[issue22866] ssl module in 2.7 should provide a way to configure default context options
Benjamin Peterson
report at bugs.python.org
Thu Dec 11 21:26:32 CET 2014
Benjamin Peterson added the comment:
On Thu, Dec 11, 2014, at 15:24, Marc-Andre Lemburg wrote:
>
> Marc-Andre Lemburg added the comment:
>
> On 11.12.2014 20:42, Benjamin Peterson wrote:
> >
> > Usually you can pass your own context.
>
> Yes, in new code, but not in existing Python 2.7 code that wasn't
> written for the newly added SSL context feature.
How is modifying code to use a context different from modifying it to
mess around with a hypothetical ssl.DEFAULT_SSL_OPTIONS?
>
> BTW: Having a way to change the SSL options globally would be useful
> for Python 3.x as well, since OpenSSL often adds new options and
> it's not unlikely we'll see an OP_NO_TLSv1 option soon, given its
> age and similarity to SSLv3...
> https://www.imperialviolet.org/2014/12/08/poodleagain.html
> (the poodle strikes back ;-))
That option already exists and is exposed. :)
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue22866>
_______________________________________
More information about the Python-bugs-list
mailing list