diff options
| author | Maximilian Hils <git@maximilianhils.com> | 2014-10-09 04:42:39 +0200 |
|---|---|---|
| committer | Maximilian Hils <git@maximilianhils.com> | 2014-10-09 04:42:39 +0200 |
| commit | e6a8730f98d61583f31ac530e2a1c8da2fa181ed (patch) | |
| tree | fc2c4d3869750e03b76c8c9064089b03709bd818 /netlib | |
| parent | 987fa22e646e2ab79cf93adf7966b5a27273685a (diff) | |
| download | mitmproxy-e6a8730f98d61583f31ac530e2a1c8da2fa181ed.tar.gz mitmproxy-e6a8730f98d61583f31ac530e2a1c8da2fa181ed.tar.bz2 mitmproxy-e6a8730f98d61583f31ac530e2a1c8da2fa181ed.zip | |
fix tcp closing for ssled connections
Diffstat (limited to 'netlib')
| -rw-r--r-- | netlib/tcp.py | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py index 8e87bec8..7a970be6 100644 --- a/netlib/tcp.py +++ b/netlib/tcp.py @@ -238,19 +238,18 @@ class _Connection(object): else: self.connection.shutdown(socket.SHUT_WR) + if type(self.connection) != SSL.Connection or self.ssl_established: # Section 4.2.2.13 of RFC 1122 tells us that a close() with any # pending readable data could lead to an immediate RST being sent (which is the case on Windows). # http://ia600609.us.archive.org/22/items/TheUltimateSo_lingerPageOrWhyIsMyTcpNotReliable/the-ultimate-so_linger-page-or-why-is-my-tcp-not-reliable.html # - # Do not call this for an SSL.Connection: + # Do not call this for every SSL.Connection: # If the SSL handshake failed at the first place, OpenSSL's SSL_read tries to negotiate the connection # again at this point, calls the SNI handler and segfaults. # https://github.com/mitmproxy/mitmproxy/issues/373#issuecomment-58383499 - # (if this turns out to be an issue for successful SSL connections, - # we should check for ssl_established or access the socket directly) - while self.connection.recv(4096): # pragma: no cover pass + self.connection.close() except (socket.error, SSL.Error, IOError): # Socket probably already closed |