When we disabled SSLv2 in Maverick, one of our goals was to not change
the ABI so we didn't need to rebuild the archive until we transitioned
to OpenSSL 1.x. I seem to recall that setting OPENSSL_NO_SSL2 disabled a
lot of code and changed ABI.
I think it's too late to do this in a stable release, but we could
definitely do something like this in pyopenssl:
diff -Naur pyopenssl-0.10.ori/src/ssl/context.c pyopenssl-0.10/src/ssl/context.c
--- pyopenssl-0.10.ori/src/ssl/context.c 2009-11-13 10:36:16.000000000
-0500
+++ pyopenssl-0.10/src/ssl/context.c 2012-03-09 18:10:02.556910621 -0500
@@ -1099,8 +1099,8 @@
switch (i_method) {
case ssl_SSLv2_METHOD:
- method = SSLv2_method();
- break;
+ PyErr_SetString(PyExc_ValueError, "SSLv2_METHOD is disabled");
+ return NULL;
case ssl_SSLv23_METHOD:
method = SSLv23_method();
break;
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/950078
Title:
Segfault when using SSLv2
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pyopenssl/+bug/950078/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
