On 11 January 2017 at 14:04, Donald Stufft <[email protected]> wrote: > On Jan 10, 2017, at 10:59 PM, Nick Coghlan <[email protected]> wrote: > (The problem with RHEL 6 is that even though the *OS* has supported > TLS v1.2 since RHEL 6.5, *Python 2.6* doesn't properly support > accessing them through the standard library's SSL module, since it's > missing the features backported from 3.x by PEP 466) > > No, but it doesn’t matter, the version of Python doesn’t control it at all > since we use PROTOCOL_SSLv23 which will automatically negotiate the highest > protocol OpenSSL supports, whether Python has bound the PROTOCOL_TLSv1_X > constant and implemented the methods for it or not. So Python 2.6 is > perfectly capable of talking to a TLSv1.2 site (it however, is not capable > of explicitly saying it *needs* only TLSv1.2). > > See: > > $ python2.6 -c "import urllib2,json; > print(json.loads(urllib2.urlopen('https://www.howsmyssl.com/a/check').read())['tls_version'])" > TLS 1.2
Ah, excellent. In that case, RHEL 6 should be fine as well, as 6.5 was released back in 2013, and the extended update support for 6.4 ended in March 2015. Cheers, Nick. -- Nick Coghlan | [email protected] | Brisbane, Australia _______________________________________________ Distutils-SIG maillist - [email protected] https://mail.python.org/mailman/listinfo/distutils-sig
