From 59c4eb71f23daa1a96650963eb17f2c8521cbe18 Mon Sep 17 00:00:00 2001 From: Benjamin Peterson Date: Mon, 16 Mar 2015 12:43:38 -0500 Subject: [PATCH] versionchanged for rc4 removal (closes #23679) --- Doc/library/ssl.rst | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index e37357fae70..a1162f41bc5 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -245,8 +245,8 @@ purposes. :const:`None`, this function can choose to trust the system's default CA certificates instead. - The settings in Python 3.4 are: :data:`PROTOCOL_SSLv23`, :data:`OP_NO_SSLv2`, - and :data:`OP_NO_SSLv3` with high encryption cipher suites without RC4 and + The settings are: :data:`PROTOCOL_SSLv23`, :data:`OP_NO_SSLv2`, and + :data:`OP_NO_SSLv3` with high encryption cipher suites without RC4 and without unauthenticated cipher suites. Passing :data:`~Purpose.SERVER_AUTH` as *purpose* sets :data:`~SSLContext.verify_mode` to :data:`CERT_REQUIRED` and either loads CA certificates (when at least one of *cafile*, *capath* or @@ -276,6 +276,10 @@ purposes. .. versionadded:: 3.4 + .. versionchanged:: 3.4.4 + + RC4 was dropped from the default cipher string. + Random generation ^^^^^^^^^^^^^^^^^