commit 495bd035662fda29639f9d52bb6baebea31d72fa
author Dima Tisnek <dimaqq@gmail.com> Sun Aug 16 02:01:19 2020 +0900
committer GitHub <noreply@github.com> Sat Aug 15 10:01:19 2020 -0700
tree 54e403651513c3ac77a15e83ae73d2c369194951
parent 40e700ad042089120456cc2ee79b8ca69479416b

bpo-31122: ssl.wrap_socket() now raises ssl.SSLEOFError rather than OSError when peer closes connection during TLS negotiation (GH-18772)



[bpo-31122](): ssl.wrap_socket() now raises ssl.SSLEOFError rather than OSError when peer closes connection during TLS negotiation

Reproducer: http://tiny.cc/f4ztnz (tiny url because some bot keeps renaming b.p.o.-nnn as bpo links)

Misc/NEWS.d/next/Library/2020-03-11-07-44-06.bpo-31122.zIQ80l.rst

diff --git a/Misc/NEWS.d/next/Library/2020-03-11-07-44-06.bpo-31122.zIQ80l.rst b/Misc/NEWS.d/next/Library/2020-03-11-07-44-06.bpo-31122.zIQ80l.rst
new file mode 100644
index 0000000..2e70f7a
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2020-03-11-07-44-06.bpo-31122.zIQ80l.rst
@@ -0,0 +1 @@
+ssl.wrap_socket() now raises ssl.SSLEOFError rather than OSError when peer closes connection during TLS negotiation
\ No newline at end of file

Modules/_ssl.c

diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 55a95dd..cb8f04a 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -805,10 +805,11 @@
                         errno = err.c;
                         return PyErr_SetFromErrno(PyExc_OSError);
                     }
-                    Py_INCREF(s);
-                    s->errorhandler();
-                    Py_DECREF(s);
-                    return NULL;
+                    else {
+                        p = PY_SSL_ERROR_EOF;
+                        type = PySSLEOFErrorObject;
+                        errstr = "EOF occurred in violation of protocol";
+                    }
                 } else { /* possible? */
                     p = PY_SSL_ERROR_SYSCALL;
                     type = PySSLSyscallErrorObject;