summaryrefslogtreecommitdiffstats
path: root/Lib
diff options
context:
space:
mode:
authorAntoine Pitrou <solipsis@pitrou.net>2012-11-11 00:25:36 (GMT)
committerAntoine Pitrou <solipsis@pitrou.net>2012-11-11 00:25:36 (GMT)
commit5c89b4ec55bc7ebe799da296e01544a5bcdc4250 (patch)
treed220d323f041f4d173d9b799c8fc2c021b05d349 /Lib
parentdf3abec2c98b84c3ec516857cb84bf3be9e0b773 (diff)
downloadcpython-5c89b4ec55bc7ebe799da296e01544a5bcdc4250.zip
cpython-5c89b4ec55bc7ebe799da296e01544a5bcdc4250.tar.gz
cpython-5c89b4ec55bc7ebe799da296e01544a5bcdc4250.tar.bz2
Issue #16357: fix calling accept() on a SSLSocket created through SSLContext.wrap_socket().
Original patch by Jeff McNeil.
Diffstat (limited to 'Lib')
-rw-r--r--Lib/ssl.py15
-rw-r--r--Lib/test/test_ssl.py36
2 files changed, 41 insertions, 10 deletions
diff --git a/Lib/ssl.py b/Lib/ssl.py
index 8137231..e901b64 100644
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -491,16 +491,11 @@ class SSLSocket(socket):
SSL channel, and the address of the remote client."""
newsock, addr = socket.accept(self)
- return (SSLSocket(sock=newsock,
- keyfile=self.keyfile, certfile=self.certfile,
- server_side=True,
- cert_reqs=self.cert_reqs,
- ssl_version=self.ssl_version,
- ca_certs=self.ca_certs,
- ciphers=self.ciphers,
- do_handshake_on_connect=
- self.do_handshake_on_connect),
- addr)
+ newsock = self.context.wrap_socket(newsock,
+ do_handshake_on_connect=self.do_handshake_on_connect,
+ suppress_ragged_eofs=self.suppress_ragged_eofs,
+ server_side=True)
+ return newsock, addr
def __del__(self):
# sys.stderr.write("__del__ on %s\n" % repr(self))
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index d4c5e63..2f0b3e6 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1610,6 +1610,42 @@ else:
t.join()
server.close()
+ def test_server_accept(self):
+ # Issue #16357: accept() on a SSLSocket created through
+ # SSLContext.wrap_socket().
+ context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
+ context.verify_mode = ssl.CERT_REQUIRED
+ context.load_verify_locations(CERTFILE)
+ context.load_cert_chain(CERTFILE)
+ server = socket.socket(socket.AF_INET)
+ host = "127.0.0.1"
+ port = support.bind_port(server)
+ server = context.wrap_socket(server, server_side=True)
+
+ evt = threading.Event()
+ remote = None
+ peer = None
+ def serve():
+ nonlocal remote, peer
+ server.listen(5)
+ # Block on the accept and wait on the connection to close.
+ evt.set()
+ remote, peer = server.accept()
+ remote.recv(1)
+
+ t = threading.Thread(target=serve)
+ t.start()
+ # Client wait until server setup and perform a connect.
+ evt.wait()
+ client = context.wrap_socket(socket.socket())
+ client.connect((host, port))
+ client_addr = client.getsockname()
+ client.close()
+ t.join()
+ # Sanity checks.
+ self.assertIsInstance(remote, ssl.SSLSocket)
+ self.assertEqual(peer, client_addr)
+
def test_default_ciphers(self):
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
try: