[issue12835] Missing SSLSocket.sendmsg() wrapper allows programs to send unencrypted data by mistake

David Watson Thu, 25 Aug 2011 14:12:30 -0700

David Watson <bai...@users.sourceforge.net> added the comment:

On Thu 25 Aug 2011, Antoine Pitrou wrote:
> Adding an explanation message to the NotImplementedError would be more 
> helpful. Otherwise, good catch.


OK, I've copied the messages from the ValueErrors the other
methods raise.

----------
Added file: 
http://bugs.python.org/file23048/ssl_sendrecvmsg_notimplemented-2.diff

_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue12835>
_______________________________________

# HG changeset patch
# User David Watson <vcs at dbwatson.ukfsn.org>
# Date 1314305189 -3600
# Node ID 23cdc358bbfb0ad40607b1c54bda2f7b5abe39f0
# Parent  80f814dca274b5d848dbd306c1513263e69011ce
Make SSLSocket.sendmsg/recvmsg/recvmsg_into() raise NotImplementedError.

diff --git a/Lib/ssl.py b/Lib/ssl.py
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -355,6 +355,12 @@ class SSLSocket(socket):
         else:
             return socket.sendto(self, data, flags_or_addr, addr)
 
+    def sendmsg(self, *args, **kwargs):
+        # Ensure programs don't send data unencrypted if they try to
+        # use this method.
+        raise NotImplementedError("sendmsg not allowed on instances of %s" %
+                                  self.__class__)
+
     def sendall(self, data, flags=0):
         self._checkClosed()
         if self._sslobj:
@@ -413,6 +419,14 @@ class SSLSocket(socket):
         else:
             return socket.recvfrom_into(self, buffer, nbytes, flags)
 
+    def recvmsg(self, *args, **kwargs):
+        raise NotImplementedError("recvmsg not allowed on instances of %s" %
+                                  self.__class__)
+
+    def recvmsg_into(self, *args, **kwargs):
+        raise NotImplementedError("recvmsg_into not allowed on instances of "
+                                  "%s" % self.__class__)
+
     def pending(self):
         self._checkClosed()
         if self._sslobj:
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1651,6 +1651,11 @@ else:
                         # consume data
                         s.read()
 
+                self.assertRaises(NotImplementedError, s.sendmsg, [b"data"])
+                self.assertRaises(NotImplementedError, s.recvmsg, 100)
+                self.assertRaises(NotImplementedError,
+                                  s.recvmsg_into, bytearray(100))
+
                 s.write(b"over\n")
                 s.close()
             finally:

_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue12835] Missing SSLSocket.sendmsg() wrapper allows programs to send unencrypted data by mistake

Reply via email to