Author christian.heimes
Recipients christian.heimes
Date 2013-10-28.12:56:50
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1382965011.03.0.394041339056.issue19422@psf.upfronthosting.co.za>
In-reply-to
Content
Python's SSL module doesn't support DTLS (datagram TLS for UDP). The SSL code doesn't complain when an UDP socket is wrapped in a SSL socket. It happily sends the bytes unprotected and not encrypted over the wire:

>>> import ssl, socket
>>> sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
>>> ssock = ssl.wrap_socket(sock)
>>> ssock.sendto(b"data", ("localhost", 12345))
4

TCP sockets at least complain that the connection hasn't been established yet.

>>> sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
>>> ssock = ssl.wrap_socket(sock)
>>> ssock.sendto(b"data", ("localhost", 12345))
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/heimes/dev/python/cpython/Lib/ssl.py", line 517, in sendto
    return socket.sendto(self, data, flags_or_addr)
BrokenPipeError: [Errno 32] Broken pipe
History
Date User Action Args
2013-10-28 12:56:51christian.heimessetrecipients: + christian.heimes
2013-10-28 12:56:51christian.heimessetmessageid: <1382965011.03.0.394041339056.issue19422@psf.upfronthosting.co.za>
2013-10-28 12:56:50christian.heimeslinkissue19422 messages
2013-10-28 12:56:50christian.heimescreate