Issue #23804: Fix SSL recv/read(0) to not return 1024 bytes

2016-03-28 00:22:09 +00:00 · 2016-03-28 00:22:09 +00:00 · f6b1d66a3c
parent ce913877e4
commit f6b1d66a3c
4 changed files with 15 additions and 5 deletions
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@ -842,7 +842,7 @@ SSL Sockets

 SSL sockets also have the following additional methods and attributes:

-.. method:: SSLSocket.read(len=0, buffer=None)
+.. method:: SSLSocket.read(len=1024, buffer=None)

   Read up to *len* bytes of data from the SSL socket and return the result as
   a ``bytes`` instance. If *buffer* is specified, then read into the buffer
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@ -561,7 +561,7 @@ class SSLObject:
        server hostame is set."""
        return self._sslobj.server_hostname

-    def read(self, len=0, buffer=None):
+    def read(self, len=1024, buffer=None):
        """Read up to 'len' bytes from the SSL object and return them.

        If 'buffer' is provided, read into this buffer and return the number of
@ -570,7 +570,7 @@ class SSLObject:
        if buffer is not None:
            v = self._sslobj.read(len, buffer)
        else:
-            v = self._sslobj.read(len or 1024)
+            v = self._sslobj.read(len)
        return v

    def write(self, data):
@ -776,7 +776,7 @@ class SSLSocket(socket):
            # EAGAIN.
            self.getpeername()

-    def read(self, len=0, buffer=None):
+    def read(self, len=1024, buffer=None):
        """Read up to LEN bytes and return them.
        Return zero-length string on EOF."""

--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@ -2792,13 +2792,20 @@ else:
                        # consume data
                        s.read()

-                # read(-1, buffer) is supported, even though read(-1) is not
                data = b"data"
+
+                # read(-1, buffer) is supported, even though read(-1) is not
                s.send(data)
                buffer = bytearray(len(data))
                self.assertEqual(s.read(-1, buffer), len(data))
                self.assertEqual(buffer, data)

+                # recv/read(0) should return no data
+                s.send(data)
+                self.assertEqual(s.recv(0), b"")
+                self.assertEqual(s.read(0), b"")
+                self.assertEqual(s.read(), data)
+
                # Make sure sendmsg et al are disallowed to avoid
                # inadvertent disclosure of data and/or corruption
                # of the encrypted data stream
--- a/Misc/NEWS
+++ b/Misc/NEWS
@ -101,6 +101,9 @@ Library
 - Issue #26644: Raise ValueError rather than SystemError when a negative
  length is passed to SSLSocket.recv() or read().

+- Issue #23804: Fix SSL recv(0) and read(0) methods to return zero bytes
+  instead of up to 1024.
+
 - Issue #26616: Fixed a bug in datetime.astimezone() method.

 - Issue #21925: :func:`warnings.formatwarning` now catches exceptions on