Code Review / packages / trusty / python-eventlet.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Add python-eventlet package to MOS 9.0 repository
[packages/trusty/python-eventlet.git] / debian / patches / enforce-tlsv1-always.patch
1 Description: Always enforce TLSv1
2  Upstream allows SSLv23, but we don't want this, we want TLSv1 always, as
3  we shouldn't trust lower types of crypto.
4 Author: Thomas Goirand <zigo@debian.org>
5 Forwarded: not-needed
6 Last-Update: 2015-05-21
7
8 --- python-eventlet-0.17.3.orig/eventlet/convenience.py
9 +++ python-eventlet-0.17.3/eventlet/convenience.py
10 @@ -139,7 +139,7 @@ except ImportError:
11                            do_handshake_on_connect=True,
12                            suppress_ragged_eofs=True, ciphers=None):
13              # theoretically the ssl_version could be respected in this line
14 -            context = SSL.Context(SSL.SSLv23_METHOD)
15 +            context = SSL.Context(SSL.TLSv1_METHOD)
16              if certfile is not None:
17                  context.use_certificate_file(certfile)
18              if keyfile is not None: