From cb9578764764b767c4cdc56abf12dd5e0ef48814 Mon Sep 17 00:00:00 2001
From: Christian Heimes <christian@python.org>
Date: Wed, 3 Aug 2022 14:18:48 +0200
Subject: [PATCH] Revert "bpo-42854: Use SSL_read/write_ex() (GH-25468)"

This reverts commit 89d1550d14ba689af12eeb726e4ff8ce73cee7e1.
---
 Doc/library/ssl.rst  |  5 -----
 Lib/test/test_ssl.py | 11 -----------
 Modules/_ssl.c       | 32 ++++++++++++++++++--------------
 3 files changed, 18 insertions(+), 30 deletions(-)

diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst
index 19225c85ff7624..5b41a915853785 100644
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@@ -1078,11 +1078,6 @@ SSL Sockets
       to create instances directly. This was never documented or officially
       supported.
 
-   .. versionchanged:: 3.10
-      Python now uses ``SSL_read_ex`` and ``SSL_write_ex`` internally. The
-      functions support reading and writing of data larger than 2 GB. Writing
-      zero-length data no longer fails with a protocol violation error.
-
 SSL sockets also have the following additional methods and attributes:
 
 .. method:: SSLSocket.read(len=1024, buffer=None)
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 5007e08f321b5a..caa9ad095dfe8a 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -888,17 +888,6 @@ def test_connect_ex_error(self):
         )
         self.assertIn(rc, errors)
 
-    def test_read_write_zero(self):
-        # empty reads and writes now work, bpo-42854, bpo-31711
-        client_context, server_context, hostname = testing_context()
-        server = ThreadedEchoServer(context=server_context)
-        with server:
-            with client_context.wrap_socket(socket.socket(),
-                                            server_hostname=hostname) as s:
-                s.connect((HOST, server.port))
-                self.assertEqual(s.recv(0), b"")
-                self.assertEqual(s.send(b""), 0)
-
 
 class ContextTests(unittest.TestCase):
 
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 2ed12f73fac059..308d806254653d 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -2302,8 +2302,7 @@ static PyObject *
 _ssl__SSLSocket_write_impl(PySSLSocket *self, Py_buffer *b)
 /*[clinic end generated code: output=aa7a6be5527358d8 input=77262d994fe5100a]*/
 {
-    size_t count = 0;
-    int retval;
+    int len;
     int sockstate;
     _PySSLError err;
     int nonblocking;
@@ -2321,6 +2320,12 @@ _ssl__SSLSocket_write_impl(PySSLSocket *self, Py_buffer *b)
         Py_INCREF(sock);
     }
 
+    if (b->len > INT_MAX) {
+        PyErr_Format(PyExc_OverflowError,
+                     "string longer than %d bytes", INT_MAX);
+        goto error;
+    }
+
     if (sock != NULL) {
         /* just in case the blocking state of the socket has been changed */
         nonblocking = (sock->sock_timeout >= 0);
@@ -2351,8 +2356,8 @@ _ssl__SSLSocket_write_impl(PySSLSocket *self, Py_buffer *b)
 
     do {
         PySSL_BEGIN_ALLOW_THREADS
-        retval = SSL_write_ex(self->ssl, b->buf, (int)b->len, &count);
-        err = _PySSL_errno(retval == 0, self->ssl, retval);
+        len = SSL_write(self->ssl, b->buf, (int)b->len);
+        err = _PySSL_errno(len <= 0, self->ssl, len);
         PySSL_END_ALLOW_THREADS
         self->err = err;
 
@@ -2386,11 +2391,11 @@ _ssl__SSLSocket_write_impl(PySSLSocket *self, Py_buffer *b)
              err.ssl == SSL_ERROR_WANT_WRITE);
 
     Py_XDECREF(sock);
-    if (retval == 0)
-        return PySSL_SetError(self, retval, __FILE__, __LINE__);
+    if (len <= 0)
+        return PySSL_SetError(self, len, __FILE__, __LINE__);
     if (PySSL_ChainExceptions(self) < 0)
         return NULL;
-    return PyLong_FromSize_t(count);
+    return PyLong_FromLong(len);
 error:
     Py_XDECREF(sock);
     PySSL_ChainExceptions(self);
@@ -2440,8 +2445,7 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1,
 {
     PyObject *dest = NULL;
     char *mem;
-    size_t count = 0;
-    int retval;
+    int count;
     int sockstate;
     _PySSLError err;
     int nonblocking;
@@ -2504,8 +2508,8 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1,
 
     do {
         PySSL_BEGIN_ALLOW_THREADS
-        retval = SSL_read_ex(self->ssl, mem, len, &count);
-        err = _PySSL_errno(retval == 0, self->ssl, retval);
+        count = SSL_read(self->ssl, mem, len);
+        err = _PySSL_errno(count <= 0, self->ssl, count);
         PySSL_END_ALLOW_THREADS
         self->err = err;
 
@@ -2539,8 +2543,8 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1,
     } while (err.ssl == SSL_ERROR_WANT_READ ||
              err.ssl == SSL_ERROR_WANT_WRITE);
 
-    if (retval == 0) {
-        PySSL_SetError(self, retval, __FILE__, __LINE__);
+    if (count <= 0) {
+        PySSL_SetError(self, count, __FILE__, __LINE__);
         goto error;
     }
     if (self->exc_type != NULL)
@@ -2553,7 +2557,7 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1,
         return dest;
     }
     else {
-        return PyLong_FromSize_t(count);
+        return PyLong_FromLong(count);
     }
 
 error: