[PYTHON-CRYPTO] m2crypto blocking all other threads
Rune Froysa
rune.froysa at USIT.UIO.NO
Fri Sep 16 13:12:12 CEST 2005
I'm using m2crypto for a SSL-based xmlrpc service. This service is
frequently DOSed by what appears to be a bug in m2crypto: it blocks
all other threads at various points. I've attached a small program
that shows this behaviour. Start the server. It will keep printing
"test" from a separate thread. Now, telnet to the 9443 port and do
nothing. You'll notice that after the "LOOP: SSL accept:
before/accept initialization" message, no more "test" messages are
printed. The server will not respond to any new connections until
this connection has done something. This has been verified with v
0.07, 0.09, 0.13, 0.15.
At some points we experience processes that according to strace is
waiting for a read on a remote socket, while a check on the remote
host reveals that no process is talking on that socket anymore. I'm
not sure if that is related.
#!/usr/bin/env python
import sys, time, threading
demo_dir='/tmp/m2crypto-0.15/demo/ssl'
sys.path.insert(0, demo_dir)
from https_srv import *
def my_wt():
while True:
time.sleep(0.5)
print "test"
if __name__ == '__main__':
threading.Thread(target=my_wt).start()
ctx = init_context('sslv23', '%s/server.pem' % demo_dir, '%s/ca.pem' % demo_dir,
SSL.verify_none)
httpsd = HTTPS_Server(('', 9443), HTTP_Handler, ctx)
httpsd.serve_forever()
BTW: under 0.15, the https_srv.py complains from line 126 -> SSL/Context.py: 118:
TypeError: ssl_ctx_load_verify_locations() argument 3 must be string, not None
--
Rune Frøysa
More information about the python-crypto
mailing list