From 60a26e05162c5b6d3d67fa53bb2057b017f932b1 Mon Sep 17 00:00:00 2001 From: Antoine Pitrou Date: Sat, 20 Jul 2013 19:35:16 +0200 Subject: Issue #9177: Calling read() or write() now raises ValueError, not AttributeError, on a closed SSL socket. Patch by Senko Rasic. --- Lib/ssl.py | 4 ++++ Lib/test/test_ssl.py | 15 +++++++++++++++ Misc/ACKS | 1 + Misc/NEWS | 3 +++ 4 files changed, 23 insertions(+) diff --git a/Lib/ssl.py b/Lib/ssl.py index d78d96d..2c81a54 100644 --- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -402,6 +402,8 @@ class SSLSocket(socket): Return zero-length string on EOF.""" self._checkClosed() + if not self._sslobj: + raise ValueError("Read on closed or unwrapped SSL socket.") try: if buffer is not None: v = self._sslobj.read(len, buffer) @@ -422,6 +424,8 @@ class SSLSocket(socket): number of bytes of DATA actually transmitted.""" self._checkClosed() + if not self._sslobj: + raise ValueError("Write on closed or unwrapped SSL socket.") return self._sslobj.write(data) def getpeercert(self, binary_form=False): diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index 210040b..6998dda 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -2311,6 +2311,21 @@ else: self.assertEqual(cm.exception.reason, 'TLSV1_ALERT_INTERNAL_ERROR') self.assertIn("TypeError", stderr.getvalue()) + def test_read_write_after_close_raises_valuerror(self): + context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) + context.verify_mode = ssl.CERT_REQUIRED + context.load_verify_locations(CERTFILE) + context.load_cert_chain(CERTFILE) + server = ThreadedEchoServer(context=context, chatty=False) + + with server: + s = context.wrap_socket(socket.socket()) + s.connect((HOST, server.port)) + s.close() + + self.assertRaises(ValueError, s.read, 1024) + self.assertRaises(ValueError, s.write, 'hello') + def test_main(verbose=False): if support.verbose: diff --git a/Misc/ACKS b/Misc/ACKS index ebda56f..43da4af 100644 --- a/Misc/ACKS +++ b/Misc/ACKS @@ -1021,6 +1021,7 @@ Jérôme Radix Burton Radons Jeff Ramnani Brodie Rao +Senko Rasic Antti Rasinen Sridhar Ratnakumar Ysj Ray diff --git a/Misc/NEWS b/Misc/NEWS index f24fc91..5b83f8a 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -159,6 +159,9 @@ Core and Builtins Library ------- +- Issue #9177: Calling read() or write() now raises ValueError, not + AttributeError, on a closed SSL socket. Patch by Senko Rasic. + - Issue #18513: Fix behaviour of cmath.rect w.r.t. signed zeros on OS X 10.8 + gcc. -- cgit v0.12