Mailman 3 August 2007 - Python-Dev

Re: [Python-Dev] Other SSL issues in the tracker have been marked
by Neal Norwitz 28 Aug '07

28 Aug '07

Bill, Could you also look into this problem: Traceback (most recent call last): File "/home/pybot/buildarea/trunk.klose-debian-ia64/build/Lib/threading.py", line 486, in __bootstrap_inner self.run() File "/home/pybot/buildarea/trunk.klose-debian-ia64/build/Lib/test/test_ssl.py", line 144, in run cert_reqs=self.server.certreqs) File "/home/pybot/buildarea/trunk.klose-debian-ia64/build/Lib/ssl.py", line 98, in __init__ cert_reqs, ssl_version, ca_certs) sslerror: _ssl.c:271: SSL_CTX_use_PrivateKey_file error This occurs on at least 3 of the buildbots (ubuntu and debian on ia64, ppc, and hppa). Here's one example: http://python.org/dev/buildbot/all/ia64%20Ubuntu%20trunk%20trunk/builds/832… This also looks like it's not working on windows, but there is no info from here: http://python.org/dev/buildbot/all/x86%20XP-3%20trunk/builds/164/step-test/0 Other than: test_ssl The system cannot find the path specified. Which happens after it hangs for 1200 seconds. Thanks, n -- On 8/25/07, Bill Janssen <janssen(a)parc.com> wrote: > I've gone through the other open SSL issues. Looks like some can be > closed with the adoption of 1018 and 1024: > > 1027394 4 months ago socket.ssl should explain that it is a 2/3 connection > 889813 4 months ago making the version of SSL configurable when creating sockets > 1583946 9 months ago SSL "issuer" and "server" names cannot be parsed > 783188 46 months ago support for server side transactions in _ssl > > Others are about various standard libraries that interact with SSL > in various ways. I'm working on another patch that converts all the > standard library modules over to use the new ssl module, and I'll look > at the rest of the SSL-related bugs as part of that work. > > Bill > _______________________________________________ > Python-Dev mailing list > Python-Dev(a)python.org > http://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: http://mail.python.org/mailman/options/python-dev/nnorwitz%40gmail.com >

3 7

tarfile and directory traversal vulnerability
by Jan Matejek 28 Aug '07

28 Aug '07

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi, once upon a time there was a known vulnerability in tar (CVE-2001-1267, [1]), and while tar is now long fixed, python's tarfile module is affected too. The vulnerability goes basically like this: If you tar a file named "../../../../../etc/passwd" and then make the admin untar it, /etc/passwd gets overwritten. Another variety of this bug is a symlink one: if tar contains files like: ./aaaa-directory -> /etc ./aaaa-directory/passwd then the "aaaa-directory" symlink would be created first and /etc/passwd will be overwritten once again. I was wondering how to fix it. The symlink problem obviously applies only to extractall() method and is easily fixed by delaying external (or possibly all) symlink creation, similar to how directory attributes are delayed now. I've attached a draft of the patch, if you like it, i'll polish it. The traversal problem is harder, and it applies to extract() method as well. For extractall() alone, i would use something like: if tarinfo.name.startswith('../'): self.extract(tarinfo, path) else: warnings.warn("non-local file skipped: %s" % tarinfo.name, RuntimeWarning, stacklevel=1) For extract(), i am not sure. Maybe it should throw exception when it encounters such file, and have a special option to extract such files anyway. Or maybe it should be left alone altogether. Any suggestions are welcome. regards jan matejek [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1267 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGzxcpjBrWA+AvBr8RAlduAKCk0iiSoBF+wA9xgXmDlpWsECZ7KgCfQORg lZ85inT1FGwhGqBfxJvCGGU= =TiWx -----END PGP SIGNATURE-----

3 6

Windows buildbot needed?
by David Bolen 28 Aug '07

28 Aug '07

I was wondering if an additional Windows buildbot would be helpful, in particular for py3k? If so, I should be able to run one, and wanted to request a buildbot account, as mentioned on the buildbot page on python.org. I've got some idle hardware - nothing fancy (x86 P4, 2.8GHz) but it's up and infrequently used, with a solid broadband connection. I had some time to test, so set up a Windows XP SP2 virtual machine with all the various pieces needed for a buildbot. The host machine happens to run XP too, but using a virtual machine was a bit cleaner (including easy relocation over time if needed). I've manually done full builds of Python 2.5.1 (from release25-maint), 2.6a0 (from trunk), and 3.0x (from py3k) using the buildbot build and test batch files under tools, so I think the environment is good. 2.5.1 tested clean, 2.6a0 had two errors in test_ssl and test_winreg but they match some existing buildbots. The 3.0 tests are ugly, including a NULL pointer debug assertion triggered in test_os that kills the test run, but I'm assuming that's just the current state of 3.0. I've lurked on 3000-devel, but am not intimately up to date on expected behavior under Windows. Anyway, if it would be useful, I figured I could use this virtual machine for a buildbot for at least trunk and 3k, perhaps with 2.5 too. Not sure if that requires multiple accounts, or if you configure each buildbot instance with an SVN path (I didn't see anywhere obvious for the latter). -- David

