[Patches] [ python-Patches-889813 ] making the version of SSL
configurable when creating sockets
SourceForge.net
noreply at sourceforge.net
Thu Mar 11 13:46:42 EST 2004
Patches item #889813, was opened at 2004-02-03 11:28
Message generated for change (Comment added) made by adamg-work
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=305470&aid=889813&group_id=5470
Category: Modules
>Group: Python 2.4
Status: Open
Resolution: None
Priority: 5
Submitted By: adam goucher (adamg-work)
Assigned to: Nobody/Anonymous (nobody)
Summary: making the version of SSL configurable when creating sockets
Initial Comment:
Currently, socket.ssl uses the SSLv23 method of
negotiating an ssl socket. This method connects with
SSLv2 HELO packets and will negotiate up to a higher
level if possible. However, if SSLv2 is turned off
completly at the other side of the socket, this
negotiation will fail.
I have extended socket.ssl() to include another
optional parameter -- the SSLmethod which can be any
of the openssl methods (SSLv2, SSLv23, SSLv3, TLSv1).
Existing functionality is maintained by providing
SSLv23 as the default.
Affected files:
Lib/socket.py - extension of the function
Modules/_ssl.c - guts of the changes
socketmodule.h - theres a reference on how to
make ssl sockets, so I added the change there
Has been tested on solaris my making an ssl
connection to a server, as well has
httplib.HTTPSConnection()
----------------------------------------------------------------------
>Comment By: adam goucher (adamg-work)
Date: 2004-03-11 13:46
Message:
Logged In: YES
user_id=939860
modifying the version this applies to from 2.3 to 2.4 to reflect
the new patch
----------------------------------------------------------------------
Comment By: adam goucher (adamg-work)
Date: 2004-03-09 13:55
Message:
Logged In: YES
user_id=939860
I have recreated the patch againt the 2.4 snapshot of
20040308. I also included the doc change and made TLSv1
the default.
----------------------------------------------------------------------
Comment By: Martin v. Löwis (loewis)
Date: 2004-02-07 03:06
Message:
Logged In: YES
user_id=21627
Ok. Your patch is inapplicable to 2.3, anyway, as it adds a
new feature. Are you willing to revise your patch
accordingly? Please also include patches to the documentation.
----------------------------------------------------------------------
Comment By: adam goucher (adamg-work)
Date: 2004-02-06 11:00
Message:
Logged In: YES
user_id=939860
I think in 2.3.x I would leave it as SSLv23 in order to not
break things going from .x to .y. I think it would be
reasonable to make TLS the default in the 2.4 branch though
as some breakage is moreaceptable to more people when
going between bigger releases.
----------------------------------------------------------------------
Comment By: Martin v. Löwis (loewis)
Date: 2004-02-04 17:37
Message:
Logged In: YES
user_id=21627
Would be reasonable to change the default to TLS?
----------------------------------------------------------------------
Comment By: adam goucher (adamg-work)
Date: 2004-02-03 11:30
Message:
Logged In: YES
user_id=939860
one last try to have all the files uploaded to the patch
----------------------------------------------------------------------
Comment By: adam goucher (adamg-work)
Date: 2004-02-03 11:29
Message:
Logged In: YES
user_id=939860
There's no uploaded file! You have to check the
checkbox labeled "Check to Upload & Attach File"
when you upload a file. In addition, even if you
*did* check this checkbox, a bug in SourceForge
prevents attaching a file when *creating* an issue.
Please try again.
(This is a SourceForge annoyance that we can do
nothing about. :-( )
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=305470&aid=889813&group_id=5470
More information about the Patches
mailing list