Antoine Pitrou <pit...@free.fr> added the comment: > The patch seems ok to me. This is how it was supposed to be in the > first place if ssl.py behaved as expected with non blocking sockets.
Ok, patch applied. In light of the recv() and recv_into() implementation change, I also think we should enable SSL_MODE_AUTO_RETRY for SSL sockets. It prevents blocking read() calls from getting SSL_ERROR_WANT_READ at all. (previously, we would loop manually in recv() and recv_into(); letting the C OpenSSL runtime do it for us is certainly more efficient) See description in http://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html: « SSL_MODE_AUTO_RETRY Never bother the application with retries if the transport is blocking. If a renegotiation take place during normal operation, a SSL_read(3) or SSL_write(3) would return with -1 and indicate the need to retry with SSL_ERROR_WANT_READ. In a non-blocking environment applications must be prepared to handle incomplete read/write operations. In a blocking environment, applications are not always prepared to deal with read/write operations returning without success report. The flag SSL_MODE_AUTO_RETRY will cause read/write operations to only return after the handshake and successful completion. » ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue3890> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com