1 0

next steps in SSL work
by Bill Janssen 28 Aug '07

28 Aug '07

I think the next steps to take are as follows, in order: 1) Generate a patch to the trunk to remove all use of socket.ssl in library modules (and elsewhere except for test/test_socket_ssl.py), and switch them to use the ssl module. This would affect httplib, imaplib, poplib, smtplib, urllib, and xmlrpclib. This patch should also deprecate the use of socket.ssl, and particularly the "server" and "issuer" methods on it, which can return bad data. I don't know how to deprecate something... Pointers? 2) Expand the test suite to exhaustively test edge cases, particularly things like invalid protocol ids, bad cert files, bad key files, etc. 3) Take the threaded server example in test/test_ssl.py, clean it up, and add it to the Demos directory (maybe it should be a HOWTO?). 4) Generate a patch for the Py3K branch. This patch would remove the "ssl" function from the socket module, and would also remove the "server" and "issuer" methods on the SSL context. The ssl.sslsocket class would be renamed to SSLSocket (PEP 8), and would inherit from socket.socket and io.RawIOBase. The current improvements to the Modules/_ssl.c file would be folded in. The patch would also fix all uses of socket.ssl in the other library modules. 5) Generate a package for older Pythons (2.3-2.5). This would install the ssl module, plus the improved version of _ssl.c. Needs more design. Bill

1 0

Re: [Python-Dev] Other SSL issues in the tracker have been marked
by Guido van Rossum 28 Aug '07

