-
-
Notifications
You must be signed in to change notification settings - Fork 29.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
expose SSL socket protocol version #64620
Comments
SSL sockets should provide a way to query the current protocol version (e.g. "TLSv1.2"). OpenSSL makes it easy through SSL_get_version(). Open question is whether we return the string returned by SSL_get_version(), or we convert it to one of the constants ssl.PROTOCOL_XXX. |
(slightly related: should ssl.PROTOCOL_xxx constants become enum members?) |
We could actually use the undocumented "int SSL_version(const SSL *s)" and convert the return value to one of our favourite protocol constants. |
Sounds good to me. |
Ok, it came to me that converting to one of the PROTOCOL* constants can fail in the following case: Python is linked with an OpenSSL that supports a more recent protocol version than the ssl module is aware of. SSL_get_version() can then return a protocol (e.g. "TLSv1.3") that we don't know about, and have no way of converting to an existing constant. So perhaps we should really simply return the same string as OpenSSL? |
Debatable. Maybe I'm +0.1 for returning the plain string. IMO when it comes to stdlib modules, enums are only really useful for converting integer constants. |
Here is a patch. Doc updates still missing. |
Updated patch with doc. |
New changeset 648685f8d5e9 by Antoine Pitrou in branch 'default': |
Pushed to default. |
Should this be backported to 2.7.9? |
It's as you want, now. I don't think this is really important, though. |
Attached patch backports it (only change is the use of |
New changeset 16c86a6bdbe2 by Alex Gaynor in branch '2.7': |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: