Message307891
Thanks for your patch, a few comments
We generally don't have special functions to set flags. SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS is an OpenSSL < 1.1.0 option. OpenSSL 1.1.0 still defines the flag but no longer uses it. With your patch, the Python function would fail with a NameError.
I don't think that self.options is the right way to set that flag. The option attribute manipulates SSL_CTX->options, which affects SSL->options. The flag has to be set on SSL->s3->flags.
Your patch is missing documentation update and tests. |
|
Date |
User |
Action |
Args |
2017-12-09 11:57:28 | christian.heimes | set | recipients:
+ christian.heimes, chuq |
2017-12-09 11:57:28 | christian.heimes | set | messageid: <1512820648.75.0.213398074469.issue32257@psf.upfronthosting.co.za> |
2017-12-09 11:57:28 | christian.heimes | link | issue32257 messages |
2017-12-09 11:57:28 | christian.heimes | create | |
|