[issue27815] Make SSL suppress_ragged_eofs default more secure
Nathaniel Smith
report at bugs.python.org
Mon Jan 22 04:41:50 EST 2018
Nathaniel Smith <njs at pobox.com> added the comment:
@Christian: I'm surprised and somewhat dismayed to hear that OpenSSL invalidates sessions on hard close -- that hasn't been part of the spec since 2006 when TLS 1.1 came out. I'm not a cryptographer, but the spec explicitly allows keeping the session, and I can't think of any particular reason why a network closure should imply that the secret material associated with the session has been compromised.
FWIW trio currently implements bidirectional mode (await ssl_stream.unwrap()), unidirectional mode (default for await ssl_stream.aclose()), and what-I-thought-was-quiet-but-apparently-is-hard (await ssl_stream.aclose() if the stream has the https_compatible=True flag set, or if a call to aclose() times out) [1]. I guess I should make that last one soft [2]. You actually can do all these things with the current ssl module, but it's extremely tricky and confusing. In particular, the way you do 'unidirectional' is to put the socket in non-blocking mode or use SSLObject and then call unwrap(), and when you get SSLWantReadError you're done, you can close the socket.
You might also by amused by this comment I left Cory in June and only just managed to track down again: https://github.com/python-hyper/pep543/issues/2#issuecomment-308900931 (and the rest of the thread too, but that comment specifically gets into shutdown semantics)
[1] https://github.com/python-trio/trio/blob/317020537ecefa9d6c6214c3caf4011ca4cfb564/trio/_ssl.py#L708-L791
[2] https://github.com/python-trio/trio/issues/415
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue27815>
_______________________________________
More information about the Python-bugs-list
mailing list