This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author alex.gronholm
Recipients alex.gronholm, christian.heimes, miss-islington
Date 2021-12-11.23:41:17
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
OpenSSL 1.1.1 also handled EOFs strictly, but this behavior was generally suppressed in the ssl module through the default setting of suppress_ragged_eofs=True (thus enabling truncation attacks by default). The PR changes the behavior of existing applications in such a way that previously detectable unexpected EOFs are now no longer detectable by default. To make matters worse, EOF errors are not translated to SSLEOFError anymore, and instead I have to match the strerror attribute in SSLError to detect this condition.
Date User Action Args
2021-12-11 23:41:17alex.gronholmsetrecipients: + alex.gronholm, christian.heimes, miss-islington
2021-12-11 23:41:17alex.gronholmsetmessageid: <>
2021-12-11 23:41:17alex.gronholmlinkissue43794 messages
2021-12-11 23:41:17alex.gronholmcreate