diff options
| author | Christian Heimes <christian@python.org> | 2021-03-21 15:13:09 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-03-21 15:13:09 (GMT) |
| commit | 77cde5042a2f1eae489c11a67540afaf43cd5cdf (patch) | |
| tree | e1e273a3a52bf3fb90de8eaab8503cc884db2c13 /Modules/_ssl.c | |
| parent | 20a5b7e986377bdfd929d7e8c4e3db5847dfdb2d (diff) | |
| download | cpython-77cde5042a2f1eae489c11a67540afaf43cd5cdf.zip cpython-77cde5042a2f1eae489c11a67540afaf43cd5cdf.tar.gz cpython-77cde5042a2f1eae489c11a67540afaf43cd5cdf.tar.bz2 | |
bpo-43577: Fix deadlock with SSLContext._msg_callback and sni_callback (GH-24957)
OpenSSL copies the internal message callback from SSL_CTX->msg_callback to
SSL->msg_callback. SSL_set_SSL_CTX() does not update SSL->msg_callback
to use the callback value of the new context.
PySSL_set_context() now resets the callback and _PySSL_msg_callback()
resets thread state in error path.
Signed-off-by: Christian Heimes <christian@python.org>
Diffstat (limited to 'Modules/_ssl.c')
| -rw-r--r-- | Modules/_ssl.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c index bea144c..f3c3b20 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -2202,6 +2202,11 @@ static int PySSL_set_context(PySSLSocket *self, PyObject *value, Py_INCREF(value); Py_SETREF(self->ctx, (PySSLContext *)value); SSL_set_SSL_CTX(self->ssl, self->ctx->ctx); + /* Set SSL* internal msg_callback to state of new context's state */ + SSL_set_msg_callback( + self->ssl, + self->ctx->msg_cb ? _PySSL_msg_callback : NULL + ); #endif } else { PyErr_SetString(PyExc_TypeError, "The value must be a SSLContext"); |