+1. Thanks!
Which tests?
On Wednesday, April 4, 2018, Christian Heimes wrote:
> Hi,
>
> I like to share the story of a critical security bug with you. Contrary
> to other issues in TLS/SSL, it's a story with happy ending. Nobody was
> harmed. The bug was fixed before it
Nice work! Something to add to our "finding C compiler bugs" list of
accomplishments.
On Wed, Apr 4, 2018, 13:39 Christian Heimes, wrote:
> Hi,
>
> I like to share the story of a critical security bug with you. Contrary
> to other issues in TLS/SSL, it's a story with
Hi,
I like to share the story of a critical security bug with you. Contrary
to other issues in TLS/SSL, it's a story with happy ending. Nobody was
harmed. The bug was fixed before it affected the general population.
Introduction
Python's ssl.match_hostname() function was a source
Is there a place where the status of the ssl module is summarized
The documentation of the ssl module should describe its features
correctly and precisely.
or a better place to discuss this? I could try to provide contributions or
further details if appropriate.
For contributions, this is
Hello,
I would like to ask a few questions and suggestions regarding the ssl
module (in Python 2.6). (I gather from [1] that there is some effort
going on to enhance the ssl API, but I'm not sure if this is the right
place to discuss it.)
Like other Python users, I was a bit surprised by
Bruno Harbulot bruno.harbu...@manchester.ac.uk wrote:
Hello,
I would like to ask a few questions and suggestions regarding the ssl
module (in Python 2.6). (I gather from [1] that there is some effort
going on to enhance the ssl API, but I'm not sure if this is the right
place to discuss
Some good news: I finally figured out how to modify asyncore to make
it properly handle the non-blocking ssl-handshake.
I provided a patch for test_ssl.py in issue 3899.
Bill, could you please review it?
--- Giampaolo
http://code.google.com/p/pyftpdlib/
On 18 Set, 00:49, Giampaolo Rodola'
Giampaolo Rodola' [EMAIL PROTECTED] wrote:
2 - By reading ssl.py code I noticed that when do_handshake_on_connect
flag is False the do_handshake() method is never called. Is it
supposed to be manually called when dealing with non-blocking sockets?
Yes. Look at the example client in
Giampaolo Rodola' [EMAIL PROTECTED] wrote:
I change my question: how am I supposed to know when the SSL hanshake
is completed? When pending() returns False?
When do_handshake() doesn't raise an exception.
Bill
___
Python-Dev mailing list
Giampaolo Rodola' [EMAIL PROTECTED] wrote:
In the meanwhile I noticed something in the ssl.py code which seems to
be wrong:
def recv (self, buflen=1024, flags=0):
if self._sslobj:
if flags != 0:
raise ValueError(
non-zero flags
Ah, now I remember. It seems that sometimes when SSL_ERROR_WANT_READ
was returned, things would block; that is, the handle_read method on
asyncore.dispatcher was never called again, so the SSLSocket.recv()
method was never re-called. There are several levels of buffering going
on, and I never
On Wed, 17 Sep 2008 10:40:01 PDT, Bill Janssen [EMAIL PROTECTED] wrote:
Ah, now I remember. It seems that sometimes when SSL_ERROR_WANT_READ
was returned, things would block; that is, the handle_read method on
asyncore.dispatcher was never called again, so the SSLSocket.recv()
method was never
Jean-Paul Calderone [EMAIL PROTECTED] wrote:
On Wed, 17 Sep 2008 10:40:01 PDT, Bill Janssen [EMAIL PROTECTED] wrote:
Ah, now I remember. It seems that sometimes when SSL_ERROR_WANT_READ
was returned, things would block; that is, the handle_read method on
asyncore.dispatcher was never called
Bill Janssen wrote:
Jean-Paul Calderone [EMAIL PROTECTED] wrote:
On Wed, 17 Sep 2008 10:40:01 PDT, Bill Janssen [EMAIL PROTECTED] wrote:
Ah, now I remember. It seems that sometimes when SSL_ERROR_WANT_READ
was returned, things would block; that is, the handle_read method on
Ok, here's some news, in case they can be of some interest.
I managed to write an asyncore disptacher which seems to work.
I used my test suite against it and 70 tests passed and 2 failed.
