Message 408350 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	alex.gronholm
Recipients	alex.gronholm, christian.heimes, miss-islington
Date	2021-12-11.23:41:17
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1639266077.15.0.385632266361.issue43794@roundup.psfhosted.org>
In-reply-to

Content
OpenSSL 1.1.1 also handled EOFs strictly, but this behavior was generally suppressed in the ssl module through the default setting of suppress_ragged_eofs=True (thus enabling truncation attacks by default). The PR changes the behavior of existing applications in such a way that previously detectable unexpected EOFs are now no longer detectable by default. To make matters worse, EOF errors are not translated to SSLEOFError anymore, and instead I have to match the strerror attribute in SSLError to detect this condition.

OpenSSL 1.1.1 also handled EOFs strictly, but this behavior was generally suppressed in the ssl module through the default setting of suppress_ragged_eofs=True (thus enabling truncation attacks by default). The PR changes the behavior of existing applications in such a way that previously detectable unexpected EOFs are now no longer detectable by default. To make matters worse, EOF errors are not translated to SSLEOFError anymore, and instead I have to match the strerror attribute in SSLError to detect this condition.

History
Date	User	Action	Args
2021-12-11 23:41:17	alex.gronholm	set	recipients: + alex.gronholm, christian.heimes, miss-islington
2021-12-11 23:41:17	alex.gronholm	set	messageid: <1639266077.15.0.385632266361.issue43794@roundup.psfhosted.org>
2021-12-11 23:41:17	alex.gronholm	link	issue43794 messages
2021-12-11 23:41:17	alex.gronholm	create