From f16ff7bc214e9df514013ba9d6fd1ef86a9086ef Mon Sep 17 00:00:00 2001 From: Antoine Pitrou Date: Mon, 6 May 2013 22:19:48 +0200 Subject: Issue #17918: When using SSLSocket.accept(), if the SSL handshake failed on the new socket, the socket would linger indefinitely. Thanks to Peter Saveliev for reporting. --- Lib/ssl.py | 26 +++++++++++++++----------- Misc/NEWS | 4 ++++ 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/Lib/ssl.py b/Lib/ssl.py index 8829635..329b9d1 100644 --- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -344,17 +344,21 @@ class SSLSocket(socket): SSL channel, and the address of the remote client.""" newsock, addr = socket.accept(self) - return (SSLSocket(newsock, - keyfile=self.keyfile, - certfile=self.certfile, - server_side=True, - cert_reqs=self.cert_reqs, - ssl_version=self.ssl_version, - ca_certs=self.ca_certs, - ciphers=self.ciphers, - do_handshake_on_connect=self.do_handshake_on_connect, - suppress_ragged_eofs=self.suppress_ragged_eofs), - addr) + try: + return (SSLSocket(newsock, + keyfile=self.keyfile, + certfile=self.certfile, + server_side=True, + cert_reqs=self.cert_reqs, + ssl_version=self.ssl_version, + ca_certs=self.ca_certs, + ciphers=self.ciphers, + do_handshake_on_connect=self.do_handshake_on_connect, + suppress_ragged_eofs=self.suppress_ragged_eofs), + addr) + except socket_error as e: + newsock.close() + raise e def makefile(self, mode='r', bufsize=-1): diff --git a/Misc/NEWS b/Misc/NEWS index 7989eb3..7cef7ef 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -34,6 +34,10 @@ Core and Builtins Library ------- +- Issue #17918: When using SSLSocket.accept(), if the SSL handshake failed + on the new socket, the socket would linger indefinitely. Thanks to + Peter Saveliev for reporting. + - Issue #17289: The readline module now plays nicer with external modules or applications changing the rl_completer_word_break_characters global variable. Initial patch by Bradley Froehle. -- cgit v0.12