Christian Heimes added the comment: Stéphane, I have addressed your code review.
def __new__() no longer hard-codes protocol. We can change that in a later version of Python. OpenSSL has deprecated all SSL methods except of the generic TLS method. The TLS method was formerly known as SSLv23 method and does auto-negotiation of the latest supported method. Lib/test/test_ssl.py:1183: LibreSSL does not support SSL_CA_PATH and SSL_CA_DIR env vars. I have changed the comment on the test. Modules/_hashopenssl.c:127: _hashopenssl.c now does error checks on EVP digest copy. The copy operation can fail when an EVP ENGINE is involved. HAS_FAST_PKCS5_PBKDF2_HMAC is defined in _hashopenssl.c. OpenSSL used to have a bad implementation of PKBDF2. I fixed it in 2013. The workaround is no longer required for OpenSSL >= 1.1.0. You can find more details in https://jbp.io/2015/08/11/pbkdf2-performance-matters/ ---------- Added file: http://bugs.python.org/file44048/Port-Python-s-SSL-module-to-OpenSSL-1.1.0-2.patch _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue26470> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
