[Python-modules-commits] r32759 - in packages/python-eventlet/trunk/debian (3 files)
zigo at users.alioth.debian.org
zigo at users.alioth.debian.org
Thu May 21 17:21:50 UTC 2015
Date: Thursday, May 21, 2015 @ 17:21:49
Author: zigo
Revision: 32759
Enforce default protocol to be TLSv1 and not SSLv23.
Added:
packages/python-eventlet/trunk/debian/patches/set-defaults-to-be-tlsv1-not-sslv23.patch
Modified:
packages/python-eventlet/trunk/debian/changelog
packages/python-eventlet/trunk/debian/patches/series
Modified: packages/python-eventlet/trunk/debian/changelog
===================================================================
--- packages/python-eventlet/trunk/debian/changelog 2015-05-21 17:13:59 UTC (rev 32758)
+++ packages/python-eventlet/trunk/debian/changelog 2015-05-21 17:21:49 UTC (rev 32759)
@@ -1,3 +1,9 @@
+python-eventlet (0.17.3-4) unstable; urgency=medium
+
+ * Enforce default protocol to be TLSv1 and not SSLv23.
+
+ -- Thomas Goirand <zigo at debian.org> Thu, 21 May 2015 17:20:12 +0000
+
python-eventlet (0.17.3-3) unstable; urgency=medium
* Enforce TLSv1 always, instead of the more permissive SSLv23.
Modified: packages/python-eventlet/trunk/debian/patches/series
===================================================================
--- packages/python-eventlet/trunk/debian/patches/series 2015-05-21 17:13:59 UTC (rev 32758)
+++ packages/python-eventlet/trunk/debian/patches/series 2015-05-21 17:21:49 UTC (rev 32759)
@@ -2,3 +2,4 @@
fix-FTBFS-on-sphinx-build.patch
use-packaged-python-mock-rather-than-embedded.patch
enforce-tlsv1-always.patch
+set-defaults-to-be-tlsv1-not-sslv23.patch
Added: packages/python-eventlet/trunk/debian/patches/set-defaults-to-be-tlsv1-not-sslv23.patch
===================================================================
--- packages/python-eventlet/trunk/debian/patches/set-defaults-to-be-tlsv1-not-sslv23.patch (rev 0)
+++ packages/python-eventlet/trunk/debian/patches/set-defaults-to-be-tlsv1-not-sslv23.patch 2015-05-21 17:21:49 UTC (rev 32759)
@@ -0,0 +1,17 @@
+Description: Do not use SSLv23 by default, but TLSv1
+ Default protocol should really be TLSv1 and not SSLv23.
+Author: Thomas Goirand <zigo at debian.org>
+Forwarded: no
+Last-Update: 2015-05-21
+
+--- python-eventlet-0.17.3.orig/eventlet/green/ssl.py
++++ python-eventlet-0.17.3/eventlet/green/ssl.py
+@@ -46,7 +46,7 @@ class GreenSSLSocket(_original_sslsocket
+
+ def __init__(self, sock, keyfile=None, certfile=None,
+ server_side=False, cert_reqs=CERT_NONE,
+- ssl_version=PROTOCOL_SSLv23, ca_certs=None,
++ ssl_version=PROTOCOL_TLSv1, ca_certs=None,
+ do_handshake_on_connect=True, *args, **kw):
+ if not isinstance(sock, GreenSocket):
+ sock = GreenSocket(sock)
More information about the Python-modules-commits
mailing list