28 Aug '07

Committed revision 57568. Anything else I can check in for you? On 8/27/07, Bill Janssen <janssen(a)parc.com> wrote: > > Some of the code sets the error string in this directly before > > returning NULL, and other pieces of the code call PySSL_SetError, > > which creates the error string. I think some of the places which set > > the string directly probably shouldn't; instead, they should call > > PySSL_SetError to cons up the error name directly from the err code. > > However, PySSL_SetError only works after the construction of an ssl > > object, which means it can't be used there... I'll take a longer look > > at it and see if there's a reasonable fix. > > Here's a patch which addresses this. It also fixes the indentation in > PySSL_SetError, bringing it into line with PEP 7, fixes a compile warning > about one of the OpenSSL macros, and makes the namespace a bit more > consistent. I've tested it on FC 7 and OS X 10.4. > > % ./python ./Lib/test/regrtest.py -R :1: -u all test_ssl > test_ssl > beginning 6 repetitions > 123456 > ...... > 1 test OK. > [29244 refs] > % > > Bill > > > Index: Modules/_ssl.c > =================================================================== > --- Modules/_ssl.c (revision 57564) > +++ Modules/_ssl.c (working copy) > @@ -122,71 +122,74 @@ > char buf[2048]; > char *errstr; > int err; > - enum py_ssl_error p; > + enum py_ssl_error p = PY_SSL_ERROR_NONE; > > assert(ret <= 0); > > - err = SSL_get_error(obj->ssl, ret); > + if ((obj != NULL) && (obj->ssl != NULL)) { > + err = SSL_get_error(obj->ssl, ret); > > - switch (err) { > - case SSL_ERROR_ZERO_RETURN: > - errstr = "TLS/SSL connection has been closed"; > - p = PY_SSL_ERROR_ZERO_RETURN; > - break; > - case SSL_ERROR_WANT_READ: > - errstr = "The operation did not complete (read)"; > - p = PY_SSL_ERROR_WANT_READ; > - break; > - case SSL_ERROR_WANT_WRITE: > - p = PY_SSL_ERROR_WANT_WRITE; > - errstr = "The operation did not complete (write)"; > - break; > - case SSL_ERROR_WANT_X509_LOOKUP: > - p = PY_SSL_ERROR_WANT_X509_LOOKUP; > - errstr = "The operation did not complete (X509 lookup)"; > - break; > - case SSL_ERROR_WANT_CONNECT: > - p = PY_SSL_ERROR_WANT_CONNECT; > - errstr = "The operation did not complete (connect)"; > - break; > - case SSL_ERROR_SYSCALL: > - { > - unsigned long e = ERR_get_error(); > - if (e == 0) { > - if (ret == 0 || !obj->Socket) { > - p = PY_SSL_ERROR_EOF; > - errstr = "EOF occurred in violation of protocol"; > - } else if (ret == -1) { > - /* the underlying BIO reported an I/O error */ > - return obj->Socket->errorhandler(); > - } else { /* possible? */ > + switch (err) { > + case SSL_ERROR_ZERO_RETURN: > + errstr = "TLS/SSL connection has been closed"; > + p = PY_SSL_ERROR_ZERO_RETURN; > + break; > + case SSL_ERROR_WANT_READ: > + errstr = "The operation did not complete (read)"; > + p = PY_SSL_ERROR_WANT_READ; > + break; > + case SSL_ERROR_WANT_WRITE: > + p = PY_SSL_ERROR_WANT_WRITE; > + errstr = "The operation did not complete (write)"; > + break; > + case SSL_ERROR_WANT_X509_LOOKUP: > + p = PY_SSL_ERROR_WANT_X509_LOOKUP; > + errstr = "The operation did not complete (X509 lookup)"; > + break; > + case SSL_ERROR_WANT_CONNECT: > + p = PY_SSL_ERROR_WANT_CONNECT; > + errstr = "The operation did not complete (connect)"; > + break; > + case SSL_ERROR_SYSCALL: > + { > + unsigned long e = ERR_get_error(); > + if (e == 0) { > + if (ret == 0 || !obj->Socket) { > + p = PY_SSL_ERROR_EOF; > + errstr = "EOF occurred in violation of protocol"; > + } else if (ret == -1) { > + /* the underlying BIO reported an I/O error */ > + return obj->Socket->errorhandler(); > + } else { /* possible? */ > + p = PY_SSL_ERROR_SYSCALL; > + errstr = "Some I/O error occurred"; > + } > + } else { > p = PY_SSL_ERROR_SYSCALL; > - errstr = "Some I/O error occurred"; > + /* XXX Protected by global interpreter lock */ > + errstr = ERR_error_string(e, NULL); > } > - } else { > - p = PY_SSL_ERROR_SYSCALL; > - /* XXX Protected by global interpreter lock */ > - errstr = ERR_error_string(e, NULL); > + break; > } > - break; > - } > - case SSL_ERROR_SSL: > - { > - unsigned long e = ERR_get_error(); > - p = PY_SSL_ERROR_SSL; > - if (e != 0) > - /* XXX Protected by global interpreter lock */ > - errstr = ERR_error_string(e, NULL); > - else { /* possible? */ > - errstr = "A failure in the SSL library occurred"; > + case SSL_ERROR_SSL: > + { > + unsigned long e = ERR_get_error(); > + p = PY_SSL_ERROR_SSL; > + if (e != 0) > + /* XXX Protected by global interpreter lock */ > + errstr = ERR_error_string(e, NULL); > + else { /* possible? */ > + errstr = "A failure in the SSL library occurred"; > + } > + break; > } > - break; > + default: > + p = PY_SSL_ERROR_INVALID_ERROR_CODE; > + errstr = "Invalid error code"; > + } > + } else { > + errstr = ERR_error_string(ERR_peek_last_error(), NULL); > } > - default: > - p = PY_SSL_ERROR_INVALID_ERROR_CODE; > - errstr = "Invalid error code"; > - } > - > PyOS_snprintf(buf, sizeof(buf), "_ssl.c:%d: %s", lineno, errstr); > v = Py_BuildValue("(is)", p, buf); > if (v != NULL) { > @@ -256,8 +259,8 @@ > ret = SSL_CTX_load_verify_locations(self->ctx, > cacerts_file, NULL); > Py_END_ALLOW_THREADS > - if (ret < 1) { > - errstr = ERRSTR("SSL_CTX_load_verify_locations"); > + if (ret != 1) { > + PySSL_SetError(NULL, 0, __FILE__, __LINE__); > goto fail; > } > } > @@ -267,8 +270,8 @@ > ret = SSL_CTX_use_PrivateKey_file(self->ctx, key_file, > SSL_FILETYPE_PEM); > Py_END_ALLOW_THREADS > - if (ret < 1) { > - errstr = ERRSTR("SSL_CTX_use_PrivateKey_file error"); > + if (ret != 1) { > + PySSL_SetError(NULL, 0, __FILE__, __LINE__); > goto fail; > } > > @@ -276,8 +279,8 @@ > ret = SSL_CTX_use_certificate_chain_file(self->ctx, > cert_file); > Py_END_ALLOW_THREADS > - if (ret < 1) { > - errstr = ERRSTR("SSL_CTX_use_certificate_chain_file error") ; > + if (ret != 1) { > + PySSL_SetError(NULL, 0, __FILE__, __LINE__); > goto fail; > } > SSL_CTX_set_options(self->ctx, SSL_OP_ALL); /* ssl compatibility */ > @@ -375,7 +378,7 @@ > } > > static PyObject * > -PySocket_ssl(PyObject *self, PyObject *args) > +PySSL_sslwrap(PyObject *self, PyObject *args) > { > PySocketSockObject *Sock; > int server_side = 0; > @@ -431,6 +434,9 @@ > PyObject *pd = PyDict_New(); > int index_counter; > > + if (pd == NULL) > + return NULL; > + > for (index_counter = 0; > index_counter < X509_NAME_entry_count(xname); > index_counter++) > @@ -548,7 +554,7 @@ > } > Py_DECREF(pnotBefore); > > - BIO_reset(biobuf); > + (void) BIO_reset(biobuf); > notAfter = X509_get_notAfter(self->peer_cert); > ASN1_TIME_print(biobuf, notAfter); > len = BIO_gets(biobuf, buf, sizeof(buf)-1); > @@ -857,7 +863,7 @@ > > static PyTypeObject PySSL_Type = { > PyVarObject_HEAD_INIT(NULL, 0) > - "socket.SSL", /*tp_name*/ > + "ssl.SSLContext", /*tp_name*/ > sizeof(PySSLObject), /*tp_basicsize*/ > 0, /*tp_itemsize*/ > /* methods */ > @@ -932,7 +938,7 @@ > "RAND_egd(path) -> bytes\n\ > \n\ > Queries the entropy gather daemon (EGD) on socket path. Returns number\n\ > -of bytes read. Raises socket.sslerror if connection to EGD fails or\n\ > +of bytes read. Raises ssl.sslerror if connection to EGD fails or\n\ > if it does provide enough data to seed PRNG."); > > #endif > @@ -940,7 +946,7 @@ > /* List of functions exported by this module. */ > > static PyMethodDef PySSL_methods[] = { > - {"sslwrap", PySocket_ssl, > + {"sslwrap", PySSL_sslwrap, > METH_VARARGS, ssl_doc}, > #ifdef HAVE_OPENSSL_RAND > {"RAND_add", PySSL_RAND_add, METH_VARARGS, > @@ -979,7 +985,7 @@ > SSLeay_add_ssl_algorithms(); > > /* Add symbols to module dict */ > - PySSLErrorObject = PyErr_NewException("socket.sslerror", > + PySSLErrorObject = PyErr_NewException("ssl.sslerror", > PySocketModule.error, > NULL); > if (PySSLErrorObject == NULL) > > _______________________________________________ > Python-Dev mailing list > Python-Dev(a)python.org > http://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: http://mail.python.org/mailman/options/python-dev/guido%40python.org > -- --Guido van Rossum (home page: http://www.python.org/~guido/)

