This issue tracker has been migrated to GitHub ,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2010年03月24日 16:33 by pitrou, last changed 2022年04月11日 14:56 by admin. This issue is now closed.
| Messages (10) | |||
|---|---|---|---|
| msg101640 - (view) | Author: Antoine Pitrou (pitrou) * (Python committer) | Date: 2010年03月24日 16:33 | |
In light of the recv() and recv_into() implementation change (issue3890), I think we should enable SSL_MODE_AUTO_RETRY for SSL sockets. It prevents blocking read() calls from getting SSL_ERROR_WANT_READ at all. (previously, we would loop manually in recv() and recv_into(); letting the C OpenSSL runtime do it for us is certainly more efficient) See description in http://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html: « SSL_MODE_AUTO_RETRY Never bother the application with retries if the transport is blocking. If a renegotiation take place during normal operation, a SSL_read(3) or SSL_write(3) would return with -1 and indicate the need to retry with SSL_ERROR_WANT_READ. In a non-blocking environment applications must be prepared to handle incomplete read/write operations. In a blocking environment, applications are not always prepared to deal with read/write operations returning without success report. The flag SSL_MODE_AUTO_RETRY will cause read/write operations to only return after the handshake and successful completion. » |
|||
| msg101648 - (view) | Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) | Date: 2010年03月24日 19:05 | |
By reading the doc it is not clear if we should activate this option only when dealing with blocking sockets. What's the behavior with non blocking ones? Does it result in a no-op or does it hang the applcation? |
|||
| msg101649 - (view) | Author: Antoine Pitrou (pitrou) * (Python committer) | Date: 2010年03月24日 19:08 | |
To me it looks clearly like a no-op ("Never bother the application with retries *if the transport is blocking*").
|
|||
| msg101651 - (view) | Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) | Date: 2010年03月24日 19:11 | |
Mmm you're right. Sorry. I'm clearly too tired. =) |
|||
| msg101734 - (view) | Author: Bill Janssen (janssen) * (Python committer) | Date: 2010年03月25日 22:11 | |
Looks like a good idea. |
|||
| msg101758 - (view) | Author: STINNER Victor (vstinner) * (Python committer) | Date: 2010年03月26日 17:48 | |
See also issue #8240 about SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER (ssl.SSLSocket.write may fail on non-blocking sockets). |
|||
| msg101759 - (view) | Author: STINNER Victor (vstinner) * (Python committer) | Date: 2010年03月26日 17:49 | |
> letting the C OpenSSL runtime do it for us is certainly more efficient +1 if it's more efficient ;-) |
|||
| msg101760 - (view) | Author: STINNER Victor (vstinner) * (Python committer) | Date: 2010年03月26日 17:51 | |
Would it be possible to add an option to disable SSL_MODE_AUTO_RETRY for a specific socket? Existing applications may rely on / prefer the current behaviour. |
|||
| msg101764 - (view) | Author: Antoine Pitrou (pitrou) * (Python committer) | Date: 2010年03月26日 18:28 | |
> Would it be possible to add an option to disable SSL_MODE_AUTO_RETRY > for a specific socket? Existing applications may rely on / prefer the > current behaviour. I don't think so, since recv() used to emulate that behaviour anyway. |
|||
| msg101771 - (view) | Author: Antoine Pitrou (pitrou) * (Python committer) | Date: 2010年03月26日 19:39 | |
Fixed in r79448 (trunk), r79449 (py3k), r79451 (2.6), r79453 (3.1). |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022年04月11日 14:56:59 | admin | set | github: 52469 |
| 2011年06月16日 14:31:52 | jcea | set | nosy:
+ jcea |
| 2010年03月26日 19:39:29 | pitrou | set | status: open -> closed resolution: fixed messages: + msg101771 stage: resolved |
| 2010年03月26日 18:28:56 | pitrou | set | messages: + msg101764 |
| 2010年03月26日 17:51:26 | vstinner | set | messages: + msg101760 |
| 2010年03月26日 17:49:37 | vstinner | set | messages: + msg101759 |
| 2010年03月26日 17:48:32 | vstinner | set | nosy:
+ vstinner messages: + msg101758 |
| 2010年03月25日 22:11:05 | janssen | set | messages: + msg101734 |
| 2010年03月24日 19:11:10 | giampaolo.rodola | set | messages: + msg101651 |
| 2010年03月24日 19:08:27 | pitrou | set | messages: + msg101649 |
| 2010年03月24日 19:05:02 | giampaolo.rodola | set | messages: + msg101648 |
| 2010年03月24日 16:34:14 | pitrou | set | title: enabling SSL_ERROR_WANT_READ on SSL sockets -> enabling SSL_MODE_AUTO_RETRY on SSL sockets |
| 2010年03月24日 16:33:20 | pitrou | create | |