Message 306232 - Python tracker (original) (raw)

The bugfix could be backported to Python 3.6 but I very not sure about the need for 3.5. It is a desirable fix but not secure.

The attached script looks very innocent, and it's worrisome that it's that easy to make an asyncio SSL server to leak sockets in some contexts. I think it's OK to fix 3.5, but let's make the final decision when we have an approved PR.

I merged Nick's PR once, but then it introduced some problems on buildbots (https://bugs.python.org/msg295659), so I reverted the commit.

I'd suggest to look at the attached script again (scratch_1.py) and try to understand what exactly causes the problem with that specific Apache server version. I'd also suggest to come up with a functional unittest that reproduces it (you can grab some testing utilities from the uvloop project).