From: Antoine Pitrou Date: Fri, 26 Mar 2010 19:38:11 +0000 (+0000) Subject: Merged revisions 79449,79452 via svnmerge from X-Git-Tag: v3.1.3rc1~1021 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ed6c893cfcca48944d28aaa881f00c97b9fbe55b;p=python Merged revisions 79449,79452 via svnmerge from svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r79449 | antoine.pitrou | 2010-03-26 20:32:24 +0100 (ven., 26 mars 2010) | 12 lines Merged revisions 79448 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r79448 | antoine.pitrou | 2010-03-26 20:27:16 +0100 (ven., 26 mars 2010) | 6 lines Issue #8222: Enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that blocking reads and writes are always retried by OpenSSL itself. (this is a followup to issue #3890) ........ ................ r79452 | antoine.pitrou | 2010-03-26 20:36:14 +0100 (ven., 26 mars 2010) | 3 lines Add NEWS entry for r79449. ................ --- diff --git a/Misc/NEWS b/Misc/NEWS index 9aa8766ee2..1db6757b98 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -28,7 +28,9 @@ Library didn't support chflags() (for example ZFS under FreeBSD). The error is now silenced. -- Issue #3890: Fix recv() and recv_into() on non-blocking SSL sockets. +- Issue #3890, #8222: Fix recv() and recv_into() on non-blocking SSL sockets. + Also, enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that blocking + reads and writes are always retried by OpenSSL itself. - Issue #6716/2: Backslash-replace error output in compilall. diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 45c44f888f..913115824d 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -9,8 +9,6 @@ directly. XXX should partial writes be enabled, SSL_MODE_ENABLE_PARTIAL_WRITE? - - XXX what about SSL_MODE_AUTO_RETRY? */ #include "Python.h" @@ -371,6 +369,7 @@ newPySSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file, self->ssl = SSL_new(self->ctx); /* New ssl struct */ PySSL_END_ALLOW_THREADS SSL_set_fd(self->ssl, Sock->sock_fd); /* Set the socket for SSL */ + SSL_set_mode(self->ssl, SSL_MODE_AUTO_RETRY); /* If the socket is in non-blocking mode or timeout mode, set the BIO * to non-blocking mode (blocking is the default)