[issue8322] test_ssl failures with OpenSSL 1.0.0
Antoine Pitrou
report at bugs.python.org
Sat Apr 10 00:37:01 CEST 2010
Antoine Pitrou <pitrou at free.fr> added the comment:
After some investigation, the error does occur because of the aforementioned changelog entry (SSLv2 weak ciphers are now disabled by default). To check it I just added the following line to newPySSLObject():
SSL_CTX_set_cipher_list(self->ctx, "ALL");
Of course this isn't desirable: we shouldn't blindly enable weak ciphers. Instead we could simply add an argument to configure allowed ciphers, and use "ALL" in our tests. Or we could add a separate method to configure ciphers.
(this begs the question of whether this is suitable post-beta1)
What do you think?
----------
nosy: +benjamin.peterson
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue8322>
_______________________________________
More information about the Python-bugs-list
mailing list