| msg239483 - (view) |
Author: Martin Panter (martin.panter) *  |
Date: 2015-03-29 10:30 |
| The documentation claims that SSL socket objects provide some of the same methods as plain socket objects, including recv(), and that the “bufsize” parameter specifies the maximum amount of data to be received. With ordinary sockets, socket.recv(0) always seems to return zero bytes (b""), as expected. But not so with SSL sockets: >>> import socket, ssl >>> s = ssl.wrap_socket(socket.create_connection(("localhost", 631))) >>> s.sendall(b"GET / HTTP/1.1\r\nHost: localhost\r\n\r\n") 35 >>> len(s.recv(0)) 263 >>> len(s.recv(0)) 1024 The call will hang or raise SSLWantReadError when no data is actually available. Looking at the code, the value of zero seems to be used as a placeholder for a default of 1024 in SSLObject.read(). Either the SSL module should be fixed to return no bytes (my preference), or the documentation needs to warn that the recv(0) is not supported, or does not work the same as for plain sockets. SSLSocket.read() might also be affected. |
|
|
| msg243244 - (view) |
Author: Martin Panter (martin.panter) * |
Date: 2015-05-15 05:04 |
| Here is a patch for 3.5 that changes the default size to explicitly be 1024, and tests that recv(0) and read(0) now work as I expect they should by returning nothing. |
|
|
| msg262549 - (view) |
Author: Roundup Robot (python-dev)  |
Date: 2016-03-28 03:08 |
| New changeset 7a3c5f7dda86 by Martin Panter in branch '3.5': Issue #23804: Fix SSL recv/read(0) to not return 1024 bytes https://hg.python.org/cpython/rev/7a3c5f7dda86 New changeset 72c457f9533a by Martin Panter in branch 'default': Issue #23804: Merge SSL zero read fix from 3.5 https://hg.python.org/cpython/rev/72c457f9533a New changeset f4cff2bf9903 by Martin Panter in branch '2.7': Issue #23804: Fix SSL recv/read(0) to not return 1024 bytes https://hg.python.org/cpython/rev/f4cff2bf9903 |
|
|
| msg269344 - (view) |
Author: Martin Panter (martin.panter) * |
Date: 2016-06-27 04:32 |
| This was not fixed properly. The first symptom is that recv(0) etc still blocks if the other end sends no data. The second symptom is that it does not work with suppress_ragged_eofs=False. The problem is SSL is still called to do a read, which returns zero, and that seems to be interpreted as some kind of EOF or shutdown indicator. (IMO suppress_ragged_eofs=True is a bad default. It essentially treats a man-in-the-middle shutdown as a genuine secure shutdown, but that would be a separate issue.) |
|
|
| msg270152 - (view) |
Author: Roundup Robot (python-dev) |
Date: 2016-07-11 01:38 |
| New changeset 74856df7e55b by Martin Panter in branch '3.5': Issue #23804: Fix SSL zero-length recv() calls to not block and raise EOF https://hg.python.org/cpython/rev/74856df7e55b New changeset 43d7e5fb3bc2 by Martin Panter in branch '2.7': Issue #23804: Fix SSL zero-length recv() calls to not block and raise EOF https://hg.python.org/cpython/rev/43d7e5fb3bc2 New changeset 4ef2404d343e by Martin Panter in branch 'default': Issue #23804: Merge SSL recv() fix from 3.5 https://hg.python.org/cpython/rev/4ef2404d343e |
|
|
| msg270177 - (view) |
Author: Roundup Robot (python-dev) |
Date: 2016-07-11 13:20 |
| New changeset df908a9d97a6 by Martin Panter in branch 'default': Issue #23804: Merge spelling and NEWS fixes from 3.5 https://hg.python.org/cpython/rev/df908a9d97a6 |
|
|
| msg270180 - (view) |
Author: Martin Panter (martin.panter) * |
Date: 2016-07-11 13:29 |
| Oops, that last merge is not related to this |
|
|