[PATCH v4] setup: require that Python has TLS 1.1 or TLS 1.2

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590874939 -7200 # Sat May 30 23:42:19 2020 +0200 # Node ID 0b80baeded449c19f89d4b6cec2a00eec4d286a7 # Parent 61cdc8137d5326ed075b982693469a2134365ff5 # EXP-Topic require_modern_ssl setup: require that Python has TLS 1.1 or TLS 1.2 This

Re: [PATCH 2 of 2 v3] setup: require that Python has TLS 1.1 or TLS 1.2

2020-05-31 Thread Yuya Nishihara
On Sun, 31 May 2020 05:58:51 +0200, Manuel Jacob wrote: > # HG changeset patch > # User Manuel Jacob > # Date 1590874939 -7200 > # Sat May 30 23:42:19 2020 +0200 > # Node ID 9590fdc527eb7c96c252af5b471da6f33bb1295f > # Parent d5441892eb22aa451bb479919e95f671e99857eb > # EXP-Topic

Re: [PATCH 1 of 2 v3] relnotes: note that we now require modern SSL/TLS features in Python

2020-05-31 Thread Yuya Nishihara
On Sun, 31 May 2020 05:58:50 +0200, Manuel Jacob wrote: > # HG changeset patch > # User Manuel Jacob > # Date 1590873537 -7200 > # Sat May 30 23:18:57 2020 +0200 > # Node ID d5441892eb22aa451bb479919e95f671e99857eb > # Parent ed05581cec9e829ee4dd3daef8fc4fdd63f6ab54 > # EXP-Topic

Re: [PATCH 03 of 10 v2] sslutil: convert check for TLS 1.1 and TLS 1.2 into assert

2020-05-31 Thread Manuel Jacob
On 2020-05-31 08:05, Yuya Nishihara wrote: On Sun, 31 May 2020 00:37:16 +0200, Manuel Jacob wrote: # HG changeset patch # User Manuel Jacob # Date 1590783568 -7200 # Fri May 29 22:19:28 2020 +0200 # Node ID 594ab49f13ab0caba9f4934803932cd9b37e96d1 # Parent

Re: [PATCH v2] tests: stop checking for optional, now impossible output

2020-05-31 Thread Yuya Nishihara
On Sat, 30 May 2020 19:26:32 +0200, Manuel Jacob wrote: > # HG changeset patch > # User Manuel Jacob > # Date 1590858293 -7200 > # Sat May 30 19:04:53 2020 +0200 > # Node ID cb67261e7796a4b31597192a4f4cde83fb1bc406 > # Parent 89f83e47e9c9ad53a04c8c829730f04d8275437e > tests: stop checking

Re: [PATCH 03 of 10 v2] sslutil: convert check for TLS 1.1 and TLS 1.2 into assert

2020-05-31 Thread Yuya Nishihara
On Sun, 31 May 2020 00:37:16 +0200, Manuel Jacob wrote: > # HG changeset patch > # User Manuel Jacob > # Date 1590783568 -7200 > # Fri May 29 22:19:28 2020 +0200 > # Node ID 594ab49f13ab0caba9f4934803932cd9b37e96d1 > # Parent b33cc1f796e9c3aa6df1e51d36f0b3c061dfee9e > # EXP-Topic

mercurial@44885: 3 new changesets

2020-05-31 Thread Mercurial Commits
3 new changesets in mercurial: https://www.mercurial-scm.org/repo/hg/rev/94f227baa76f changeset: 44883:94f227baa76f user:Augie Fackler date:Thu May 28 09:51:13 2020 -0400 summary: githelp: add some minimal help for pickaxe functionality

[PATCH 3 of 5] sslutil: add FIXME about supportedprotocols possibly containing too many items

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590918063 -7200 # Sun May 31 11:41:03 2020 +0200 # Node ID 14fb5b19169473e9a14a5ad4371ca727cd8c8293 # Parent efea7f15c5d5e32f3a6be167c733581afc612b3c # EXP-Topic sslutil_cleanup sslutil: add FIXME about supportedprotocols possibly containing

Re: [PATCH 1 of 5] sslutil: stop returning argument as third return value of protocolsettings()

2020-05-31 Thread Manuel Jacob
I sent an intro mail to the patch series, noting that this series is independent of the patch raising required TLS version. However that one was rejected by the mailing list filter, so I'm sending out that information again, to avoid confusion. ___

Re: [PATCH 1 of 5] sslutil: stop returning argument as third return value of protocolsettings()

2020-05-31 Thread Yuya Nishihara
On Sun, 31 May 2020 12:24:44 +0200, Manuel Jacob wrote: > # HG changeset patch > # User Manuel Jacob > # Date 1590911745 -7200 > # Sun May 31 09:55:45 2020 +0200 > # Node ID ce6f9d86860e841386d94f9434606ca96d426310 > # Parent 61cdc8137d5326ed075b982693469a2134365ff5 > # EXP-Topic

[PATCH 2 of 5] sslutil: fix names of variables containing minimum protocol strings

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590914858 -7200 # Sun May 31 10:47:38 2020 +0200 # Node ID efea7f15c5d5e32f3a6be167c733581afc612b3c # Parent ce6f9d86860e841386d94f9434606ca96d426310 # EXP-Topic sslutil_cleanup sslutil: fix names of variables containing minimum protocol

[PATCH 4 of 5] sslutil: don't set minimum TLS version to 1.0 if 1.2 but not 1.1 is available

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590916221 -7200 # Sun May 31 11:10:21 2020 +0200 # Node ID d950d0faa52d3db159147891e58f4488042d9afe # Parent 14fb5b19169473e9a14a5ad4371ca727cd8c8293 # EXP-Topic sslutil_cleanup sslutil: don't set minimum TLS version to 1.0 if 1.2 but not 1.1

