tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Do SSL handshake in request thread (fixes #674)

Browse Source 
The handshake could block the main thread, especially since the socket timeout was not set at that point.
This commit is contained in:
Unrud 2017-07-27 01:24:53 +02:00
parent b3957bc2c7
commit deffed8f14
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
radicale/__init__.py
View File

@ -154,7 +154,8 @@ class HTTPSServer(HTTPServer):
cert_reqs=ssl.CERT_REQUIRED if self.certificate_authority else cert_reqs=ssl.CERT_REQUIRED if self.certificate_authority else
ssl.CERT_NONE, ssl.CERT_NONE,
ca_certs=self.certificate_authority or None, ca_certs=self.certificate_authority or None,
ssl_version=self.protocol, ciphers=self.ciphers) ssl_version=self.protocol, ciphers=self.ciphers,
do_handshake_on_connect=False)
self.server_bind() self.server_bind()
self.server_activate() self.server_activate()
@ -168,6 +169,19 @@ class ThreadedHTTPServer(socketserver.ThreadingMixIn, HTTPServer):
class ThreadedHTTPSServer(socketserver.ThreadingMixIn, HTTPSServer): class ThreadedHTTPSServer(socketserver.ThreadingMixIn, HTTPSServer):
def process_request_thread(self, request, client_address): def process_request_thread(self, request, client_address):
try:
try:
request.do_handshake()
except socket.timeout:
raise
except Exception as e:
raise RuntimeError("SSL handshake failed: %s" % e) from e
except Exception:
try:
self.handle_error(request, client_address)
finally:
self.shutdown_request(request)
return
with self.connections_guard: with self.connections_guard:
return super().process_request_thread(request, client_address) return super().process_request_thread(request, client_address)