Added ability to choose SSL version #900

Closed
wants to merge 4 commits into from

3 participants

@dandrzejewski

This also acts as a workaround for #827, which in some cases, if you are
connecting to an SSL server that does not support SSLv2 or SSLv3 (and,
for exapmle, only supports TLSv1), would cause an illegal EOL SSL error.
If you select the right SSL protocol version, you won't see this error.

Kenneth, it looks like you tried to fix this in a previous revision by hard-coding the SSL version, and then you rolled it back. This makes it configurable via parameter to requests.requesttype()

@dandrzejewski dandrzejewski Added ability to choose SSL version
This also acts as a workaround for #827, which in some cases, if you are
connecting to an SSL server that does not support SSLv2 or SSLv3 (and,
for exapmle, only supports TLSv1), would cause an illegal EOL SSL error.
If you select the right SSL protocol version, you won't see this error.
2f414d0
@sigmavirus24

Pretty sure this is entirely unnecessary

Oh, just set it directly?

Collaborator

Good call. I'm so accustomed from Java to automatically writing getters/setters for everything. I'll go ahead and get that updated.

Collaborator

I did not already know, so thanks! This is actually the very first time I've ever done anything on GitHub.

Collaborator
@dandrzejewski

I made one last change to correct an issue where you could have a crash if Python was built without SSL support.

Also, I've submitted all of these changes to the urllib3 project, and it looks like @shazow is interested in merging, so you should be good there.

@dandrzejewski dandrzejewski reopened this Oct 22, 2012
@dandrzejewski

Interesting - build 802 failed because it timed out after 15 minutes. 803 succeeded, but it finished before 802. So, this pull request is being reported as a failure when it shouldn't be...

@kennethreitz

I won't be merging this at this time. Requests should be able to automatically fall back, just like the web browser.

I'll be adding TransportAdapters soon, and you'll be able to specify advanced options like this.

@dandrzejewski

That's the problem. In my environment, on Windows (but not Linux), when I'm connecting to to an HTTPS server that only supports TLSv1/2/3, but NOT SSLv2/3, I get the same error that's reported in #827:

requests.exceptions.SSLError: [Errno 8] _ssl.c:504: EOF occurred in violation of protocol

That's why I submitted this as a workaround.

@kennethreitz

I'll be adding TransportAdapters soon, and you'll be able to specify advanced options like this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment