[issue29781] SSLObject.version returns incorrect value before handshake.
Cory Benfield
report at bugs.python.org
Fri Mar 10 05:03:04 EST 2017
New submission from Cory Benfield:
The SSLObject object from the ssl module has a version() method that is undocumented. A reasonable assumption for the behaviour of that method is that it would follow the behaviour of the same method on SSLSocket(), which has the following documentation:
> Return the actual SSL protocol version negotiated by the connection as
> a string, or None is no secure connection is established. As of this
> writing, possible return values include "SSLv2", "SSLv3", "TLSv1",
> "TLSv1.1" and "TLSv1.2". Recent OpenSSL versions may define more return
> values.
However, SSLObject does not follow that behaviour:
Python 3.6.0 (default, Jan 18 2017, 18:08:34)
[GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.42.1)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import ssl
>>> ctx = ssl.create_default_context()
>>> in_bio = ssl.MemoryBIO()
>>> out_bio = ssl.MemoryBIO()
>>> buffers = ctx.wrap_bio(in_bio, out_bio)
>>> buffers.version()
'TLSv1.2'
That is, a SSLObject that does not have a TLS session established will incorrectly report that it is using a TLS version. This method should return None in this case.
----------
assignee: christian.heimes
components: SSL
messages: 289346
nosy: Lukasa, christian.heimes
priority: normal
severity: normal
status: open
title: SSLObject.version returns incorrect value before handshake.
versions: Python 3.6
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue29781>
_______________________________________
More information about the Python-bugs-list
mailing list