➜
This issue trackerhas been migrated toGitHub, and is currentlyread-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.
Created on2010-03-24 16:33 bypitrou, last changed2022-04-11 14:56 byadmin. This issue is nowclosed.
| Messages (10) | |||
|---|---|---|---|
| msg101640 -(view) | Author: Antoine Pitrou (pitrou)* | Date: 2010-03-24 16:33 | |
In light of the recv() and recv_into() implementation change (issue3890), I think we should enable SSL_MODE_AUTO_RETRY for SSL sockets. It prevents blocking read() calls from getting SSL_ERROR_WANT_READ at all.(previously, we would loop manually in recv() and recv_into(); lettingthe C OpenSSL runtime do it for us is certainly more efficient)See description inhttp://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html:« SSL_MODE_AUTO_RETRY Never bother the application with retries if the transport is blocking. If a renegotiation take place during normal operation, a SSL_read(3) or SSL_write(3) would return with -1 and indicate the need to retry with SSL_ERROR_WANT_READ. In a non-blocking environment applications must be prepared to handle incomplete read/write operations. In a blocking environment, applications are not always prepared to deal with read/write operations returning without success report. The flag SSL_MODE_AUTO_RETRY will cause read/write operations to only return after the handshake and successful completion. » | |||
| msg101648 -(view) | Author: Giampaolo Rodola' (giampaolo.rodola)* | Date: 2010-03-24 19:05 | |
By reading the doc it is not clear if we should activate this option only when dealing with blocking sockets.What's the behavior with non blocking ones?Does it result in a no-op or does it hang the applcation? | |||
| msg101649 -(view) | Author: Antoine Pitrou (pitrou)* | Date: 2010-03-24 19:08 | |
To me it looks clearly like a no-op ("Never bother the application with retries *if the transport is blocking*"). | |||
| msg101651 -(view) | Author: Giampaolo Rodola' (giampaolo.rodola)* | Date: 2010-03-24 19:11 | |
Mmm you're right. Sorry.I'm clearly too tired. =) | |||
| msg101734 -(view) | Author: Bill Janssen (janssen)* | Date: 2010-03-25 22:11 | |
Looks like a good idea. | |||
| msg101758 -(view) | Author: STINNER Victor (vstinner)* | Date: 2010-03-26 17:48 | |
See also issue#8240 about SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER (ssl.SSLSocket.write may fail on non-blocking sockets). | |||
| msg101759 -(view) | Author: STINNER Victor (vstinner)* | Date: 2010-03-26 17:49 | |
> letting the C OpenSSL runtime do it for us is certainly more efficient+1 if it's more efficient ;-) | |||
| msg101760 -(view) | Author: STINNER Victor (vstinner)* | Date: 2010-03-26 17:51 | |
Would it be possible to add an option to disable SSL_MODE_AUTO_RETRY for a specific socket? Existing applications may rely on / prefer the current behaviour. | |||
| msg101764 -(view) | Author: Antoine Pitrou (pitrou)* | Date: 2010-03-26 18:28 | |
> Would it be possible to add an option to disable SSL_MODE_AUTO_RETRY> for a specific socket? Existing applications may rely on / prefer the> current behaviour.I don't think so, since recv() used to emulate that behaviour anyway. | |||
| msg101771 -(view) | Author: Antoine Pitrou (pitrou)* | Date: 2010-03-26 19:39 | |
Fixed inr79448 (trunk),r79449 (py3k),r79451 (2.6),r79453 (3.1). | |||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:56:59 | admin | set | github: 52469 |
| 2011-06-16 14:31:52 | jcea | set | nosy: +jcea |
| 2010-03-26 19:39:29 | pitrou | set | status: open -> closed resolution: fixed messages: +msg101771 stage: resolved |
| 2010-03-26 18:28:56 | pitrou | set | messages: +msg101764 |
| 2010-03-26 17:51:26 | vstinner | set | messages: +msg101760 |
| 2010-03-26 17:49:37 | vstinner | set | messages: +msg101759 |
| 2010-03-26 17:48:32 | vstinner | set | nosy: +vstinner messages: +msg101758 |
| 2010-03-25 22:11:05 | janssen | set | messages: +msg101734 |
| 2010-03-24 19:11:10 | giampaolo.rodola | set | messages: +msg101651 |
| 2010-03-24 19:08:27 | pitrou | set | messages: +msg101649 |
| 2010-03-24 19:05:02 | giampaolo.rodola | set | messages: +msg101648 |
| 2010-03-24 16:34:14 | pitrou | set | title: enabling SSL_ERROR_WANT_READ on SSL sockets -> enabling SSL_MODE_AUTO_RETRY on SSL sockets |
| 2010-03-24 16:33:20 | pitrou | create | |