[pyOpenSSL] select + ssl

Kototama kototama-code at altern.org
Tue Feb 22 23:04:29 CET 2005 

Hello,

I don't have the same behaviour with two codes who are quite the same, 
one using SSL, the other not. I tested the programs with stunnel and 
telnet , respectively.

Here are the first code :
------------------------------------------------------------------------------------------------------------------------------------------------
#!/usr/bin/python

from select import select
import socket

if __name__ == '__main__':
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)      
    s.bind(('', 6001))
    s.listen(5)
   
    ready_read = {}
    ready_send = {}
   
    ready_read[s] = s
    while True:       
        rs, ws, _ = select(ready_read.keys(), ready_send.keys(), [], 2)
        print '.'
        for r in rs:
            if r == s:
                (cli, addr) = s.accept()
                ready_send[cli] = cli
                ready_read[cli] = cli
            else:
                ret = r.recv(1000)
                print 'ret =', ret
        for w in ws:
            w.send('you have to give up')
------------------------------------------------------------------------------------------------------------------------------------------------      

  The client receive the 'you have to give up' sentence every two seconds.

The second code is :
------------------------------------------------------------------------------------------------------------------------------------------------     

#!/usr/bin/python

from select import select
import socket
from   OpenSSL import SSL
import os

def verify_cb():
    return ok

if __name__ == '__main__':
    dir = ''
    ctx = SSL.Context(SSL.SSLv23_METHOD)
    ctx.set_options(SSL.OP_NO_SSLv2)
    ctx.set_verify(SSL.VERIFY_NONE, verify_cb)
    ctx.use_privatekey_file (os.path.join(dir, 'server.pkey'))
    ctx.use_certificate_file(os.path.join(dir, 'server.cert'))
    ctx.load_verify_locations(os.path.join(dir, 'CA.cert'))
           
    s = SSL.Connection(ctx, socket.socket(socket.AF_INET, 
socket.SOCK_STREAM))
    #s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)      
    s.bind(('', 6000))
    s.listen(5)
    s.setblocking(0)
   
    ready_read = {}
    ready_send = {}
   
    ready_read[s] = s
    while True:       
        rs, ws, _ = select(ready_read.keys(), ready_send.keys(), [], 2)
        print '.'
        for r in rs:
            if r == s:
                (cli, addr) = s.accept()
                ready_send[cli] = cli
                ready_read[cli] = cli
            else:
                ret = r.recv(1000)
                print 'ret =', ret
        for w in ws:
            w.send('you have to give up')
           
------------------------------------------------------------------------------------------------------------------------------------------------      


The server blocks on recv here.

In both case I don't send anything with the client. (Perhaps stunnel 
send something that I don't see ?)

Why does the server block ?

Kototama

More information about the pyopenssl-users mailing list