[issue18233] SSLSocket.getpeercertchain()
Change by Hiroaki Kawai : -- nosy: +Hiroaki.Kawai ___ Python tracker <https://bugs.python.org/issue18233> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue5305] imaplib should support international mailbox names
Hiroaki Kawai added the comment: the twisted imap API is problematic for imaplib because twisted seems to expect its arguments to already be Python unicode. Could you elaborate on this? As far as I can tell, it works fine: twisted imap4-utf-7 seems to be improved in this 2 years. :-) -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5305 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17672] ssl unclean shutdown
Hiroaki Kawai added the comment:
Please run the test so that you'll see the problem.
2013/4/9 Antoine Pitrou rep...@bugs.python.org
Antoine Pitrou added the comment:
I don't think your patch is right:
- calling unwrap() already shuts down the SSL layer; this is the right way
to do it and is documented as such: Performs the SSL shutdown handshake,
which removes the TLS layer from the underlying socket, and returns the
underlying socket object
- shutdown() right now isn't blocking; if you add a call to SSL shutdown,
it can either block or fail with EAGAIN or similar, which is something
people won't expect
- close() should simply close the file descriptor, like on a regular
socket (if you call socket.close(), it won't shutdown the TCP connection,
especially if there's another file descriptor referencing the same
connection)
As for Modules/_ssl.c, the case where SSL_shutdown() returns 0 is already
handled:
if (err == 0) {
/* Don't loop endlessly; instead preserve legacy
behaviour of trying SSL_shutdown() only twice.
This looks necessary for OpenSSL 0.9.8m */
if (++zeros 1)
break;
/* Shutdown was sent, now try receiving */
self-shutdown_seen_zero = 1;
continue;
}
... so I don't think anything more is necessary.
So I think things are fine right now and your patch shouldn't be applied.
--
nosy: +pitrou
stage: - patch review
versions: -Python 2.6, Python 3.1, Python 3.2, Python 3.5
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17672
___
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17672
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17672] ssl unclean shutdown
Hiroaki Kawai added the comment: Client gets an exception in reading the socket, not in writing. Please run the test code and see what happens. 2013/4/9 Charles-François Natali rep...@bugs.python.org Charles-François Natali added the comment: sometimes RST was sent over the network instead of FIN Your client sends data, but the server never reads it: when a TCP socket is closed while there's still data in the input socket buffer, a RST is sent instead of a FIN. That's normal behaviour. -- nosy: +neologix ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17672] ssl unclean shutdown
Hiroaki Kawai added the comment: As an interface of ssl socket, server does not have to read, just write some data. The client side should be able to read the bytes that ther server sent. The problem is that client will sometimes raise an unexpected SSLError in reading the ssl socket because server side does not shutdown the ssl session cleanly. 2013/4/9 Charles-François Natali rep...@bugs.python.org Charles-François Natali added the comment: Client gets an exception in reading the socket, not in writing. Please run the test code and see what happens. Of course it gets ECONNRESET on subsequent recv(), that's how TCP works. Just make your handler read from the socket and it won't happen anymore. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17672] ssl unclean shutdown
Hiroaki Kawai added the comment: The error looks like : SSLError(8, '_ssl.c:1363: EOF occurred in violation of protocol') But why we see in violation of protocol here? 2013/4/10 Antoine Pitrou rep...@bugs.python.org Antoine Pitrou added the comment: Client gets an exception in reading the socket, not in writing. Yes, it does, and the exception bears the error code SSL_ERROR_EOF (8), which is expected here. The question is: why would you expect reading *not* to raise an exception while the remote end of the connection has been closed? TCPStreamHandler will only keep the connection alive as long as the handle() method is running, the connection is disposed of afterwards. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17672] ssl unclean shutdown
Hiroaki Kawai added the comment: Ah, sorry I understood now. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17672] ssl unclean shutdown
Hiroaki Kawai added the comment: I think creating an ssl socket from existing socket from an instance generated by library routine, and replace that socket with ssl socket is very common usage. Injecting wrap_socket is very easy. But injecting unwrap call is not easy. In python 2.6, I got a plain socket.error of connection reset (not SSLError) in client side in such situation without unwrap in server side. The same code does not raise exception in python 2.7, which I don't know why... Any way, reading the data in server side will solve the problem, thanks. 2013/4/10 Antoine Pitrou rep...@bugs.python.org Antoine Pitrou added the comment: The error looks like : SSLError(8, '_ssl.c:1363: EOF occurred in violation of protocol') But why we see in violation of protocol here? Because the SSL layer wasn't shutdown cleanly: the TCP connection was closed while the SSL layer was still active. You have three solutions around this: - you can call unwrap() for a clean SSL shutdown (the server has to call unwrap() too). - you can use suppress_ragged_eofs=True with wrap_socket() - you can simply avoid reading past the server's data, which will solve the problem altogether -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17672] ssl clean shutdown
New submission from Hiroaki Kawai: When using ssl module, I sometimes get unexpected error. The observed error varies in different situations. After the investigation, I found the reason was that ssl shutdown was not performed and sometimes RST was sent over the network instead of FIN. I created a patch against 2.7 branch. -- components: Library (Lib) files: python27.patch keywords: patch messages: 186372 nosy: Hiroaki.Kawai priority: normal severity: normal status: open title: ssl clean shutdown type: behavior versions: Python 2.6, Python 2.7, Python 3.1, Python 3.2, Python 3.3, Python 3.4, Python 3.5 Added file: http://bugs.python.org/file29750/python27.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17672] ssl unclean shutdown
Changes by Hiroaki Kawai hiroaki.ka...@gmail.com: -- title: ssl clean shutdown - ssl unclean shutdown ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17672 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue13640] add mimetype for application/vnd.apple.mpegurl
New submission from Hiroaki Kawai hiroaki.ka...@gmail.com: Add application/vnd.apple.mpegurl, which is used by smartphones recently. It is registered in IANA : http://www.iana.org/assignments/media-types/application/vnd.apple.mpegurl An application is described in http://tools.ietf.org/html/draft-pantos-http-live-streaming-07 -- components: Library (Lib) files: mimetypes.patch keywords: patch messages: 149898 nosy: Hiroaki.Kawai priority: normal severity: normal status: open title: add mimetype for application/vnd.apple.mpegurl type: behavior versions: Python 2.7, Python 3.1, Python 3.2, Python 3.3, Python 3.4 Added file: http://bugs.python.org/file24058/mimetypes.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue13640 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue5305] imaplib should support international mailbox names
Hiroaki Kawai hiroaki.ka...@gmail.com added the comment: twisted's code does not work good for \t, \r, \n, those characters must encoded in modified base64 form according to RFC 3501. -- nosy: +Hiroaki.Kawai ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5305 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
