SSL socket dying on the client and no errors on the server

Navigation
9

I have a problem with connections to ssl sockets in python

When I perform a stress test on the SMTP daemon that I am writing the client some sending threads die with " Connection reset by peer ", but server side does not there is no exception and I do not perform any handling on the socket that may be capturing the error.

The daemon is derived from the native python SMTPServer class and therefore uses asyncore.dispatcher to manage multiple connections

Client Error: 

Exception in thread Thread-21:
Traceback (most recent call last):
  File "/usr/lib/python2.7/threading.py", line 808, in __bootstrap_inner
    self.run()
  File "/usr/lib/python2.7/threading.py", line 761, in run
    self.__target(*self.__args, **self.__kwargs)
  File "pop_bomb_client.py", line 45, in concurrent_thread
    sendmess(k)
  File "pop_bomb_client.py", line 31, in sendmess
    sempop=smtplib.SMTP_SSL(server,465)
  File "/usr/lib/python2.7/smtplib.py", line 781, in __init__
    SMTP.__init__(self, host, port, local_hostname, timeout)
  File "/usr/lib/python2.7/smtplib.py", line 251, in __init__
    (code, msg) = self.connect(host, port)
  File "/usr/lib/python2.7/smtplib.py", line 311, in connect
    self.sock = self._get_socket(host, port, self.timeout)
  File "/usr/lib/python2.7/smtplib.py", line 787, in _get_socket
    new_socket = ssl.wrap_socket(new_socket, self.keyfile, self.certfile)
  File "/usr/lib/python2.7/ssl.py", line 451, in wrap_socket
    ciphers=ciphers)
  File "/usr/lib/python2.7/ssl.py", line 207, in __init__
    self.do_handshake()
  File "/usr/lib/python2.7/ssl.py", line 369, in do_handshake
    self._sslobj.do_handshake()
error: [Errno 104] Connection reset by peer

SocketSSL on Server: 

def create_socket(self, family, stype):
    self.family_and_type = family, stype
    sock = ssl.wrap_socket(socket.socket(family, stype),'cert.key', 'cert.cert',server_side=True, ssl_version=ssl.PROTOCOL_TLSv1)
    sock.setblocking(0)
    self.set_socket(sock)
    
asked by anonymous 20.02.2014 / 19:03

1 answer

3

Ok,

Let's see why this is a complex problem with complex variables as well.

Your details were few but allow you to infer that:

  • You are using python's SSL;
  • You are probably working on a Linux server or connecting to a

    • The error: 

      File "/usr/lib/python2.7/ssl.py", line 369, in do_handshake
    self._sslobj.do_handshake()
error: [Errno 104] Connection reset by peer

    It basically refers to the REFUSE of connecting the server to the client. As we have few details this can be basically:

  • Server refusal to respond (due to demand);
  • Inability to perform SSL HandShake.

    • In your server code you used sock.setblocking (0) clearly making it clear that you do not want to block connections, the documentation is clear: 

    In non-blocking mode, if a recv() call doesn’t find any data, or if a send() call can’t immediately dispose of the data, a error exception is raised;

    But again as We do not have the code used we do not know how you are handling these exceptions.

    Another assumption is that openssl has the bug number 683159 creating these handshake errors, especially with apache servers. The solution to this would be to specify on your socket version 3 such as 

     def create_socket(self, family, stype):
    self.family_and_type = family, stype
    sock = ssl.wrap_socket(socket.socket(family, stype),'cert.key', 'cert.cert',server_side=True,ssl_version=ssl.PROTOCOL_SSLv3)

    I hope I have solved this problem and have a good week.

        
    21.06.2014 / 18:34
    BIT (1) versus TINYINT (1) for Boolean values Desktop development with Electron