diff options
| author | Aldo Cortesi <aldo@nullcube.com> | 2012-07-23 23:20:32 +1200 |
|---|---|---|
| committer | Aldo Cortesi <aldo@nullcube.com> | 2012-07-23 23:20:32 +1200 |
| commit | eb88cea3c74a253d3a08d010bfd328aa845c6d5b (patch) | |
| tree | f44b0e4b4fd581023b5595eb63a9bf67e2a1cfa4 /netlib/tcp.py | |
| parent | ed64b0e79699681bd5db3ff2823c47a424fbc3e1 (diff) | |
| download | mitmproxy-eb88cea3c74a253d3a08d010bfd328aa845c6d5b.tar.gz mitmproxy-eb88cea3c74a253d3a08d010bfd328aa845c6d5b.tar.bz2 mitmproxy-eb88cea3c74a253d3a08d010bfd328aa845c6d5b.zip | |
Catch an amazingly subtle SSL connection corruption bug.
Closing a set of pseudo-file descriptors in the wrong order caused junk data to
be written to the SSL stream. An apparent bug in OpenSSL then lets this corrupt
the _next_ SSL connection.
Diffstat (limited to 'netlib/tcp.py')
| -rw-r--r-- | netlib/tcp.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py index a68b608b..66a26872 100644 --- a/netlib/tcp.py +++ b/netlib/tcp.py @@ -209,9 +209,9 @@ class BaseHandler: try: if not getattr(self.wfile, "closed", False): self.wfile.flush() + self.close() self.wfile.close() self.rfile.close() - self.close() except socket.error: # Remote has disconnected pass @@ -245,10 +245,10 @@ class BaseHandler: self.connection.shutdown() else: self.connection.shutdown(socket.SHUT_RDWR) - self.connection.close() - except (socket.error, SSL.Error): + except (socket.error, SSL.Error), v: # Socket probably already closed pass + self.connection.close() class TCPServer: |