[Python-Dev] Supported versions of OpenSSL
Chris Angelico
rosuav at gmail.com
Mon Aug 29 07:48:43 EDT 2016
On Mon, Aug 29, 2016 at 9:16 PM, Nick Coghlan <ncoghlan at gmail.com> wrote:
> On 29 August 2016 at 21:05, Chris Angelico <rosuav at gmail.com> wrote:
>> On Mon, Aug 29, 2016 at 8:52 PM, Nick Coghlan <ncoghlan at gmail.com> wrote:
>>> For upcoming 3.6 I would like to limit support to 1.0.2+ and require
>>> 1.0.2 features for 3.7.
>>
>> What does "limit support" mean? Will it be possible to build CPython
>> 3.6 against OpenSSL 1.0.1?
>
> Christian clarified this later in the thread:
>
> - full support is stating confidently that software running that way
> is using network connections that are as secure as we know how to make
> them
> - build support is ensuring it builds, without vouching one way or the
> other for the security of the resulting network connections
> - no support is "it doesn't build, but even if it did, we wouldn't
> vouch for the security of the resulting connections"
Sorry, my bad for just skimming the thread. There are comments like this:
> I'm tempted to require 1.0.2 for Python 3.6 but it's technically not
> necessary yet.
>
> #if OPENSSL_VERSION_INFO < 0x01000200L
> # error "OpenSSL 1.0.2+ required"
> #endif
that led me to think that 3.6 was planning to demand 1.0.2, but if the
intention is build support for 1.0.1, that would work.
Sorry for the noise!
ChrisA
More information about the Python-Dev
mailing list