[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-05-21 Thread Antoine Pitrou
Antoine Pitrou added the comment: This was committed in r81392. -- resolution: -> fixed stage: patch review -> committed/rejected status: open -> closed ___ Python tracker ___ _

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-05-20 Thread Giampaolo Rodola'
Giampaolo Rodola' added the comment: I like the approach of providing this feature as a single attribute instead of two separate methods (set/get_options()). For what it's worth, I took a look at the patch without actually trying it, and it looks good overall, both tests and documentation whic

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-05-20 Thread Antoine Pitrou
Antoine Pitrou added the comment: I would like to move forward on this. Does anyone have any comments or objections to the current proposal? -- ___ Python tracker ___ __

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-05-16 Thread Antoine Pitrou
Antoine Pitrou added the comment: It turns out SSL_CTX_clear_options() is not available before OpenSSL 0.9.8m. I adapted my patch to raise a ValueError when trying to clear options on older versions of OpenSSL. Setting additional options still works, though. -- Added file: http://bugs

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-05-16 Thread Antoine Pitrou
Changes by Antoine Pitrou : Removed file: http://bugs.python.org/file17374/sslopts3.patch ___ Python tracker ___ ___ Python-bugs-list mailing l

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-05-16 Thread Antoine Pitrou
Antoine Pitrou added the comment: Updated patch adds a couple of words about SSLv2 in the "security considerations" paragraph. Reviewing is welcome. -- Added file: http://bugs.python.org/file17375/sslopts3.patch ___ Python tracker

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-05-16 Thread Antoine Pitrou
Changes by Antoine Pitrou : Added file: http://bugs.python.org/file17374/sslopts3.patch ___ Python tracker ___ ___ Python-bugs-list mailing lis

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-05-16 Thread Antoine Pitrou
Changes by Antoine Pitrou : Removed file: http://bugs.python.org/file17373/sslopts3.patch ___ Python tracker ___ ___ Python-bugs-list mailing l

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-05-16 Thread Antoine Pitrou
Antoine Pitrou added the comment: Here is an updated patch, following checkin of the new SSL contexts. Options can be specified as an `options` property on SSL contexts. -- nosy: +exarkun, heikki Added file: http://bugs.python.org/file17373/sslopts3.patch _

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-04-27 Thread Antoine Pitrou
Antoine Pitrou added the comment: Here is an updated patch for py3k (the previous one didn't apply cleanly). -- Added file: http://bugs.python.org/file17112/sslopts2.patch ___ Python tracker ___

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-04-20 Thread Antoine Pitrou
Antoine Pitrou added the comment: Here is an adapted patch for py3k. It also adds a couple of test cases. -- nosy: +pitrou Added file: http://bugs.python.org/file17016/sslopts.patch ___ Python tracker _

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-04-20 Thread Antoine Pitrou
Changes by Antoine Pitrou : -- resolution: accepted -> versions: +Python 3.2 -Python 2.6, Python 2.7, Python 3.0, Python 3.1 ___ Python tracker ___ __

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-01-12 Thread Brian Curtin
Changes by Brian Curtin : -- priority: -> normal stage: needs patch -> patch review ___ Python tracker ___ ___ Python-bugs-list mailin

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2010-01-12 Thread Jeremy Kloth
Jeremy Kloth added the comment: I have developed a patch that adds the ability to disable SSLv2, SSlv3 and TLSv1 when using the SSLv23 method. It changes Modules/_ssl.c, Lib/ssl.py and Doc/library/ssl.rst. -- keywords: +patch nosy: +jeremy.kloth Added file: http://bugs.python.org/file

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2009-01-07 Thread Giampaolo Rodola'
Giampaolo Rodola' added the comment: > Actually, that's not quite true. > Specifying TLSv1 or SSLv3 on the > server side will disable SSLv2. There are use cases like FTPS where it is desirable that servers support SSLv3 *and* TLSv1. To do that by using OpenSSL SSLv23 protocol must be specifie

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2009-01-07 Thread Bill Janssen
Bill Janssen added the comment: Actually, that's not quite true. Specifying TLSv1 or SSLv3 on the server side will disable SSLv2. However, there's currently no way to specify SSLv3 *or* TLSv1 *but not* SSLv2. This looks easy to fix; I'll add another entry to the list of protocol versions, whi

[issue4870] ssl module is missing SSL_OP_NO_SSLv2

2009-01-07 Thread Giampaolo Rodola'
New submission from Giampaolo Rodola' : As came out here: http://groups.google.it/group/comp.lang.python/browse_thread/thread/7d5b96f9bacb03d3?hl=it# ...the ssl module does not provide any facility to disable SSL version 2. This is very important when writing SSLv3/TLSv1 compatible servers.