Message 232080 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	alex, christian.heimes, docs@python, dstufft, giampaolo.rodola, janssen, kali, pitrou
Date	2014-12-03.16:13:44
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1417623224.61.0.286231210035.issue22987@psf.upfronthosting.co.za>
In-reply-to

Content
Alex is right. The current doc was valid for older OpenSSL versions, which sent a SSLv2 hello with SSLv23. Reference from the OpenSSL docs: """If the cipher list does not contain any SSLv2 ciphersuites (the default cipher list does not) or extensions are required (for example server name) a client will send out TLSv1 client hello messages including extensions and will indicate that it also understands TLSv1.1, TLSv1.2 and permits a fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.""" (https://www.openssl.org/docs/ssl/SSL_CTX_new.html)

Alex is right. The current doc was valid for older OpenSSL versions, which sent a SSLv2 hello with SSLv23.

Reference from the OpenSSL docs:

"""If the cipher list does not contain any SSLv2 ciphersuites (the default cipher list does not) or extensions are required (for example server name) a client will send out TLSv1 client hello messages including extensions and will indicate that it also understands TLSv1.1, TLSv1.2 and permits a fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols."""

(https://www.openssl.org/docs/ssl/SSL_CTX_new.html)

History
Date	User	Action	Args
2014-12-03 16:13:44	pitrou	set	recipients: + pitrou, janssen, giampaolo.rodola, christian.heimes, alex, docs@python, dstufft, kali
2014-12-03 16:13:44	pitrou	set	messageid: <1417623224.61.0.286231210035.issue22987@psf.upfronthosting.co.za>
2014-12-03 16:13:44	pitrou	link	issue22987 messages
2014-12-03 16:13:44	pitrou	create