Control: severity -1 serious Control: tags -1 + patch pending upstream fixed-upstream
On 12 January 2015 at 12:52, Thorsten Glaser <[email protected]> wrote: > On Sun, 5 Oct 2014, Joey Hess wrote: > >> Now it fails with "No seed". > > See https://github.com/spesmilo/electrum/issues/919 Thanks for the pointer. The Qt patch looks pretty straightforward to backport (3 line diff?), I'll look at doing that as soon as possible. > Should probably be RC. I'm inclined to agree, although we'll have to see whether the RMs agree; fortunately the diff for a potential fix is tiny.. > I “live-patched” my files. Here is a bad direct filesystem diff: > - s = ssl.wrap_socket(s, > ssl_version=ssl.PROTOCOL_SSLv23, cert_reqs=ssl.CERT_NONE, ca_certs=None) > + s = ssl.wrap_socket(s, > ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_REQUIRED, > ca_certs="/etc/ssl/certs/ca-certificates.crt", do_handshake_on_connect=True) Do note that PROTOCOL_SSLv23, despite the confusing name, means "do protocol version negotiation", not specifically anything to do with SSLv2 or SSLv3; with the configuration of OpenSSL in Debian at the moment, it actually means "TLSv1 or TLSv1.1 or TLSv1.2". Using PROTOCOL_TLSv1 locks the protocol version to TLSv1 and does not allow negotiation of a newer protocol, which is probably not what you intended. -- mithrandi, i Ainil en-Balandor, a faer Ambar -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