2 1

Re: [Python-Dev] Other SSL issues in the tracker have been marked
by Guido van Rossum 27 Aug '07

27 Aug '07

Committed revision 57561. On 8/27/07, Bill Janssen <janssen(a)parc.com> wrote: > > Regardless, building a fixed test certificate and checking it in sounds like > > the better option. Then the openssl command in the test code can be turned > > into a comment describing how the test data was pregenerated. > > Here's a patch that does that. > > Bill > > Index: Lib/test/keycert.pem > =================================================================== > --- Lib/test/keycert.pem (revision 0) > +++ Lib/test/keycert.pem (revision 0) > @@ -0,0 +1,32 @@ > +-----BEGIN RSA PRIVATE KEY----- > +MIICXwIBAAKBgQC8ddrhm+LutBvjYcQlnH21PPIseJ1JVG2HMmN2CmZk2YukO+9L > +opdJhTvbGfEj0DQs1IE8M+kTUyOmuKfVrFMKwtVeCJphrAnhoz7TYOuLBSqt7lVH > +fhi/VwovESJlaBOp+WMnfhcduPEYHYx/6cnVapIkZnLt30zu2um+DzA9jQIDAQAB > +AoGBAK0FZpaKj6WnJZN0RqhhK+ggtBWwBnc0U/ozgKz2j1s3fsShYeiGtW6CK5nU > +D1dZ5wzhbGThI7LiOXDvRucc9n7vUgi0alqPQ/PFodPxAN/eEYkmXQ7W2k7zwsDA > +IUK0KUhktQbLu8qF/m8qM86ba9y9/9YkXuQbZ3COl5ahTZrhAkEA301P08RKv3KM > +oXnGU2UHTuJ1MAD2hOrPxjD4/wxA/39EWG9bZczbJyggB4RHu0I3NOSFjAm3HQm0 > +ANOu5QK9owJBANgOeLfNNcF4pp+UikRFqxk5hULqRAWzVxVrWe85FlPm0VVmHbb/ > +loif7mqjU8o1jTd/LM7RD9f2usZyE2psaw8CQQCNLhkpX3KO5kKJmS9N7JMZSc4j > +oog58yeYO8BBqKKzpug0LXuQultYv2K4veaIO04iL9VLe5z9S/Q1jaCHBBuXAkEA > +z8gjGoi1AOp6PBBLZNsncCvcV/0aC+1se4HxTNo2+duKSDnbq+ljqOM+E7odU+Nq > +ewvIWOG//e8fssd0mq3HywJBAJ8l/c8GVmrpFTx8r/nZ2Pyyjt3dH1widooDXYSV > +q6Gbf41Llo5sYAtmxdndTLASuHKecacTgZVhy0FryZpLKrU= > +-----END RSA PRIVATE KEY----- > +-----BEGIN CERTIFICATE----- > +MIICpzCCAhCgAwIBAgIJAP+qStv1cIGNMA0GCSqGSIb3DQEBBQUAMIGJMQswCQYD > +VQQGEwJVUzERMA8GA1UECBMIRGVsYXdhcmUxEzARBgNVBAcTCldpbG1pbmd0b24x > +IzAhBgNVBAoTGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMQwwCgYDVQQLEwNT > +U0wxHzAdBgNVBAMTFnNvbWVtYWNoaW5lLnB5dGhvbi5vcmcwHhcNMDcwODI3MTY1 > +NDUwWhcNMTMwMjE2MTY1NDUwWjCBiTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCERl > +bGF3YXJlMRMwEQYDVQQHEwpXaWxtaW5ndG9uMSMwIQYDVQQKExpQeXRob24gU29m > +dHdhcmUgRm91bmRhdGlvbjEMMAoGA1UECxMDU1NMMR8wHQYDVQQDExZzb21lbWFj > +aGluZS5weXRob24ub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ddrh > +m+LutBvjYcQlnH21PPIseJ1JVG2HMmN2CmZk2YukO+9LopdJhTvbGfEj0DQs1IE8 > +M+kTUyOmuKfVrFMKwtVeCJphrAnhoz7TYOuLBSqt7lVHfhi/VwovESJlaBOp+WMn > +fhcduPEYHYx/6cnVapIkZnLt30zu2um+DzA9jQIDAQABoxUwEzARBglghkgBhvhC > +AQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADgYEAF4Q5BVqmCOLv1n8je/Jw9K669VXb > +08hyGzQhkemEBYQd6fzQ9A/1ZzHkJKb1P6yreOLSEh4KcxYPyrLRC1ll8nr5OlCx > +CMhKkTnR6qBsdNV0XtdU2+N25hqW+Ma4ZeqsN/iiJVCGNOZGnvQuvCAGWF8+J/f/ > +iHkC6gGdBJhogs4= > +-----END CERTIFICATE----- > Index: Lib/test/test_ssl.py > =================================================================== > --- Lib/test/test_ssl.py (revision 57559) > +++ Lib/test/test_ssl.py (working copy) > @@ -22,7 +22,6 @@ > skip_expected = True > > CERTFILE = None > -GMAIL_POP_CERTFILE = None > > > def handle_error(prefix): > @@ -298,12 +297,15 @@ > nsCertType = server > """ > > -def create_cert_files(): > +def create_cert_files(hostname=None): > > + """This is the routine that was run to create the certificate > + and private key contained in keycert.pem.""" > + > import tempfile, socket, os > d = tempfile.mkdtemp() > # now create a configuration file for the CA signing cert > - fqdn = socket.getfqdn() > + fqdn = hostname or socket.getfqdn() > crtfile = os.path.join(d, "cert.pem") > conffile = os.path.join(d, "ca.conf") > fp = open(conffile, "w") > @@ -316,7 +318,7 @@ > }) > fp.close() > error = os.system( > - "openssl req -batch -new -x509 -days 10 -nodes -config %s " > + "openssl req -batch -new -x509 -days 2000 -nodes -config %s " > "-keyout \"%s\" -out \"%s\" > /dev/null < /dev/null 2>&1" % > (conffile, crtfile, crtfile)) > # now we have a self-signed server cert in crtfile > @@ -324,7 +326,8 @@ > if (os.WEXITSTATUS(error) or > not os.path.exists(crtfile) or os.path.getsize(crtfile) == 0): > if test_support.verbose: > - sys.stdout.write("Unable to create certificate for test %d\n" % error) > + sys.stdout.write("Unable to create certificate for test, " > + + "error status %d\n" % (error >> 8)) > crtfile = None > elif test_support.verbose: > sys.stdout.write(open(crtfile, 'r').read() + '\n') > @@ -336,7 +339,8 @@ > raise test_support.TestSkipped("socket module has no ssl support") > > global CERTFILE > - tdir, CERTFILE = create_cert_files() > + CERTFILE = os.path.join(os.path.dirname(__file__) or os.curdir, > + "keycert.pem") > if not CERTFILE: > sys.__stdout__.write("Skipping test_ssl ConnectedTests; " > "couldn't create a certificate.\n") > @@ -362,8 +366,6 @@ > # wait for it to stop > server.join() > > - if tdir and os.path.isdir(tdir): > - shutil.rmtree(tdir) > test_support.threading_cleanup(*thread_info) > > if __name__ == "__main__": > -- --Guido van Rossum (home page: http://www.python.org/~guido/)

