Message 102441 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	flox, giampaolo.rodola, janssen, pitrou, vstinner
Date	2010-04-06.09:05:23
SpamBayes Score	6.0380877e-05
Marked as misclassified	No
Message-id	<[email protected]>
In-reply-to

Content
It begs the question of why the tests succeed with previous OpenSSL versions. The only possibly relevant entry I could find in the OpenSSL changelog (but I'm not an expert) is the following: *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello: this allows the use of compression and extensions. Change default cipher string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2 by default unless an application cipher string requests it. [Steve Henson]

It begs the question of why the tests succeed with previous OpenSSL versions.
The only possibly relevant entry I could find in the OpenSSL changelog (but I'm not an expert) is the following:

  *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello:
     this allows the use of compression and extensions. Change default cipher
     string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2
     by default unless an application cipher string requests it.
     [Steve Henson]

History
Date	User	Action	Args
2010-04-06 09:05:25	pitrou	set	recipients: + pitrou, janssen, vstinner, giampaolo.rodola, flox
2010-04-06 09:05:25	pitrou	set	messageid: <[email protected]>
2010-04-06 09:05:23	pitrou	link	issue8322 messages
2010-04-06 09:05:23	pitrou	create