Python 2.7 SSL upgrade patch available for testing

Bohuslav Kabrda bkabrda at redhat.com
Tue Jul 29 14:16:25 UTC 2014


----- Original Message -----
> PEP 466 approved bring the core Python 2 network security infrastructure
> up to speed with the modern internet.
> 
> Alex Gaynor has provided a draft patch of the most complex part of that
> PEP, backporting the bulk of the Python 3.4 SSL module to Python 2.7:
> http://bugs.python.org/issue21308#msg223895
> 
> This is also the part of the PEP most likely to break things, so
> figuring out a way to test it in Fedora before it makes it into an
> upstream CPython release would be a good idea...

We could create a copr repo where we would rebuild python (in an SCL?) with these patches and then we'd rebuild some modules that use ssl - to see if the tests pass and if they're actually usable. The disadvantage of this approach is that it just takes lots of time to implement...
Or, if we're feeling lucky, we can just build Python with these patches in rawhide and see if something breaks :) That's easy and fast (assuming everything works fine).

I'd really love to help here, but I really can't spare enough time to do it "properly" in Copr as noted above.
So the question is, are we feeling lucky? :) I'd say yes, since rawhide has just recently become future Fedora 22 and not much is going on in there right now. If we break something, we can just revert it quickly and everything will be fine.

Is someone strictly against this or shall I move on with patching our rawhide Python?
Slavek

> Cheers,
> Nick.


More information about the python-devel mailing list