From dda75258c848772ab4f4d76599dbe3beecce5095 Mon Sep 17 00:00:00 2001 From: julianz- Date: Fri, 18 Aug 2023 12:25:50 -0700 Subject: [PATCH] Updated SSL.py to fix problem caused by SSL_WANT_READ or SSL_WANT_WRITE errors. When SSL_WANT_READ or SSL_WANT_WRITE are encountered, it's typical to retry the call but this must be repeated with the exact same arguments. Without this change, openSSL requires that the address of the buffer passed is the same. However, buffers in python can change location in some circumstances which cause the retry to fail. By add the setting SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER, the requirement for the same buffer address is forgiven and the retry has a better chance of success. See https://github.com/cherrypy/cheroot/issues/245 for discussion. --- src/OpenSSL/SSL.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py index a0d0b6acb..e9ace4e35 100644 --- a/src/OpenSSL/SSL.py +++ b/src/OpenSSL/SSL.py @@ -850,7 +850,7 @@ def __init__(self, method): self._cookie_generate_helper = None self._cookie_verify_helper = None - self.set_mode(_lib.SSL_MODE_ENABLE_PARTIAL_WRITE) + self.set_mode(_lib.SSL_MODE_ENABLE_PARTIAL_WRITE | _lib.SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) if version is not None: self.set_min_proto_version(version) self.set_max_proto_version(version)