diff options
| author | Nick Coghlan <ncoghlan@gmail.com> | 2011-08-27 14:00:27 (GMT) |
|---|---|---|
| committer | Nick Coghlan <ncoghlan@gmail.com> | 2011-08-27 14:00:27 (GMT) |
| commit | 513886aabb634d4b46c6727340c396faf8f7e2b4 (patch) | |
| tree | 0f926dc985f644ca8fcb1e234c31d3e54f7e5506 /Lib/ssl.py | |
| parent | a89c32ccd9d9ce12a888f9f4b8a0dc1c644066ed (diff) | |
| download | cpython-513886aabb634d4b46c6727340c396faf8f7e2b4.zip cpython-513886aabb634d4b46c6727340c396faf8f7e2b4.tar.gz cpython-513886aabb634d4b46c6727340c396faf8f7e2b4.tar.bz2 | |
Fix #12835: prevent use of the unencrypted sendmsg/recvmsg APIs on SSL wrapped sockets (Patch by David Watson)
Diffstat (limited to 'Lib/ssl.py')
| -rw-r--r-- | Lib/ssl.py | 14 |
1 files changed, 14 insertions, 0 deletions
@@ -355,6 +355,12 @@ class SSLSocket(socket): else: return socket.sendto(self, data, flags_or_addr, addr) + def sendmsg(self, *args, **kwargs): + # Ensure programs don't send data unencrypted if they try to + # use this method. + raise NotImplementedError("sendmsg not allowed on instances of %s" % + self.__class__) + def sendall(self, data, flags=0): self._checkClosed() if self._sslobj: @@ -413,6 +419,14 @@ class SSLSocket(socket): else: return socket.recvfrom_into(self, buffer, nbytes, flags) + def recvmsg(self, *args, **kwargs): + raise NotImplementedError("recvmsg not allowed on instances of %s" % + self.__class__) + + def recvmsg_into(self, *args, **kwargs): + raise NotImplementedError("recvmsg_into not allowed on instances of " + "%s" % self.__class__) + def pending(self): self._checkClosed() if self._sslobj: |