Skip to content

Commit c8666cf

Browse files
authored
bpo-37322: Fix ResourceWarning and exception handling in test (GH-25553)
Revert 73ea546, increase logging, and improve stability of test. Handle all OSErrors in a single block. OSError also takes care of SSLError and socket's connection errors. Partly reverts commit fb7e750. The threaded connection handler must not raise an unhandled exception.
1 parent f05c2ae commit c8666cf

File tree

1 file changed

+38
-38
lines changed

1 file changed

+38
-38
lines changed

Lib/test/test_ssl.py

Lines changed: 38 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -2390,7 +2390,10 @@ def wrap_conn(self):
23902390
sys.stdout.write(" client cert is " + pprint.pformat(cert) + "\n")
23912391
cert_binary = self.sslconn.getpeercert(True)
23922392
if support.verbose and self.server.chatty:
2393-
sys.stdout.write(" cert binary is " + str(len(cert_binary)) + " bytes\n")
2393+
if cert_binary is None:
2394+
sys.stdout.write(" client did not provide a cert\n")
2395+
else:
2396+
sys.stdout.write(f" cert binary is {len(cert_binary)}b\n")
23942397
cipher = self.sslconn.cipher()
23952398
if support.verbose and self.server.chatty:
23962399
sys.stdout.write(" server: connection cipher is now " + str(cipher) + "\n")
@@ -2486,31 +2489,22 @@ def run(self):
24862489
sys.stdout.write(" server: read %r (%s), sending back %r (%s)...\n"
24872490
% (msg, ctype, msg.lower(), ctype))
24882491
self.write(msg.lower())
2489-
except (ConnectionResetError, ConnectionAbortedError):
2490-
# XXX: OpenSSL 1.1.1 sometimes raises ConnectionResetError
2491-
# when connection is not shut down gracefully.
2492+
except OSError as e:
2493+
# handles SSLError and socket errors
24922494
if self.server.chatty and support.verbose:
2493-
sys.stdout.write(
2494-
" Connection reset by peer: {}\n".format(
2495-
self.addr)
2496-
)
2497-
self.close()
2498-
self.running = False
2499-
except ssl.SSLError as err:
2500-
# On Windows sometimes test_pha_required_nocert receives the
2501-
# PEER_DID_NOT_RETURN_A_CERTIFICATE exception
2502-
# before the 'tlsv13 alert certificate required' exception.
2503-
# If the server is stopped when PEER_DID_NOT_RETURN_A_CERTIFICATE
2504-
# is received test_pha_required_nocert fails with ConnectionResetError
2505-
# because the underlying socket is closed
2506-
if 'PEER_DID_NOT_RETURN_A_CERTIFICATE' == err.reason:
2507-
if self.server.chatty and support.verbose:
2508-
sys.stdout.write(err.args[1])
2509-
# test_pha_required_nocert is expecting this exception
2510-
raise ssl.SSLError('tlsv13 alert certificate required')
2511-
except OSError:
2512-
if self.server.chatty:
2513-
handle_error("Test server failure:\n")
2495+
if isinstance(e, ConnectionError):
2496+
# OpenSSL 1.1.1 sometimes raises
2497+
# ConnectionResetError when connection is not
2498+
# shut down gracefully.
2499+
print(
2500+
f" Connection reset by peer: {self.addr}"
2501+
)
2502+
else:
2503+
handle_error("Test server failure:\n")
2504+
try:
2505+
self.write(b"ERROR\n")
2506+
except OSError:
2507+
pass
25142508
self.close()
25152509
self.running = False
25162510

@@ -4416,24 +4410,30 @@ def test_pha_required_nocert(self):
44164410
server_context.verify_mode = ssl.CERT_REQUIRED
44174411
client_context.post_handshake_auth = True
44184412

4419-
# Ignore expected SSLError in ConnectionHandler of ThreadedEchoServer
4420-
# (it is only raised sometimes on Windows)
4421-
with threading_helper.catch_threading_exception() as cm:
4422-
server = ThreadedEchoServer(context=server_context, chatty=False)
4423-
with server:
4424-
with client_context.wrap_socket(socket.socket(),
4425-
server_hostname=hostname) as s:
4426-
s.connect((HOST, server.port))
4427-
s.write(b'PHA')
4413+
def msg_cb(conn, direction, version, content_type, msg_type, data):
4414+
if support.verbose and content_type == _TLSContentType.ALERT:
4415+
info = (conn, direction, version, content_type, msg_type, data)
4416+
sys.stdout.write(f"TLS: {info!r}\n")
4417+
4418+
server_context._msg_callback = msg_cb
4419+
client_context._msg_callback = msg_cb
4420+
4421+
server = ThreadedEchoServer(context=server_context, chatty=True)
4422+
with server:
4423+
with client_context.wrap_socket(socket.socket(),
4424+
server_hostname=hostname) as s:
4425+
s.connect((HOST, server.port))
4426+
s.write(b'PHA')
4427+
with self.assertRaisesRegex(
4428+
ssl.SSLError,
4429+
'tlsv13 alert certificate required'
4430+
):
44284431
# receive CertificateRequest
44294432
self.assertEqual(s.recv(1024), b'OK\n')
44304433
# send empty Certificate + Finish
44314434
s.write(b'HASCERT')
44324435
# receive alert
4433-
with self.assertRaisesRegex(
4434-
ssl.SSLError,
4435-
'tlsv13 alert certificate required'):
4436-
s.recv(1024)
4436+
s.recv(1024)
44374437

44384438
def test_pha_optional(self):
44394439
if support.verbose:

0 commit comments

Comments
 (0)