Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2026-01-21 22:59:06 +00:00
Code Issues Projects Releases Packages Wiki Activity
98808 commits 6 branches 643 tags 4.2 GiB
Commit graph

236 commits

Author SHA1 Message Date
Miss Islington (bot)
3f439d14ad bpo-33045: Fix typos in SSL documentation (GH-6065) 
(cherry picked from commit 9cf8c42f32)

Co-authored-by: Matt Eaton <agnosticdev@gmail.com>
 2018-03-11 04:26:01 +03:00
Christian Heimes
48707a1baf
[3.6] bpo-30622: Improve NPN support detection (GH-5859) (#5861) 
The ssl module now detects missing NPN support in LibreSSL.

Co-Authored-By: Bernard Spil <brnrd@FreeBSD.org>
Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 6cdb7954b0)

Co-authored-by: Christian Heimes <christian@python.org>
 2018-02-25 10:20:47 +01:00
Miss Islington (bot)
f8a794c04c
bpo-32008: don't use PROTOCOL_TLSv1 in example (GH-5789) 
It's bad form to pin to an old version of TLS. ssl.SSLContext has the right
protocol default, so let's not pass anyway.
(cherry picked from commit e9edee0b65)

Co-authored-by: Benjamin Peterson <benjamin@python.org>
 2018-02-20 22:07:17 -08:00
Miss Islington (bot)
4a97809a38 trivial: link updates in documentation (GH-2765) (#4835) 
(cherry picked from commit 4f29f3c84b)
 2017-12-13 14:45:19 +02:00
Miss Islington (bot)
6b44ad1abd bpo-31533: fix broken link to OpenSSL docs (GH-3674) (GH-3675) 
(cherry picked from commit 19e4d9346d)
 2017-09-20 13:22:56 -07:00
Christian Heimes
28580316a5 bpo-29136: Fix versionchange for TLS 1.3 changes (#3483) 
Thanks Arfrever!

Signed-off-by: Christian Heimes <christian@python.org>
 2017-09-10 21:14:34 +02:00
Christian Heimes
9f2b3d4c28 [3.6] bpo-29136: Add TLS 1.3 cipher suites and OP_NO_TLSv1_3 (GH-1363) (#3444) 
* bpo-29136: Add TLS 1.3 support

TLS 1.3 introduces a new, distinct set of cipher suites. The TLS 1.3
cipher suites don't overlap with cipher suites from TLS 1.2 and earlier.
Since Python sets its own set of permitted ciphers, TLS 1.3 handshake
will fail as soon as OpenSSL 1.1.1 is released. Let's enable the common
AES-GCM and ChaCha20 suites.

Additionally the flag OP_NO_TLSv1_3 is added. It defaults to 0 (no op) with
OpenSSL prior to 1.1.1. This allows applications to opt-out from TLS 1.3
now.

Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit cb5b68abde)
 2017-09-07 20:23:52 -07:00
Miss Islington (bot)
1fc47b40af [3.6] bpo-21649: Add RFC 7525 and Mozilla server side TLS (GH-3387) (GH-3399) 
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit ad0ffa033e)
 2017-09-06 17:31:30 -07:00
Christian Heimes
7f6a13bd56 [3.6] bpo-30714: ALPN changes for OpenSSL 1.1.0f (#3093) 
OpenSSL 1.1.0 to 1.1.0e aborted the handshake when server and client
could not agree on a protocol using ALPN. OpenSSL 1.1.0f changed that.
The most recent version now behaves like OpenSSL 1.0.2 again. The ALPN
callback can pretend to not been set.

See https://github.com/openssl/openssl/pull/3158 for more details

Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit a5c1bab352)
 2017-08-15 10:45:40 +02:00
Benjamin Peterson
2737291134 backport ssl doc fixes (#2117) 
* clarify recv() and send() on SSLObject (#2100)

SSLObject has recv() and send(), but they don't do any network io.

* remove extra word (#2101)
 2017-06-11 11:53:14 -07:00
Nick Coghlan
c422959dac [3.6] bpo-19180: Updated references for RFC 1750, RFC 3280 & RFC 4366 
* RFC 1750 has been been obsoleted by RFC 4086.
* RFC 3280 has been obsoleted by RFC 5280.
* RFC 4366 has been obsoleted by RFC 6066.
(cherry picked from commit 63c2c8ac17)
 2017-06-09 22:37:53 +10:00
Mariatta
78b23ab682 [3.6] Clean up some confusing text left by PROTOCOL_SSLv23 -> PROTOCOL_TLS transition (GH-1355) (#1371) 
(cherry picked from commit d4069de511)
 2017-05-01 22:55:53 -07:00
Alex Gaynor
65bd0bdf3d In SSL module version examples, don't use a legacy version. (#381) (#400) 2017-03-02 12:37:50 -05:00
Mariatta
1b93ed4f3e Fixed a handful of typos (GH-343) (GH-364) 
(cherry picked from commit 1cf2a809b1)
 2017-02-28 21:08:13 -08:00
Berker Peksag
d93c4de522 Fix usage of data directive 2017-02-06 13:37:19 +03:00
Serhiy Storchaka
7d6dda4b78 Issue #19795: Improved more markups of True/False. 2016-10-19 18:36:51 +03:00
Serhiy Storchaka
4adf01caae Issue #19795: Improved more markups of True/False. 2016-10-19 18:30:05 +03:00
Serhiy Storchaka
989db5c880 Issue #19795: Mark up None as literal text. 2016-10-19 16:37:13 +03:00
Serhiy Storchaka
ecf41da83e Issue #19795: Mark up None as literal text. 2016-10-19 16:29:26 +03:00
Christian Heimes
ed9c0706cf Explain why PROTOCOL_SSLv23 does not support SSLv2 and SSLv3 by default. 2016-09-13 13:27:26 +02:00
Christian Heimes
17352fff92 Explain why PROTOCOL_SSLv23 does not support SSLv2 and SSLv3 by default. 2016-09-13 12:09:55 +02:00
Christian Heimes
c4d2e500a9 Update whatsnew with my contributions 2016-09-12 01:14:35 +02:00
Christian Heimes
5fe668c672 Issue #28085: Add PROTOCOL_TLS_CLIENT and PROTOCOL_TLS_SERVER for SSLContext 2016-09-12 00:01:11 +02:00
Christian Heimes
99a6570295 Issue #19500: Add client-side SSL session resumption to the ssl module. 2016-09-10 23:44:53 +02:00
Christian Heimes
d04863771b Issue #28022: Deprecate ssl-related arguments in favor of SSLContext. 
The deprecation include manual creation of SSLSocket and certfile/keyfile
(or similar) in ftplib, httplib, imaplib, smtplib, poplib and urllib.

