Skip to content

[3.14] gh-148292: Add OpenSSL 4 support#149783

Open
vstinner wants to merge 5 commits into
python:3.14from
vstinner:openssl4
Open

[3.14] gh-148292: Add OpenSSL 4 support#149783
vstinner wants to merge 5 commits into
python:3.14from
vstinner:openssl4

Conversation

@vstinner
Copy link
Copy Markdown
Member

@vstinner vstinner commented May 13, 2026
edited by bedevere-app Bot
Loading

vstinner and others added 5 commits May 13, 2026 17:02
@vstinner @picnixz
pythongh-146207: Add support for OpenSSL 4.0.0 alpha1 (python#146217)
cf23df4 
OpenSSL 4.0.0 alpha1 removed these functions:

* SSLv3_method()
* TLSv1_method()
* TLSv1_1_method()
* TLSv1_2_method()

Other changes:

* Update test_openssl_version().
* Update multissltests.py for OpenSSL 4.
* Add const qualifier to fix compiler warnings.

Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
(cherry picked from commit 3364e7e)
@vstinner
pythongh-148600: Add Modules/_ssl_data_40.h data (python#148601)
c5e4ae0 
The Modules/_ssl_data_40.h file was created with the commands:

python Tools/ssl/multissltests.py --steps=library --base-directory "$PWD/multissl" --openssl '4.0.0' --system Linux
python Tools/ssl/make_ssl_data.py multissl/src/openssl-4.0.0 Modules/_ssl_data_40.h

Update Modules/_ssl.c to include it on OpenSSL 4.0.0 and newer.

Update test_ssl for the new error message.

(cherry picked from commit 70eb56b)
@vstinner @gpshead
pythongh-148292: Update _ssl._SSLSocket for OpenSSL 4 (python#149102)
3c2a301 
The _SSLSocket object now remembers if it gets an EOF error. In this
case, read(), sendfile(), write() and do_handshake method calls fail
with SSLEOFError without calling the underlying OpenSSL function.

Co-authored-by: Gregory P. Smith <greg@krypto.org>
(cherry picked from commit 7b7fa3f)
@vstinner
pythongh-148292: Remove shutdown() test in test_ssl.test_got_eof() (p…
8191190 
…ython#149366)

The shutdown() behavior depends too much on the operating system and
it's unrelated to the got_eof_error change.

(cherry picked from commit 1e21cf6)
@vstinner @clin1234
pythongh-148600: Add OpenSSL 4.0.0 support to test configurations (py…
c9a39e6 
…thon#149356)

Co-authored-by: Charlie Lin <tuug@gmx.us>
(cherry picked from commit fc96028)
@vstinner vstinner requested review from a team, gpshead and picnixz as code owners May 13, 2026 15:15
@vstinner vstinner added the needs backport to 3.13 bugs and security fixes label May 13, 2026
@bedevere-app bedevere-app Bot mentioned this pull request May 13, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gpshead gpshead Awaiting requested review from gpshead gpshead is a code owner

@picnixz picnixz Awaiting requested review from picnixz picnixz is a code owner

@ezio-melotti ezio-melotti Awaiting requested review from ezio-melotti ezio-melotti is a code owner

@hugovk hugovk Awaiting requested review from hugovk hugovk is a code owner

@AA-Turner AA-Turner Awaiting requested review from AA-Turner AA-Turner is a code owner

@webknjaz webknjaz Awaiting requested review from webknjaz webknjaz is a code owner

Assignees

No one assigned

Labels

awaiting core review needs backport to 3.13 bugs and security fixes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vstinner