New submission from Dima Tisnek <dim...@gmail.com>:
Let's consider ssl error `291` (https://bugs.python.org/issue39951): It was introduced into openssl 2 years ago: https://github.com/openssl/openssl/commit/358ffa05cd3a088822c7d06256bc87516d918798 The documentation states: SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY:291:\ application data after close notify The `ssl.h` header file contains: # define SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY 291 The master branch of openssl contains this definition too: https://github.com/openssl/openssl/blob/master/include/openssl/sslerr.h # define SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY 291 But what does Python say? ssl.SSLError: [SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2629) What's KRB5? It supposedly stands for Kerberos5, and it too is seemingly present in openssl header file: /usr/local/Cellar/openssl/1.0.2s/include/openssl/ssl.h 2951:# define SSL_R_KRB5_S_INIT 291 Moreover, cpython source code contains a fallback, should this value not be defined: https://github.com/python/cpython/blob/master/Modules/_ssl_data.h #ifdef SSL_R_KRB5_S_INIT {"KRB5_S_INIT", ERR_LIB_SSL, SSL_R_KRB5_S_INIT}, #else {"KRB5_S_INIT", ERR_LIB_SSL, 291}, #endif Thus, today, Python reports an error with wrong *label* but correct *text*: [SSL: KRB5_S_INIT] application data after close notify The label and text don't match each other, because... well... I guess that's why we should fix it :) ---------- components: Extension Modules messages: 364074 nosy: Dima.Tisnek priority: normal severity: normal status: open title: Let's update ssl error codes versions: Python 3.8, Python 3.9 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue39953> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com