Benjamin Peterson added the comment: On Thu, Dec 11, 2014, at 15:24, Marc-Andre Lemburg wrote: > > Marc-Andre Lemburg added the comment: > > On 11.12.2014 20:42, Benjamin Peterson wrote: > > > > Usually you can pass your own context. > > Yes, in new code, but not in existing Python 2.7 code that wasn't > written for the newly added SSL context feature.
How is modifying code to use a context different from modifying it to mess around with a hypothetical ssl.DEFAULT_SSL_OPTIONS? > > BTW: Having a way to change the SSL options globally would be useful > for Python 3.x as well, since OpenSSL often adds new options and > it's not unlikely we'll see an OP_NO_TLSv1 option soon, given its > age and similarity to SSLv3... > https://www.imperialviolet.org/2014/12/08/poodleagain.html > (the poodle strikes back ;-)) That option already exists and is exposed. :) ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue22866> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
