diff options
author | Miro Tomaska <mtomaska@redhat.com> | 2022-08-08 12:32:42 -0500 |
---|---|---|
committer | Ilya Maximets <i.maximets@ovn.org> | 2022-08-12 01:23:39 +0200 |
commit | 1731ed43c6dca385ed1f6a7fb25148f0a34fd3b9 (patch) | |
tree | 4852f0942bb0e9c357ba3644833c4ccb90f6a3b1 /python | |
parent | d1864effeb26c85242b791197ae7309f47690a9d (diff) | |
download | openvswitch-1731ed43c6dca385ed1f6a7fb25148f0a34fd3b9.tar.gz |
python: Do not send non-zero flag for a SSL socket.
pyOpenSSL was recently switched for the Python standard library ssl
module in the cited commit. Python SSLsocket.send() does not allow
non-zero optional flag and it will explicitly raise an exception for
that. pyOpenSSL did nothing with this flag but kept it to be
compatible with socket API:
https://github.com/pyca/pyopenssl/blob/main/src/OpenSSL/SSL.py#L1844
Fixes: 68543dd523bd ("python: Replace pyOpenSSL with ssl.")
Reported-at: https://bugzilla.redhat.com/2115035
Acked-By: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Miro Tomaska <mtomaska@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Diffstat (limited to 'python')
-rw-r--r-- | python/ovs/socket_util.py | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/python/ovs/socket_util.py b/python/ovs/socket_util.py index 651012bf0..7b41dc44b 100644 --- a/python/ovs/socket_util.py +++ b/python/ovs/socket_util.py @@ -23,6 +23,11 @@ import ovs.fatal_signal import ovs.poller import ovs.vlog +try: + import ssl +except ImportError: + ssl = None + if sys.platform == 'win32': import ovs.winutils as winutils import win32file @@ -178,7 +183,12 @@ def check_connection_completion(sock): if revents & ovs.poller.POLLERR or revents & ovs.poller.POLLHUP: try: # The following should raise an exception. - sock.send("\0".encode(), socket.MSG_DONTWAIT) + if ssl and isinstance(sock, ssl.SSLSocket): + # SSL wrapped socket does not allow + # non-zero optional flag. + sock.send("\0".encode()) + else: + sock.send("\0".encode(), socket.MSG_DONTWAIT) # (Here's where we end up if it didn't.) # XXX rate-limit |