Author chris.stawarz
Recipients chris.stawarz
Date 2007-10-09.22:48:15
SpamBayes Score 0.0416495
Marked as misclassified No
Message-id <>
The current version of the ssl module doesn't support non-blocking
creation of SSLSocket objects.  The reason for this is that the SSL
handshaking (SSL_connect/SSL_accept) takes place during the
construction of the SSLContext object (in newPySSLObject).  This means
that if the socket being wrapped is non-blocking, and the handshake
fails with SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE, then the entire
SSLContext is scrapped, and newPySSLObject must be run again in its
entirety.  Unfortunately, restarting from scratch on the same socket
appears to confuse the remote host, and the new attempt fails.

The attached patch fixes this problem by removing the handshaking code
from newPySSLObject and adding a do_handshake method to SSLContext.
It also adds a new parameter (do_handshake_on_connect) to the
SSLSocket constructor and the wrap_socket function.  The default value
of the parameter is True, which preserves the current behavior of the
module by immediately calling do_handshake after sslwrap.  If
do_handshake_on_connect is set to False, then the caller is
responsible for calling do_handshake.  This allows code that uses
non-blocking sockets to first create the SSLSocket and then
iteratively call do_handshake and until the process
completes (which is exactly how non-blocking reads and writes are
File name Uploaded
ssl_nonblocking_handshake_patch.txt chris.stawarz, 2007-10-09.22:48:15
Date User Action Args
2007-10-09 22:48:18chris.stawarzsetspambayes_score: 0.0416495 -> 0.0416495
recipients: + chris.stawarz
2007-10-09 22:48:18chris.stawarzsetspambayes_score: 0.0416495 -> 0.0416495
messageid: <>
2007-10-09 22:48:17chris.stawarzlinkissue1251 messages
2007-10-09 22:48:17chris.stawarzcreate