Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython2 / 513886aabb634d4b46c6727340c396faf8f7e2b4^! / . / Lib / test / test_ssl.py
commit513886aabb634d4b46c6727340c396faf8f7e2b4[log] [tgz]
authorNick Coghlan <ncoghlan@gmail.com>Sun Aug 28 00:00:27 2011 +1000
committerNick Coghlan <ncoghlan@gmail.com>Sun Aug 28 00:00:27 2011 +1000
tree0f926dc985f644ca8fcb1e234c31d3e54f7e5506
parenta89c32ccd9d9ce12a888f9f4b8a0dc1c644066ed [diff] [blame]
Fix #12835: prevent use of the unencrypted sendmsg/recvmsg APIs on SSL wrapped sockets (Patch by David Watson)

diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index a4c1773..e386325 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py

@@ -1651,6 +1651,14 @@
                         # consume data
                         s.read()
 
+                # Make sure sendmsg et al are disallowed to avoid
+                # inadvertent disclosure of data and/or corruption
+                # of the encrypted data stream
+                self.assertRaises(NotImplementedError, s.sendmsg, [b"data"])
+                self.assertRaises(NotImplementedError, s.recvmsg, 100)
+                self.assertRaises(NotImplementedError,
+                                  s.recvmsg_into, bytearray(100))
+
                 s.write(b"over\n")
                 s.close()
             finally: