[Python-Dev] the new 2.3a1 settimeout() with httplib and SSL

[Geoffrey Talvola]

Guido van Rossum [mailto:guido@python.org] wrote:
> > > > It doesn't look terribly hard to make the SSL wrapper obey 
> > > > the timeout, by
> > > > calling select() on the "raw" socket before calling 
> > > > SSL_write or SSL_read.
> > > > I'm willing to try to get this to work.
> > > 
> > > That's cool.  I don't know much about the SSL_read() API 
> > > -- does it
> > > promise to read exactly the requested number of byte (unless the
> > > socket is closed)?  Then a single select() before it is 
> > > called may not
> > > be sufficient.
> > 
> > I don't know any more than you do -- I've never looked at 
> > the OpenSSL docs
> > until today.  It looks like SSL_read may indeed return 
> > fewer bytes than
> > requested: http://www.openssl.org/docs/ssl/SSL_read.html
> 
> Hm, from that page it looks like the internal implementation may
> actually repeatedly read from the socket, until it has processed a
> full 16K block.  But I may be mistaken, since it also refers to a
> non-blocking underlying "BIO", whatever that is. :-(

Yeah, I'm not really sure what that is.

> 
> > But I still think that a single select() is OK.  It seems 
> > to be working fine
> > in my testing.  The select() times out only if there has 
> > been no activity on
> > the socket for the entire timeout period, which seems 
> > sufficient to me.  I
> > don't think it matters that SSL_read may return fewer bytes 
> > than requested.
> > Maybe I'm missing something.
> 
> If you can see no CPU activity while it's waiting to time out, it's
> probably okay.

Yes, it seems to work -- no CPU activity and it times out exactly when it's
supposed to.

> > Anyhow, I'll do some more testing and then if it still 
> > seems to work I'll
> > upload a patch later today.
> 
> Great!  Please assign to me so I head about it.

I just uploaded the patch and assigned it to you.

- Geoff