> On 19 Nov 2015, at 15:26, Ben Bangert wrote:
>
> I can't think of any other mode to set, setting this with the
> condition cited for that vulnerability looks like a good idea.
>
> Cheers,
> Ben
Ok, we’re agreed. The work can be tracked under Issue 25672:
https://bugs.python.org/issue25672
On Thu, Nov 19, 2015 at 1:58 AM, M.-A. Lemburg wrote:
> On 19.11.2015 09:14, Cory Benfield wrote:
>>
>>> On 19 Nov 2015, at 03:53, Ben Bangert wrote:
>>>
>>> In Python 2 and 3, the ssl module's SSLContext object has a way to set
>>> SSL options, but not to set SSL modes.
>>>
>>> The set_mode comm
On 19.11.2015 09:14, Cory Benfield wrote:
>
>> On 19 Nov 2015, at 03:53, Ben Bangert wrote:
>>
>> In Python 2 and 3, the ssl module's SSLContext object has a way to set
>> SSL options, but not to set SSL modes.
>>
>> The set_mode command and some of the available modes:
>> https://www.openssl.org
> On 19 Nov 2015, at 03:53, Ben Bangert wrote:
>
> In Python 2 and 3, the ssl module's SSLContext object has a way to set
> SSL options, but not to set SSL modes.
>
> The set_mode command and some of the available modes:
> https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_set_mode.html
>
> Th
In Python 2 and 3, the ssl module's SSLContext object has a way to set
SSL options, but not to set SSL modes.
The set_mode command and some of the available modes:
https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_set_mode.html
The most critical mode is SSL_MODE_RELEASE_BUFFERS, which can drop t
