pb ssl + select

[Ktm]

Hi,

the following code (just taken on the example) blocks on recv unless I 
uncomment the 'send' function. I tested it with stunnel. Select seems to 
tell that there is something to read whereas there is nothing. Moreover 
why does it block since I am in non blocking mode ?


-----

from OpenSSL import SSL
import sys, os, select, socket


def verify_cb(conn, cert, errnum, depth, ok):
   # This obviously has to be updated
   print 'Got certificate: %s' % cert.get_subject()
   return ok

if len(sys.argv) < 2:
   print 'Usage: python[2] server.py PORT'
   sys.exit(1)

dir = os.path.dirname(sys.argv[0])
if dir == '':
   dir = os.curdir

# Initialize context
ctx = SSL.Context(SSL.SSLv23_METHOD)
ctx.set_options(SSL.OP_NO_SSLv2)
ctx.set_verify(SSL.VERIFY_NONE, verify_cb) # Demand a certificate
ctx.use_privatekey_file (os.path.join(dir, 'cert/server.pkey'))
ctx.use_certificate_file(os.path.join(dir, 'cert/server.cert'))
ctx.load_verify_locations(os.path.join(dir, 'cert/CA.cert'))

# Set up server
server = SSL.Connection(ctx, socket.socket(socket.AF_INET, 
socket.SOCK_STREAM))
server.bind(('', int(sys.argv[1])))
server.listen(3)
server.setblocking(0)

clients = {}
writers = {}

def dropClient(cli, errors=None):
   if errors:
       print 'Client %s left unexpectedly:' % (clients[cli],)
       print '  ', errors
   else:
       print 'Client %s left politely' % (clients[cli],)
   del clients[cli]
   if writers.has_key(cli):
       del writers[cli]
   if not errors:
       cli.shutdown()
   cli.close()
__cli = None
while 1:
   print 'select'
   try:
       r,w,_ = select.select([server]+clients.keys(), writers.keys(), 
[], 1)          except:
       break
   print '[ OK ]'
   for cli in r:
       if cli == server:
           cli,addr = server.accept()
           __cli = cli
           print 'Connection from %s' % (addr,)
           clients[cli] = addr

       else:
           try:
               print 'recv...'
               ######## we block here ###########
               ret = cli.recv(1024)
               print '[ OK ]'
           except (SSL.WantReadError, SSL.WantWriteError, 
SSL.WantX509LookupError):
               pass
           except SSL.ZeroReturnError:
               dropClient(cli)
           except SSL.Error, errors:
               dropClient(cli, errors)
           else:
               if not writers.has_key(cli):
                   writers[cli] = ''
               writers[cli] = writers[cli] + ret
   # if we decomment this it is ok
   ###if __cli:
       ###print 'send'
       ###__cli.send('test\n')              ###print '[ OK ]'
         for cli in w:
       try:
           ret = cli.send(writers[cli])
       except (SSL.WantReadError, SSL.WantWriteError, 
SSL.WantX509LookupError):
           pass
       except SSL.ZeroReturnError:
           dropClient(cli)
       except SSL.Error, errors:
           dropClient(cli, errors)
       else:
           writers[cli] = writers[cli][ret:]
           if writers[cli] == '':
               del writers[cli]

for cli in clients.keys():
   cli.close()
server.close()