Message 56380 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	chris.stawarz
Recipients	chris.stawarz, janssen
Date	2007-10-12.17:19:50
SpamBayes Score	0.0026535362
Marked as misclassified	No
Message-id	<2A59C0D9-B831-40DD-8AF7-A7CB312A0631@csail.mit.edu>
In-reply-to	<1192207410.62.0.381288037694.issue1251@psf.upfronthosting.co.za>

Content
> The loop in _ssl.c/do_handshake will never return WANT_READ or > WANT_WRITE, so the loop in the test case, for instance, is > unnecessary. I don't know why you think that, but it's easy enough to show that this statement is incorrect. I've attached two scripts (nonblocking_handshake.py and blocking_handshake.py). The first does basically the same thing as my test case, but connecting to a different server and with some print statements added. Here's the output I get when I run it using an up-to-date trunk checkout with my patch applied: $ ../build/bin/python2.6 nonblocking_handshake.py starting handshake need read need read need read handshake complete The second reproduces the situation that led me to file this bug report in the first place. Here's what happens when I run it with an unpatched trunk build: $ ../build/bin/python2.6 blocking_handshake.py starting handshake need read Traceback (most recent call last): File "blocking_handshake.py", line 14, in <module> s = ssl.wrap_socket(s,cert_reqs=ssl.CERT_NONE) File "/Users/cstawarz/Documents/Code/Python/svn/build/lib/ python2.6/ssl.py", line 466, in wrap_socket ssl_version=ssl_version, ca_certs=ca_certs) File "/Users/cstawarz/Documents/Code/Python/svn/build/lib/ python2.6/ssl.py", line 103, in __init__ cert_reqs, ssl_version, ca_certs) ssl.SSLError: [Errno 1] _ssl.c:429: error:04077068:rsa routines:RSA_verify:bad signature As you see, in both cases the handshaking fails with SSL_ERROR_WANT_READ. But without the fixes introduced by my patch, there's no way to handle the error.

> The loop in _ssl.c/do_handshake will never return WANT_READ or
> WANT_WRITE, so the loop in the test case, for instance, is  
> unnecessary.

I don't know why you think that, but it's easy enough to show that  
this statement is incorrect.  I've attached two scripts  
(nonblocking_handshake.py and blocking_handshake.py).  The first does  
basically the same thing as my test case, but connecting to a  
different server and with some print statements added.  Here's the  
output I get when I run it using an up-to-date trunk checkout with my  
patch applied:

$ ../build/bin/python2.6 nonblocking_handshake.py
starting handshake
need read
need read
need read
handshake complete

The second reproduces the situation that led me to file this bug  
report in the first place.  Here's what happens when I run it with an  
*unpatched* trunk build:

$ ../build/bin/python2.6 blocking_handshake.py
starting handshake
need read
Traceback (most recent call last):
   File "blocking_handshake.py", line 14, in <module>
     s = ssl.wrap_socket(s,cert_reqs=ssl.CERT_NONE)
   File "/Users/cstawarz/Documents/Code/Python/svn/build/lib/ 
python2.6/ssl.py", line 466, in wrap_socket
     ssl_version=ssl_version, ca_certs=ca_certs)
   File "/Users/cstawarz/Documents/Code/Python/svn/build/lib/ 
python2.6/ssl.py", line 103, in __init__
     cert_reqs, ssl_version, ca_certs)
ssl.SSLError: [Errno 1] _ssl.c:429: error:04077068:rsa  
routines:RSA_verify:bad signature

As you see, in both cases the handshaking fails with  
SSL_ERROR_WANT_READ.  But without the fixes introduced by my patch,  
there's no way to handle the error.

Files
File name	Uploaded
blocking_handshake.py	chris.stawarz, 2007-10-12.17:19:50
nonblocking_handshake.py	chris.stawarz, 2007-10-12.17:19:50

History
Date	User	Action	Args
2007-10-12 17:19:51	chris.stawarz	set	spambayes_score: 0.00265354 -> 0.0026535362 recipients: + chris.stawarz, janssen
2007-10-12 17:19:51	chris.stawarz	link	issue1251 messages
2007-10-12 17:19:50	chris.stawarz	create