➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2021-06-11 08:23 by brotherbeer, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| _ssl_c_line_3576.png | brotherbeer, 2021-06-11 08:23 | |||
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 26680 | merged | erlendaasland, 2021-06-11 18:43 | |
| PR 26699 | closed | erlendaasland, 2021-06-12 21:02 | |
| PR 26700 | merged | christian.heimes, 2021-06-12 21:06 | |
| PR 26704 | merged | miss-islington, 2021-06-13 10:09 | |
| PR 26705 | merged | miss-islington, 2021-06-13 11:46 | |
| PR 26754 | merged | johnj, 2021-06-16 13:02 | |
| PR 26765 | merged | miss-islington, 2021-06-17 09:40 | |
| Messages (16) | |||
|---|---|---|---|
| msg395612 - (view) | Author: Brother Beer (brotherbeer) | Date: 2021-06-11 08:23 | |
cpython-3.10.0b2/Modules/_ssl.c line 3576
3570 static int
3571 set_options(PySSLContext *self, PyObject *arg, void *c)
3572 {
3573 long new_opts, opts, set, clear;
3574 long opt_no = (
3575 SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
3576 SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_2
3577 );
'SSL_OP_NO_TLSv1_2' is repeated, are any other items missing?
|
|||
| msg395703 - (view) | Author: Joannah Nanjekye (nanjekyejoannah) *  |
Date: 2021-06-12 20:18 | |
New changeset cb7230c7a7d6d497e54c25e9ba640eec79de10f2 by Erlend Egeberg Aasland in branch 'main': bpo-44389: Remove duplicate SSL_OP_NO_TLSv1_2 flag (GH-26680) https://github.com/python/cpython/commit/cb7230c7a7d6d497e54c25e9ba640eec79de10f2 |
|||
| msg395704 - (view) | Author: Erlend E. Aasland (erlendaasland) *  |
Date: 2021-06-12 20:19 | |
Thanks for the report, Brother Beer. |
|||
| msg395706 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-06-12 20:35 | |
It's a typo, not a duplicate entry. Correct line is:
SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3
|
|||
| msg395707 - (view) | Author: Erlend E. Aasland (erlendaasland) * |
Date: 2021-06-12 20:36 | |
But TLSv1.3 is included in openssl 1.1.1, no? |
|||
| msg395709 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-06-12 20:44 | |
3.10 requires OpenSSL >= 1.1.1 The code checks for presence of deprecated options and emits a warning for all SSL_OP_NO_TLS/SSL* constants. |
|||
| msg395710 - (view) | Author: Erlend E. Aasland (erlendaasland) * |
Date: 2021-06-12 20:46 | |
Yes, and judging from PEP 644, I figured the TLSv1.3 flag was _not_ deprecated. Sorry for the misunderstanding/noise. |
|||
| msg395711 - (view) | Author: Erlend E. Aasland (erlendaasland) * |
Date: 2021-06-12 20:47 | |
Let me know if you want me to open a PR that adds the correct flag and adds deprecation wrappers to the tests. |
|||
| msg395713 - (view) | Author: Erlend E. Aasland (erlendaasland) * |
Date: 2021-06-12 21:00 | |
Ah, I see now that it's deprecated in the docs as well: https://docs.python.org/3/library/ssl.html#ssl.OP_NO_TLSv1_3 |
|||
| msg395739 - (view) | Author: miss-islington (miss-islington) | Date: 2021-06-13 10:29 | |
New changeset f30f484e9660c6ad5d5a554869593d14d709a7f4 by Miss Islington (bot) in branch '3.10': bpo-44389: Remove duplicate SSL_OP_NO_TLSv1_2 flag (GH-26680) https://github.com/python/cpython/commit/f30f484e9660c6ad5d5a554869593d14d709a7f4 |
|||
| msg395741 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-06-13 11:46 | |
New changeset bf527277d4e4907e32d76ca7ba667ab3149fe258 by Christian Heimes in branch 'main': bpo-44389: Fix deprecation of OP_NO_TLSv1_3 (GH-26700) https://github.com/python/cpython/commit/bf527277d4e4907e32d76ca7ba667ab3149fe258 |
|||
| msg395742 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-06-13 12:05 | |
