diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-05-14 13:31:27 -0400 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-05-14 13:31:27 -0400 |
commit | 15c293505749cb8d2e65a1034e4ff03d26db3cf5 (patch) | |
tree | 9e22019f8b1f992e1b4dbb71da3014ea2bb9447f | |
parent | 4f9b70641a862dde355c422ac8aaf30f0f6c393e (diff) | |
download | pyopenssl-15c293505749cb8d2e65a1034e4ff03d26db3cf5.tar.gz |
Always enable auto retry (#753)
* test using auto retry
* add/update changelog and add comment
* wordsmithing
* Update CHANGELOG.rst
* Update CHANGELOG.rst
-rw-r--r-- | CHANGELOG.rst | 5 | ||||
-rw-r--r-- | src/OpenSSL/SSL.py | 5 |
2 files changed, 8 insertions, 2 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 85c1be7..ab28dcb 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,7 +4,7 @@ Changelog Versions are year-based with a strict backward-compatibility policy. The third digit is only for regressions. -17.6.0 (UNRELEASED) +18.0.0 (UNRELEASED) ------------------- @@ -24,7 +24,8 @@ Deprecations: Changes: ^^^^^^^^ -*none* +- ``OpenSSL.SSL.Connection`` now sets ``SSL_MODE_AUTO_RETRY`` by default. + `#753 <https://github.com/pyca/pyopenssl/pull/753>`_ ---- diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py index f3c9db0..1bf6450 100644 --- a/src/OpenSSL/SSL.py +++ b/src/OpenSSL/SSL.py @@ -1529,6 +1529,11 @@ class Connection(object): ssl = _lib.SSL_new(context._context) self._ssl = _ffi.gc(ssl, _lib.SSL_free) + # We set SSL_MODE_AUTO_RETRY to handle situations where OpenSSL returns + # an SSL_ERROR_WANT_READ when processing a non-application data packet + # even though there is still data on the underlying transport. + # See https://github.com/openssl/openssl/issues/6234 for more details. + _lib.SSL_set_mode(self._ssl, _lib.SSL_MODE_AUTO_RETRY) self._context = context self._app_data = None |