The tests failed because at a certain point a call to do_handhsake
results in an EOF exception, which is very
I've tried to modify my existing asyncore-based code but I'm
encountering a lot of different problems I didn't manage to fix.
It seems that playing with the do_handshake_on_connect flag doesn't
make any difference.
I guess that without some kind of documentation describing how to deal
with
Sorry, ignore my 2nd question, I see now that you already gave a very
clear answer in your first message.
I change my question: how am I supposed to know when the SSL hanshake
is completed? When pending() returns False?
If so I'd recommend to document the method.
--- Giampaolo
On 29 Nov, 06:00, Bill Janssen [EMAIL PROTECTED] wrote:
I think it's simpler to let the SSL module do it, even though it comes
at the expense of blocking the thread till the handshake is complete.
That's essentially what happens already. The question is whether the
SSL setup code is allowed
No, the SSL code should NOT be allowed to block anything in any case,
even though the handshake is still not completed, in which case just
retry it at a later time.
That's why there's do_handshake_on_connect in the first place. I'm
just talking about what the SSL module should do if you don't
I tried to write a simple asyncore-based server code, then I used a
simple client to establish a connection with it.
Once the client is connected server raises the following exception:
I think this is a bug. Thanks!
The issue is that the internal call to do_handshake() doesn't handle
On 29 Nov, 00:26, Bill Janssen [EMAIL PROTECTED] wrote:
I tried to write a simple asyncore-based server code, then I used a
simple client to establish a connection with it.
Once the client is connected server raises the following exception:
I think this is a bug. Thanks!
You're welcome.
It does raise the same exception.
Hmmm, not in my version.
Are there plans for fixing this?
Yes, it's fixed in my CVS, and I'll upload a new version to PyPI when
I get a chance.
Using that kind of workaround is not acceptable in any case (select
module shouldn't even get imported when
On 29 Nov, 03:27, Bill Janssen [EMAIL PROTECTED] wrote:
It does raise the same exception.
Hmmm, not in my version.
Are there plans for fixing this?
Yes, it's fixed in my CVS, and I'll upload a new version to PyPI when
I get a chance.
Using that kind of workaround is not acceptable in
IMO, it's not reasonable since the application could use something
different than select.select(), like select.poll() or something else
again.
As I said before, you can do away with select or poll altogether if
you write a state machine for your asyncore dispatcher. Asyncore will
tell you
I tried to write a simple asyncore-based server code, then I used a
simple client to establish a connection with it.
Once the client is connected server raises the following exception:
--- snippet ---
C:\Documents and Settings\billiejoex\Desktop\testtest.py
[]127.0.0.1:3003 Connected.
Traceback
Hi there,
since ssl module is still in development I thought it would have been
better asking such question here instead of on comp.lang.python.
I'm interested in using the ssl module with asyncore but since there's
no real documentation about it yet I've been not able to write
something
On 26 Nov, 19:23, Bill Janssen [EMAIL PROTECTED] wrote:
Hi there,
since ssl module is still in development I thought it would have been
better asking such question here instead of on comp.lang.python.
I'm interested in using the ssl module with asyncore but since there's
no real
I downloaded this one:
http://pypi.python.org/pypi/ssl/1.12
Yes, that's the one.
...which seems to contain the same test-suite used in the current
Not quite.
Python 2.6 distribution available here:
http://svn.python.org/snapshots/
I looked into test/test_ssl.py but I didn't find any test
Hi there,
since ssl module is still in development I thought it would have been
better asking such question here instead of on comp.lang.python.
I'm interested in using the ssl module with asyncore but since there's
no real documentation about it yet I've been not able to write
something useful
Hi there,
since ssl module is still in development I thought it would have been
better asking such question here instead of on comp.lang.python.
I'm interested in using the ssl module with asyncore but since there's
no real documentation about it yet I've been not able to write
something useful
I've posted an sdist version of the 'ssl' module for Pythons 2.3.5 to
2.5.x, at http://www.parc.com/janssen/transient/ssl-1.3.tar.gz. I think
this is 'gold master', but before I upload it to the Cheeseshop, I'd like
to get more testing on a broader variety of platforms.
The intent of this
31 matches
Mail list logo