[issue8108] test_ftplib fails with OpenSSL 0.9.8m

Darryl Miles report at bugs.python.org
Fri Apr 9 18:46:11 CEST 2010 

Darryl Miles <darryl.miles at darrylmiles.org> added the comment:

I've updated my attachment to the bug, if you read the old one please re-read the updated version (since some points in there were not accurate).

With regards to the OpenSSL error return -1/ERROR_SYSCALL with errno==0 being observed, I shall respond into the OpenSSL mailing list with a fuller response.  The man page SSL_get_error(3) does explain what getting a zero error means in relation to end-of-file at the BIO/TCP socket level.  In light of the presumption by me that the problem was because one end did a syscall close(fd) this makes perfect sense in the context of your observation and OpenSSL appears to be working as documented.  There is also code to print out the error in Python at Modules/_ssl.c method PySSL_SetError() so I'm not sure of the source of the funny looking error printing in relation to the ftpcli test case, consider it to be an error message formatting glitch.


Now the issue I see here is that there are clearly 3 use cases Python should provide:

 * one-shot raw mode (don't enter the loop at all, as per newssl5.patch/my attachment, this is more or less what you already have in CVS, but I would remove the 2nd call to SSL_shutdown(), raw mode means exactly that; the caller is in charge of calling it again, thin layer for Python power users) [case-1]

 * perform IO sleep/wait as necessary until we observe SSL_shutdown()==0 (or better!  so this will return if 0 or 1 is returned) [case-2]

 * perform IO sleep/wait as necessary until we observe SSL_shutdown()==1 [case-3]

I presume you already have a way of handling the configuration of I/O timeouts as per Python's IO processing model (that is provided by some other API mechanism).



The question is what is the best way to provide them (what is inline with the Python paradigm?) :

 * one method, keep existing named method, add new optional argument that can indicate all 3 modes of operation.  Debate which of the 3 modes of operation is the default when the argument is not specified, case-1 seems to most backwardly compatible.  [I am presuming python supports optional arguments]

 * new method, keep existing as-is (to cover case 1), implement case-2 and case-3 in the method which also take an argument for the user to specify which use case they want.


>From this a patch should be straight-forward.  Then we can look to see if the FTP client or server is doing anything wrong in light of having the building blocks in place to achieve any goal on top of OpenSSL.

----------
Added file: http://bugs.python.org/file16845/python_ssl_v2.c.txt

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue8108>
_______________________________________

More information about the Python-bugs-list mailing list