ssl.wrap_socket() is not marked as deprecated yet.
 2016-09-10 23:23:33 +02:00
Christian Heimes
358cfd426c Issue 28043: SSLContext has improved default settings 
The options OP_NO_COMPRESSION, OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE, OP_NO_SSLv2 (except for PROTOCOL_SSLv2), and OP_NO_SSLv3 (except for PROTOCOL_SSLv3) are set by default. The initial cipher suite list contains only HIGH ciphers, no NULL ciphers and MD5 ciphers (except for PROTOCOL_SSLv2).
 2016-09-10 22:43:48 +02:00
Christian Heimes
3aeacad561 Issue #28025: Convert all ssl module constants to IntEnum and IntFlags. 2016-09-10 00:19:35 +02:00
Christian Heimes
03d13c0cbf Issues #27850 and #27766: Remove 3DES from ssl default cipher list and add ChaCha20 Poly1305. 2016-09-06 20:06:47 +02:00
Christian Heimes
598894ff48 Issue #26470: Port ssl and hashlib module to OpenSSL 1.1.0. 2016-09-05 23:19:05 +02:00
Christian Heimes
ac041c0aa7 Issues #27850 and #27766: Remove 3DES from ssl default cipher list and add ChaCha20 Poly1305. 2016-09-06 20:07:58 +02:00
Christian Heimes
25bfcd5d9e Issue #27866: Add SSLContext.get_ciphers() method to get a list of all enabled ciphers. 2016-09-06 00:04:45 +02:00
Christian Heimes
01113faef9 Issue #26470: Port ssl and hashlib module to OpenSSL 1.1.0. 2016-09-05 23:23:24 +02:00
Terry Jan Reedy
fa089b9b0b Issue #22558: Add remaining doc links to source code for Python-coded modules. 
Reformat header above separator line (added if missing) to a common format.
Patch by Yoni Lavi.
 2016-06-11 15:02:54 -04:00
Serhiy Storchaka
dba903993a Issue #23921: Standardized documentation whitespace formatting. 
Original patch by James Edwards.
 2016-05-10 12:01:23 +03:00
Serhiy Storchaka
6dff0205b7 Issue #26736: Used HTTPS for external links in the documentation if possible. 2016-05-07 10:49:07 +03:00
Martin Panter
f6b1d66a3c Issue #23804: Fix SSL recv/read(0) to not return 1024 bytes 2016-03-28 00:22:09 +00:00
Georg Brandl
5d94134040 Closes #25910: fix dead and permanently redirected links in the docs. Thanks to SilentGhost for the patch. 2016-02-26 19:37:12 +01:00
Georg Brandl
8c16cb9f65 Closes #26435: fix syntax in directives. Thanks to Jakub Stasiak. 2016-02-25 20:17:45 +01:00
Serhiy Storchaka
4981dd2cb8 Fixed merging error in 3ebeeed1eb28. 
Thanks Марк Коренберг.
 2015-11-06 11:19:42 +02:00
Martin Panter
4827e488a4 Merge spelling fixes from 3.4 into 3.5 2015-10-31 12:16:18 +00:00
Martin Panter
1f1177d69a Fix some spelling errors in documentation and code comments 2015-10-31 11:48:53 +00:00
Berker Peksag
fee05daef8 Issue #24232: Fix typos. Patch by Ville Skyttä. 2015-05-19 01:38:05 +03:00
Berker Peksag
315e104d11 Issue #24232: Fix typos. Patch by Ville Skyttä. 2015-05-19 01:36:55 +03:00
Antoine Pitrou
b9f2ab9eae Fix duplicate doc entry for SSLContext.get_ca_certs() 
(closes #18147)
 2015-04-13 21:06:51 +02:00
Antoine Pitrou
97aa953550 Fix duplicate doc entry for SSLContext.get_ca_certs() 
(closes #18147)
 2015-04-13 21:06:15 +02:00
Benjamin Peterson
1c69c3e3d8 use imperative 2015-04-11 07:42:42 -04:00
Berker Peksag
eb7a97c48e Issue #23025: Add a mention of os.urandom to RAND_bytes and RAND_pseudo_bytes docs. 
Patch by Alex Gaynor.
 2015-04-10 16:19:13 +03:00
Benjamin Peterson
339e3f33b6 merge 3.4 2015-04-11 07:44:45 -04:00
Serhiy Storchaka
2ce11d296c Null merge 2015-04-10 16:22:14 +03:00
Berker Peksag
a7b9a1f4df Issue #23025: Add a mention of os.urandom to RAND_bytes and RAND_pseudo_bytes docs. 
Patch by Alex Gaynor.
 2015-04-10 16:19:44 +03:00