[Python-checkins] cpython (2.7): Issue #17918: When using SSLSocket.accept(), if the SSL handshake failed on the
antoine.pitrou
python-checkins at python.org
Mon May 6 22:19:57 CEST 2013
http://hg.python.org/cpython/rev/85e5a93e534e
changeset: 83657:85e5a93e534e
branch: 2.7
parent: 83654:55c7295aca6c
user: Antoine Pitrou <solipsis at pitrou.net>
date: Mon May 06 22:19:48 2013 +0200
summary:
Issue #17918: When using SSLSocket.accept(), if the SSL handshake failed on the new socket, the socket would linger indefinitely.
Thanks to Peter Saveliev for reporting.
files:
Lib/ssl.py | 26 +++++++++++++++-----------
Misc/NEWS | 4 ++++
2 files changed, 19 insertions(+), 11 deletions(-)
diff --git a/Lib/ssl.py b/Lib/ssl.py
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -344,17 +344,21 @@
SSL channel, and the address of the remote client."""
newsock, addr = socket.accept(self)
- return (SSLSocket(newsock,
- keyfile=self.keyfile,
- certfile=self.certfile,
- server_side=True,
- cert_reqs=self.cert_reqs,
- ssl_version=self.ssl_version,
- ca_certs=self.ca_certs,
- ciphers=self.ciphers,
- do_handshake_on_connect=self.do_handshake_on_connect,
- suppress_ragged_eofs=self.suppress_ragged_eofs),
- addr)
+ try:
+ return (SSLSocket(newsock,
+ keyfile=self.keyfile,
+ certfile=self.certfile,
+ server_side=True,
+ cert_reqs=self.cert_reqs,
+ ssl_version=self.ssl_version,
+ ca_certs=self.ca_certs,
+ ciphers=self.ciphers,
+ do_handshake_on_connect=self.do_handshake_on_connect,
+ suppress_ragged_eofs=self.suppress_ragged_eofs),
+ addr)
+ except socket_error as e:
+ newsock.close()
+ raise e
def makefile(self, mode='r', bufsize=-1):
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -34,6 +34,10 @@
Library
-------
+- Issue #17918: When using SSLSocket.accept(), if the SSL handshake failed
+ on the new socket, the socket would linger indefinitely. Thanks to
+ Peter Saveliev for reporting.
+
- Issue #17289: The readline module now plays nicer with external modules
or applications changing the rl_completer_word_break_characters global
variable. Initial patch by Bradley Froehle.
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list