Author spil
Recipients Michael.Felt, alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, smpeepers, spil, zach.ware
Date 2016-04-16.10:39:27
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1460803175.06.0.589125601527.issue26470@psf.upfronthosting.co.za>
In-reply-to
Content
Checking version numbers to see if a feature is available is a bad practice. How can features ever be removed this way! Would be better to check for the feature itself (using autoconf).

The patch was mostly OK but any check for OPENSSL_VERSION_NUMBER for now also requires a negative check for LIBRESSL_VERSION_NUMBER as LibreSSL froze features at 1.0.1g.

Next to that, anything requiring compression (CRIME attack) should be guarded using and #infdef OPENSSL_NO_COMP.

This patch allowed me to build Python 3.5 with LibreSSL 2.3 (i.e. without SSLv3, Compression, RC4, SHA-0, etc)
History
Date User Action Args
2016-04-16 10:39:35spilsetrecipients: + spil, janssen, pitrou, giampaolo.rodola, christian.heimes, alex, zach.ware, dstufft, Michael.Felt, smpeepers
2016-04-16 10:39:35spilsetmessageid: <1460803175.06.0.589125601527.issue26470@psf.upfronthosting.co.za>
2016-04-16 10:39:35spillinkissue26470 messages
2016-04-16 10:39:34spilcreate