[issue29136] Add OP_NO_TLSv1_3

2019-02-15 Thread Charalampos Stratakis
Change by Charalampos Stratakis : -- pull_requests: +11911 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue29136] Add OP_NO_TLSv1_3

2017-09-10 Thread Christian Heimes
Christian Heimes added the comment: New changeset 28580316a57d1757978196c27286f989d21ec0f3 by Christian Heimes in branch '3.6': bpo-29136: Fix versionchange for TLS 1.3 changes (#3483) https://github.com/python/cpython/commit/28580316a57d1757978196c27286f989d21ec0f3 --

[issue29136] Add OP_NO_TLSv1_3

2017-09-10 Thread Christian Heimes
Christian Heimes added the comment: Thanks, I fixed versionchanged. -- stage: patch review -> resolved status: open -> closed versions: +Python 2.7, Python 3.7 ___ Python tracker

[issue29136] Add OP_NO_TLSv1_3

2017-09-10 Thread Christian Heimes
Changes by Christian Heimes : -- pull_requests: +3473 stage: needs patch -> patch review ___ Python tracker ___

[issue29136] Add OP_NO_TLSv1_3

2017-09-10 Thread Christian Heimes
Christian Heimes added the comment: Good catch, thanks! I'll update the documentation. -- stage: resolved -> needs patch status: closed -> open versions: -Python 2.7, Python 3.7 ___ Python tracker

[issue29136] Add OP_NO_TLSv1_3

2017-09-10 Thread Arfrever Frehtes Taifersar Arahesis
Arfrever Frehtes Taifersar Arahesis added the comment: In backport to 2.7 branch, ".. versionadded:: 2.7.15" and ".. versionchanged:: 2.7.15" were used. However, in backport to 3.6 branch, ".. versionadded:: 3.7" and ".. versionchanged:: 3.7" were used, instead of expected ".. versionadded::

[issue29136] Add OP_NO_TLSv1_3

2017-09-08 Thread Christian Heimes
Changes by Christian Heimes : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[issue29136] Add OP_NO_TLSv1_3

2017-09-07 Thread Christian Heimes
Christian Heimes added the comment: New changeset b9a860f3bf80b0d4a6c25d0f2f6ef849d9bf3594 by Christian Heimes in branch '2.7': [2.7] bpo-29136: Add TLS 1.3 cipher suites and OP_NO_TLSv1_3 (GH-1363) (#3446) https://github.com/python/cpython/commit/b9a860f3bf80b0d4a6c25d0f2f6ef849d9bf3594

[issue29136] Add OP_NO_TLSv1_3

2017-09-07 Thread Christian Heimes
Christian Heimes added the comment: New changeset 9f2b3d4c2899f9caea2e47063061a76e460ac618 by Christian Heimes in branch '3.6': [3.6] bpo-29136: Add TLS 1.3 cipher suites and OP_NO_TLSv1_3 (GH-1363) (#3444) https://github.com/python/cpython/commit/9f2b3d4c2899f9caea2e47063061a76e460ac618

[issue29136] Add OP_NO_TLSv1_3

2017-09-07 Thread Christian Heimes
Changes by Christian Heimes : -- pull_requests: +3442 ___ Python tracker ___ ___

[issue29136] Add OP_NO_TLSv1_3

2017-09-07 Thread Christian Heimes
Changes by Christian Heimes : -- keywords: +patch pull_requests: +3440 stage: needs patch -> patch review ___ Python tracker ___

[issue29136] Add OP_NO_TLSv1_3

2017-09-07 Thread Christian Heimes
Christian Heimes added the comment: New changeset cb5b68abdeb1b1d56c581d5b4d647018703d61e3 by Christian Heimes in branch 'master': bpo-29136: Add TLS 1.3 cipher suites and OP_NO_TLSv1_3 (#1363) https://github.com/python/cpython/commit/cb5b68abdeb1b1d56c581d5b4d647018703d61e3 --

[issue29136] Add OP_NO_TLSv1_3

2017-09-07 Thread Christian Heimes
Christian Heimes added the comment: PR 1363 also introduced ssl.HAS_TLSv1_3 flag for unit tests. The flag is required because OpenSSL 1.1.1-dev can be compiled without TLS 1.3 support. The development version always defines OP_NO_TLSv1_3 to a non-zero value. Further more the PR adds a test

[issue29136] Add OP_NO_TLSv1_3

2017-04-30 Thread Christian Heimes
Changes by Christian Heimes : -- pull_requests: +1473 ___ Python tracker ___ ___

[issue29136] Add OP_NO_TLSv1_3

2017-01-25 Thread Cory Benfield
Cory Benfield added the comment: For those who want to keep track, the relevant OpenSSL ticket for configuring TLSv1.3 cipher suites is https://github.com/openssl/openssl/issues/2276. -- nosy: +Lukasa ___ Python tracker

[issue29136] Add OP_NO_TLSv1_3

2017-01-23 Thread Christian Heimes
Christian Heimes added the comment: No, of course it does not work (yet): $ LD_LIBRARY_PATH=. apps/openssl ciphers TLS13 Error in cipher list 140546693477888:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2100: --

[issue29136] Add OP_NO_TLSv1_3

2017-01-23 Thread Alex Gaynor
Alex Gaynor added the comment: We can easily just add `TLS13:...` at the from of our ciphersuite list and it'll be ok though right? (Note to self, do the same in urllib3, twisted, requests, god only knows what else) -- nosy: +alex ___ Python

[issue29136] Add OP_NO_TLSv1_3

2017-01-22 Thread Christian Heimes
Christian Heimes added the comment: memo to me: Update the TLS cipher list to include TLS 1.3 ciphers. TLS 1.3 uses a disjunct set of cipher suites. No member of the current cipher suite set is compatible with TLS 1.3. Handshake with TLS 1.3 enabled servers is going to fail. As of today

[issue29136] Add OP_NO_TLSv1_3

2017-01-02 Thread Benjamin Peterson
Benjamin Peterson added the comment: I think that's fine for 2.7. On Mon, Jan 2, 2017, at 13:07, Christian Heimes wrote: > > New submission from Christian Heimes: > > OpenSSL 1.1.1 is going to provide TLS 1.3. The preferred protocols > PROTOCOL_TLS (old name PROTOCOL_SSLv23),

[issue29136] Add OP_NO_TLSv1_3

2017-01-02 Thread Christian Heimes
New submission from Christian Heimes: OpenSSL 1.1.1 is going to provide TLS 1.3. The preferred protocols PROTOCOL_TLS (old name PROTOCOL_SSLv23), PROTOCOL_TLS_CLIENT and PROTOCOL_TLS_SERVER are going to have TLS 1.3 enabled by default. In order to disable TLS 1.3, let's add OP_NO_TLSv1_3 to