[
https://issues.apache.org/jira/browse/THRIFT-3505?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Aki Sukegawa resolved THRIFT-3505.
----------------------------------
Resolution: Fixed
Fix Version/s: 1.0
committed
> Enhance Python TSSLSocket
> -------------------------
>
> Key: THRIFT-3505
> URL: https://issues.apache.org/jira/browse/THRIFT-3505
> Project: Thrift
> Issue Type: Improvement
> Reporter: Aki Sukegawa
> Assignee: Aki Sukegawa
> Fix For: 1.0
>
>
> Current TSSLSocket limits capacity of standard library ssl module by hiding
> functionality.
> I revised initialization code rather radically but with backward compatible
> deprecation (and added tests).
> h4. Use SSLContext for Python 2.7.9 or later.
> TLS 1.1 and 1.2 are now enabled by default when supported.
> By exposing SSLContext, advanced users can now do mostly anything that can be
> done by Python ssl module.
> h4. Add all the relevent ssl.wrap_context options to constructor
> Users on Python < 2.7.9 still can do mostly anything that standard library
> provides
> e.g.: Client certificate validation (see test case)
> As a bonus TSSLSocket and TSSLServerSocket arguments are now consistent and
> cleaner.
> Also it no longer breaks Python 2.6.
> Old signature is deprecated but still fully supported out of the box.
> The patch also contains regenerated client test certs because it seems to be
> expired and was needed for tests.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
