[OE-core] python: Building without SSLv3 support ,

[Sona Sarmadi]

Hi all,

> > I think we should consider (start looking at upgrading to python 2.7.9
> > in master), to address this issue. I feel uncomfortable with this
> > Debian patch. It seems that  we need to do more manual changes in
> > order to make this work. I will soon update the bug 7015 with my test
> results.
> 
> We definitely do need to do this upgrade, yes; but we'd also like to have a fix
> for older versions too. FWIW I've just entered an enhancement bug to cover
> this for master; at the moment I'm not sure who will end up doing it but I
> thought we should have something to track it since it's not a trivial piece of
> work:
> 

I did some more investigation, run some tests and updated bug 7015.

I created bug 7085 - openssl: compile openSSL with OPENSSL_NO_SSL3 flag, this was needed for bug 7015. I am not sure if this should only be documented or should we add this flag to the default config. Disabling SSLv3 in python relies on defining this flag in OpenSSL.

If we upgrade Python to 2.7.9 (bug 7059) this issue will be solved in master, but we still need to handle this in dizzy & daisy. 

Python.org has bakported the entirety of Python 3.4's ssl module to Python 2.7.9. I will download the source code of 2.7.9 and see if we can backport the changes to our version (python 2.7.3). This will however take time for me. If this is urgent, please assign this to someone else. (I will soon go for a long vacation :))

Cheers
Sona