[issue35045] test_min_max_version (test.test_ssl.ContextTests) fails on Fedora 29+ and openssl 1.1.1

2019-01-25 Thread Alan Huang
Change by Alan Huang : -- pull_requests: +11509, 11510 ___ Python tracker <https://bugs.python.org/issue35045> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue35045] test_min_max_version (test.test_ssl.ContextTests) fails on Fedora 29+ and openssl 1.1.1

2019-01-25 Thread Alan Huang
Change by Alan Huang : -- pull_requests: +11509 ___ Python tracker <https://bugs.python.org/issue35045> ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue33808] ssl.get_server_certificate fails with openssl 1.1.0 but works with 1.0.2g for self-signed certificate

2018-07-18 Thread Alan Huang
Alan Huang added the comment: This is an issue of cipher support, not a Python bug. mail.mani.pt supports the following (outdated) ciphers: RC4-SHA (0x05) RC4-MD5 (0x04) DES-CBC3-SHA (0x0a) EXP1024-DES-CBC-SHA (0x62) DES-CBC-SHA (0x09) EXP1024-RC4-SHA (0x64) EXP-RC2-CBC-MD5 (0x06) EXP-RC4-MD5

[issue34001] LibreSSL does not tolerate setting minimum_version greater than maximum_version

2018-07-02 Thread Alan Huang
Change by Alan Huang : -- keywords: +patch pull_requests: +7663 stage: -> patch review ___ Python tracker <https://bugs.python.org/issue34001> ___ ___ Python-

[issue33995] test_min_max_version in test_ssl.py fails when Python is built against LibreSSL; {min,max}imum_version behavior differs from OpenSSL

2018-07-02 Thread Alan Huang
Alan Huang added the comment: PR 8050 implements option 2a (use PY_PROTO_{MIN,MAX}IMUM_AVAILABLE). -- ___ Python tracker <https://bugs.python.org/issue33

[issue33995] test_min_max_version in test_ssl.py fails when Python is built against LibreSSL; {min,max}imum_version behavior differs from OpenSSL

2018-07-02 Thread Alan Huang
Change by Alan Huang : -- keywords: +patch pull_requests: +7658 stage: -> patch review ___ Python tracker <https://bugs.python.org/issue33995> ___ ___ Python-

[issue34001] LibreSSL does not tolerate setting minimum_version greater than maximum_version

2018-07-02 Thread Alan Huang
Alan Huang added the comment: Strangely, LibreSSL's `ssl_clamp_version_range` function is perfectly happy to accept minimum protocol versions lower than the lowest supported protocol version, and likewise is happy to accept maximum protocol versions higher than the highest supp

[issue33995] test_min_max_version in test_ssl.py fails when Python is built against LibreSSL; {min,max}imum_version behavior differs from OpenSSL

2018-07-01 Thread Alan Huang
Change by Alan Huang : -- components: -Documentation versions: +Python 3.8 ___ Python tracker <https://bugs.python.org/issue33995> ___ ___ Python-bugs-list m

[issue34001] LibreSSL does not tolerate setting minimum_version greater than maximum_version

2018-06-29 Thread Alan Huang
New submission from Alan Huang : LibreSSL has a function called `ssl_clamp_version_range` that is called before attempting to set the minimum and maximum protocol versions in `ssl_version_set_{min,max}`. The function disallows setting ranges that are invalid (i.e., where minimum_version

[issue33995] test_min_max_version in test_ssl.py fails when Python is built against LibreSSL; {min,max}imum_version behavior differs from OpenSSL

2018-06-28 Thread Alan Huang
New submission from Alan Huang : LibreSSL's implementation of the function used to get the minimum and maximum SSL versions supported differs from OpenSSL's. In short, the issue is in the implementations of `SSL_CTX_new` - OpenSSL initializes variables `ret->{min,max}_proto_