OpenSSL has deprecated these constants: > SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2 > > As of OpenSSL 1.1.0, these options are deprecated, use SSL_CTX_set_min_proto_version(3) and SSL_CTX_set_max_proto_version(3) instead. https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_options.html |
|||
| msg395743 - (view) | Author: miss-islington (miss-islington) | Date: 2021-06-13 12:07 | |
New changeset 4becc569a606102bce624a4e28f4068317d09f42 by Miss Islington (bot) in branch '3.10': [3.10] bpo-44389: Fix deprecation of OP_NO_TLSv1_3 (GH-26700) (GH-26705) https://github.com/python/cpython/commit/4becc569a606102bce624a4e28f4068317d09f42 |
|||
| msg395744 - (view) | Author: Erlend E. Aasland (erlendaasland) * |
Date: 2021-06-13 12:52 | |
Thanks, Christian. |
|||
| msg395981 - (view) | Author: miss-islington (miss-islington) | Date: 2021-06-17 09:40 | |
New changeset c544393b89f9b3e2b1a22588fc9ae58019314879 by Joe in branch 'main': bpo-44389: Fix typo in ssl deprecation warning message (GH-26754) https://github.com/python/cpython/commit/c544393b89f9b3e2b1a22588fc9ae58019314879 |
|||
| msg395982 - (view) | Author: miss-islington (miss-islington) | Date: 2021-06-17 10:01 | |
New changeset 08f2b9dedea13d2e9d11c189914387db3a66e2ca by Miss Islington (bot) in branch '3.10': bpo-44389: Fix typo in ssl deprecation warning message (GH-26754) https://github.com/python/cpython/commit/08f2b9dedea13d2e9d11c189914387db3a66e2ca |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:46 | admin | set | github: 88555 |
| 2021-06-17 10:01:15 | miss-islington | set | messages: + msg395982 |
| 2021-06-17 09:40:17 | miss-islington | set | pull_requests: + pull_request25351 |
| 2021-06-17 09:40:05 | miss-islington | set | messages: + msg395981 |
| 2021-06-16 13:02:34 | johnj | set | nosy:
+ johnj pull_requests: + pull_request25339 |
| 2021-06-13 12:52:24 | erlendaasland | set | messages: + msg395744 |
| 2021-06-13 12:07:25 | christian.heimes | set | status: open -> closed resolution: fixed stage: needs patch -> resolved |
| 2021-06-13 12:07:07 | miss-islington | set | messages: + msg395743 |
| 2021-06-13 12:05:23 | christian.heimes | set | messages:
+ msg395742 stage: patch review -> needs patch |
| 2021-06-13 11:46:35 | christian.heimes | set | messages: + msg395741 |
| 2021-06-13 11:46:16 | miss-islington | set | pull_requests: + pull_request25290 |
| 2021-06-13 10:29:46 | miss-islington | set | messages: + msg395739 |
| 2021-06-13 10:09:38 | miss-islington | set | nosy:
+ miss-islington pull_requests: + pull_request25289 |
| 2021-06-12 21:06:20 | christian.heimes | set | pull_requests: + pull_request25285 |
| 2021-06-12 21:02:15 | erlendaasland | set | stage: needs patch -> patch review pull_requests: + pull_request25284 |
| 2021-06-12 21:00:58 | erlendaasland | set | messages: + msg395713 |
| 2021-06-12 20:47:50 | erlendaasland | set | messages: + msg395711 |
| 2021-06-12 20:46:25 | erlendaasland | set | messages: + msg395710 |
| 2021-06-12 20:44:28 | christian.heimes | set | messages: + msg395709 |
| 2021-06-12 20:36:45 | erlendaasland | set | messages: + msg395707 |
| 2021-06-12 20:36:01 | christian.heimes | set | resolution: duplicate -> (no value) versions: + Python 3.11 |
| 2021-06-12 20:35:31 | christian.heimes | set | status: closed -> open nosy: + christian.heimes messages: + msg395706 resolution: fixed -> duplicate stage: resolved -> needs patch |
| 2021-06-12 20:19:30 | erlendaasland | set | messages: + msg395704 |
| 2021-06-12 20:18:58 | erlendaasland | set | status: open -> closed resolution: fixed stage: patch review -> resolved |
| 2021-06-12 20:18:01 | nanjekyejoannah | set | nosy:
+ nanjekyejoannah messages: + msg395703 |
| 2021-06-11 18:43:20 | erlendaasland | set | keywords:
+ patch nosy: + erlendaasland pull_requests: + pull_request25266 stage: patch review |
| 2021-06-11 08:23:58 | brotherbeer | create | |