Issue #23804: Merge SSL recv() fix from 3.5

7386268f · Martin Panter · 4bf9c51f · bed7f1a5 · 7386268f · 7386268f
Commit 7386268f authored Jul 11, 2016 by Martin Panter
Hide whitespace changes
Inline Side-by-side

Showing with 32 additions and 8 deletions

Lib/test/test_ssl.py Lib/test/test_ssl.py +21 -8

Misc/NEWS Misc/NEWS +3 -0

Modules/_ssl.c Modules/_ssl.c +8 -0

No files found.
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -2788,20 +2788,13 @@ if _have_threads:
                        # consume data
                        s.read()
-                data = b"data"
                # read(-1, buffer) is supported, even though read(-1) is not
+                data = b"data"
                s.send(data)
                buffer = bytearray(len(data))
                self.assertEqual(s.read(-1, buffer), len(data))
                self.assertEqual(buffer, data)
-                # recv/read(0) should return no data
-                s.send(data)
-                self.assertEqual(s.recv(0), b"")
-                self.assertEqual(s.read(0), b"")
-                self.assertEqual(s.read(), data)
                # Make sure sendmsg et al are disallowed to avoid
                # inadvertent disclosure of data and/or corruption
                # of the encrypted data stream
@@ -2817,6 +2810,26 @@ if _have_threads:
                s.close()
+        def test_recv_zero(self):
+            server = ThreadedEchoServer(CERTFILE)
+            server.__enter__()
+            self.addCleanup(server.__exit__, None, None)
+            s = socket.create_connection((HOST, server.port))
+            self.addCleanup(s.close)
+            s = ssl.wrap_socket(s, suppress_ragged_eofs=False)
+            self.addCleanup(s.close)
+            # recv/read(0) should return no data
+            s.send(b"data")
+            self.assertEqual(s.recv(0), b"")
+            self.assertEqual(s.read(0), b"")
+            self.assertEqual(s.read(), b"data")
+            # Should not block if the other end sends no data
+            s.setblocking(False)
+            self.assertEqual(s.recv(0), b"")
+            self.assertEqual(s.recv_into(bytearray()), 0)
        def test_nonblocking_send(self):
            server = ThreadedEchoServer(CERTFILE,
                                        certreqs=ssl.CERT_NONE,

--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -27,6 +27,9 @@ Core and Builtins
 Library
 -------
+- Issue #23804: Fix SSL zero-length recv() calls to not block and not raise
+  an error about unclean EOF.
 - Issue #27466: Change time format returned by http.cookie.time2netscape,
  confirming the netscape cookie format and making it consistent with
  documentation.

--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -1913,6 +1913,10 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1,
        dest = PyBytes_FromStringAndSize(NULL, len);
        if (dest == NULL)
            goto error;
+        if (len == 0) {
+            Py_XDECREF(sock);
+            return dest;
+        }
        mem = PyBytes_AS_STRING(dest);
    }
    else {
@@ -1924,6 +1928,10 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1,
                                "maximum length can't fit in a C 'int'");
                goto error;
            }
+            if (len == 0) {
+                count = 0;
+                goto done;
+            }
        }
    }