On 27/04/2020 19.27, mig28suarez@hotmail.com wrote:
Hello!
This is my first time posting to the group.
I've been running builds of Python 3.7.x on CentOS Linux release 7.7 (64bit/Intel Core 2 Duo) and I ran into hangs with test_ssl.py when using latest SSL 1.1.1d sources.
I've done a full compilation from source for Python 3.7.7 and SSL 1.1 in my workspaces.
From what I can tell the problem is when SSL 1.1 is built with no threading there is no locking enabled by python.
This one line change will make the hangs in test_ssl.py go away:
Index: Modules/_ssl.c =================================================================== --- Modules/_ssl.c (revision 70) +++ Modules/_ssl.c (working copy) @@ -5875,7 +5875,7 @@ if (!_setup_ssl_threads()) { return NULL; } -#elif OPENSSL_VERSION_1_1 && defined(OPENSSL_THREADS) +#elif OPENSSL_VERSION_1_1 /* OpenSSL 1.1.0 builtin thread support is enabled */ _ssl_locks_count++; #endif
There appears to be an assumption in _ssl.c and test_ssl.y that SSL 1.1 will be threaded but this may not be true (as in my case).
Python requires a thread-safe OpenSSL build. I have pushed PR https://github.com/python/cpython/pull/19953 to 3.7, 3.8, and master. The hashlib and ssl module will now fail when OpenSSL is not thread-safe. Christian