This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Title: hangs with SSL 1.1 built with no threads
Type: behavior Stage: resolved
Components: SSL Versions: Python 3.9, Python 3.8, Python 3.7
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: christian.heimes Nosy List: christian.heimes, mig28suarez, miss-islington
Priority: normal Keywords: patch

Created on 2020-05-05 13:20 by mig28suarez, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 19953 merged christian.heimes, 2020-05-06 11:56
PR 20119 merged christian.heimes, 2020-05-15 19:43
PR 20120 merged christian.heimes, 2020-05-15 19:47
Messages (8)
msg368143 - (view) Author: Miguel (mig28suarez) Date: 2020-05-05 13:20
Hello, this is my first python bug report!

I've been running builds of Python 3.7.x on CentOS Linux release 7.7 (64bit/Intel Core
2 Duo) 
and I ran into hangs with when using latest SSL 1.1.1d sources.

I've done a full compilation from source for Python 3.7.7 and SSL 1.1 in my

From what I can tell the problem is when SSL 1.1 is built with no threading
there is no locking enabled by python.

This one line change will make the hangs in  go away:

Index: Modules/_ssl.c

--- Modules/_ssl.c      (revision 70)
+++ Modules/_ssl.c      (working copy)
@@ -5875,7 +5875,7 @@
     if (!_setup_ssl_threads()) {
         return NULL;
     / OpenSSL 1.1.0 builtin thread support is enabled /

# endif

There appears to be an assumption in _ssl.c and test_ssl.y that SSL 1.1 will be
but this may not be true (as in my case).

Appreciate any feedback. Thanks!
msg368145 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2020-05-05 13:30
How did you build OpenSSL 1.1.1d? Python assumes default build of OpenSSL. Since Python is now always multi-threaded we no longer support non-threaded OpenSSL builds.
msg368155 - (view) Author: Miguel (mig28suarez) Date: 2020-05-05 14:39
I built with 'no-threads' option.
I understand if you no longer wish to support non-threaded SSL. 
But it just seemed to me that you could if you protected the SSL API calls with locking since I can get all your ssl tests to work with this minor change.
msg368176 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2020-05-05 15:49
It not about what I wish or wish not to do.

Python requires thread-safe libraries. A library without proper locking and thread safety is no longer safe to use without great effort and careful locking in the glue code. A non-threaded OpenSSL build will lead to memory corruption and eventually crash the interpreter.
msg368964 - (view) Author: miss-islington (miss-islington) Date: 2020-05-15 18:55
New changeset c087a268a4d4ead8ef2ca21e325423818729da89 by Christian Heimes in branch 'master':
bpo-40515: Require OPENSSL_THREADS (GH-19953)
msg368969 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2020-05-15 20:36
New changeset 387c7441f589cc45ea86f1fa257af616c39d9a4b by Christian Heimes in branch '3.8':
[3.8] bpo-40515: Require OPENSSL_THREADS (GH-19953) (GH-20119)
msg368970 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2020-05-15 20:37
New changeset efc9065904c4df8962e04303c2c03642f45019b5 by Christian Heimes in branch '3.7':
[3.7] bpo-40515: Require OPENSSL_THREADS (GH-19953) (GH-20120)
msg368971 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2020-05-15 20:38
Users will now get an error message when they are trying to compile against an OpenSSL build without thread support.
Date User Action Args
2022-04-11 14:59:30adminsetgithub: 84695
2020-05-15 20:38:47christian.heimessetstatus: open -> closed
versions: + Python 3.8, Python 3.9
messages: + msg368971

resolution: fixed
stage: patch review -> resolved
2020-05-15 20:37:36christian.heimessetmessages: + msg368970
2020-05-15 20:36:57christian.heimessetmessages: + msg368969
2020-05-15 19:47:45christian.heimessetpull_requests: + pull_request19424
2020-05-15 19:43:47christian.heimessetpull_requests: + pull_request19423
2020-05-15 18:55:32miss-islingtonsetnosy: + miss-islington
messages: + msg368964
2020-05-06 11:56:40christian.heimessetkeywords: + patch
stage: patch review
pull_requests: + pull_request19269
2020-05-05 15:49:09christian.heimessetmessages: + msg368176
2020-05-05 14:39:02mig28suarezsetmessages: + msg368155
2020-05-05 13:30:39christian.heimessetmessages: + msg368145
versions: - Python 3.5, Python 3.6, Python 3.8, Python 3.9
2020-05-05 13:20:24mig28suarezcreate