Is Python SSL API thread-safe?

Grant Edwards grant.b.edwards at gmail.com
Sun Jan 22 20:01:59 EST 2017

• Previous message (by thread): Is Python SSL API thread-safe?
• Next message (by thread): Is Python SSL API thread-safe?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

On 2017年01月22日, Christian Heimes <christian at python.org> wrote:
> On 2017年01月22日 21:18, Grant Edwards wrote:
>> Is the Python SSL API thread-safe with respect to recv() and send()?
>>>> IOW, can I have one thread doing blocking recv() calls on an SSL
>> connection object while "simultaneously" a second thread is calling
>> send() on that same connection object?
>>>> I assumed that was allowed, but I can't find anything in the
>> documentation that actually says it is.
>> OpenSSL and Python's ssl module are thread-safe. However IO is not safe
> concerning reentrancy. You cannot safely share a SSLSocket between
> threads without a mutex. Certain aspects of the TLS protocol can cause
> interesting side effects. A recv() call can send data across a wire and
> a send() call can receive data from the wire, e.g. during re-keying.
>> In order to archive reentrancy, you have to do all IO yourself by
> operating the SSL connection in non-blocking mode or with a Memorio-BIO
> https://docs.python.org/3/library/ssl.html#ssl-nonblocking

IOW, what I'm doing is not safe. Rats.
-- 
Grant

---

• Previous message (by thread): Is Python SSL API thread-safe?
• Next message (by thread): Is Python SSL API thread-safe?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-list mailing list