[OE-core] FW: [daisy][PATCH] python: Building without SSLv3 support
Sona Sarmadi
sona.sarmadi at enea.com
Fri Dec 5 12:06:03 UTC 2014
Hi guys,
> This should be applied to master first, and then backported to any stable
> branches. Can you re-send in a form that applies to master?
>
> Ross
Python has fixed this issue in version 3.5. and backported to 2.7:
See the patch here:
https://hg.python.org/cpython/rev/f762cbb712de
But this patch doesn’t apply, I have downloaded the latest 2.7.8, it is the
Same problem there. I have sent email to the guy responsible to this patch
but haven't heard from him yet. The commit message also say that " The
backport currently doesn't achieve anything since the function isn't used (yet)":
=======================================================
changeset 93549:f762cbb712de 2.7
Backport disabling of SSLv3 in ssl._create_stdlib_context() (issue #22638).
The backport currently doesn't achieve anything since the function isn't used
(yet). [#22638]
=======================================================
So this is the reason why I have applied the Debian patch. They disable SSLv3
in python this way because they have disabled SSLv3 in OpenSSL in their Jessie.
So if we take Debian's patch we need to define "OPENSSL_NO_SSL3” in the
OpenSSL as well. Are you ok with this? (the same way that "OPENSSL_NO_SSL2"
is defined in OpenSSL).
ssl/ssl.h
#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
#define OPENSSL_NO_SSL2
#endif
Cheers
Sona
More information about the Openembedded-core
mailing list