[pypy-commit] pypy stdlib-2.7.11: Disable SSLv3 by default

alex_gaynor Sat, 19 Mar 2016 20:45:34 -0700

Author: Alex Gaynor <[email protected]>
Branch: stdlib-2.7.11
Changeset: r83178:7371262b2838
Date: 2016-03-19 23:44 -0400
http://bitbucket.org/pypy/pypy/changeset/7371262b2838/


Log:    Disable SSLv3 by default

diff --git a/pypy/module/_ssl/interp_ssl.py b/pypy/module/_ssl/interp_ssl.py
--- a/pypy/module/_ssl/interp_ssl.py
+++ b/pypy/module/_ssl/interp_ssl.py
@@ -1288,6 +1288,8 @@
         options = SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
         if protocol != PY_SSL_VERSION_SSL2:
             options |= SSL_OP_NO_SSLv2
+        if protocol != PY_SSL_VERSION_SSL3:
+            options |= SSL_OP_NO_SSLv3
         libssl_SSL_CTX_set_options(ctx, options)
 
         if not OPENSSL_NO_ECDH:
_______________________________________________
pypy-commit mailing list
[email protected]
https://mail.python.org/mailman/listinfo/pypy-commit

[pypy-commit] pypy stdlib-2.7.11: Disable SSLv3 by default

Reply via email to