python: Do not send non-zero flag for a SSL socket.

pyOpenSSL was recently switched for the Python standard library ssl module in the cited commit. Python SSLsocket.send() does not allow non-zero optional flag and it will explicitly raise an exception for that. pyOpenSSL did nothing with this flag but kept it to be compatible with socket API: https://github.com/pyca/pyopenssl/blob/main/src/OpenSSL/SSL.py#L1844 Fixes: 68543dd523 ("python: Replace pyOpenSSL with ssl.") Reported-at: https://bugzilla.redhat.com/2115035 Acked-By: Timothy Redaelli <tredaelli@redhat.com> Signed-off-by: Miro Tomaska <mtomaska@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2025-10-21 14:49:41 +00:00 · 2022-08-08 12:32:42 -05:00
parent d1864effeb
commit 1731ed43c6
1 changed files with 11 additions and 1 deletions
--- a/python/ovs/socket_util.py
+++ b/python/ovs/socket_util.py
@@ -23,6 +23,11 @@ import ovs.fatal_signal
 import ovs.poller
 import ovs.vlog

+try:
+    import ssl
+except ImportError:
+    ssl = None
+
 if sys.platform == 'win32':
    import ovs.winutils as winutils
    import win32file
@@ -178,7 +183,12 @@ def check_connection_completion(sock):
        if revents & ovs.poller.POLLERR or revents & ovs.poller.POLLHUP:
            try:
                # The following should raise an exception.
-                sock.send("\0".encode(), socket.MSG_DONTWAIT)
+                if ssl and isinstance(sock, ssl.SSLSocket):
+                    # SSL wrapped socket does not allow
+                    # non-zero optional flag.
+                    sock.send("\0".encode())
+                else:
+                    sock.send("\0".encode(), socket.MSG_DONTWAIT)

                # (Here's where we end up if it didn't.)
                # XXX rate-limit