From f2e13d5511ed438e33c06298cee5e511961ca498 Mon Sep 17 00:00:00 2001
From: Michael Hanselmann <hansmi@google.com>
Date: Mon, 15 Dec 2008 09:48:25 +0000
Subject: [PATCH] ganeti.http: Explicitly initiate handshake

Otherwise it would be done on the first read/write operation, making
error handling more difficult (such as EOF during handshake).

Reviewed-by: iustinp
---
 lib/http/client.py | 8 ++++++++
 lib/http/server.py | 9 +++++++++
 2 files changed, 17 insertions(+)

diff --git a/lib/http/client.py b/lib/http/client.py
index 108e954cf..35f578182 100644
--- a/lib/http/client.py
+++ b/lib/http/client.py
@@ -264,6 +264,14 @@ class HttpClientRequestExecutor(http.HttpBase):
     # keep-alive settings, see "man 7 tcp" for TCP_KEEPCNT, TCP_KEEPIDLE and
     # TCP_KEEPINTVL.
 
+    # Do the secret SSL handshake
+    if self.using_ssl:
+      self.sock.set_connect_state()
+      try:
+        http.Handshake(self.poller, self.sock, self.WRITE_TIMEOUT)
+      except http.HttpSessionHandshakeUnexpectedEOF:
+        raise http.HttpError("Server closed connection during SSL handshake")
+
   def _SendRequest(self):
     """Sends request to server.
 
diff --git a/lib/http/server.py b/lib/http/server.py
index 9fa7e4374..b9e77cee7 100644
--- a/lib/http/server.py
+++ b/lib/http/server.py
@@ -252,6 +252,15 @@ class _HttpServerRequestExecutor(object):
       request_msg_reader = None
       force_close = True
       try:
+        # Do the secret SSL handshake
+        if self.server.using_ssl:
+          self.sock.set_accept_state()
+          try:
+            http.Handshake(self.poller, self.sock, self.WRITE_TIMEOUT)
+          except http.HttpSessionHandshakeUnexpectedEOF:
+            # Ignore rest
+            return
+
         try:
           try:
             request_msg_reader = self._ReadRequest()
-- 
GitLab