Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssl module with OpenSSL 3.0 does not throw SSLEOFError on unclean shutdown #95494

Open
davidben opened this issue Jul 31, 2022 · 0 comments
Open

ssl module with OpenSSL 3.0 does not throw SSLEOFError on unclean shutdown #95494

davidben opened this issue Jul 31, 2022 · 0 comments
Labels
3.10 3.11 3.12 expert-SSL type-bug An unexpected behavior, bug, or error

Comments

@davidben
Copy link
Contributor

davidben commented Jul 31, 2022

Patch incoming. Filing this so there's a bug to attach the PR to.

GH-25309 enabled SSL_OP_IGNORE_UNEXPECTED_EOF by default, with a comment that it restores OpenSSL 1.1.1 behavior, but this wasn't quite right. That option causes OpenSSL to treat transport EOF as the same as close_notify (i.e SSL_ERROR_ZERO_RETURN), whereas Python actually has distinct SSLEOFError and SSLZeroReturnError exceptions. (The latter is usually mapped to a zero return from read.) In OpenSSL 1.1.1, the ssl module would raise them for transport EOF and close_notify, respectively. In OpenSSL 3.0, both act like close_notify.
@davidben davidben added the type-bug An unexpected behavior, bug, or error label Jul 31, 2022
@bedevere-bot bedevere-bot mentioned this issue Jul 31, 2022
Open
davidben added a commit to davidben/cpython that referenced this issue Jul 31, 2022
@davidben
pythongh-95494: Fix transport EOF handling in OpenSSL 3.0
33dcd36 
pythonGH-25309 enabled SSL_OP_IGNORE_UNEXPECTED_EOF by default, with a comment
that it restores OpenSSL 1.1.1 behavior, but this wasn't quite right.
That option causes OpenSSL to treat transport EOF as the same as
close_notify (i.e. SSL_ERROR_ZERO_RETURN), whereas Python actually has
distinct SSLEOFError and SSLZeroReturnError exceptions. (The latter is
usually mapped to a zero return from read.) In OpenSSL 1.1.1, the ssl
module would raise them for transport EOF and close_notify,
respectively. In OpenSSL 3.0, both act like close_notify.

Fix this by, instead, just detecting SSL_R_UNEXPECTED_EOF_WHILE_READING
and mapping that to the other exception type.

There doesn't seem to have been any unit test of this error, so fill in
the missing one. This had to be done with the BIO path because it's
actually slightly tricky to simulate a transport EOF with Python's fd
based APIs. (If you instruct the server to close the socket, it gets
confused, probably because the server's SSL object is still referencing
the now dead fd?)
This was referenced Nov 3, 2022
Closed
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
3.10 3.11 3.12 expert-SSL type-bug An unexpected behavior, bug, or error
Projects
OpenSSL 3
Status: No status
Milestone
No milestone
Development

No branches or pull requests
3 participants
@davidben @tiran @AlexWaygood