Re: [PATCH v4] setup: require that Python has TLS 1.1 or TLS 1.2

2020-05-31 Thread Yuya Nishihara
On Sun, 31 May 2020 09:08:16 +0200, Manuel Jacob wrote: > # HG changeset patch > # User Manuel Jacob > # Date 1590874939 -7200 > # Sat May 30 23:42:19 2020 +0200 > # Node ID 0b80baeded449c19f89d4b6cec2a00eec4d286a7 > # Parent 61cdc8137d5326ed075b982693469a2134365ff5 > # EXP-Topic

Re: [PATCH 2 of 5] sslutil: fix names of variables containing minimum protocol strings

2020-05-31 Thread Yuya Nishihara
On Sun, 31 May 2020 12:24:45 +0200, Manuel Jacob wrote: > # HG changeset patch > # User Manuel Jacob > # Date 1590914858 -7200 > # Sun May 31 10:47:38 2020 +0200 > # Node ID efea7f15c5d5e32f3a6be167c733581afc612b3c > # Parent ce6f9d86860e841386d94f9434606ca96d426310 > # EXP-Topic

[PATCH 1 of 5] sslutil: stop returning argument as third return value of protocolsettings()

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590911745 -7200 # Sun May 31 09:55:45 2020 +0200 # Node ID ce6f9d86860e841386d94f9434606ca96d426310 # Parent 61cdc8137d5326ed075b982693469a2134365ff5 # EXP-Topic sslutil_cleanup sslutil: stop returning argument as third return value of

[PATCH 5 of 5] sslutil: check for OpenSSL without TLS 1.0 support in one case

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590919637 -7200 # Sun May 31 12:07:17 2020 +0200 # Node ID ccb1f10b9fd61d82a2227d648208465f16dccdf3 # Parent d950d0faa52d3db159147891e58f4488042d9afe # EXP-Topic sslutil_cleanup sslutil: check for OpenSSL without TLS 1.0 support in one case

[PATCH 1 of 8 v5] setup: require that Python has TLS 1.1 or TLS 1.2

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590874939 -7200 # Sat May 30 23:42:19 2020 +0200 # Node ID 2d2497e32978bc17060f5142b45789b449e7d9d3 # Parent dd7c4a208a4ed6c798330a21b13a349a020c877d # EXP-Topic require_modern_ssl setup: require that Python has TLS 1.1 or TLS 1.2 This

[PATCH 8 of 8 v5] sslutil: properly detect which TLS versions are supported by the ssl module

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590976314 -7200 # Mon Jun 01 03:51:54 2020 +0200 # Node ID fbd7fcc81958b551b6dcbc26cc22fbdd0a0cdc33 # Parent 64807e560eedc6c2571d34ffb7bd2f7e356dd606 # EXP-Topic require_modern_ssl sslutil: properly detect which TLS versions are supported by

[PATCH 6 of 8 v5] sslutil: remove dead code (that failed if only TLS 1.0 is available)

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590957109 -7200 # Sun May 31 22:31:49 2020 +0200 # Node ID 7576507bfe5ea28ab6d496d532bb9b453998ca35 # Parent b014f68a7e5f4d3cf72ca6f5d50e3059d05e3ed3 # EXP-Topic require_modern_ssl sslutil: remove dead code (that failed if only TLS 1.0 is

[PATCH 2 of 8 v5] sslutil: remove comment referring to unsupported legacy stacks

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590785278 -7200 # Fri May 29 22:47:58 2020 +0200 # Node ID 8ebbebfe6cefed68e01f237eac1dcdf6aa6f7fbc # Parent 2d2497e32978bc17060f5142b45789b449e7d9d3 # EXP-Topic require_modern_ssl sslutil: remove comment referring to unsupported legacy

[PATCH 7 of 8 v5] sslutil: propagate return value ssl.PROTOCOL_SSLv23 from protocolsettings()

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590970587 -7200 # Mon Jun 01 02:16:27 2020 +0200 # Node ID 64807e560eedc6c2571d34ffb7bd2f7e356dd606 # Parent 7576507bfe5ea28ab6d496d532bb9b453998ca35 # EXP-Topic require_modern_ssl sslutil: propagate return value ssl.PROTOCOL_SSLv23 from

[PATCH 3 of 8 v5] tests: stop checking for optional, now impossible output

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590877556 -7200 # Sun May 31 00:25:56 2020 +0200 # Node ID e0d6fc43f3227a11934a69c8eff40d307a5ad697 # Parent 8ebbebfe6cefed68e01f237eac1dcdf6aa6f7fbc # EXP-Topic require_modern_ssl tests: stop checking for optional, now impossible output The

[PATCH 5 of 8 v5] config: remove unused hostsecurity.disabletls10warning config

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590877849 -7200 # Sun May 31 00:30:49 2020 +0200 # Node ID b014f68a7e5f4d3cf72ca6f5d50e3059d05e3ed3 # Parent ed90a9083487c637edb528826046f36646baf2a7 # EXP-Topic require_modern_ssl config: remove unused hostsecurity.disabletls10warning config

[PATCH 4 of 8 v5] sslutil: remove dead code (that downgraded default minimum TLS version)

2020-05-31 Thread Manuel Jacob
# HG changeset patch # User Manuel Jacob # Date 1590956135 -7200 # Sun May 31 22:15:35 2020 +0200 # Node ID ed90a9083487c637edb528826046f36646baf2a7 # Parent e0d6fc43f3227a11934a69c8eff40d307a5ad697 # EXP-Topic require_modern_ssl sslutil: remove dead code (that downgraded default minimum