Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[3.8] gh-108342: Make ssl TestPreHandshakeClose more reliable (GH-108370) #108408

Merged
merged 2 commits into from
Aug 24, 2023

Conversation

ambv
Copy link
Contributor

@ambv ambv commented Aug 24, 2023

  • In preauth tests of test_ssl, explicitly break reference cycles invoving SingleConnectionTestServerThread to make sure that the thread is deleted. Otherwise, the test marks the environment as altered because the threading module sees a "dangling thread" (SingleConnectionTestServerThread). This test leak was introduced by the test added for the fix of issue CVE-2023-40217: Bypass TLS handshake on closed sockets #108310.
  • Use support.SHORT_TIMEOUT instead of hardcoded 1.0 or 2.0 seconds timeout.
  • SingleConnectionTestServerThread.run() catchs TimeoutError
  • Fix a race condition (missing synchronization) in test_preauth_data_to_tls_client(): the server now waits until the client connect() completed in call_after_accept().
  • test_https_client_non_tls_response_ignored() calls server.join() explicitly.
  • Replace "localhost" with server.listener.getsockname()[0]. (cherry picked from commit 592bacb)

…ythonGH-108370)

* In preauth tests of test_ssl, explicitly break reference cycles
  invoving SingleConnectionTestServerThread to make sure that the
  thread is deleted. Otherwise, the test marks the environment as
  altered because the threading module sees a "dangling thread"
  (SingleConnectionTestServerThread). This test leak was introduced
  by the test added for the fix of issue pythongh-108310.
* Use support.SHORT_TIMEOUT instead of hardcoded 1.0 or 2.0 seconds
  timeout.
* SingleConnectionTestServerThread.run() catchs TimeoutError
* Fix a race condition (missing synchronization) in
  test_preauth_data_to_tls_client(): the server now waits until the
  client connect() completed in call_after_accept().
* test_https_client_non_tls_response_ignored() calls server.join()
  explicitly.
* Replace "localhost" with server.listener.getsockname()[0].
(cherry picked from commit 592bacb)

Co-authored-by: Victor Stinner <vstinner@python.org>
@ambv ambv merged commit efb46e5 into python:3.8 Aug 24, 2023
11 checks passed
@ambv ambv deleted the backport-592bacb-3.8 branch August 24, 2023 10:09
@ambv ambv restored the backport-592bacb-3.8 branch August 24, 2023 10:54
@ambv ambv deleted the backport-592bacb-3.8 branch October 7, 2024 18:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants