diff options
Diffstat (limited to 'Lib/nntplib.py')
| -rw-r--r-- | Lib/nntplib.py | 57 |
1 files changed, 34 insertions, 23 deletions
diff --git a/Lib/nntplib.py b/Lib/nntplib.py index 02cc37c..3413610 100644 --- a/Lib/nntplib.py +++ b/Lib/nntplib.py @@ -80,13 +80,13 @@ from email.header import decode_header as _email_decode_header from socket import _GLOBAL_DEFAULT_TIMEOUT __all__ = ["NNTP", - "NNTPReplyError", "NNTPTemporaryError", "NNTPPermanentError", - "NNTPProtocolError", "NNTPDataError", + "NNTPError", "NNTPReplyError", "NNTPTemporaryError", + "NNTPPermanentError", "NNTPProtocolError", "NNTPDataError", "decode_header", ] # maximal line length when calling readline(). This is to prevent -# reading arbitrary lenght lines. RFC 3977 limits NNTP line length to +# reading arbitrary length lines. RFC 3977 limits NNTP line length to # 512 characters, including CRLF. We have selected 2048 just to be on # the safe side. _MAXLINE = 2048 @@ -279,7 +279,7 @@ def _unparse_datetime(dt, legacy=False): if _have_ssl: - def _encrypt_on(sock, context): + def _encrypt_on(sock, context, hostname): """Wrap a socket in SSL/TLS. Arguments: - sock: Socket to wrap - context: SSL context to use for the encrypted connection @@ -288,10 +288,8 @@ if _have_ssl: """ # Generate a default SSL context if none was passed. if context is None: - context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) - # SSLv2 considered harmful. - context.options |= ssl.OP_NO_SSLv2 - return context.wrap_socket(sock) + context = ssl._create_stdlib_context() + return context.wrap_socket(sock, server_hostname=hostname) # The classes themselves @@ -366,7 +364,7 @@ class _NNTPBase: if is_connected(): try: self.quit() - except (socket.error, EOFError): + except (OSError, EOFError): pass finally: if is_connected(): @@ -956,7 +954,7 @@ class _NNTPBase: if auth: user = auth[0] password = auth[2] - except IOError: + except OSError: pass # Perform NNTP authentication if needed. if not user: @@ -1007,7 +1005,7 @@ class _NNTPBase: resp = self._shortcmd('STARTTLS') if resp.startswith('382'): self.file.close() - self.sock = _encrypt_on(self.sock, context) + self.sock = _encrypt_on(self.sock, context, self.host) self.file = self.sock.makefile("rwb") self.tls_on = True # Capabilities may change after TLS starts up, so ask for them @@ -1043,11 +1041,18 @@ class NNTP(_NNTPBase): self.host = host self.port = port self.sock = socket.create_connection((host, port), timeout) - file = self.sock.makefile("rwb") - _NNTPBase.__init__(self, file, host, - readermode, timeout) - if user or usenetrc: - self.login(user, password, usenetrc) + file = None + try: + file = self.sock.makefile("rwb") + _NNTPBase.__init__(self, file, host, + readermode, timeout) + if user or usenetrc: + self.login(user, password, usenetrc) + except: + if file: + file.close() + self.sock.close() + raise def _close(self): try: @@ -1067,12 +1072,19 @@ if _have_ssl: in default port and the `ssl_context` argument for SSL connections. """ self.sock = socket.create_connection((host, port), timeout) - self.sock = _encrypt_on(self.sock, ssl_context) - file = self.sock.makefile("rwb") - _NNTPBase.__init__(self, file, host, - readermode=readermode, timeout=timeout) - if user or usenetrc: - self.login(user, password, usenetrc) + file = None + try: + self.sock = _encrypt_on(self.sock, ssl_context, host) + file = self.sock.makefile("rwb") + _NNTPBase.__init__(self, file, host, + readermode=readermode, timeout=timeout) + if user or usenetrc: + self.login(user, password, usenetrc) + except: + if file: + file.close() + self.sock.close() + raise def _close(self): try: @@ -1086,7 +1098,6 @@ if _have_ssl: # Test retrieval when run as a script. if __name__ == '__main__': import argparse - from email.utils import parsedate parser = argparse.ArgumentParser(description="""\ nntplib built-in demo - display the latest articles in a newsgroup""") |