[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-24 Thread Donald Stufft
Donald Stufft added the comment: New changeset 564ace834f23587937b325e3545abe3f17fdbd2a by Donald Stufft in branch '3.5': bpo-29697: Don't use OpenSSL <1.0.2 fallback on 1.1+ (GH-398) https://github.com/python/cpython/commit/564ace834f23587937b325e3545abe3f17fdbd2a --

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-24 Thread Donald Stufft
Donald Stufft added the comment: New changeset 8ae264ce6dfcd6923d7bbde0e975389bea7d9881 by Donald Stufft in branch 'master': bpo-29697: Don't use OpenSSL <1.0.2 fallback on 1.1+ (GH-395) https://github.com/python/cpython/commit/8ae264ce6dfcd6923d7bbde0e975389bea7d9881 --

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-24 Thread Donald Stufft
Donald Stufft added the comment: New changeset f1a696efd6ca674579e25de29ec4053ff5a5ade1 by Donald Stufft in branch '2.7': bpo-29697: Don't use OpenSSL <1.0.2 fallback on 1.1+ (GH-399) https://github.com/python/cpython/commit/f1a696efd6ca674579e25de29ec4053ff5a5ade1 --

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-24 Thread Donald Stufft
Donald Stufft added the comment: New changeset 784ba7c8ad53638c94270011d55d2536ff0cd2dd by Donald Stufft in branch '3.6': bpo-29697: Don't use OpenSSL <1.0.2 fallback on 1.1+ (#397) https://github.com/python/cpython/commit/784ba7c8ad53638c94270011d55d2536ff0cd2dd --

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-03 Thread Donald Stufft
Changes by Donald Stufft : -- resolution: -> fixed stage: -> resolved status: open -> closed ___ Python tracker ___

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-03 Thread Ned Deily
Ned Deily added the comment: Since the PRs have been merged, can this issue be closed now? -- nosy: +dstufft, ned.deily ___ Python tracker ___

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-02 Thread Donald Stufft
Changes by Donald Stufft : -- pull_requests: +331 ___ Python tracker ___ ___

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-02 Thread Donald Stufft
Changes by Donald Stufft : -- pull_requests: +330 ___ Python tracker ___ ___

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-02 Thread Donald Stufft
Changes by Donald Stufft : -- pull_requests: +328 ___ Python tracker ___ ___

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-02 Thread Donald Stufft
Changes by Donald Stufft : -- pull_requests: +327 ___ Python tracker ___ ___

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-02 Thread Christian Heimes
Christian Heimes added the comment: The bug report was too much of a "memo to me" brain dump. Let me clarify. For OpenSSL 1.0.2 we can call SSL_CTX_set_ecdh_auto() to enable ECDH curves. For OpenSSL < 1.0.2 it was necessary to configure a curve with SSL_CTX_set_tmp_ecdh(). OpenSSL >= 1.1.0

[issue29697] Wrong ECDH configuration with OpenSSL 1.1

2017-03-02 Thread Christian Heimes
New submission from Christian Heimes: I think I made a mistake during the port to OpenSSL 1.1.x. defined(OPENSSL_VERSION_1_1) is on the wrong ifndef block. -- Old code #ifndef OPENSSL_NO_ECDH /* Allow automatic ECDH curve