Merged revisions 79448 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/trunk

........
  r79448 | antoine.pitrou | 2010-03-26 20:27:16 +0100 (ven., 26 mars 2010) | 6 lines

  Issue #8222: Enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that blocking
  reads and writes are always retried by OpenSSL itself.

  (this is a followup to issue #3890)
........

2 files changed, 4 insertions, 3 deletions

diff --git a/Misc/NEWS b/Misc/NEWS
index 588e05b..ea0ebb4 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -32,7 +32,9 @@ Library
   didn't support chflags() (for example ZFS under FreeBSD).  The error is
   now silenced.
 
-- Issue #3890: Fix recv() and recv_into() on non-blocking SSL sockets.
+- Issue #3890, #8222: Fix recv() and recv_into() on non-blocking SSL sockets.
+  Also, enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that blocking
+  reads and writes are always retried by OpenSSL itself.
 
 - Issue #6544: fix a reference leak in the kqueue implementation's error
   handling.
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 4b0958a..e08a2db 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -9,8 +9,6 @@
    directly.
 
    XXX should partial writes be enabled, SSL_MODE_ENABLE_PARTIAL_WRITE?
-
-   XXX what about SSL_MODE_AUTO_RETRY?
 */
 
 #include "Python.h"
@@ -370,6 +368,7 @@ newPySSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file,
 	self->ssl = SSL_new(self->ctx); /* New ssl struct */
 	PySSL_END_ALLOW_THREADS
 	SSL_set_fd(self->ssl, Sock->sock_fd);	/* Set the socket for SSL */
+	SSL_set_mode(self->ssl, SSL_MODE_AUTO_RETRY);
 
 	/* If the socket is in non-blocking mode or timeout mode, set the BIO
 	 * to non-blocking mode (blocking is the default)