Python 2.2 reports the error to the application.
Now, it is possible to work around that bug: one could
a) take into account the Content-Length header of the response from
IIS. This is probably what netscape does. Just read Content-Length
bytes from the connection, then close it, regardless of anything
else that may or may not be sent by the server.
This is a reasonable approach, but it is not straight-forward to
implement in httplib, and it may fail if the server does not send
a Content-Length header (since it is optional; I guess IIS always
sends that header).
b) treat this specific exception as an orderly end of the conversation
as well. This is a hack, IMO, but would solve the problem for good.
No attempt has been made to implement either approach; contributions
are welcome.
Regards,
Martin
More information about the Python-list
mailing list