Message 307891 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	christian.heimes, chuq
Date	2017-12-09.11:57:28
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1512820648.75.0.213398074469.issue32257@psf.upfronthosting.co.za>
In-reply-to

Content
Thanks for your patch, a few comments We generally don't have special functions to set flags. SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS is an OpenSSL < 1.1.0 option. OpenSSL 1.1.0 still defines the flag but no longer uses it. With your patch, the Python function would fail with a NameError. I don't think that self.options is the right way to set that flag. The option attribute manipulates SSL_CTX->options, which affects SSL->options. The flag has to be set on SSL->s3->flags. Your patch is missing documentation update and tests.

Thanks for your patch, a few comments

We generally don't have special functions to set flags. SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS is an OpenSSL < 1.1.0 option. OpenSSL 1.1.0 still defines the flag but no longer uses it. With your patch, the Python function would fail with a NameError.

I don't think that self.options is the right way to set that flag. The option attribute manipulates SSL_CTX->options, which affects SSL->options. The flag has to be set on SSL->s3->flags.

Your patch is missing documentation update and tests.

History
Date	User	Action	Args
2017-12-09 11:57:28	christian.heimes	set	recipients: + christian.heimes, chuq
2017-12-09 11:57:28	christian.heimes	set	messageid: <1512820648.75.0.213398074469.issue32257@psf.upfronthosting.co.za>
2017-12-09 11:57:28	christian.heimes	link	issue32257 messages
2017-12-09 11:57:28	christian.heimes	create