[Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 (original) (raw)
Antoine Pitrou solipsis at pitrou.net
Sat Jan 13 10:15:37 EST 2018
- Previous message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3
- Next message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, 13 Jan 2018 15:49:21 +0100 Christian Heimes <christian at python.org> wrote:
On 2018-01-13 14:23, Antoine Pitrou wrote: > On Sat, 13 Jan 2018 13:54:33 +0100 > Christian Heimes <christian at python.org> wrote: >> >> If we agree to drop support for OpenSSL 0.9.8 and 1.0.1, then I can land >> bunch of useful goodies like proper hostname verification [2], proper >> fix for IP address in SNI TLS header [3], PEP 543 compatible Certificate >> and PrivateKey types (support loading certs and keys from file and >> memory) [4], and simplified cipher suite configuration [5]. I can >> finally clean up ssl.c during the beta phase, too. > > Given the annoyance of supporting old OpenSSL versions, I'd say +1 to > this. > > We'll have to deal with the complaints of users of Debian oldstable, > CentOS 6 and RHEL 6, though.
It's more of an issue for Travis CI. The Python 3.7-dev target won't have a functional ssl module. Travis either has to update their build base to 16.04, provide a custom build of OpenSSL, or all packages have to use a container. [1]
That's Travis-CI's problem. And hopefully they'll migrate to Ubuntu 16.04 soon (it's almost 2 years old...).
Regards
Antoine.
- Previous message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3
- Next message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]