Chris Stawarz added the comment:
> The loop in _ssl.c/do_handshake will never return WANT_READ or
> WANT_WRITE, so the loop in the test case, for instance, is
> unnecessary.
I don't know why you think that, but it's easy enough to show that
this statement is incorrect. I've attached two scripts
(nonblocking_handshake.py and blocking_handshake.py). The first does
basically the same thing as my test case, but connecting to a
different server and with some print statements added. Here's the
output I get when I run it using an up-to-date trunk checkout with my
patch applied:
$ ../build/bin/python2.6 nonblocking_handshake.py
starting handshake
need read
need read
need read
handshake complete
The second reproduces the situation that led me to file this bug
report in the first place. Here's what happens when I run it with an
*unpatched* trunk build:
$ ../build/bin/python2.6 blocking_handshake.py
starting handshake
need read
Traceback (most recent call last):
File "blocking_handshake.py", line 14, in <module>
s = ssl.wrap_socket(s,cert_reqs=ssl.CERT_NONE)
File "/Users/cstawarz/Documents/Code/Python/svn/build/lib/
python2.6/ssl.py", line 466, in wrap_socket
ssl_version=ssl_version, ca_certs=ca_certs)
File "/Users/cstawarz/Documents/Code/Python/svn/build/lib/
python2.6/ssl.py", line 103, in __init__
cert_reqs, ssl_version, ca_certs)
ssl.SSLError: [Errno 1] _ssl.c:429: error:04077068:rsa
routines:RSA_verify:bad signature
As you see, in both cases the handshaking fails with
SSL_ERROR_WANT_READ. But without the fixes introduced by my patch,
there's no way to handle the error.
__________________________________
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1251>
__________________________________import select
import socket
import ssl
s = ssl.wrap_socket(socket.socket(socket.AF_INET),
cert_reqs=ssl.CERT_NONE,
do_handshake_on_connect=False)
s.connect(('people.csail.mit.edu', 443))
s.setblocking(False)
print 'starting handshake'
while True:
try:
s.do_handshake()
break
except ssl.SSLError, err:
if err.args[0] == ssl.SSL_ERROR_WANT_READ:
print 'need read'
select.select([s], [], [])
elif err.args[0] == ssl.SSL_ERROR_WANT_WRITE:
print 'need write'
select.select([], [s], [])
else:
raise
print 'handshake complete'
s.close()
import select
import socket
import ssl
s = socket.socket(socket.AF_INET)
s.connect(('people.csail.mit.edu', 443))
s.setblocking(False)
print 'starting handshake'
while True:
try:
s = ssl.wrap_socket(s, cert_reqs=ssl.CERT_NONE)
break
except ssl.SSLError, err:
if err.args[0] == ssl.SSL_ERROR_WANT_READ:
print 'need read'
select.select([s], [], [])
elif err.args[0] == ssl.SSL_ERROR_WANT_WRITE:
print 'need write'
select.select([], [s], [])
else:
raise
print 'handshake complete'
s.close()
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
