[Python-checkins] cpython (2.7): Issue #17918: When using SSLSocket.accept(), if the SSL handshake failed on the

antoine.pitrou python-checkins at python.org
Mon May 6 22:19:57 CEST 2013 

http://hg.python.org/cpython/rev/85e5a93e534e
changeset:   83657:85e5a93e534e
branch:      2.7
parent:      83654:55c7295aca6c
user:        Antoine Pitrou <solipsis at pitrou.net>
date:        Mon May 06 22:19:48 2013 +0200
summary:
  Issue #17918: When using SSLSocket.accept(), if the SSL handshake failed on the new socket, the socket would linger indefinitely.
Thanks to Peter Saveliev for reporting.

files:
  Lib/ssl.py |  26 +++++++++++++++-----------
  Misc/NEWS  |   4 ++++
  2 files changed, 19 insertions(+), 11 deletions(-)


diff --git a/Lib/ssl.py b/Lib/ssl.py
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -344,17 +344,21 @@
         SSL channel, and the address of the remote client."""
 
         newsock, addr = socket.accept(self)
-        return (SSLSocket(newsock,
-                          keyfile=self.keyfile,
-                          certfile=self.certfile,
-                          server_side=True,
-                          cert_reqs=self.cert_reqs,
-                          ssl_version=self.ssl_version,
-                          ca_certs=self.ca_certs,
-                          ciphers=self.ciphers,
-                          do_handshake_on_connect=self.do_handshake_on_connect,
-                          suppress_ragged_eofs=self.suppress_ragged_eofs),
-                addr)
+        try:
+            return (SSLSocket(newsock,
+                              keyfile=self.keyfile,
+                              certfile=self.certfile,
+                              server_side=True,
+                              cert_reqs=self.cert_reqs,
+                              ssl_version=self.ssl_version,
+                              ca_certs=self.ca_certs,
+                              ciphers=self.ciphers,
+                              do_handshake_on_connect=self.do_handshake_on_connect,
+                              suppress_ragged_eofs=self.suppress_ragged_eofs),
+                    addr)
+        except socket_error as e:
+            newsock.close()
+            raise e
 
     def makefile(self, mode='r', bufsize=-1):
 
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -34,6 +34,10 @@
 Library
 -------
 
+- Issue #17918: When using SSLSocket.accept(), if the SSL handshake failed
+  on the new socket, the socket would linger indefinitely.  Thanks to
+  Peter Saveliev for reporting.
+
 - Issue #17289: The readline module now plays nicer with external modules
   or applications changing the rl_completer_word_break_characters global
   variable.  Initial patch by Bradley Froehle.

-- 
Repository URL: http://hg.python.org/cpython

More information about the Python-checkins mailing list