summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAntoine Pitrou <solipsis@pitrou.net>2010-03-26 19:33:53 (GMT)
committerAntoine Pitrou <solipsis@pitrou.net>2010-03-26 19:33:53 (GMT)
commitcfd6200db5642772ba3578881fac7216e809f89c (patch)
tree0c52b69dba9eef1aad0db4d9ab79d3e55e38f219
parentb5f062703e6950bbf0d40779c98b868b474d0f99 (diff)
downloadcpython-cfd6200db5642772ba3578881fac7216e809f89c.zip
cpython-cfd6200db5642772ba3578881fac7216e809f89c.tar.gz
cpython-cfd6200db5642772ba3578881fac7216e809f89c.tar.bz2
Merged revisions 79448 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk ........ r79448 | antoine.pitrou | 2010-03-26 20:27:16 +0100 (ven., 26 mars 2010) | 6 lines Issue #8222: Enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that blocking reads and writes are always retried by OpenSSL itself. (this is a followup to issue #3890) ........
-rw-r--r--Misc/NEWS4
-rw-r--r--Modules/_ssl.c3
2 files changed, 4 insertions, 3 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 588e05b..ea0ebb4 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -32,7 +32,9 @@ Library
didn't support chflags() (for example ZFS under FreeBSD). The error is
now silenced.
-- Issue #3890: Fix recv() and recv_into() on non-blocking SSL sockets.
+- Issue #3890, #8222: Fix recv() and recv_into() on non-blocking SSL sockets.
+ Also, enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that blocking
+ reads and writes are always retried by OpenSSL itself.
- Issue #6544: fix a reference leak in the kqueue implementation's error
handling.
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 4b0958a..e08a2db 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -9,8 +9,6 @@
directly.
XXX should partial writes be enabled, SSL_MODE_ENABLE_PARTIAL_WRITE?
-
- XXX what about SSL_MODE_AUTO_RETRY?
*/
#include "Python.h"
@@ -370,6 +368,7 @@ newPySSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file,
self->ssl = SSL_new(self->ctx); /* New ssl struct */
PySSL_END_ALLOW_THREADS
SSL_set_fd(self->ssl, Sock->sock_fd); /* Set the socket for SSL */
+ SSL_set_mode(self->ssl, SSL_MODE_AUTO_RETRY);
/* If the socket is in non-blocking mode or timeout mode, set the BIO
* to non-blocking mode (blocking is the default)