Message 257508 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	martin.panter
Recipients	SilentGhost, Wiktor Niesiobedzki, martin.panter, r.david.murray
Date	2016-01-05.00:50:07
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1451955007.89.0.24897417258.issue25919@psf.upfronthosting.co.za>
In-reply-to

Content
As I see it, if the client receives an early response (when 100-continue is not used) but needs to make more requests, the only choices are: * Complete sending the request if possible, after which the connection may still be usable for a second request. But I’m not sure how many servers would support this; for your Microsoft server this would not be useful. * Abort the connection and start a new one. Perhaps the race condition would be more obvious if you sent the upload as a single 300 MiB bytes() object rather than a file. Then the sendall() call will be a 300 MiB chunk rather than 8 KiB. If the response is received after sendall() starts, I expect you will see the original two minute delay again. If this were plain TCP, you could replace sendall() with fine-grained select() and send() calls in a loop. Here is a demonstration of the SSL renegotiation issue. I used separate client and server terminal windows. I don’t know if there is a way to force renegotiation purely in Python’s SSL module, so I used an external Open SSL server. 1: In the server window, start an SSL server on port 4433: $ openssl s_server -cert Lib/test/keycert.pem 2: In the client window, start a request in the Python interpreter. It will pause to read stdin: >>> import http.client, ssl, sys >>> context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) >>> context.load_verify_locations("/usr/lib/python3.5/test/keycert.pem") >>> conn = http.client.HTTPSConnection('localhost', 4433, context=context) >>> conn.request("PUT", "/", headers={"Content-Length": "4"}, body=sys.stdin.buffer) 3: In the server, the request header is received. Type lowercase “r” to force a renegotiation: Secure Renegotiation IS supported PUT / HTTP/1.1 Host: localhost:4433 Accept-Encoding: identity Content-Length: 8 r SSL_do_handshake -> 1 4: In Python, type in upload data and repeat Ctrl+D to signal EOF until the request() call stops reading from stdin and you get the Python prompt back: abc <== 3 letters + newline + Ctrl+D >>> 5: Notice that the no body has been uploaded to the server.

As I see it, if the client receives an early response (when 100-continue is not used) but needs to make more requests, the only choices are:

* Complete sending the request if possible, after which the connection may still be usable for a second request. But I’m not sure how many servers would support this; for your Microsoft server this would not be useful.

* Abort the connection and start a new one.

Perhaps the race condition would be more obvious if you sent the upload as a single 300 MiB bytes() object rather than a file. Then the sendall() call will be a 300 MiB chunk rather than 8 KiB. If the response is received after sendall() starts, I expect you will see the original two minute delay again. If this were plain TCP, you could replace sendall() with fine-grained select() and send() calls in a loop.

Here is a demonstration of the SSL renegotiation issue. I used separate client and server terminal windows. I don’t know if there is a way to force renegotiation purely in Python’s SSL module, so I used an external Open SSL server.

1: In the server window, start an SSL server on port 4433:
$ openssl s_server -cert Lib/test/keycert.pem 

2: In the client window, start a request in the Python interpreter. It will pause to read stdin:
>>> import http.client, ssl, sys
>>> context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
>>> context.load_verify_locations("/usr/lib/python3.5/test/keycert.pem")
>>> conn = http.client.HTTPSConnection('localhost', 4433, context=context)
>>> conn.request("PUT", "/", headers={"Content-Length": "4"}, body=sys.stdin.buffer)

3: In the server, the request header is received. Type lowercase “r” to force a renegotiation:
Secure Renegotiation IS supported
PUT / HTTP/1.1
Host: localhost:4433
Accept-Encoding: identity
Content-Length: 8

r
SSL_do_handshake -> 1

4: In Python, type in upload data and repeat Ctrl+D to signal EOF until the request() call stops reading from stdin and you get the Python prompt back:
abc  <== 3 letters + newline + Ctrl+D
>>> 

5: Notice that the no body has been uploaded to the server.

History
Date	User	Action	Args
2016-01-05 00:50:07	martin.panter	set	recipients: + martin.panter, r.david.murray, SilentGhost, Wiktor Niesiobedzki
2016-01-05 00:50:07	martin.panter	set	messageid: <1451955007.89.0.24897417258.issue25919@psf.upfronthosting.co.za>
2016-01-05 00:50:07	martin.panter	link	issue25919 messages
2016-01-05 00:50:07	martin.panter	create