Disable do_handshake_on_connect in ssl.wrap_socket

[pquentin]

trafficstars

Python 2.x and Python 3.x have this attribute in ssl.wrap_socket called do_handshake_on_connect: https://docs.python.org/3/library/ssl.html#ssl.wrap_socket:

The parameter do_handshake_on_connect specifies whether to do the SSL handshake automatically after doing a socket.connect(), or whether the application program will call it explicitly, by invoking the SSLSocket.do_handshake() method. Calling SSLSocket.do_handshake() explicitly gives the program control over the blocking behavior of the socket I/O involved in the handshake.

It's enabled by default, but we probably want to disable it to avoid having uncontrolled blocking I/O? I'm still fuzzy on the details here.

[njsmith]

This is only relevant for sync mode, so blocking I/O isn't necessarily a problem. We do need to impose a timeout somehow. I think for ssl in blocking mode, the do_handshake still respects any timeout set with wrapped_sock.set_timeout(...)?

[pquentin]

Ah you're right, that's much less important than I thought it was. I'll see if the timeout applies, and then close this issue if it does.

[sethmlarson]

@pquentin is this resolved since ssl+blocking respects the socket's timeout?