New submission from Alex Grönholm <alex.gronh...@nextday.fi>: PR #25309 (https://github.com/python/cpython/pull/25309) changed OpenSSL behavior so that it ignores unexpected EOFs by default. This was detected by the test suites of both trio and AnyIO when running on OpenSSL 3.
We worked around the problem by explicitly unsetting the SSL_OP_IGNORE_UNEXPECTED_EOF flag and then checking if the "strerror" attribute of SSLError contains the text "UNEXPECTED_EOF_WHILE_READING". The remedy in the standard library would be twofold: 1. Revert the change of enabling SSL_OP_IGNORE_UNEXPECTED_EOF by default 2. Handle the condition properly so that SSLEOFError is raised instead of the generic SSLError As SSLSockets ignore SSLEOFError by default, this fix should work fine for those too. ---------- assignee: christian.heimes components: SSL messages: 410146 nosy: alex.gronholm, christian.heimes, lukasz.langa priority: normal severity: normal status: open title: SSLObject does not raise SSLEOFError on OpenSSL 3 type: security versions: Python 3.10, Python 3.11, Python 3.8, Python 3.9 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue46313> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
