Re: [web2py] Re: web2py 1.99.2 is OUT

Mon, 26 Sep 2011 10:17:49 -0700 

On Sep 26, 2011, at 10:11 AM, Timothy Farrell wrote:

> I guess I could expound upon that a little more.  Rocket does not
> allow insecure connections on secure sockets.  So if a secure
> connection fails for whatever reason it will fail (here
> https://github.com/explorigin/Rocket/blob/master/rocket/listener.py#L106
> ) but what happens is that the returned socket is a normal socket not
> an SSLSocket.  The actual detection is a combination of things:
> 
> 1) The Connection object detects if the connection is secure or not
> and also records if it should be secure (here:
> https://github.com/explorigin/Rocket/blob/master/rocket/connection.py#L45
> )
> 2) The Worker class compares these values such that if a socket is
> supposed to be secure but is not, it will close the connection and not
> process the request (here: 
> https://github.com/explorigin/Rocket/blob/master/rocket/worker.py#L155
> ).  The code is not awesomely concise, but the net effect is that no
> insecure connections get processed as secure ones.
> 
> I left the try/except block in there so that it wouldn't fail there so
> my listener threads weren't also having to handle responses.  There
> seemed little reason to log the error (to me) since if things were
> setup correctly, it wouldn't error in interesting scenarios.  However
> it's useful when developing (as Michele figured out) to add a log line
> there.
> 
> I'm open to there being a log line there but I think it will overload
> the logfiles with useless messages because there are scanners all over
> the internet that try to connect to secure sockets insecurely all the
> time.
> 
> I'm open to ideas.  Share them with me. =)

Thanks for chiming in, Tim. Is the exception that's showing up consistent with 
an insecure request on a secure socket? The error seems a little obscure, but I 
suppose that shouldn't surprise me.

ERROR:Rocket.Errors.Port8000:SSL Error: Tranceback (most recent call last):
  File "/media/psf/Python/web2py/gluon/rocket.py", line 512, in wrap_socket
    ssl_version = ssl.PROTOCOL_SSLv23
  File "/usr/lib/python2.6/ssl.py", line 350, in wrap_socket
    suppress_ragged_eofs=suppress_ragged_eofs)
  File "/usr/lib/python2.6/ssl.py", line 118, in __init__
    self.do_handshake()
  File "/url/lib/python2.6/ssl.py", line 293, in do_handshake
    self._sslobj.do_handshake()
SSLError: [Errno 8] _ssl.c:480: EOF occurred in violation of protocol

Reply via email to