[issue27815] Make SSL suppress_ragged_eofs default more secure

Martin Panter report at bugs.python.org
Sat Oct 15 19:30:19 EDT 2016


Martin Panter added the comment:

Patch v2 also adds a new attribute to context objects. With this I can work around my Google server bug:

context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
context.suppress_ragged_eofs = True
handler = urllib.request.HTTPSHandler(context=context)
urlopen = urllib.request.build_opener(handler).open
urlopen(Request(url="https://accounts.google.com/o/oauth2/token", ...))

----------
Added file: http://bugs.python.org/file45106/ragged-eofs.v2.patch

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue27815>
_______________________________________


More information about the Python-bugs-list mailing list