asyncio/ssl: Fix AttributeError, increase default handshake timeout #77915
Comments
|
I've ported asyncio's sslproto.py to uvloop and released a new major version of it yesterday. Hynek discovered that the default SSL handshake timeout (10 seconds currently) is too low, and that there's a critical code path that is broken because it assumes all SSL exceptions have an 'errno' attribute. The PR changes the default SSL handshake timeout to 60 seconds (as in nginx [1]) and fixes the AttributeError. IMO this should go into 3.7.0rc1. |
|
For the reference, we added SSL handshake timeout a while ago in bpo-29970. |
|
For some context: 10s seems to be more common than I liked to believe (seems like Go's http client uses it by default too). Nevertheless I ran into the 10s after updating uvloop and stopped being able to connect to a server in India. Therefore I'd consider 10s at least a regression that should be fixed. What was the effective timeout before? Depending on the old value, 60s could be excessive for clients and might lead to self-DoS on the client side… P.S. I tried to reply on my phone and now I fully support Mariatta’s proposal of moving to GitHub issues. |
Previous timeout was effectively infinite. |
Oi, well then 60s are an improvement indeed. :) |
|
Fixes are in master and 3.7 now, so this should be fixed in 3.7.0rc1. Ned, I'm not sure what's the workflow here, please feel free to close this issue and change its priority. |
|
Thanks for the fix! Since it apparently does not apply to 3.6, we should just close it like any other issue, right? So doing! |
Sure. My understanding is that all changes including this one in 3.7 branch will end up in 3.7.0rc1, right? |
Yes. Don't worry, the train won't leave without it. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: