Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Set SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER in calling OpenSSL #1287

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,23 @@ Changelog
Versions are year-based with a strict backward-compatibility policy.
The third digit is only for regressions.

24.1.0 (UNRELEASED)
-------------------
julianz- marked this conversation as resolved.
Show resolved Hide resolved

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
julianz- marked this conversation as resolved.
Show resolved Hide resolved

- ``pyOpenSSL`` now sets ``SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER`` by default, matching CPython's behavior. `#1287 <https://github.com/pyca/pyopenssl/pull/1287>`_.
- The minimum ``cryptography`` version is now 42.0.0.

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^


julianz- marked this conversation as resolved.
Show resolved Hide resolved

24.0.0 (2024-01-22)
-------------------

Expand Down
2 changes: 1 addition & 1 deletion setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ def find_meta(meta):
packages=find_packages(where="src"),
package_dir={"": "src"},
install_requires=[
"cryptography>=41.0.5,<43",
"cryptography>=42.0.0,<43",
],
extras_require={
"test": ["flaky", "pretend", "pytest>=3.0.1"],
Expand Down
13 changes: 6 additions & 7 deletions src/OpenSSL/SSL.py
Original file line number Diff line number Diff line change
Expand Up @@ -223,11 +223,8 @@
except AttributeError:
pass

try:
OP_LEGACY_SERVER_CONNECT = _lib.SSL_OP_LEGACY_SERVER_CONNECT
__all__.append("OP_LEGACY_SERVER_CONNECT")
except AttributeError:
pass
OP_LEGACY_SERVER_CONNECT = _lib.SSL_OP_LEGACY_SERVER_CONNECT
__all__.append("OP_LEGACY_SERVER_CONNECT")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this is no longer conditional, wouldn't it be better to move it up with the other definitions above and include it straight into __all__? This will need a rebase since I added an int type annotation, sorry :)


OP_ALL = _lib.SSL_OP_ALL

Expand Down Expand Up @@ -855,8 +852,10 @@ def __init__(self, method):
self._ocsp_data = None
self._cookie_generate_helper = None
self._cookie_verify_helper = None

self.set_mode(_lib.SSL_MODE_ENABLE_PARTIAL_WRITE)
self.set_mode(
_lib.SSL_MODE_ENABLE_PARTIAL_WRITE
| _lib.SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
)
if version is not None:
self.set_min_proto_version(version)
self.set_max_proto_version(version)
Expand Down
2 changes: 1 addition & 1 deletion tox.ini
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ extras =
test
deps =
coverage>=4.2
cryptographyMinimum: cryptography==41.0.5
cryptographyMinimum: cryptography==42.0.0
randomorder: pytest-randomly
setenv =
# Do not allow the executing environment to pollute the test environment
Expand Down