Don't force connections to TLSv1 #25
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Author
|
@rhtyd Any thoughts on this? Could really use this fix so I can turn off TLSv1. |
rohityadavcloud
approved these changes
Aug 31, 2018
Author
|
Thanks @rhtyd, are you planning a new release to pip with the fix? |
Member
|
pip install from the git repo's 5.3 branch, I'll see if we can do a python based 5.3.4 release. Most of my focus is going towards the go port which has entered beta state (some people have started using in prod as well) but not announced yet. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Forcing the connection to TLSv1 is actually downgrading connections that would otherwise be TLSv1_2. Cloudmonkey is better off auto-negotiating ssl/tls versions and versions should be enforced on the server side. Since the Go version is still alpha, it would be very useful to have the Python version play nice with TLSv1_2.