Hi,
I'm trying to fix a bug in Python which is specific to OpenSSL 0.9.8m. The
problem is in a FTP test using a blocking socket (client) and a non blocking
socket (server). There are different tests, some tests use a timeout of 2
seconds on the client socket.
Pseudo-code of Python shutdown low-level function:
err = SSL_shutdown(self->ssl);
if (err == 0)
err = SSL_shutdown(self->ssl);
if (err < 0)
<raise an exception>
else
<ok>
Using OpenSSL 0.9.8m, SSL_shutdown() returns sometimes -1 and SSL_get_error()
gives SSL_ERROR_WANT_READ. If I understood correctly, I have to read some
bytes from the sockets using SSL_read() to make OpenSSL happy. But how many
bytes? And can I read directly bytes or should I ensure that bytes are
available using select() (or anything else)?
I wrote a patch using a loop:
while 1:
try:
self._sslobj.shutdown()
break
except SSLError as err:
if err.args[0] == SSL_ERROR_WANT_READ:
try:
self.read()
except SSLError as read_err:
if read_err.args[0] == SSL_ERROR_ZERO_RETURN:
# connection closed: done
break
else:
# non blocking socket
raise err
else:
continue
else:
raise
except socket_error as err:
if err.errno == EPIPE:
# connection closed: done
break
else:
raise
The code is written in Python, don't hesitate to ask me if you don't
understand something.
I don't understand why I'm getting SSL_ERROR_ZERO_RETURN or EPIPE errors.
---
I tried to call SSL_shutdown() in a loop, but if the first or the second call
returns the SSL_ERROR_WANT_READ error: the next call will always return the
same error (I tried to wait some seconds, but it doesn't change). Does it mean
that SSL_Shutdown() is not compatible between 0.9.8l and 0.9.8m for non
blocking sockets?
--
Victor Stinner
http://www.haypocalc.com/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
