classification
Title: Configurable SSL handshake
Type: enhancement Stage: committed/rejected
Components: Extension Modules, Library (Lib) Versions:
process
Status: closed Resolution: out of date
Dependencies: Superseder:
Assigned To: Nosy List: ajaksu2, toadstule
Priority: low Keywords:

Created on 2003-12-05 17:51 by toadstule, last changed 2009-02-20 01:54 by ajaksu2. This issue is now closed.

Messages (2)
msg61147 - (view) Author: Steve Jibson (toadstule) Date: 2003-12-05 17:51 
I am writing an application for which a (somewhat lame)
predefined standard requires that I "speak" to an HTTPS
server, and furthermore that the initial SSL handshake
be done with TLSv1.  Python's SSL support does the
handshake in SSLv2 or SSLv3 (even if TLSv1 is used
after the handshake).  My request is that the socket
library and httpslib would allow you to configure the
ssl handshaking.

The code which controls the handshake is in _ssl.c
(line 193 in the Python-2.3.2 source):

self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up
context */

To make it work the way I need it to work, I can change
it to:

self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up
context */

Hardcoding a different handshake isn't really the
answer.  It would be nice if this were configurable at
runtime.
msg82214 - (view) Author: Daniel Diniz (ajaksu2) Date: 2009-02-16 04:03 
SSL changed a lot, is this still relevant? Will close on lack of response.

(sorry, removed the previous incarnation of this message)
History
Date User Action Args
2009-02-20 01:54:29ajaksu2setstatus: pending -> closed
resolution: out of date
stage: test needed -> committed/rejected
2009-02-18 01:52:04ajaksu2setstatus: open -> pending
priority: normal -> low
2009-02-16 04:03:52ajaksu2setmessages: + msg82214
2009-02-16 04:02:46ajaksu2setmessages: - msg81881
2009-02-13 05:06:39ajaksu2setnosy: + ajaksu2
messages: + msg81881
components: + Extension Modules
stage: test needed
2003-12-05 17:51:50toadstulecreate