From: Ben Darnell <ben@bendarnell.com>
Date: Tue, 15 Feb 2011 03:23:56 +0000 (-0800)
Subject: In SSLIOStream, delay the connect_callback until the SSL handshake finishes.
X-Git-Tag: v1.2.0~28
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d14cb06427ae871140fdff6d5a6f394984a2460d;p=thirdparty%2Ftornado.git

In SSLIOStream, delay the connect_callback until the SSL handshake finishes.
---

diff --git a/tornado/iostream.py b/tornado/iostream.py
index b361204e5..0d19af358 100644
--- a/tornado/iostream.py
+++ b/tornado/iostream.py
@@ -408,6 +408,7 @@ class SSLIOStream(IOStream):
                 return self.close()
         else:
             self._ssl_accepting = False
+            super(SSLIOStream, self)._handle_connect()
 
     def _handle_read(self):
         if self._ssl_accepting:
@@ -425,7 +426,10 @@ class SSLIOStream(IOStream):
         # TODO(bdarnell): cert verification, etc
         self.socket = ssl.wrap_socket(self.socket,
                                       do_handshake_on_connect=False)
-        super(SSLIOStream, self)._handle_connect()
+        # Don't call the superclass's _handle_connect (which is responsible
+        # for telling the application that the connection is complete)
+        # until we've completed the SSL handshake (so certificates are
+        # available, etc).
 
 
     def _read_from_socket(self):