The problem has occured many times before like bugs https://sourceforge.net/tracker/?group_id=5470&atid= 105470&func=detail&aid=1353269 https://sourceforge.net/tracker/?group_id=5470&atid= 105470&func=detail&aid=977680 https://sourceforge.net/tracker/index.php?func=detail&; aid=1098618&group_id=5470&atid=105470 This also fixes this bug: https://sourceforge.net/tracker/index.php?func=detail&; aid=1166206&group_id=5470&atid=105470 Example test: import socket s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.settimeout(30.0) # connect to service which issues an welcome banner (without need to write anything) s.connect(("gmail.org", 995)) ss = socket.ssl(s) # read part of return welcome banner twice,# read part of return welcome banner twice ss.read(1) ss.read(1) s.close() it will cause socket.sslerror: The read operation timed out on the second read() This is because _ssl.so modules doesn't handle SSL reads properly. The problem is in Modules/_ssl.c: PySSL_SSLread() we have: sockstate = check_socket_and_wait_for_timeout (self->Socket, self->ssl, 0); // XXXX HERE XXX if (sockstate == SOCKET_HAS_TIMED_OUT) { PyErr_SetString(PySSLErrorObject, "The read operation timed out"); Py_DECREF(buf); return NULL; } do {.... What will happen if SSL layer already read data and have that data in it's own buffers? The function check_ socket_and_wait_for_timeout() doing select(readfds) will wait forever until timeout occurs. The solution is to use http://www.openssl.org/docs/ssl/SSL_pending. html function. The attached patch fixes the problem and also adds test for python test suite.
