diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 9f58d7897..790bafe18 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -25,6 +25,10 @@ Deprecations: Changes: ^^^^^^^^ +- Fixed the inability of ``OpenSSL.SSL.Connection.sendall()`` to + keep with sending data over the wire after ``SSL_ERROR_WANT_READ`` + or ``SSL_ERROR_WANT_WRITE`` is returned by ``SSL_write()``. + `#176 `_ - Added a new optional ``chain`` parameter to ``OpenSSL.crypto.X509StoreContext()`` where additional untrusted certificates can be specified to help chain building. `#948 `_ diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py index 9b9f638a1..4e5e6ccad 100644 --- a/src/OpenSSL/SSL.py +++ b/src/OpenSSL/SSL.py @@ -1670,7 +1670,14 @@ def sendall(self, buf, flags=0): result = _lib.SSL_write( self._ssl, data + total_sent, min(left_to_send, 2147483647) ) - self._raise_ssl_error(self._ssl, result) + try: + self._raise_ssl_error(self._ssl, result) + except (WantReadError, WantWriteError): + # NOTE: The use of SSL_MODE_ENABLE_PARTIAL_WRITE + # NOTE: above guarantees that in case of failure + # NOTE: no bytes have been written so we don't need + # NOTE: to update the counters, just need to retry. + continue total_sent += result left_to_send -= result