Skip to content

Set SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER in calling OpenSSL #1287

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 45 commits into
base: main
Choose a base branch
from
Open

Set SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER in calling OpenSSL #1287

Show file tree
Hide file tree
Changes from 22 commits
Commits
Show all changes
45 commits
Select commit Hold shift + click to select a range
83ac22c
Fix for problem caused by SSL_WANT_READ or SSL_WANT_WRITE errors.
julianz- Aug 18, 2023
2e8dbce
Set SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER in calling OpenSSL
julianz- Jul 14, 2025
4c56afc
removed Python 3.7 from the -cryptographyMain tests because it fails
julianz- Jul 14, 2025
9eab5f3
removed failing tests that are no longer compatible
julianz- Jul 14, 2025
3dde737
removed failing test
julianz- Jul 14, 2025
0437ba8
Revert "removed failing tests that are no longer compatible"
julianz- Jul 20, 2025
b82933b
Revert "removed failing test"
julianz- Jul 20, 2025
4a463cb
tests added for checking SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
julianz- Jul 20, 2025
3f581dc
added type fixes to tests
julianz- Jul 20, 2025
9246994
fixed clear_mode
julianz- Jul 20, 2025
bddb04d
cleaned up for flake8
julianz- Jul 20, 2025
bbe8156
fixed test_moving_write_buffer_should_fail test
julianz- Jul 20, 2025
0dfc149
more lint fixes
julianz- Jul 20, 2025
57af3af
formatting fixes
julianz- Jul 20, 2025
46107db
fix to clear_mode() decorator
julianz- Jul 20, 2025
08150c5
Revert "removed Python 3.7 from the -cryptographyMain tests because i…
julianz- Jul 20, 2025
7d6365d
removed py37-cryptographyMain because of version conflicts
julianz- Jul 20, 2025
8b2a84b
fixed fail message in test_moving_write_buffer_should_fail
julianz- Jul 21, 2025
3724e4e
fixed typo
julianz- Jul 21, 2025
d95dcf5
fixed wording
julianz- Jul 21, 2025
891bdc4
improved test for moving buffer
julianz- Jul 21, 2025
9fa1290
format fix
julianz- Jul 21, 2025
fffb607
type correction for mypy
julianz- Jul 21, 2025
2c638f7
fix for lint
julianz- Jul 21, 2025
234818e
refactored moving buffer tests
julianz- Jul 21, 2025
666fb00
type fixes for mypy
julianz- Jul 22, 2025
704767f
fix for ruff
julianz- Jul 22, 2025
87327ec
fixed test_wantWriteError to work better on MacOS
julianz- Jul 22, 2025
a402470
improved code coverage
julianz- Jul 22, 2025
69de9ea
improved test for moving buffer
julianz- Jul 21, 2025
93bf6b3
fixed wording on _attempt_want_write_error
julianz- Jul 22, 2025
b3fb213
fixed wording on _attempt_want_write_error
julianz- Jul 22, 2025
ef258c6
revised create_ssl_nonblocking_connection() to resuse _create_certifi…
julianz- Jul 27, 2025
994338d
formatting fixes
julianz- Jul 27, 2025
be42010
Merge branch 'test/moving_buf' into jan23-2024
julianz- Jul 27, 2025
ba9ba3f
undid the change to test_wantWriteErro
julianz- Jul 28, 2025
c48e628
simplified and revised moving buffer tests
julianz- Aug 3, 2025
df909ea
revised create_ssl_nonblocking_connection() to use handshake()
julianz- Aug 3, 2025
c7ee91e
adjusted requested buffer size
julianz- Aug 4, 2025
3d0dd05
simplified create_ssl_nonblocking_connection() further
julianz- Aug 4, 2025
5cd4eb3
adjusted buffer size
julianz- Aug 4, 2025
44a371a
simplified _drain_server_buffers()
julianz- Aug 4, 2025
dd61474
remove no cover from _badwriteretry
julianz- Aug 7, 2025
4b42b89
removed some code with pragma no covers
julianz- Aug 7, 2025
92f5d21
minor fix to tox.ini to not pass on pytest debug flags to sphinx
julianz- Aug 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions CHANGELOG.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,20 @@ Changelog
Versions are year-based with a strict backward-compatibility policy.
The third digit is only for regressions.

25.2.0 (UNRELEASED)
-------------------
Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
pyOpenSSL now sets SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER by default, matching CPython's behavior. #1287.
The minimum cryptography version is now 42.0.0.

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^


25.1.0 (2025-05-17)
-------------------

Expand Down
2 changes: 1 addition & 1 deletion setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ def find_meta(meta):
packages=find_packages(where="src"),
package_dir={"": "src"},
install_requires=[
"cryptography>=41.0.5,<46",
"cryptography>=42.0.0,<46",
(
"typing-extensions>=4.9; "
"python_version < '3.13' and python_version >= '3.8'"
Expand Down
13 changes: 12 additions & 1 deletion src/OpenSSL/SSL.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -915,7 +915,10 @@ def __init__(self, method: int) -> None:
)
self._cookie_verify_helper: _CookieVerifyCallbackHelper | None = None

self.set_mode(_lib.SSL_MODE_ENABLE_PARTIAL_WRITE)
self.set_mode(
_lib.SSL_MODE_ENABLE_PARTIAL_WRITE
| _lib.SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
)
if version is not None:
self.set_min_proto_version(version)
self.set_max_proto_version(version)
Expand Down Expand Up @@ -1714,6 +1717,14 @@ def set_mode(self, mode: int) -> int:

return _lib.SSL_CTX_set_mode(self._context, mode)

@_require_not_used
def clear_mode(self, mode_to_clear: int) -> int:
"""
Modes previously set cannot be overwritten without being
cleared first. This method should be used to clear existing modes.
"""
return _lib.SSL_CTX_clear_mode(self._context, mode_to_clear)

@_require_not_used
def set_tlsext_servername_callback(
self, callback: Callable[[Connection], None]
Expand Down
Loading