New submission from Christian Heimes:
Python's SSL module doesn't support DTLS (datagram TLS for UDP). The SSL code
doesn't complain when an UDP socket is wrapped in a SSL socket. It happily
sends the bytes unprotected and not encrypted over the wire:
>>> import ssl, socket
>>> sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
>>> ssock = ssl.wrap_socket(sock)
>>> ssock.sendto(b"data", ("localhost", 12345))
4
TCP sockets at least complain that the connection hasn't been established yet.
>>> sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
>>> ssock = ssl.wrap_socket(sock)
>>> ssock.sendto(b"data", ("localhost", 12345))
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/home/heimes/dev/python/cpython/Lib/ssl.py", line 517, in sendto
return socket.sendto(self, data, flags_or_addr)
BrokenPipeError: [Errno 32] Broken pipe
----------
components: Extension Modules
messages: 201535
nosy: christian.heimes
priority: normal
severity: normal
status: open
title: Neither DTLS nor error for SSLSocket.sendto() of UDP socket
type: behavior
versions: Python 2.7, Python 3.3, Python 3.4
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue19422>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
