Always enable auto retry (#753)

* test using auto retry * add/update changelog and add comment * wordsmithing * Update CHANGELOG.rst * Update CHANGELOG.rst
author: Paul Kehrer <paul.l.kehrer@gmail.com> 2018-05-14 13:31:27 -0400
committer: Alex Gaynor <alex.gaynor@gmail.com> 2018-05-14 13:31:27 -0400
commit: 15c293505749cb8d2e65a1034e4ff03d26db3cf5 (patch)
tree: 9e22019f8b1f992e1b4dbb71da3014ea2bb9447f /src/OpenSSL/SSL.py
parent: 4f9b70641a862dde355c422ac8aaf30f0f6c393e (diff)
download: pyopenssl-15c293505749cb8d2e65a1034e4ff03d26db3cf5.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
index f3c9db0..1bf6450 100644
--- a/src/OpenSSL/SSL.py
+++ b/src/OpenSSL/SSL.py
@@ -1529,6 +1529,11 @@ class Connection(object):
 
         ssl = _lib.SSL_new(context._context)
         self._ssl = _ffi.gc(ssl, _lib.SSL_free)
+        # We set SSL_MODE_AUTO_RETRY to handle situations where OpenSSL returns
+        # an SSL_ERROR_WANT_READ when processing a non-application data packet
+        # even though there is still data on the underlying transport.
+        # See https://github.com/openssl/openssl/issues/6234 for more details.
+        _lib.SSL_set_mode(self._ssl, _lib.SSL_MODE_AUTO_RETRY)
         self._context = context
         self._app_data = None
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2018-05-14 13:31:27 -0400
committer	Alex Gaynor <alex.gaynor@gmail.com>	2018-05-14 13:31:27 -0400
commit	15c293505749cb8d2e65a1034e4ff03d26db3cf5 (patch)
tree	9e22019f8b1f992e1b4dbb71da3014ea2bb9447f /src/OpenSSL/SSL.py
parent	4f9b70641a862dde355c422ac8aaf30f0f6c393e (diff)
download	pyopenssl-15c293505749cb8d2e65a1034e4ff03d26db3cf5.tar.gz