-
-
Notifications
You must be signed in to change notification settings - Fork 30.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LibreSSL does not tolerate setting minimum_version greater than maximum_version #78182
Comments
LibreSSL has a function called As a result, attempting to set a minimum_version greater than a maximum_version results in a ValueError when Python is built with LibreSSL. There are two things that might need fixing here:
Here's some Python code to reproduce the above-mentioned error:
Here's some example C code:
Under LibreSSL 2.7.4, this produces:
Under OpenSSL 1.1.0g, this produces:
The test that failed: Traceback (most recent call last):
File "/home/alan/src/cpython/Lib/test/test_ssl.py", line 3575, in test_min_max_version
server_context.minimum_version = ssl.TLSVersion.TLSv1_2
File "/home/alan/src/cpython/Lib/ssl.py", line 491, in minimum_version
super(SSLContext, SSLContext).minimum_version.__set__(self, value)
ValueError: Unsupported protocol version 0x303 |
Strangely, LibreSSL's As such, the assertion test A possible fix would be to add another check in One dilemma is whether to reset the respective version back to what it was before the attempt, which I think should be done. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: