Message231624
Hi,
The attached patch makes python work when openssl doesn't have SSLv3 support. It also updates the documentation, which has already improved a lot since my original patch.
The current upstream openssl when compiled with no-ssl2 it defines OPENSSL_NO_SSL2, drops the SSLv2_* method and drops support for SSLv2 in the SSLv23_* methods. When build with no-ssl3 it defines OPENSSL_NO_SSL3 and currently just drops supports for SSLv3 in the SSLv23_method, it does not yet drop the SSLv3_* methods. It's still being argued whether no-ssl3 should drop those symbols or that a new option will be used instead.
So that means that with OPENSSL_NO_SSL3 defined it could be that the SSLv3_* methods still exist and that you can create a socket that only support SSLv3.
I made the SSLv3 methods go away in python if OPENSSL_NO_SSL3 is defined. This at least makes things easier for the test suite so that you know you can test a combination like v3 with v23 or not.
This patch is for 2.7. Please let me know if you need a patch for a different version. |
|
Date |
User |
Action |
Args |
2014-11-24 22:14:20 | kroeckx | set | recipients:
+ kroeckx |
2014-11-24 22:14:20 | kroeckx | set | messageid: <1416867260.32.0.182122908289.issue22935@psf.upfronthosting.co.za> |
2014-11-24 22:14:20 | kroeckx | link | issue22935 messages |
2014-11-24 22:14:19 | kroeckx | create | |
|