New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ssl unwrap fails with Error 0 #55017
Comments
If I use the server code in the attachment I get this error in unwrap: Traceback (most recent call last):
File "server.py", line 23, in <module>
deal_with_client(connstream)
File "server.py", line 13, in deal_with_client
s = connstream.unwrap()
File "/usr/lib/python3.1/ssl.py", line 302, in unwrap
s = self._sslobj.shutdown()
socket.error: [Errno 0] Error This error message is imo far from optiomal as it gives no clue whatsoever. My Openssl version is: 'OpenSSL 0.9.8o 01 Jun 2010'. Aside from that connstream.close() doesn't close the underlying socket (as seen in http://bugs.python.org/issue10127 Reproduceable with py2.6 and 2.7). The only way to properly close the connection now is: connstream.close(); newsocket.close() If you need more info just tell me. |
As we discussed on IRC, there are two things here:
|
"This information" being no information, is that really all you can get out of OpenSSL? |
Well the situation as the same as a system call which would return |
Poor old bug. Just being bitten from it today, while trying to package pyftpdlib on the openSUSE build service, which creates a clean reproducible build environment for all packages, and testing fails. Part of the game: openssl 1.0.1k, Python 2.7.8 https://build.opensuse.org/package/show/home:frispete:python/python-pyftpdlib It happens reproducible for i586 only, but not for x86_64, with all the same versions, and not with a local (much faster) build host. So it is smells like a timing problem. [ 97s] ERROR: test_nlst (test_functional_ssl.TestFtpListingCmdsTLSMixin) [ 97s] Traceback (most recent call last):
[ 97s] File "/home/abuild/rpmbuild/BUILD/pyftpdlib-1.5.1/pyftpdlib/test/test_functional_ssl.py", line 139, in test_nlst
[ 97s] super(TestFtpListingCmdsTLSMixin, self).test_nlst()
[ 97s] File "/home/abuild/.local/lib/python2.7/site-packages/pyftpdlib-1.5.1-py2.7.egg/pyftpdlib/test/test_functional.py", line 1187, in test_nlst
[ 97s] self._test_listing_cmds('nlst')
[ 97s] File "/home/abuild/.local/lib/python2.7/site-packages/pyftpdlib-1.5.1-py2.7.egg/pyftpdlib/test/test_functional.py", line 1180, in _test_listing_cmds
[ 97s] self.client.retrlines('%s %s' % (cmd, tempdir), x.append)
[ 97s] File "/usr/lib/python2.7/ftplib.py", line 735, in retrlines
[ 97s] conn.unwrap()
[ 97s] File "/usr/lib/python2.7/ssl.py", line 289, in unwrap
[ 97s] s = self._sslobj.shutdown()
[ 97s] error: [Errno 0] Error |
I understand this condition happens when the local end calls unwrap(), but the low-level socket connection has already been shut down from the remote end. If the remote is too slow, I get ConnectionResetError instead. There is some discussion of this at <http://www.mail-archive.com/search?l=mid&q=4BC200FE.4070508@netbauds.net\>. I tend to agree with Antoine that unfortunately there is not much Python can do without help from Open SSL. I.e. can we rely on SSL_shutdown() always setting errno = 0 to indicate Python should raise SSLEOFError, or should Open SSL add some new way of indicating this condition? |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: