Message325847
From ssl.py, both on 2.7.15 and 3.6.6:
class SSLSocket(...):
...
@context.setter
def context(self, ctx):
self._context = ctx
self._sslobj.context = ctx
_sslobj is only set when socket is connected. While this is not a big issue for client sockets as user could just wrap the socket with correct context to begin with, and not a big issue for server sockets for the same reason, it is an issue for listening sockets: they are never connected, by definition, and do not care about _sslobj: upon accept() they only use self._context to wrap created socket.
Suggested fix:
@context.setter
def context(self, ctx):
self._context = ctx
if self._sslobj:
self._sslobj.context = ctx
(consistently with how _sslobj is evaluated as a boolean elsewhere in the same class)
Suggested workaround (ex: if this fix is not backported to 2.7):
try:
ssl_socket.context = new_context
except AttributeError:
pass
as _context is changed first, and it's all that matters. |
|
Date |
User |
Action |
Args |
2018-09-20 07:39:05 | vincent-nexedi | set | recipients:
+ vincent-nexedi |
2018-09-20 07:39:05 | vincent-nexedi | set | messageid: <1537429145.63.0.956365154283.issue34747@psf.upfronthosting.co.za> |
2018-09-20 07:39:05 | vincent-nexedi | link | issue34747 messages |
2018-09-20 07:39:05 | vincent-nexedi | create | |
|