From ab2f80c3e016291d1125d0e3329d0382c3e7d1fa Mon Sep 17 00:00:00 2001 From: Neil Booth Date: Tue, 2 Jun 2015 18:13:36 +0900 Subject: [PATCH] Fix couple of minor socket issues Set timeout and socket options on all simple sockets. At present some code paths can miss it, such as when the SSL certificate is CA-signed. Add a missing check for failure. --- lib/interface.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/interface.py b/lib/interface.py index 81767f550..c2d1697e1 100644 --- a/lib/interface.py +++ b/lib/interface.py @@ -154,6 +154,8 @@ class TcpInterface(threading.Thread): try: s = socket.socket(res[0], socket.SOCK_STREAM) s.connect(res[4]) + s.settimeout(2) + s.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) return s except BaseException as e: continue @@ -181,6 +183,8 @@ class TcpInterface(threading.Thread): # get server certificate. # Do not use ssl.get_server_certificate because it does not work with proxy s = self.get_simple_socket() + if s is None: + return try: s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv23, cert_reqs=ssl.CERT_NONE, ca_certs=None) except ssl.SSLError, e: @@ -202,9 +206,6 @@ class TcpInterface(threading.Thread): if s is None: return - s.settimeout(2) - s.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) - if self.use_ssl: try: s = ssl.wrap_socket(s,