diff options
| author | Neal Norwitz <nnorwitz@gmail.com> | 2003-06-30 03:25:20 (GMT) |
|---|---|---|
| committer | Neal Norwitz <nnorwitz@gmail.com> | 2003-06-30 03:25:20 (GMT) |
| commit | a9002f824bdca26700a9a6e7b7e6b36a9482e345 (patch) | |
| tree | 4e8f7fac0afb3e32db43fba58d3e52d9c3b99e0c | |
| parent | b346096b656aa23e38edc88de60c3b6dbbaef898 (diff) | |
| download | cpython-a9002f824bdca26700a9a6e7b7e6b36a9482e345.zip cpython-a9002f824bdca26700a9a6e7b7e6b36a9482e345.tar.gz cpython-a9002f824bdca26700a9a6e7b7e6b36a9482e345.tar.bz2 | |
Fix SF #754870, SSL crash interpreter when remote side closes during connect
Also fix a memory leak.
| -rw-r--r-- | Lib/test/test_socket_ssl.py | 38 | ||||
| -rw-r--r-- | Modules/_ssl.c | 3 |
2 files changed, 39 insertions, 2 deletions
diff --git a/Lib/test/test_socket_ssl.py b/Lib/test/test_socket_ssl.py index eb00b9b..ccb8318 100644 --- a/Lib/test/test_socket_ssl.py +++ b/Lib/test/test_socket_ssl.py @@ -2,13 +2,14 @@ from test import test_support import socket +import time # Optionally test SSL support. This requires the 'network' resource as given # on the regrtest command line. skip_expected = not (test_support.is_resource_enabled('network') and hasattr(socket, "ssl")) -def test_main(): +def test_basic(): test_support.requires('network') if not hasattr(socket, "ssl"): raise test_support.TestSkipped("socket module has no ssl support") @@ -28,5 +29,40 @@ def test_main(): buf = f.read() f.close() +def test_rude_shutdown(): + try: + import thread + except ImportError: + return + + # some random port to connect to + PORT = 9934 + def listener(): + s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + s.bind(('', PORT)) + s.listen(5) + s.accept() + del s + thread.exit() + + def connector(): + s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + s.connect(('', PORT)) + try: + ssl_sock = socket.ssl(s) + except socket.sslerror: + pass + else: + raise test_support.TestFailed, \ + 'connecting to closed SSL socket failed' + + thread.start_new_thread(listener, ()) + time.sleep(1) + connector() + +def test_main(): + test_rude_shutdown() + test_basic() + if __name__ == "__main__": test_main() diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 16edadd..27c3297 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -110,7 +110,7 @@ PySSL_SetError(PySSLObject *obj, int ret) { unsigned long e = ERR_get_error(); if (e == 0) { - if (ret == 0) { + if (ret == 0 || !obj->Socket) { p = PY_SSL_ERROR_EOF; errstr = "EOF occurred in violation of protocol"; } else if (ret == -1) { @@ -432,6 +432,7 @@ static PyObject *PySSL_SSLread(PySSLObject *self, PyObject *args) timedout = wait_for_timeout(self->Socket, 0); if (timedout) { PyErr_SetString(PySSLErrorObject, "The read operation timed out"); + Py_DECREF(buf); return NULL; } do { |