Merged revisions 80451-80452 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r80451 | antoine.pitrou | 2010-04-24 21:57:01 +0200 (sam., 24 avril 2010) | 4 lines
The do_handshake() method of SSL objects now adjusts the blocking mode of
the SSL structure if necessary (as other methods already do).
........
r80452 | antoine.pitrou | 2010-04-24 22:04:58 +0200 (sam., 24 avril 2010) | 4 lines
Issue #5103: SSL handshake would ignore the socket timeout and block
indefinitely if the other end didn't respond.
........
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 440c802..9c79af9 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -457,7 +457,8 @@
asyncore.dispatcher_with_send.__init__(self, conn)
self.socket = ssl.wrap_socket(conn, server_side=True,
certfile=certfile,
- do_handshake_on_connect=True)
+ do_handshake_on_connect=False)
+ self._ssl_accepting = True
def readable(self):
if isinstance(self.socket, ssl.SSLSocket):
@@ -465,9 +466,28 @@
self.handle_read_event()
return True
+ def _do_ssl_handshake(self):
+ try:
+ self.socket.do_handshake()
+ except ssl.SSLError, err:
+ if err.args[0] in (ssl.SSL_ERROR_WANT_READ,
+ ssl.SSL_ERROR_WANT_WRITE):
+ return
+ elif err.args[0] == ssl.SSL_ERROR_EOF:
+ return self.handle_close()
+ raise
+ except socket.error, err:
+ if err.args[0] == errno.ECONNABORTED:
+ return self.handle_close()
+ else:
+ self._ssl_accepting = False
+
def handle_read(self):
- data = self.recv(1024)
- self.send(data.lower())
+ if self._ssl_accepting:
+ self._do_ssl_handshake()
+ else:
+ data = self.recv(1024)
+ self.send(data.lower())
def handle_close(self):
self.close()
@@ -1226,6 +1246,61 @@
server.stop()
server.join()
+ def test_handshake_timeout(self):
+ # Issue #5103: SSL handshake must respect the socket timeout
+ server = socket.socket(socket.AF_INET)
+ host = "127.0.0.1"
+ port = test_support.bind_port(server)
+ started = threading.Event()
+ finish = False
+
+ def serve():
+ server.listen(5)
+ started.set()
+ conns = []
+ while not finish:
+ r, w, e = select.select([server], [], [], 0.1)
+ if server in r:
+ # Let the socket hang around rather than having
+ # it closed by garbage collection.
+ conns.append(server.accept()[0])
+
+ t = threading.Thread(target=serve)
+ t.start()
+ started.wait()
+
+ try:
+ try:
+ c = socket.socket(socket.AF_INET)
+ c.settimeout(0.2)
+ c.connect((host, port))
+ # Will attempt handshake and time out
+ try:
+ ssl.wrap_socket(c)
+ except ssl.SSLError, e:
+ self.assertTrue("timed out" in str(e), str(e))
+ else:
+ self.fail("SSLError wasn't raised")
+ finally:
+ c.close()
+ try:
+ c = socket.socket(socket.AF_INET)
+ c.settimeout(0.2)
+ c = ssl.wrap_socket(c)
+ # Will attempt handshake and time out
+ try:
+ c.connect((host, port))
+ except ssl.SSLError, e:
+ self.assertTrue("timed out" in str(e), str(e))
+ else:
+ self.fail("SSLError wasn't raised")
+ finally:
+ c.close()
+ finally:
+ finish = True
+ t.join()
+ server.close()
+
def test_main(verbose=False):
if skip_expected: