[issue19422] Neither DTLS nor error for SSLSocket.sendto() of UDP socket

2013-12-28 Thread Antoine Pitrou
Antoine Pitrou added the comment: Updated patch is stricter (it checks for SOCK_STREAM). Pushed! -- resolution: -> fixed stage: needs patch -> committed/rejected status: open -> closed ___ Python tracker _

[issue19422] Neither DTLS nor error for SSLSocket.sendto() of UDP socket

2013-12-28 Thread Roundup Robot
Roundup Robot added the comment: New changeset 44841d81bf14 by Antoine Pitrou in branch '2.7': Issue #19422: Explicitly disallow non-SOCK_STREAM sockets in the ssl module, rather than silently let them emit clear text data. http://hg.python.org/cpython/rev/44841d81bf14 -- _

[issue19422] Neither DTLS nor error for SSLSocket.sendto() of UDP socket

2013-12-28 Thread Roundup Robot
Roundup Robot added the comment: New changeset a00842b783cf by Antoine Pitrou in branch '3.3': Issue #19422: Explicitly disallow non-SOCK_STREAM sockets in the ssl module, rather than silently let them emit clear text data. http://hg.python.org/cpython/rev/a00842b783cf New changeset f7dc02e6987

[issue19422] Neither DTLS nor error for SSLSocket.sendto() of UDP socket

2013-12-28 Thread Antoine Pitrou
Antoine Pitrou added the comment: Actually, it seems the patch is flawed: >>> sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) >>> sock.type 2 >>> sock.settimeout(0) >>> sock.type 2050 But getsockopt() returns the expected value: >>> sock.getsockopt(socket.SOL_SOCKET, socket.SO_TYPE) 2

[issue19422] Neither DTLS nor error for SSLSocket.sendto() of UDP socket

2013-12-22 Thread Vajrasky Kok
Vajrasky Kok added the comment: Thanks, Antoine, for the review! Attached the patch to address Antoine's concern. -- Added file: http://bugs.python.org/file33256/raises_error_on_wrap_socket_with_sock_dgram_v2.patch ___ Python tracker

[issue19422] Neither DTLS nor error for SSLSocket.sendto() of UDP socket

2013-11-04 Thread Vajrasky Kok
Vajrasky Kok added the comment: Attached the patch to raise error when using sock dgram in wrap_socket. I am still unsure whether I should put the validation in C code (private function _wrap_socket) or not. -- keywords: +patch nosy: +vajrasky Added file: http://bugs.python.org/file32

[issue19422] Neither DTLS nor error for SSLSocket.sendto() of UDP socket

2013-10-28 Thread Antoine Pitrou
Antoine Pitrou added the comment: Agreed, this should definitely be fixed. -- components: +Library (Lib) -Extension Modules stage: -> needs patch ___ Python tracker ___

[issue19422] Neither DTLS nor error for SSLSocket.sendto() of UDP socket

2013-10-28 Thread Christian Heimes
Christian Heimes added the comment: I think either sendto() or wrap_socket() should raise some kind of error for UDP instead of silently sending unencrypted data. -- nosy: +giampaolo.rodola, janssen, pitrou ___ Python tracker

[issue19422] Neither DTLS nor error for SSLSocket.sendto() of UDP socket

2013-10-28 Thread Christian Heimes
New submission from Christian Heimes: Python's SSL module doesn't support DTLS (datagram TLS for UDP). The SSL code doesn't complain when an UDP socket is wrapped in a SSL socket. It happily sends the bytes unprotected and not encrypted over the wire: >>> import ssl, socket >>> sock = socket.s