This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author yselivanov
Recipients Mariatta, asvetlov, fafhrd, fafhrd91, grzgrzgrz3, gvanrossum, lukasz.langa, ned.deily, rthr, thehesiod, vstinner, yselivanov
Date 2017-11-14.17:44:27
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1510681467.31.0.213398074469.issue29406@psf.upfronthosting.co.za>
In-reply-to
Content
> The bugfix could be backported to Python 3.6 but I very not sure about the need for 3.5.
> It is a desirable fix but not secure.

The attached script looks very innocent, and it's worrisome that it's that easy to make an asyncio SSL server to leak sockets in some contexts.  I think it's OK to fix 3.5, but let's make the final decision when we have an approved PR.

I merged Nick's PR once, but then it introduced some problems on buildbots (https://bugs.python.org/msg295659), so I reverted the commit.

I'd suggest to look at the attached script again (scratch_1.py) and try to understand what exactly causes the problem with that specific Apache server version.  I'd also suggest to come up with a *functional* unittest that reproduces it (you can grab some testing utilities from the uvloop project).
History
Date User Action Args
2017-11-14 17:44:27yselivanovsetrecipients: + yselivanov, gvanrossum, vstinner, ned.deily, fafhrd, asvetlov, lukasz.langa, fafhrd91, thehesiod, grzgrzgrz3, Mariatta, rthr
2017-11-14 17:44:27yselivanovsetmessageid: <1510681467.31.0.213398074469.issue29406@psf.upfronthosting.co.za>
2017-11-14 17:44:27yselivanovlinkissue29406 messages
2017-11-14 17:44:27yselivanovcreate