pyOpenSSL and the WantReadError

Question

I have a socket server that I am trying to move over to SSL on python 2.5, but I've run into a snag with pyOpenSSL. I can't find any good tutorials on using it, so I'm operating largely on guesses.

Here is how my server sets up the socket:

ctx = SSL.Context(SSL.SSLv23_METHOD)
ctx.use_privatekey_file ("mykey.pem")
ctx.use_certificate_file("mycert.pem")
sock = SSL.Connection(ctx, socket.socket(socket.AF_INET, socket.SOCK_STREAM))
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
addr = ('', int(8081))
sock.bind(addr)
sock.listen(5)

Here is how it accepts clients:

sock.setblocking(0)
while True:
  if len(select([sock], [], [], 0.25)[0]):
    client_sock, client_addr = sock.accept()
    client = ClientGen(client_sock)

And here is how it sends/receives from the connected sockets:

while True:
  (r, w, e) = select.select([sock], [sock], [], 0.25)

  if len(r):
    bytes = sock.recv(1024)
  if len(w):
    n_bytes = sock.send(self.message)

It's compacted, but you get the general idea. The problem is, once the send/receive loop starts, it dies right away, before anything has been sent or received (that I can see anyway):

Traceback (most recent call last):
  File "ClientGen.py", line 50, in networkLoop
    n_bytes = sock.send(self.message
WantReadError

The manual's description of the 'WantReadError' is very vague, saying it can come from just about anywhere. What am I doing wrong?

Answer 1

Sometimes in order to send application bytes of an SSL connection, you need to be able to read more bytes from the connection first. WantReadError is how this case is indicated. The only thing you're doing wrong is that you're not handling the WantReadError and then waiting until select indicates that the socket is readable before you try calling send again.