Issue 1223: httplib does not handle ssl end of file properly (original) (raw)

Created on 2007-10-01 00:50 by Richie, last changed 2022-04-11 14:56 by admin. This issue is now closed.

Files
File name Uploaded Description Edit
e janssen,2007-10-28 13:10
Messages (7)
msg56203 - (view) Author: Richie Ward (Richie) Date: 2007-10-01 00:50
I was using httplib to power my xml rpc script. I had problems when I wanted to use SSL and I got this error: File "/usr/lib/python2.5/httplib.py", line 1109, in recv return self._ssl.read(len) socket.sslerror: (8, 'EOF occurred in violation of protocol') I figured out this was because of poor error handling in python. May I suggest this as a fix to this bug: $ diff /usr/lib/python2.5/httplib.py /usr/lib/python2.5/httplib.py~ 1109,1112c1109 < try: < return self._ssl.read(len) < except socket.sslerror: < return --- > return self._ssl.read(len) Just a note. I am by no means a python expert, just good enough to get my work done. I use Ubuntu gutsy.
msg56208 - (view) Author: Brett Cannon (brett.cannon) * (Python committer) Date: 2007-10-01 18:33
Patch is inlined in the opening comment for the issue.
msg56879 - (view) Author: Bill Janssen (janssen) * (Python committer) Date: 2007-10-28 13:10
I have a slightly different version of this patch in the new SSL code. It (optionally, but defaulting to True) catches SSL_ERROR_EOF and returns None, but allows other ssl errors to go through.
msg58410 - (view) Author: Bill Janssen (janssen) * (Python committer) Date: 2007-12-11 03:13
I'll close this when the fix gets into all the branches (right now it's in the pre-2.6 code, and in the 3K code, but not yet in the 2.6 branch).
msg61570 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2008-01-23 08:51
I've set version to 2.6 and priority to high so we don't forget it.
msg68979 - (view) Author: Bill Janssen (janssen) * (Python committer) Date: 2008-06-30 01:06
I believe this is now fixed in the SVN. There's a new parameter on SSLSocket, suppress_ragged_eofs, which allows it to be enabled selectively, but default to True.
msg273209 - (view) Author: Martin Panter (martin.panter) * (Python committer) Date: 2016-08-20 13:21
I think the default of suppress_ragged_eofs=True was a bad idea because by default you cannot tell a secure EOF signal from an insecure error; see Issue 27815.
History
Date User Action Args
2022-04-11 14:56:27 admin set github: 45564
2016-08-20 13:21:13 martin.panter set nosy: + martin.pantermessages: +
2008-12-05 09:43:30 georg.brandl set status: open -> closed
2008-09-04 01:20:43 janssen set resolution: accepted -> fixed
2008-06-30 01:06:54 janssen set resolution: acceptedmessages: +
2008-01-23 08:51:25 christian.heimes set priority: highnosy: + christian.heimesmessages: + versions: + Python 2.6, - Python 2.5
2008-01-23 08:35:49 gregory.p.smith set assignee: janssen
2008-01-05 11:32:54 vila set nosy: + vila
2007-12-11 03:13:21 janssen set messages: +
2007-10-28 13:10:58 janssen set files: + enosy: + janssenmessages: +
2007-10-01 18:33:18 brett.cannon set keywords: + patchtype: crash -> behaviormessages: + nosy: + brett.cannon
2007-10-01 00:51:12 Richie set versions: + Python 2.5, - Python 2.6
2007-10-01 00:50:09 Richie create