Message289346
The SSLObject object from the ssl module has a version() method that is undocumented. A reasonable assumption for the behaviour of that method is that it would follow the behaviour of the same method on SSLSocket(), which has the following documentation:
> Return the actual SSL protocol version negotiated by the connection as
> a string, or None is no secure connection is established. As of this
> writing, possible return values include "SSLv2", "SSLv3", "TLSv1",
> "TLSv1.1" and "TLSv1.2". Recent OpenSSL versions may define more return
> values.
However, SSLObject does not follow that behaviour:
Python 3.6.0 (default, Jan 18 2017, 18:08:34)
[GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.42.1)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import ssl
>>> ctx = ssl.create_default_context()
>>> in_bio = ssl.MemoryBIO()
>>> out_bio = ssl.MemoryBIO()
>>> buffers = ctx.wrap_bio(in_bio, out_bio)
>>> buffers.version()
'TLSv1.2'
That is, a SSLObject that does not have a TLS session established will incorrectly report that it is using a TLS version. This method should return None in this case. |
|
Date |
User |
Action |
Args |
2017-03-10 10:03:04 | Lukasa | set | recipients:
+ Lukasa, christian.heimes |
2017-03-10 10:03:04 | Lukasa | set | messageid: <1489140184.21.0.804659104334.issue29781@psf.upfronthosting.co.za> |
2017-03-10 10:03:04 | Lukasa | link | issue29781 messages |
2017-03-10 10:03:03 | Lukasa | create | |
|