Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[3.10] gh-108342: Make ssl TestPreHandshakeClose more reliable (GH-108370) #108406

Merged
merged 1 commit into from
Aug 24, 2023

Conversation

ambv
Copy link
Contributor

@ambv ambv commented Aug 24, 2023

  • In preauth tests of test_ssl, explicitly break reference cycles invoving SingleConnectionTestServerThread to make sure that the thread is deleted. Otherwise, the test marks the environment as altered because the threading module sees a "dangling thread" (SingleConnectionTestServerThread). This test leak was introduced by the test added for the fix of issue CVE-2023-40217: Bypass TLS handshake on closed sockets #108310.
  • Use support.SHORT_TIMEOUT instead of hardcoded 1.0 or 2.0 seconds timeout.
  • SingleConnectionTestServerThread.run() catchs TimeoutError
  • Fix a race condition (missing synchronization) in test_preauth_data_to_tls_client(): the server now waits until the client connect() completed in call_after_accept().
  • test_https_client_non_tls_response_ignored() calls server.join() explicitly.
  • Replace "localhost" with server.listener.getsockname()[0]. (cherry picked from commit 592bacb)

…ythonGH-108370)

* In preauth tests of test_ssl, explicitly break reference cycles
  invoving SingleConnectionTestServerThread to make sure that the
  thread is deleted. Otherwise, the test marks the environment as
  altered because the threading module sees a "dangling thread"
  (SingleConnectionTestServerThread). This test leak was introduced
  by the test added for the fix of issue pythongh-108310.
* Use support.SHORT_TIMEOUT instead of hardcoded 1.0 or 2.0 seconds
  timeout.
* SingleConnectionTestServerThread.run() catchs TimeoutError
* Fix a race condition (missing synchronization) in
  test_preauth_data_to_tls_client(): the server now waits until the
  client connect() completed in call_after_accept().
* test_https_client_non_tls_response_ignored() calls server.join()
  explicitly.
* Replace "localhost" with server.listener.getsockname()[0].
(cherry picked from commit 592bacb)

Co-authored-by: Victor Stinner <vstinner@python.org>
@ambv ambv requested a review from tiran as a code owner August 24, 2023 08:58
@bedevere-bot bedevere-bot added tests Tests in the Lib/test dir awaiting core review labels Aug 24, 2023
@ambv ambv merged commit e96bddf into python:3.10 Aug 24, 2023
10 checks passed
@ambv ambv deleted the backport-592bacb-3.10 branch August 24, 2023 10:09
@ambv ambv restored the backport-592bacb-3.10 branch August 24, 2023 10:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
skip news tests Tests in the Lib/test dir
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants