Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-11-03 23:21:29 +00:00
Code Issues Projects Releases Packages Wiki Activity
81052 commits 6 branches 635 tags 3.8 GiB
Commit graph

100 commits

Author SHA1 Message Date
Georg Brandl
99b1a12f2f merge with 3.3 2013-10-06 18:20:39 +02:00
Georg Brandl
4a6cf6c9d1 Closes #19177: replace dead link to SSL/TLS introduction with the version from Apache. 2013-10-06 18:20:31 +02:00
Antoine Pitrou
20b85557f2 Issue #19095: SSLSocket.getpeercert() now raises ValueError when the SSL handshake hasn't been done. 2013-09-29 19:50:53 +02:00
Larry Hastings
d36fc4307e Fix minor documentation markup error. 2013-08-03 02:49:53 -07:00
R David Murray
fe3ae3cdc7 Merge #18311: fix typo. 2013-06-26 15:11:32 -04:00
R David Murray
c7f7579855 #18311: fix typo. 2013-06-26 15:11:12 -04:00
Christian Heimes
9a5395ae2b Issue #18147: Add diagnostic functions to ssl.SSLContext(). 
get_ca_list() lists all loaded CA certificates and cert_store_stats() returns
amount of loaded X.509 certs, X.509 CA certs and CRLs.
 2013-06-17 15:44:12 +02:00
Christian Heimes
46bebee25f Issue #17134: Add ssl.enum_cert_store() as interface to Windows' cert store. 2013-06-09 19:03:31 +02:00
Christian Heimes
3e738f97f8 removed accidental new line 2013-06-09 18:07:16 +02:00
Christian Heimes
6d7ad13a45 Issue #18143: Implement ssl.get_default_verify_paths() in order to debug 
the default locations for cafile and capath.
 2013-06-09 18:02:55 +02:00
Antoine Pitrou
9b42128e2c Issue #17739: fix the description of SSLSocket.getpeercert(binary_form=True) for server sockets. 
Thanks to David D Lowe for reporting.
 2013-04-16 20:28:15 +02:00
Antoine Pitrou
d34941ad4e Issue #17739: fix the description of SSLSocket.getpeercert(binary_form=True) for server sockets. 
Thanks to David D Lowe for reporting.
 2013-04-16 20:27:17 +02:00
Antoine Pitrou
50b24d0d7c Fix a crash when setting a servername callback on a SSL server socket and the client doesn't send a server name. 
Patch by Kazuhiro Yoshida.
(originally issue #8109)
 2013-04-11 20:48:42 +02:00
Antoine Pitrou
2463e5fee4 Issue #16692: The ssl module now supports TLS 1.1 and TLS 1.2. Initial patch by Michele Orrù. 2013-03-28 22:24:43 +01:00
Terry Jan Reedy
8e7586bd44 Issue #17047: remove doubled words added in 3.4, 
as reported by Serhiy Storchaka and Matthew Barnett.
 2013-03-11 18:38:13 -04:00
Antoine Pitrou
58ddc9d743 Issue #8109: The ssl module now has support for server-side SNI, thanks to a :meth:SSLContext.set_servername_callback method. 
Patch by Daniel Black.
 2013-01-05 21:20:29 +01:00
Antoine Pitrou
d9a7e70939 Update the getpeercert() example with a real-world cert showing non-trivial issuer, subject and subjectAltName. 2012-08-16 22:18:37 +02:00
Antoine Pitrou
b7c6c8105e Update the getpeercert() example with a real-world cert showing non-trivial issuer, subject and subjectAltName. 2012-08-16 22:14:43 +02:00
Antoine Pitrou
3b36fb1f53 Issue #14837: SSL errors now have library and reason attributes describing precisely what happened and in which OpenSSL submodule. 
The str() of a SSLError is also enhanced accordingly.

NOTE: this commit creates a reference leak.  The leak seems tied to the
use of PyType_FromSpec() to create the SSLError type.  The leak is on the
type object when it is instantiated:

