Skip to content

Commit 0de09fe

Browse files
youknowoneyouknowone
committed
apply review
1 parent 89d8813 commit 0de09fe

File tree

2 files changed

+7
-14
lines changed

2 files changed

+7
-14
lines changed

crates/stdlib/src/ssl.rs

Lines changed: 3 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -3629,19 +3629,9 @@ mod _ssl {
36293629
return return_data(buf, &buffer, vm);
36303630
}
36313631
}
3632-
// Clean closure via close_notify from peer.
3633-
// If we already sent close_notify (unwrap was called),
3634-
// raise SSLZeroReturnError (bidirectional shutdown).
3635-
// Otherwise return empty bytes, which callers (asyncore,
3636-
// asyncio sslproto) interpret as EOF.
3637-
let our_shutdown_state = *self.shutdown_state.lock();
3638-
if our_shutdown_state == ShutdownState::SentCloseNotify
3639-
|| our_shutdown_state == ShutdownState::Completed
3640-
{
3641-
Err(create_ssl_zero_return_error(vm).upcast())
3642-
} else {
3643-
return_data(vec![], &buffer, vm)
3644-
}
3632+
// Python's read() returns empty bytes on SSL_ERROR_ZERO_RETURN
3633+
// when the peer's close_notify has been received.
3634+
return_data(vec![], &buffer, vm)
36453635
}
36463636
Err(crate::ssl::compat::SslError::WantRead) => {
36473637
// Non-blocking mode: would block

crates/stdlib/src/ssl/compat.rs

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1163,6 +1163,9 @@ fn handshake_write_loop(
11631163
/// Returns (made_progress, is_first_sni_read).
11641164
/// TLS record header size (content_type + version + length).
11651165
const TLS_RECORD_HEADER_SIZE: usize = 5;
1166+
/// Maximum on-the-wire TLS record size rustls accepts:
1167+
/// 16 KiB payload + 2 KiB ciphertext overhead allowance + 5-byte header.
1168+
const TLS_MAX_WIRE_RECORD_SIZE: usize = SSL3_RT_MAX_PLAIN_LENGTH + 2048 + TLS_RECORD_HEADER_SIZE;
11661169

11671170
/// Read exactly one TLS record from the TCP socket.
11681171
///
@@ -1179,7 +1182,7 @@ const TLS_RECORD_HEADER_SIZE: usize = 5;
11791182
/// buffer and remains visible to select().
11801183
fn recv_one_tls_record(socket: &PySSLSocket, vm: &VirtualMachine) -> SslResult<PyObjectRef> {
11811184
// Peek at what is available without consuming it.
1182-
let peeked_obj = match socket.sock_peek(SSL3_RT_MAX_PLAIN_LENGTH, vm) {
1185+
let peeked_obj = match socket.sock_peek(TLS_MAX_WIRE_RECORD_SIZE, vm) {
11831186
Ok(d) => d,
11841187
Err(e) => {
11851188
if is_blocking_io_error(&e, vm) {

0 commit comments

Comments
 (0)