| msg45339 - (view) |
Author: adam goucher (adamg-work) |
Date: 2004-02-03 16:28 |
| Currently, socket.ssl uses the SSLv23 method of negotiating an ssl socket. This method connects with SSLv2 HELO packets and will negotiate up to a higher level if possible. However, if SSLv2 is turned off completly at the other side of the socket, this negotiation will fail. I have extended socket.ssl() to include another optional parameter -- the SSLmethod which can be any of the openssl methods (SSLv2, SSLv23, SSLv3, TLSv1). Existing functionality is maintained by providing SSLv23 as the default. Affected files: Lib/socket.py - extension of the function Modules/_ssl.c - guts of the changes socketmodule.h - theres a reference on how to make ssl sockets, so I added the change there Has been tested on solaris my making an ssl connection to a server, as well has httplib.HTTPSConnection() |
|
|
| msg45340 - (view) |
Author: adam goucher (adamg-work) |
Date: 2004-02-03 16:29 |
| Logged In: YES user_id=939860 There's no uploaded file! You have to check the checkbox labeled "Check to Upload & Attach File" when you upload a file. In addition, even if you *did* check this checkbox, a bug in SourceForge prevents attaching a file when *creating* an issue. Please try again. (This is a SourceForge annoyance that we can do nothing about. :-( ) |
|
|
| msg45341 - (view) |
Author: adam goucher (adamg-work) |
Date: 2004-02-03 16:30 |
| Logged In: YES user_id=939860 one last try to have all the files uploaded to the patch |
|
|
| msg45342 - (view) |
Author: Martin v. Löwis (loewis) *  |
Date: 2004-02-04 22:37 |
| Logged In: YES user_id=21627 Would be reasonable to change the default to TLS? |
|
|
| msg45343 - (view) |
Author: adam goucher (adamg-work) |
Date: 2004-02-06 16:00 |
| Logged In: YES user_id=939860 I think in 2.3.x I would leave it as SSLv23 in order to not break things going from .x to .y. I think it would be reasonable to make TLS the default in the 2.4 branch though as some breakage is moreaceptable to more people when going between bigger releases. |
|
|
| msg45344 - (view) |
Author: Martin v. Löwis (loewis) * |
Date: 2004-02-07 08:06 |
| Logged In: YES user_id=21627 Ok. Your patch is inapplicable to 2.3, anyway, as it adds a new feature. Are you willing to revise your patch accordingly? Please also include patches to the documentation. |
|
|
| msg45345 - (view) |
Author: adam goucher (adamg-work) |
Date: 2004-03-09 18:55 |
| Logged In: YES user_id=939860 I have recreated the patch againt the 2.4 snapshot of 20040308. I also included the doc change and made TLSv1 the default. |
|
|
| msg45346 - (view) |
Author: adam goucher (adamg-work) |
Date: 2004-03-11 18:46 |
| Logged In: YES user_id=939860 modifying the version this applies to from 2.3 to 2.4 to reflect the new patch |
|
|
| msg45347 - (view) |
Author: Facundo Batista (facundobatista) * |
Date: 2007-03-31 01:22 |
| Changes seems Ok, but I'd need an update to test suite to accept this patch. Can you provide the patch to test cases? Regards, |
|
|
| msg55297 - (view) |
Author: Bill Janssen (janssen) * |
Date: 2007-08-26 02:57 |
| I believe issue 1018 now fixes this. |
|
|
| msg55448 - (view) |
Author: Bill Janssen (janssen) * |
Date: 2007-08-29 23:00 |
| Fixed with 2.6 SSL support. |
|
|