Issue 25530: ssl: OP_NO_SSLv3 should always be set unless a user specifically asks for it (original) (raw)
Issue25530
➜
This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.
This issue has been migrated to GitHub: https://github.com/python/cpython/issues/69716
classification
| Title: | ssl: OP_NO_SSLv3 should always be set unless a user specifically asks for it | ||
|---|---|---|---|
| Type: | Stage: | resolved | |
| Components: | Library (Lib) | Versions: | Python 3.6, Python 3.5, Python 2.7 |
process
| Status: | closed | Resolution: | fixed |
|---|---|---|---|
| Dependencies: | Superseder: | ||
| Assigned To: | Nosy List: | alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, python-dev | |
| Priority: | normal | Keywords: | needs review, patch, security_issue |
Created on 2015-11-01 19:10 by alex, last changed 2022-04-11 14:58 by admin. This issue is now closed.
| Files | |||
|---|---|---|---|
| File name | Uploaded | Description | Edit |
| sslv3.diff | alex,2015-11-01 19:10 | review | |
| sslv3.diff | alex,2015-11-02 12:42 | review |
| Messages (3) | ||
|---|---|---|
| msg253868 - (view) | Author: Alex Gaynor (alex) *  |
Date: 2015-11-01 19:10 |
| SSLv3 is broken, both _create_unverified_context and create_default_context turn it off, but we should make all contexts turn it off, like we do for SSLv2. A patch is attached. | ||
| msg253907 - (view) | Author: Alex Gaynor (alex) * |
Date: 2015-11-02 12:42 |
| Oops, there were a few failing tests on that patch. New one is green | ||
| msg254520 - (view) | Author: Roundup Robot (python-dev)  |
Date: 2015-11-12 06:45 |
| New changeset d80954d941c7 by Benjamin Peterson in branch '2.7': always set OP_NO_SSLv3 by default (closes #25530) https://hg.python.org/cpython/rev/d80954d941c7 New changeset 56f64ec9259f by Benjamin Peterson in branch '3.4': always set OP_NO_SSLv3 by default (closes #25530) https://hg.python.org/cpython/rev/56f64ec9259f New changeset d1737db0f1b2 by Benjamin Peterson in branch '3.5': merge 3.4 (#25530) https://hg.python.org/cpython/rev/d1737db0f1b2 New changeset 2899acbd2b46 by Benjamin Peterson in branch 'default': merge 3.5 (#25530) https://hg.python.org/cpython/rev/2899acbd2b46 |
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:58:23 | admin | set | github: 69716 |
| 2015-11-12 06:45:50 | python-dev | set | status: open -> closednosy: + python-devmessages: + resolution: fixedstage: resolved |
| 2015-11-02 12:42:07 | alex | set | files: + sslv3.diffmessages: + |
| 2015-11-01 19:10:54 | alex | create |
Supported by The Python Software Foundation,
Powered by Roundup
Copyright © 1990-2022, Python Software Foundation
Legal Statements