[issue9706] ssl errors checking

Changes by Giampaolo Rodola' : -- status: open -> closed ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://

[issue9706] ssl errors checking

Giampaolo Rodola' added the comment: Committed r84400 which should fix the first test failure. I'll take a look at the buildbots to see how it goes. As for the second failure I have no idea at the moment. -- ___ Python tracker

[issue9706] ssl errors checking

Antoine Pitrou added the comment: Some buildbots have started failing exactly after this commit: == ERROR: test_errors (test.test_ssl.BasicSocketTests) -- Trac

[issue9706] ssl errors checking

Giampaolo Rodola' added the comment: You're right. Committed in r84355. -- ___ Python tracker ___ ___ Python-bugs-list mailing list Un

[issue9706] ssl errors checking

Antoine Pitrou added the comment: > @Antoine: ok, thanks. > > This is now committed in r84352. I don't think it's ok to test for the IOError message ("No such file"), because it comes from the OS and can therefore change from platform to platform. Instead, you should check the value of the "er

[issue9706] ssl errors checking

Giampaolo Rodola' added the comment: @Antoine: ok, thanks. This is now committed in r84352. See also r84351 which raises ValueError if non-zero flag argument is provided for sendall(). http://bugs.python.org/msg115166 was the original message at the top of this discussion which I accidentally

[issue9706] ssl errors checking

Antoine Pitrou added the comment: > >>> ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) > >>> ctx.wrap_socket(socket.socket(), server_side=1) > > >>> > > I'm not sure how to raise ValueError("certfile must be specified") > here as SSLContext class doesn't store certfile information, at least > at P

[issue9706] ssl errors checking

Giampaolo Rodola' added the comment: >>> ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) >>> ctx.wrap_socket(socket.socket(), server_side=1) >>> I'm not sure how to raise ValueError("certfile must be specified") here as SSLContext class doesn't store certfile information, at least at Python level.

[issue9706] ssl errors checking

Giampaolo Rodola' added the comment: Fortunately errno was set. Patch in attachment introduces the following changes: === 1 === Before: >>> ssl.wrap_socket(socket.socket(), server_side=1) >>> Now: >>> ssl.wrap_socket(socket.socket(), server_side=1) ValueError: certfile must be specified for s

[issue9706] ssl errors checking

Antoine Pitrou added the comment: > The only idea which comes to mind is try to open() the file before calling > load_cert_chain(). > That would automatically also take care of permission errors, etc.. > Not very clean, but... :-\ It's vulnerable to various issues such as race conditions (for

[issue9706] ssl errors checking

Changes by Giampaolo Rodola' : -- Removed message: http://bugs.python.org/msg115166 ___ Python tracker ___ ___ Python-bugs-list mailing

[issue9706] ssl errors checking

Giampaolo Rodola' added the comment: >> A simple "IOError No such file or directory 'xxx'" exception would be >> a lot more clear. > Agreed, but the OpenSSL error reporting system looks too convoluted (or > braindead) to easily allow such aliasing of errors. If you have an > idea, don't hesitat

[issue9706] ssl errors checking

Antoine Pitrou added the comment: > SSLError: _ssl.c:296: Both the key & certificate files must be > specified for server-side operation > > I would change this behavior in SSLSocket constructor and raise > ValueError if server_side is True and certfile is None. Good idea. > Also, the message

[issue9706] ssl errors checking

Changes by Giampaolo Rodola' : -- nosy: +exarkun ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.pyt

[issue9706] ssl errors checking

New submission from Giampaolo Rodola' : There are various errors I think ssl module should check. In the examples below I'll always refer to ssl.wrap_socket() function but I expect that ssl.SSLContext suffers the exact same issues. === server side mode === When server_side option is set to Tru