Catch an amazingly subtle SSL connection corruption bug.

Closing a set of pseudo-file descriptors in the wrong order caused junk data to be written to the SSL stream. An apparent bug in OpenSSL then lets this corrupt the _next_ SSL connection.
2024-11-23 08:11:00 +00:00 · 2012-07-23 23:20:32 +12:00 · 2012-07-23 23:20:32 +12:00 · eb88cea3c7
commit eb88cea3c7
parent ed64b0e796
1 changed files with 3 additions and 3 deletions
--- a/netlib/tcp.py
+++ b/netlib/tcp.py
@ -209,9 +209,9 @@ class BaseHandler:
        try:
            if not getattr(self.wfile, "closed", False):
                self.wfile.flush()
+            self.close()
            self.wfile.close()
            self.rfile.close()
-            self.close()
        except socket.error:
            # Remote has disconnected
            pass
@ -245,10 +245,10 @@ class BaseHandler:
                self.connection.shutdown()
            else:
                self.connection.shutdown(socket.SHUT_RDWR)
-            self.connection.close()
-        except (socket.error, SSL.Error):
+        except (socket.error, SSL.Error), v:
            # Socket probably already closed
            pass
+        self.connection.close()


 class TCPServer: