New submission from Kurt Roeckx: Hi,
The attached patch makes python work when openssl doesn't have SSLv3 support. It also updates the documentation, which has already improved a lot since my original patch. The current upstream openssl when compiled with no-ssl2 it defines OPENSSL_NO_SSL2, drops the SSLv2_* method and drops support for SSLv2 in the SSLv23_* methods. When build with no-ssl3 it defines OPENSSL_NO_SSL3 and currently just drops supports for SSLv3 in the SSLv23_method, it does not yet drop the SSLv3_* methods. It's still being argued whether no-ssl3 should drop those symbols or that a new option will be used instead. So that means that with OPENSSL_NO_SSL3 defined it could be that the SSLv3_* methods still exist and that you can create a socket that only support SSLv3. I made the SSLv3 methods go away in python if OPENSSL_NO_SSL3 is defined. This at least makes things easier for the test suite so that you know you can test a combination like v3 with v23 or not. This patch is for 2.7. Please let me know if you need a patch for a different version. ---------- files: python2.7-nossl3.patch keywords: patch messages: 231624 nosy: kroeckx priority: normal severity: normal status: open title: Disabling SSLv3 support Added file: http://bugs.python.org/file37268/python2.7-nossl3.patch _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue22935> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
