Adrian Vollmer added the comment:
I have a workaround for now:
versions = [ssl.PROTOCOL_TLSv1,
ssl.PROTOCOL_TLSv1_1,
ssl.PROTOCOL_TLSv1_2,
]
firstbytes = s.recv(16, socket.MSG_PEEK)
ss = ssl.wrap_socket
Adrian Vollmer added the comment:
Okay, thanks for your time!
--
___
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue31453>
___
___
Pyth
Adrian Vollmer added the comment:
Doesn't seem to do anything:
>>> ctx.options
2181170175L
>>> ctx.options & ~(ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1)
2181170175L
--
___
Python tracker <rep...@bugs.python.org>
<htt
Adrian Vollmer added the comment:
I read about that, but I don't understand. If I use openssl s_server -port
, I can connect using either one of the three protocols.
Even if that's the new default, is there no way now to get python on Buster/Sid
to use OpenSSL in a non-default mode
Adrian Vollmer added the comment:
Debian buster/sid
--
___
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue31453>
___
___
Python-bugs-
New submission from Adrian Vollmer:
According to the documentation
(https://docs.python.org/2/library/ssl.html#ssl.PROTOCOL_TLS), using
ssl_version = ssl.PROTOCOL_TLS in a server socket should offer all TLS/SSL
versions. However, it only offers TLSv1_2.
I attached a proof of concept
