New submission from Christian Heimes: OpenSSL 1.1 has deprecated all version specific TLS/SSL methods in favor of auto-negotiation (formerly known as SSLv23). It also introduced two macros to set the minimal and maximum TLS version with SSL_CTX_set_min_proto_version() and SSL_CTX_set_max_proto_version(). The macros can be emulated for OpenSSL < 1.1 with reasonable effort.
I suggest that ssl.SSLContext introduces set_version_range(minver, maxver=None) method. It's less awkward to use than fiddling with modes and OP_NO_SSLv3. ---------- components: Extension Modules messages: 273772 nosy: alex, christian.heimes, dstufft, giampaolo.rodola, janssen priority: normal severity: normal status: open title: Add SSLContext.set_version_range(minver, maxver=None) type: enhancement versions: Python 3.6 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue27876> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
