This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author dstufft
Recipients Alex.Stapleton, alex, christian.heimes, dstufft, ncoghlan, pitrou
Date 2014-03-20.18:11:12
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1395339072.72.0.717925963602.issue20994@psf.upfronthosting.co.za>
In-reply-to
Content 
This is a simple patch, it simple disables TLS Compression by default. If a user wants to add it back they can create their own SSLContext and do


ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
ctx.options &= ~ssl.OP_NO_COMPRESSION

This should be able to apply against 3.2+ although it would only be 3.3+ that ssl.OP_NO_COMPRESSION is available to disable it, although a user could still hard code the constant in themselves.

This still leaves 2.7 out in the open here, what I'd like to do is just disable it and if someone really *needs* TLS Compression they can use pyopenssl to get that back. This is a reversal of the current situation where in order to get the safer value you have to use pyopenssl.
History
Date User Action Args
2014-03-20 18:11:12dstufftsetrecipients: + dstufft, ncoghlan, pitrou, christian.heimes, alex, Alex.Stapleton
2014-03-20 18:11:12dstufftsetmessageid: <1395339072.72.0.717925963602.issue20994@psf.upfronthosting.co.za>
2014-03-20 18:11:12dstufftlinkissue20994 messages
2014-03-20 18:11:12dstufftcreate