[issue27815] Make SSL suppress_ragged_eofs default more secure
Christian Heimes
report at bugs.python.org
Mon Jan 22 05:17:13 EST 2018
Christian Heimes <lists at cheimes.de> added the comment:
You have to tell OpenSSL that a hard-close is expected and fine. If you just SSL_free() the SSL connection, then OpenSSL removes the session from the SSL_CTX's session cache. It assumes that something went wrong and defaults to secure defaults. "Wrong" doesn't necessarily mean that an attacker has compromised a connection.
In order to flag a session as valid, you have to SSL_set_quiet_shutdown(ssl, 1), SSL_shutdown(ssl), SSL_free(ss). With quiet shutdown set, SSL_shutdown() neither sends nor waits for any data.
One-way shutdown with non-blocking trick is evil. Cool hack :)
SSLSocket and SSLObject should really support different shutdown modes, e.g. s.shutdown(mode=0) for quiet, mode=1 for unidirectional and mode=2 for bidirectional.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue27815>
_______________________________________
More information about the Python-bugs-list
mailing list