[issue17672] ssl unclean shutdown
Hiroaki Kawai
report at bugs.python.org
Tue Apr 9 18:03:53 CEST 2013
Hiroaki Kawai added the comment:
I think creating an ssl socket from existing socket from an instance
generated by library routine, and replace that socket with ssl socket is
very common usage. Injecting wrap_socket is very easy. But injecting unwrap
call is not easy.
In python 2.6, I got a plain socket.error of "connection reset" (not
SSLError) in client side in such situation without unwrap in server side.
The same code does not raise exception in python 2.7, which I don't know
why...
Any way, reading the data in server side will solve the problem, thanks.
2013/4/10 Antoine Pitrou <report at bugs.python.org>
>
> Antoine Pitrou added the comment:
>
> > The error looks like : SSLError(8, '_ssl.c:1363: EOF occurred in
> > violation
> > of protocol')
> > But why we see "in violation of protocol" here?
>
> Because the SSL layer wasn't shutdown cleanly: the TCP connection was
> closed while the SSL layer was still active. You have three solutions
> around this:
>
> - you can call unwrap() for a clean SSL shutdown (the server has to call
> unwrap() too).
>
> - you can use suppress_ragged_eofs=True with wrap_socket()
>
> - you can simply avoid reading past the server's data, which will
> solve the problem altogether
>
> ----------
>
> _______________________________________
> Python tracker <report at bugs.python.org>
> <http://bugs.python.org/issue17672>
> _______________________________________
>
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17672>
_______________________________________
More information about the Python-bugs-list
mailing list