Bernard Spil added the comment: Checking version numbers to see if a feature is available is a bad practice. How can features ever be removed this way! Would be better to check for the feature itself (using autoconf).
The patch was mostly OK but any check for OPENSSL_VERSION_NUMBER for now also requires a negative check for LIBRESSL_VERSION_NUMBER as LibreSSL froze features at 1.0.1g. Next to that, anything requiring compression (CRIME attack) should be guarded using and #infdef OPENSSL_NO_COMP. This patch allowed me to build Python 3.5 with LibreSSL 2.3 (i.e. without SSLv3, Compression, RC4, SHA-0, etc) ---------- Added file: http://bugs.python.org/file42480/patch-lang_python35-OpenSSL-1.1.0+LibreSSL _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue26470> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com