1 0

Re: [Python-Dev] Other SSL issues in the tracker have been marked
by Gregory P. Smith 27 Aug '07

27 Aug '07

nope, not on many package based distributions. libssl0.9.8, libssl-dev and openssl are all separate packages (with appropriate dependencies). /usr/bin/openssl comes from the openssl package. Regardless, building a fixed test certificate and checking it in sounds like the better option. Then the openssl command in the test code can be turned into a comment describing how the test data was pregenerated. On 8/27/07, Bill Janssen <janssen(a)parc.com> wrote: > > > apt-get install openssl will fix that on those systems. on windows > you're > > unlikely to ever have an openssl binary present and available to > execute. > > Well, if you have OpenSSL in the first place, you'll have the binary, > won't you? But I agree it's unlikely to be on your path. As for Ubuntu > and Debian, I checked the packaging, and they both put the "openssl" > binary > in /usr/bin, so it's unlikely to be a path problem. > > We could just build a fixed certificate and check it in, as the > test_socket_ssl > test does. That way we wouldn't have to futz with trying to run openssl. > > Bill >

2 1

Segfault
by Maciej Fijalkowski 27 Aug '07

27 Aug '07

IMHO this shouldn't segfault: import thread while 1: f = open("/tmp/dupa", "w") thread.start_new_thread(f.close, ()) f.close() while it does on cpython 2.5.1, linux box. May I consider this a bug?

6 14

Re: [Python-Dev] Other SSL issues in the tracker have been marked
by Neal Norwitz 27 Aug '07

27 Aug '07

Thanks. I applied it. -- n On 8/26/07, Bill Janssen <janssen(a)parc.com> wrote: > Well, as long as you have your ears on, here's another patch to test_ssl. > > 1) Fixes the bug that two class names are initial-lower-case. > > 2) Replaces the poll waiting for the server to become ready with > a threading.Event signal. > > Bill > > Index: Lib/test/test_ssl.py > =================================================================== > --- Lib/test/test_ssl.py (revision 57521) > +++ Lib/test/test_ssl.py (working copy) > @@ -153,9 +153,9 @@ > c2.close() > > > -class threadedEchoServer(threading.Thread): > +class ThreadedEchoServer(threading.Thread): > > - class connectionHandler(threading.Thread): > + class ConnectionHandler(threading.Thread): > > def __init__(self, server, connsock): > self.server = server > @@ -219,6 +219,7 @@ > self.certreqs = certreqs > self.cacerts = cacerts > self.sock = socket.socket() > + self.flag = None > if hasattr(socket, 'SO_REUSEADDR'): > self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) > if hasattr(socket, 'SO_REUSEPORT'): > @@ -228,15 +229,22 @@ > threading.Thread.__init__(self) > self.setDaemon(False) > > + def start (self, flag=None): > + self.flag = flag > + threading.Thread.start(self) > + > def run (self): > self.sock.settimeout(0.5) > self.sock.listen(5) > self.active = True > + if self.flag: > + # signal an event > + self.flag.set() > while self.active: > try: > newconn, connaddr = self.sock.accept() > #sys.stdout.write('\nserver: new connection from ' + str(connaddr) + '\n') > - handler = self.connectionHandler(self, newconn) > + handler = self.ConnectionHandler(self, newconn) > handler.start() > except socket.timeout: > pass > @@ -337,9 +345,11 @@ > > server = None > if test_support.is_resource_enabled('network'): > - server = threadedEchoServer(10024, CERTFILE) > - server.start() > - time.sleep(1) > + server = ThreadedEchoServer(10024, CERTFILE) > + flag = threading.Event() > + server.start(flag) > + # wait for it to start > + flag.wait() > tests.append(ConnectedTests) > > thread_info = test_support.threading_setup() > _______________________________________________ > Python-Dev mailing list > Python-Dev(a)python.org > http://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: http://mail.python.org/mailman/options/python-dev/nnorwitz%40gmail.com >

2 2

Re: [Python-Dev] Other SSL issues in the tracker have been marked
by Guido van Rossum 27 Aug '07

27 Aug '07

No need, I've submitted this for you. Fingers crossed. On 8/26/07, Bill Janssen <janssen(a)parc.com> wrote: > > But I think this exposes a more generic bug in test_ssl.py, which is > > that the server thread doesn't die when one of these failures occurs. > > It probably should. I'll make a patch -- but I don't have a system > > that this fails on, how will I test it? > > Here's a patch which makes test_ssl a better player in the buildbots > environment. I deep-ended on "try-except-else" clauses. > > Should I post this as an issue to the Tracker? > > Bill > > Index: Lib/ssl.py > =================================================================== > --- Lib/ssl.py (revision 57506) > +++ Lib/ssl.py (working copy) > @@ -100,12 +100,13 @@ > # see if it's connected > try: > socket.getpeername(self) > - # yes > + except: > + # no, no connection yet > + self._sslobj = None > + else: > + # yes, create the SSL object > self._sslobj = _ssl.sslwrap(self._sock, 0, keyfile, certfile, > cert_reqs, ssl_version, ca_certs) > - except: > - # no > - self._sslobj = None > self.keyfile = keyfile > self.certfile = certfile > self.cert_reqs = cert_reqs > Index: Lib/test/test_ssl.py > =================================================================== > --- Lib/test/test_ssl.py (revision 57506) > +++ Lib/test/test_ssl.py (working copy) > @@ -91,38 +91,66 @@ > def testTLSecho (self): > > s1 = socket.socket() > - s1.connect(('127.0.0.1', 10024)) > - c1 = ssl.sslsocket(s1, ssl_version=ssl.PROTOCOL_TLSv1) > - indata = "FOO\n" > - c1.write(indata) > - outdata = c1.read() > - if outdata != indata.lower(): > - sys.stderr.write("bad data <<%s>> received\n" % data) > - c1.close() > + try: > + s1.connect(('127.0.0.1', 10024)) > + except: > + sys.stdout.write("connection failure:\n" + string.join( > + traceback.format_exception(*sys.exc_info()))) > + raise test_support.TestFailed("Can't connect to test server") > + else: > + try: > + c1 = ssl.sslsocket(s1, ssl_version=ssl.PROTOCOL_TLSv1) > + except: > + sys.stdout.write("SSL handshake failure:\n" + string.join( > + traceback.format_exception(*sys.exc_info()))) > + raise test_support.TestFailed("Can't SSL-handshake with test server") > + else: > + if not c1: > + raise test_support.TestFailed("Can't SSL-handshake with test server") > + indata = "FOO\n" > + c1.write(indata) > + outdata = c1.read() > + if outdata != indata.lower(): > + raise test_support.TestFailed("bad data <<%s>> received; expected <<%s>>\n" % (data, indata.lower())) > + c1.close() > > def testReadCert(self): > > s2 = socket.socket() > - s2.connect(('127.0.0.1', 10024)) > - c2 = ssl.sslsocket(s2, ssl_version=ssl.PROTOCOL_TLSv1, > - cert_reqs=ssl.CERT_REQUIRED, ca_certs=CERTFILE) > - cert = c2.getpeercert() > - if not cert: > - raise test_support.TestFailed("Can't get peer certificate.") > - if not cert.has_key('subject'): > - raise test_support.TestFailed( > - "No subject field in certificate: %s." % > - pprint.pformat(cert)) > - if not (cert['subject'].has_key('organizationName')): > - raise test_support.TestFailed( > - "No 'organizationName' field in certificate subject: %s." % > - pprint.pformat(cert)) > - if (cert['subject']['organizationName'] != > - "Python Software Foundation"): > - raise test_support.TestFailed( > - "Invalid 'organizationName' field in certificate subject; " > - "should be 'Python Software Foundation'."); > - c2.close() > + try: > + s2.connect(('127.0.0.1', 10024)) > + except: > + sys.stdout.write("connection failure:\n" + string.join( > + traceback.format_exception(*sys.exc_info()))) > + raise test_support.TestFailed("Can't connect to test