Issue #16357: fix calling accept() on a SSLSocket created through SSLContext.wrap_socket().
Original patch by Jeff McNeil.
This commit is contained in:
Antoine Pitrou
parent
df3abec2c9
commit
5c89b4ec55
15
Lib/ssl.py
15
Lib/ssl.py
|
|
@ -491,16 +491,11 @@ class SSLSocket(socket):
|
||||||
SSL channel, and the address of the remote client."""
|
SSL channel, and the address of the remote client."""
|
||||||
|
|
||||||
newsock, addr = socket.accept(self)
|
newsock, addr = socket.accept(self)
|
||||||
return (SSLSocket(sock=newsock,
|
newsock = self.context.wrap_socket(newsock,
|
||||||
keyfile=self.keyfile, certfile=self.certfile,
|
do_handshake_on_connect=self.do_handshake_on_connect,
|
||||||
server_side=True,
|
suppress_ragged_eofs=self.suppress_ragged_eofs,
|
||||||
cert_reqs=self.cert_reqs,
|
server_side=True)
|
||||||
ssl_version=self.ssl_version,
|
return newsock, addr
|
||||||
ca_certs=self.ca_certs,
|
|
||||||
ciphers=self.ciphers,
|
|
||||||
do_handshake_on_connect=
|
|
||||||
self.do_handshake_on_connect),
|
|
||||||
addr)
|
|
||||||
|
|
||||||
def __del__(self):
|
def __del__(self):
|
||||||
# sys.stderr.write("__del__ on %s\n" % repr(self))
|
# sys.stderr.write("__del__ on %s\n" % repr(self))
|
||||||
|
|
|
||||||
|
|
@ -1610,6 +1610,42 @@ else:
|
||||||
t.join()
|
t.join()
|
||||||
server.close()
|
server.close()
|
||||||
|
|
||||||
|
def test_server_accept(self):
|
||||||
|
# Issue #16357: accept() on a SSLSocket created through
|
||||||
|
# SSLContext.wrap_socket().
|
||||||
|
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
||||||
|
context.verify_mode = ssl.CERT_REQUIRED
|
||||||
|
context.load_verify_locations(CERTFILE)
|
||||||
|
context.load_cert_chain(CERTFILE)
|
||||||
|
server = socket.socket(socket.AF_INET)
|
||||||
|
host = "127.0.0.1"
|
||||||
|
port = support.bind_port(server)
|
||||||
|
server = context.wrap_socket(server, server_side=True)
|
||||||
|
|
||||||
|
evt = threading.Event()
|
||||||
|
remote = None
|
||||||
|
peer = None
|
||||||
|
def serve():
|
||||||
|
nonlocal remote, peer
|
||||||
|
server.listen(5)
|
||||||
|
# Block on the accept and wait on the connection to close.
|
||||||
|
evt.set()
|
||||||
|
remote, peer = server.accept()
|
||||||
|
remote.recv(1)
|
||||||
|
|
||||||
|
t = threading.Thread(target=serve)
|
||||||
|
t.start()
|
||||||
|
# Client wait until server setup and perform a connect.
|
||||||
|
evt.wait()
|
||||||
|
client = context.wrap_socket(socket.socket())
|
||||||
|
client.connect((host, port))
|
||||||
|
client_addr = client.getsockname()
|
||||||
|
client.close()
|
||||||
|
t.join()
|
||||||
|
# Sanity checks.
|
||||||
|
self.assertIsInstance(remote, ssl.SSLSocket)
|
||||||
|
self.assertEqual(peer, client_addr)
|
||||||
|
|
||||||
def test_default_ciphers(self):
|
def test_default_ciphers(self):
|
||||||
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
||||||
try:
|
try:
|
||||||
|
|
|
||||||
|
|
@ -159,6 +159,9 @@ Core and Builtins
|
||||||
Library
|
Library
|
||||||
-------
|
-------
|
||||||
|
|
||||||
|
- Issue #16357: fix calling accept() on a SSLSocket created through
|
||||||
|
SSLContext.wrap_socket(). Original patch by Jeff McNeil.
|
||||||
|
|
||||||
- Issue #16350: zlib.Decompress.decompress() now accumulates data from
|
- Issue #16350: zlib.Decompress.decompress() now accumulates data from
|
||||||
successive calls after EOF in unused_data, instead of only saving the argument
|
successive calls after EOF in unused_data, instead of only saving the argument
|
||||||
to the last call. Patch by Serhiy Storchaka.
|
to the last call. Patch by Serhiy Storchaka.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue