python: Send non-zero flag for a SSL socket

Python std library SSLSocket.send does not allow non-zero value for the optional flag. pyOpenSSL was recently switched for the Python standard library ssl module commit 68543dd (python: Replace pyOpenSSL with ssl). Python SSLsocket.send() does not allow non-zero optional flag and it will explicitly raise an exception for that. pyOpenSSL did not nothing with this flag but kept it to be compatible with socket API. https://github.com/pyca/pyopenssl/blob/main/src/OpenSSL/SSL.py#L1844 In addition, expect for ImportError is not necessary anymore as ssl is part of the Python standard library. This type of exception should not happen. Signed-off-by: Miro Tomaska <mtomaska@redhat.com> Reported-at: https://bugzilla.redhat.com/2115035 Signed-off-by: 0-day Robot <robot@bytheb.org>
ovsrobot · Aug 8, 2022 · f09a559 · f09a559
1 parent 434025a
commit f09a559
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 12 deletions.
diff --git a/python/ovs/poller.py b/python/ovs/poller.py
@@ -17,6 +17,7 @@
 
 import select
 import socket
+import ssl
 import sys
 
 import ovs.timeval
@@ -25,10 +26,6 @@
 if sys.platform == "win32":
     import ovs.winutils as winutils
 
-try:
-    import ssl
-except ImportError:
-    ssl = None
 
 try:
     from eventlet import patcher as eventlet_patcher

diff --git a/python/ovs/socket_util.py b/python/ovs/socket_util.py
@@ -17,6 +17,7 @@
 import os.path
 import random
 import socket
+import ssl
 import sys
 
 import ovs.fatal_signal
@@ -178,7 +179,11 @@ def check_connection_completion(sock):
         if revents & ovs.poller.POLLERR or revents & ovs.poller.POLLHUP:
             try:
                 # The following should raise an exception.
-                sock.send("\0".encode(), socket.MSG_DONTWAIT)
+                if isinstance(sock, ssl.SSLSocket):
+                    # a SSL wrapped socket does not allow non-zero optional flag
+                    sock.send("\0".encode())
+                else:
+                    sock.send("\0".encode(), socket.MSG_DONTWAIT)
 
                 # (Here's where we end up if it didn't.)
                 # XXX rate-limit

diff --git a/python/ovs/stream.py b/python/ovs/stream.py
@@ -15,16 +15,13 @@
 import errno
 import os
 import socket
+import ssl
 import sys
 
 import ovs.poller
 import ovs.socket_util
 import ovs.vlog
 
-try:
-    import ssl
-except ImportError:
-    ssl = None
 
 if sys.platform == 'win32':
     import ovs.winutils as winutils
@@ -860,6 +857,4 @@ def close(self):
         return super(SSLStream, self).close()
 
 
-if ssl:
-    # Register SSL only if the OpenSSL module is available
-    Stream.register_method("ssl", SSLStream)
+Stream.register_method("ssl", SSLStream)