server") > + else: > + try: > + c2 = ssl.sslsocket(s2, ssl_version=ssl.PROTOCOL_TLSv1, > + cert_reqs=ssl.CERT_REQUIRED, ca_certs=CERTFILE) > + except: > + sys.stdout.write("SSL handshake failure:\n" + string.join( > + traceback.format_exception(*sys.exc_info()))) > + raise test_support.TestFailed("Can't SSL-handshake with test server") > + else: > + if not c2: > + raise test_support.TestFailed("Can't SSL-handshake with test server") > + cert = c2.getpeercert() > + if not cert: > + raise test_support.TestFailed("Can't get peer certificate.") > + if not cert.has_key('subject'): > + raise test_support.TestFailed( > + "No subject field in certificate: %s." % > + pprint.pformat(cert)) > + if not (cert['subject'].has_key('organizationName')): > + raise test_support.TestFailed( > + "No 'organizationName' field in certificate subject: %s." % > + pprint.pformat(cert)) > + if (cert['subject']['organizationName'] != > + "Python Software Foundation"): > + raise test_support.TestFailed( > + "Invalid 'organizationName' field in certificate subject; " > + "should be 'Python Software Foundation'."); > + c2.close() > > > class threadedEchoServer(threading.Thread): > @@ -138,10 +166,22 @@ > > def run (self): > self.running = True > - sslconn = ssl.sslsocket(self.sock, server_side=True, > - certfile=self.server.certificate, > - ssl_version=self.server.protocol, > - cert_reqs=self.server.certreqs) > + try: > + sslconn = ssl.sslsocket(self.sock, server_side=True, > + certfile=self.server.certificate, > + ssl_version=self.server.protocol, > + cert_reqs=self.server.certreqs) > + except: > + # here, we want to stop the server, because this shouldn't > + # happen in the context of our test case > + sys.stdout.write("Test server failure:\n" + string.join( > + traceback.format_exception(*sys.exc_info()))) > + self.running = False > + # normally, we'd just stop here, but for the test > + # harness, we want to stop the server > + self.server.stop() > + return > + > while self.running: > try: > msg = sslconn.read() > @@ -154,15 +194,18 @@ > self.server.stop() > self.running = False > else: > - # print "server:", msg.strip().lower() > + sys.stdout.write("\nserver: %s\n" % msg.strip().lower()) > sslconn.write(msg.lower()) > except ssl.sslerror: > - sys.stderr.write(string.join( > + sys.stdout.write("Test server failure:\n" + string.join( > traceback.format_exception(*sys.exc_info()))) > sslconn.close() > self.running = False > + # normally, we'd just stop here, but for the test > + # harness, we want to stop the server > + self.server.stop() > except: > - sys.stderr.write(string.join( > + sys.stdout.write(string.join( > traceback.format_exception(*sys.exc_info()))) > > def __init__(self, port, certificate, ssl_version=None, > @@ -192,21 +235,21 @@ > while self.active: > try: > newconn, connaddr = self.sock.accept() > - # sys.stderr.write('new connection from ' + str(connaddr)) > + sys.stdout.write('\nserver: new connection from ' + str(connaddr) + '\n') > handler = self.connectionHandler(self, newconn) > handler.start() > except socket.timeout: > pass > except KeyboardInterrupt: > - self.active = False > + self.stop() > except: > - sys.stderr.write(string.join( > + sys.stdout.write("Test server failure:\n" + string.join( > traceback.format_exception(*sys.exc_info()))) > > def stop (self): > self.active = False > + self.sock.close() > > - > CERTFILE_CONFIG_TEMPLATE = """ > # create RSA certs - Server > > _______________________________________________ > Python-Dev mailing list > Python-Dev(a)python.org > http://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: http://mail.python.org/mailman/options/python-dev/guido%40python.org > -- --Guido van Rossum (home page: http://www.python.org/~guido/)

2 1