Donald Stufft added the comment: This is a simple patch, it simple disables TLS Compression by default. If a user wants to add it back they can create their own SSLContext and do
ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) ctx.options &= ~ssl.OP_NO_COMPRESSION This should be able to apply against 3.2+ although it would only be 3.3+ that ssl.OP_NO_COMPRESSION is available to disable it, although a user could still hard code the constant in themselves. This still leaves 2.7 out in the open here, what I'd like to do is just disable it and if someone really *needs* TLS Compression they can use pyopenssl to get that back. This is a reversal of the current situation where in order to get the safer value you have to use pyopenssl. ---------- keywords: +patch Added file: http://bugs.python.org/file34531/disable-ssl-compression-default.diff _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue20994> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