>>> e = ssl.SSLError()
>>> sys.getrefcount(ssl.SSLError)
35
>>> e = ssl.SSLError()
>>> sys.getrefcount(ssl.SSLError)
36
>>> e = ssl.SSLError()
>>> sys.getrefcount(ssl.SSLError)
37
 2012-06-22 21:11:52 +02:00
Antoine Pitrou
d5d17eb653 Issue #14204: The ssl module now has support for the Next Protocol Negotiation extension, if available in the underlying OpenSSL library. 
Patch by Colin Marc.
 2012-03-22 00:23:03 +01:00
Antoine Pitrou
e10ae8871a Clarify that ssl.OP_ALL can be different from OpenSSL's SSL_OP_ALL. 2012-01-27 10:03:23 +01:00
Antoine Pitrou
9f6b02ecde Clarify that ssl.OP_ALL can be different from OpenSSL's SSL_OP_ALL. 2012-01-27 10:02:55 +01:00
Antoine Pitrou
ac8bfcacfc Issue #13747: fix SSL compatibility table. 2012-01-09 21:43:18 +01:00
Antoine Pitrou
84a2edcdf7 Issue #13747: fix documentation error about the default SSL version. 2012-01-09 21:35:11 +01:00
Antoine Pitrou
441ae043df Update printout of SSL certificate examples for 3.2+. 2012-01-06 20:06:15 +01:00
Antoine Pitrou
b7ffed8a50 Add a subsection explaning cipher selection. 2012-01-04 02:53:44 +01:00
Antoine Pitrou
8a9b9c7d16 Merge SSL doc fixes (issue #13747). 2012-01-09 21:46:11 +01:00
Antoine Pitrou
deec7566ae Update printout of SSL certificate examples for 3.2+. 2012-01-06 20:09:29 +01:00
Antoine Pitrou
8f746d83e2 Add a subsection explaning cipher selection. 2012-01-04 02:54:12 +01:00
Antoine Pitrou
0e576f1f50 Issue #13626: Add support for SSL Diffie-Hellman key exchange, through the 
SSLContext.load_dh_params() method and the ssl.OP_SINGLE_DH_USE option.
 2011-12-22 10:03:38 +01:00
Antoine Pitrou
501da61671 Fix ssl module compilation if ECDH support was disabled in the OpenSSL build. 
(followup to issue #13627)
 2011-12-21 09:27:41 +01:00
Antoine Pitrou
8abdb8abd8 Issue #13634: Add support for querying and disabling SSL compression. 2011-12-20 10:13:40 +01:00
Antoine Pitrou
923df6f22a Issue #13627: Add support for SSL Elliptic Curve-based Diffie-Hellman 
key exchange, through the SSLContext.set_ecdh_curve() method and the
ssl.OP_SINGLE_ECDH_USE option.
 2011-12-19 17:16:51 +01:00
Antoine Pitrou
6db4944cc5 Issue #13635: Add ssl.OP_CIPHER_SERVER_PREFERENCE, so that SSL servers 
choose the cipher based on their own preferences, rather than on the
client's.
 2011-12-19 13:27:11 +01:00
Antoine Pitrou
f3dc2d7afd Fix typo 2011-10-28 00:01:03 +02:00
Antoine Pitrou
873bf262ad Update example of non-blocking SSL code for the new finer-grained exceptions 2011-10-27 23:59:03 +02:00
Antoine Pitrou
41032a69c1 Issue #11183: Add finer-grained exceptions to the ssl module, so that 
you don't have to inspect the exception's attributes in the common case.
 2011-10-27 23:56:55 +02:00
Antoine Pitrou
5574c3012d Replace mentions of socket.error. 2011-10-12 17:53:43 +02:00
Antoine Pitrou
756b169c5a Issue #12823: remove broken link and replace it with another resource. 2011-10-07 16:58:35 +02:00
Antoine Pitrou
f394e47851 Issue #12823: remove broken link and replace it with another resource. 2011-10-07 16:58:07 +02:00
Antoine Pitrou
4fd1e6a3ba Issue #12803: SSLContext.load_cert_chain() now accepts a password argument 
to be used if the private key is encrypted.  Patch by Adam Simpkins.
 2011-08-25 14:39:44 +02:00
Antoine Pitrou
d649480739 Issue #12551: Provide a get_channel_binding() method on SSL sockets so as 
to get channel binding data for the current SSL session (only the
"tls-unique" channel binding is implemented).  This allows the
implementation of certain authentication mechanisms such as SCRAM-SHA-1-PLUS.

Patch by Jacek Konieczny.
 2011-07-21 01:11:30 +02:00
Antoine Pitrou
126edb5607 Use infinitive, not 3rd person of present tense. 2011-07-11 01:39:35 +02:00
Antoine Pitrou
b3593cada2 Use infinitive, not 3rd person of present tense. 2011-07-11 01:39:19 +02:00
Antoine Pitrou
f08310f08b Issue #12343: Add some notes on behaviour of non-blocking SSL sockets. 2011-07-11 01:38:27 +02:00
Antoine Pitrou
6f5dcb1ee2 Issue #12343: Add some notes on behaviour of non-blocking SSL sockets. 2011-07-11 01:35:48 +02:00
Victor Stinner
a675206366 Issue #12049: Document errors cases of ssl.RAND_bytes() and 
ssl.RAND_pseudo_bytes().  Add also links to RAND_status and RAND_add.
 2011-05-25 11:27:40 +02:00
Victor Stinner
19fb53c119 Issue #12049: improve RAND_bytes() and RAND_pseudo_bytes() documentation 
Add also a security warning in the module random pointing to ssl.RAND_bytes().
 2011-05-24 21:32:40 +02:00
Victor Stinner
99c8b16143 Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl 
module.
 2011-05-24 12:05:19 +02:00
Victor Stinner
17ca323e7c (Merge 3.1) Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional 
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.

Optimize also ssl.get_protocol_name(): speed does matter!
 2011-05-10 00:48:41 +02:00