[New-bugs-announce] [issue46322] Invalid file path of SSLKEYLOGFILE throw FileNotFoundError

SinaGhaaf report at bugs.python.org
Sun Jan 9 18:53:22 EST 2022

New submission from SinaGhaaf <sina at ghaaf.me>:

An existence check of 'keylogfile' is missed at https://github.com/python/cpython/blob/main/Lib/ssl.py#L779, if the file path does not exist, it tries to set 'context.keylog_filename' to an invalid file, and the result would be 'FileNotFoundError'. 
The following check fixed the issue:

if keylogfile and not sys.flags.ignore_environment and os.path.isfile(keylogfile):

Traceback (most recent call last):
  File "test_https.py", line 19, in <module>
    from test.conftest import ServerConfig
  File "C:\Check\urllib3-patch-1\src\test\conftest.py", line 12, in <module>
    from tornado import ioloop, web
  File "C:\Python38\lib\site-packages\tornado\web.py", line 87, in <module>
    from tornado.httpserver import HTTPServer
  File "C:\Python38\lib\site-packages\tornado\httpserver.py", line 32, in <module>
    from tornado.http1connection import HTTP1ServerConnection, HTTP1ConnectionParameters
  File "C:\Python38\lib\site-packages\tornado\http1connection.py", line 34, in <module>
    from tornado import iostream
  File "C:\Python38\lib\site-packages\tornado\iostream.py", line 40, in <module>
    from tornado.netutil import ssl_wrap_socket, _client_ssl_defaults, _server_ssl_defaults
  File "C:\Python38\lib\site-packages\tornado\netutil.py", line 34, in <module>
    _client_ssl_defaults = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
  File "C:\Python38\lib\ssl.py", line 755, in create_default_context
    context.keylog_filename = keylogfile
FileNotFoundError: [Errno 2] No such file or directory: 'D:\\invalid_path\\invalid_file.txt'

assignee: christian.heimes
components: SSL
messages: 410177
nosy: christian.heimes, ghaaf
priority: normal
severity: normal
status: open
title: Invalid file path of SSLKEYLOGFILE throw FileNotFoundError
type: behavior
versions: Python 3.8

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list