Fix #12835: prevent use of the unencrypted sendmsg/recvmsg APIs on SSL wrapped...

Fix #12835: prevent use of the unencrypted sendmsg/recvmsg APIs on SSL wrapped sockets (Patch by David Watson)

Fix #12835: prevent use of the unencrypted sendmsg/recvmsg APIs on SSL wrapped...
Fix #12835: prevent use of the unencrypted sendmsg/recvmsg APIs on SSL wrapped sockets (Patch by David Watson)
513886aa · Nick Coghlan · a89c32cc · 513886aa · 513886aa · 513886aa
Commit 513886aa authored Aug 28, 2011 by Nick Coghlan
Hide whitespace changes
Inline Side-by-side

Showing with 26 additions and 0 deletions

Lib/ssl.py Lib/ssl.py +14 -0

Lib/test/test_ssl.py Lib/test/test_ssl.py +8 -0

Misc/NEWS Misc/NEWS +4 -0

No files found.
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -355,6 +355,12 @@ class SSLSocket(socket):
        else:
            return socket.sendto(self, data, flags_or_addr, addr)

+    def sendmsg(self, *args, **kwargs):
+        # Ensure programs don't send data unencrypted if they try to
+        # use this method.
+        raise NotImplementedError("sendmsg not allowed on instances of %s" %
+                                  self.__class__)
+
    def sendall(self, data, flags=0):
        self._checkClosed()
        if self._sslobj:
@@ -413,6 +419,14 @@ class SSLSocket(socket):
        else:
            return socket.recvfrom_into(self, buffer, nbytes, flags)

+    def recvmsg(self, *args, **kwargs):
+        raise NotImplementedError("recvmsg not allowed on instances of %s" %
+                                  self.__class__)
+
+    def recvmsg_into(self, *args, **kwargs):
+        raise NotImplementedError("recvmsg_into not allowed on instances of "
+                                  "%s" % self.__class__)
+
    def pending(self):
        self._checkClosed()
        if self._sslobj:

--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1651,6 +1651,14 @@ else:
                        # consume data
                        s.read()

+                # Make sure sendmsg et al are disallowed to avoid
+                # inadvertent disclosure of data and/or corruption
+                # of the encrypted data stream
+                self.assertRaises(NotImplementedError, s.sendmsg, [b"data"])
+                self.assertRaises(NotImplementedError, s.recvmsg, 100)
+                self.assertRaises(NotImplementedError,
+                                  s.recvmsg_into, bytearray(100))
+
                s.write(b"over\n")
                s.close()
            finally:

--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -268,6 +268,10 @@ Core and Builtins
 Library
 -------

+- Issue #12835: Follow up to #6560 that unconditionally prevents use of the
+  unencrypted sendmsg/recvmsg APIs on SSL wrapped sockets. Patch by David
+  Watson.
+
 - Issue #12803: SSLContext.load_cert_chain() now accepts a password argument
  to be used if the private key is encrypted.  Patch by Adam Simpkins.