Message 214444 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	dstufft
Recipients	christian.heimes, dstufft, pitrou
Date	2014-03-22.05:07:21
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1395464842.83.0.449726054689.issue21015@psf.upfronthosting.co.za>
In-reply-to

Content
I don't have a new enough OpenSSL to test against SSL_CTX_set_ecdh_auto and I don't really know C very well so I didn't want to do try to handle that. That being said, here is a patch that allows you to call SSLContext().set_ecdh_curve() without any argument, and if you do that it'll use the "default" curve. This is currently hardcoded to prime256v1 but ideally at some point it would use SSL_CTX_set_ecdh_auto if available. I don't really know C, so I had to Google around to learn enough to write this patch, so please look it over closely?

I don't have a new enough OpenSSL to test against SSL_CTX_set_ecdh_auto and I don't really know C very well so I didn't want to do try to handle that.

That being said, here is a patch that allows you to call SSLContext().set_ecdh_curve() without any argument, and if you do that it'll use the "default" curve. This is currently hardcoded to prime256v1 but ideally at some point it would use SSL_CTX_set_ecdh_auto if available.

I don't really know C, so I had to Google around to learn enough to write this patch, so please look it over closely?

History
Date	User	Action	Args
2014-03-22 05:07:23	dstufft	set	recipients: + dstufft, pitrou, christian.heimes
2014-03-22 05:07:22	dstufft	set	messageid: <1395464842.83.0.449726054689.issue21015@psf.upfronthosting.co.za>
2014-03-22 05:07:22	dstufft	link	issue21015 messages
2014-03-22 05:07:21	dstufft	create