Ticket #211 (closed defect: fixed)
SSL is not guarded via mutex in httpserver
| Reported by: | adarovsky | Owned by: | ianb |
|---|---|---|---|
| Priority: | normal | Milestone: | 1.5 |
| Component: | paste | Version: | released-version |
| Severity: | major | Keywords: | |
| Cc: |
Description
Hello.
I use XMLRPC server built on top of Pylons. This server uses OpenSSL with certificates for security.
I think I've found a bug. If I create a minimal app with one 'ping()' method and start a stress test with it, I get the following error:
error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac
After that server responds on every request in this way until it's restarted. On x86-64 systems this causes server to hang completely
If I make the following changes:
httpserver.py:317:
from OpenSSL import SSL, tsafe
httpserver.py:363:
self.socket = tsafe.Connection(ssl_context, self.socket)
and add 'settimeout' to list of guarded functions in OpenSSL/tsafe.py error seems to go out
Change History
Note: See
TracTickets for help on using
tickets.
