Commit Graph

292 Commits

Author SHA1 Message Date
Serhiy Storchaka 36122e1814
bpo-41203: Replace Mac OS X and OS X with macOS (GH-28515)
Replace old names when they refer to actual versions of macOS.
Keep historical names in references to older versions.

Co-authored-by: Patrick Reader <_@pxeger.com>
2021-09-22 20:33:36 +03:00
Mariusz Felisiak 11749e2dc2
bpo-44740: Lowercase "internet" and "web" where appropriate. (#27378)
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
2021-07-27 00:11:55 +02:00
Anton Grübel 717f608c4a
Fix typo in ssl documentation (GH-27329) 2021-07-24 18:54:51 -03:00
Christian Heimes e26014f1c4
bpo-44362: ssl: improve deprecation warnings and docs (GH-26646)
Signed-off-by: Christian Heimes <christian@python.org>
2021-06-11 09:15:48 +02:00
Christian Heimes d8389e3e50
bpo-38820: Add ssl, hashlib, and hmac changes to whatsnew 3.10 (GH-25817)
Signed-off-by: Christian Heimes <christian@python.org>
2021-05-02 16:38:02 +02:00
Christian Heimes e983252b51
bpo-43998: Default to TLS 1.2 and increase cipher suite security (GH-25778)
The ssl module now has more secure default settings. Ciphers without forward
secrecy or SHA-1 MAC are disabled by default. Security level 2 prohibits
weak RSA, DH, and ECC keys with less than 112 bits of security.
:class:`~ssl.SSLContext` defaults to minimum protocol version TLS 1.2.
Settings are based on Hynek Schlawack's research.

```
$ openssl version
OpenSSL 1.1.1k  FIPS 25 Mar 2021
$ openssl ciphers -v '@SECLEVEL=2:ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES:DHE+AES:!aNULL:!eNULL:!aDSS:!SHA1:!AESCCM'
TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
TLS_AES_128_CCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESCCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
```

Signed-off-by: Christian Heimes <christian@python.org>
2021-05-01 20:53:10 +02:00
Zackery Spytz b2fac1afaa
bpo-31870: Add a timeout parameter to ssl.get_server_certificate() (GH-22270) 2021-04-23 21:46:01 -07:00
l0x 64d975202f
bpo-40849: Expose X509_V_FLAG_PARTIAL_CHAIN ssl flag (GH-20463)
This short PR exposes an openssl flag that  wasn't exposed. I've also updated to doc to reflect the change. It's heavily inspired by 990fcaac3c.
2021-04-19 04:51:18 -07:00
Christian Heimes 2875c603b2
bpo-43880: Show DeprecationWarnings for deprecated ssl module features (GH-25455)
* ssl.OP_NO_SSLv2
* ssl.OP_NO_SSLv3
* ssl.OP_NO_TLSv1
* ssl.OP_NO_TLSv1_1
* ssl.OP_NO_TLSv1_2
* ssl.OP_NO_TLSv1_3
* ssl.PROTOCOL_SSLv2
* ssl.PROTOCOL_SSLv3
* ssl.PROTOCOL_SSLv23 (alias for PROTOCOL_TLS)
* ssl.PROTOCOL_TLS
* ssl.PROTOCOL_TLSv1
* ssl.PROTOCOL_TLSv1_1
* ssl.PROTOCOL_TLSv1_2
* ssl.TLSVersion.SSLv3
* ssl.TLSVersion.TLSv1
* ssl.TLSVersion.TLSv1_1
* ssl.wrap_socket()
* ssl.RAND_pseudo_bytes()
* ssl.RAND_egd() (already removed since it's not supported by OpenSSL 1.1.1)
* ssl.SSLContext() without a protocol argument
* ssl.match_hostname()
* hashlib.pbkdf2_hmac() (pure Python implementation, fast OpenSSL
  function will stay)

Signed-off-by: Christian Heimes <christian@python.org>
2021-04-19 07:27:10 +02:00
Christian Heimes 89d1550d14
bpo-42854: Use SSL_read/write_ex() (GH-25468)
The ssl module now uses ``SSL_read_ex`` and ``SSL_write_ex``
internally. The functions support reading and writing of data larger
than 2 GB. Writing zero-length data no longer fails with a protocol
violation error.

Signed-off-by: Christian Heimes <christian@python.org>
2021-04-19 06:55:30 +02:00
Illia Volochii 2798f247c0
bpo-43641: Stop stating that TLS 1.2 is the most modern version in docs (GH-25041)
Automerge-Triggered-By: GH:tiran
2021-04-18 00:10:53 -07:00
Christian Heimes b8d0fa035d
bpo-43669: Remove OpenSSL 0.9 to 1.1.0 specific documentation (GH-25453) 2021-04-17 15:49:50 +02:00
Christian Heimes b467d9a240
bpo-43522: Fix SSLContext.hostname_checks_common_name (GH-24899)
Fix problem with ssl.SSLContext.hostname_checks_common_name. OpenSSL does not
copy hostflags from *struct SSL_CTX* to *struct SSL*.

Signed-off-by: Christian Heimes <christian@python.org>
2021-04-17 10:07:19 +02:00
Christian Heimes 6f37ebc61e
bpo-43794: OpenSSL 3.0.0: set OP_IGNORE_UNEXPECTED_EOF by default (GH-25309)
Signed-off-by: Christian Heimes <christian@python.org>
2021-04-09 17:59:21 +02:00
Ethan Furman b775106d94
bpo-40066: Enum: modify `repr()` and `str()` (GH-22392)
* Enum: streamline repr() and str(); improve docs

- repr() is now ``enum_class.member_name``
- stdlib global enums are ``module_name.member_name``
- str() is now ``member_name``
- add HOW-TO section for ``Enum``
- change main documentation to be an API reference
2021-03-30 21:17:26 -07:00
Ville Skyttä 9798cef92b
bpo-39616: clarify SSLContext.check_hostname effect (GH-18484)
It doesn't actually affect whether match_hostname() is called (it
never is in this context any longer), but whether hostname
verification occurs in the first place.
2021-03-27 07:20:11 -07:00
Chris Burr e0b4aa0f5c
bpo-39342: Expose X509_V_FLAG_ALLOW_PROXY_CERTS in ssl module (GH-18011)
Exposes the `X509_V_FLAG_ALLOW_PROXY_CERTS` constant as `ssl.VERIFY_ALLOW_PROXY_CERTS` to allow for proxy certificate validation as described in: https://www.openssl.org/docs/man1.1.1/man7/proxy-certificates.html
2021-03-18 01:24:01 -07:00
matthewhughes934 8e836bb21c
bpo-41195: Add getter for Openssl security level (GH-21282)
Add an accessor under SSLContext.security_level as a wrapper around
SSL_CTX_get_security_level, see:
https://www.openssl.org/docs/manmaster/man3/SSL_CTX_get_security_level.html


------
This is my first time contributing, so please pull me up on all the things I missed or did incorrectly.

Automerge-Triggered-By: @tiran
2020-07-17 01:59:15 -07:00
Serhiy Storchaka 1c5d1d7304
Remove duplicated words words (GH-20413) 2020-05-26 01:04:14 -07:00
Rémi Lapeyre 74e1b6b100
Document missing methods of ssl.SSLObject (#19400)
Co-authored-by: Rémi Lapeyre <remi.lapeyre@lenstra.fr>
2020-04-07 09:38:59 +02:00
Mathieu Dupuy c49016e67c
fix comma location in various places (GH-19233) 2020-03-30 14:28:25 -07:00
Christian Heimes 2b7de6696b bpo-38820: OpenSSL 3.0.0 compatibility. (GH-17190)
test_openssl_version now accepts version 3.0.0.

getpeercert() no longer returns IPv6 addresses with a trailing new line.

Signed-off-by: Christian Heimes <christian@python.org>


https://bugs.python.org/issue38820
2019-12-07 08:59:36 -08:00
Serhiy Storchaka 138ccbb022
bpo-38738: Fix formatting of True and False. (GH-17083)
* "Return true/false" is replaced with "Return ``True``/``False``"
  if the function actually returns a bool.
* Fixed formatting of some True and False literals (now in monospace).
* Replaced "True/False" with "true/false" if it can be not only bool.
* Replaced some 1/0 with True/False if it corresponds the code.
* "Returns <bool>" is replaced with "Return <bool>".
2019-11-12 16:57:03 +02:00
Jörn Heissler 219fb9d65e Doc: Fix grammar/spelling in ssl.VERIFY_CRL_CHECK_LEAF docs (GH-16221) 2019-09-17 12:42:30 +02:00
Christian Heimes 894d0f7d55 bpo-32008: Prefer client or TLSv1_2 in examples (GH-5797)
Prefer client or TLSv1_2 in examples

Signed-off-by: Christian Heimes <christian@python.org>
2019-09-12 12:10:05 +01:00
Zach Thompson c2f056be82 Fix typo in ssl.RAND_bytes documentation (GH-14791)
It looks like "cryptographically strong" is the preferred phrase from the surrounding documentation.

Automerge-Triggered-By: @tiran
2019-09-10 06:40:14 -07:00
Christian Heimes 78c7d52779
bpo-37120: Add SSLContext.num_tickets (GH-13719)
Signed-off-by: Christian Heimes <christian@python.org>
2019-06-03 21:00:10 +02:00
Christian Heimes c7f7069e77
bpo-34271: Add ssl debugging helpers (GH-10031)
The ssl module now can dump key material to a keylog file and trace TLS
protocol messages with a tracing callback. The default and stdlib
contexts also support SSLKEYLOGFILE env var.

The msg_callback and related enums are private members. The feature
is designed for internal debugging and not for end users.

Signed-off-by: Christian Heimes <christian@python.org>
2019-05-31 11:44:05 +02:00
Toshio Kuratomi 7b3a028c35 Fix rst formatting for several links in ssl documentation (GH-13133) 2019-05-06 13:28:14 -07:00
Zhiming Wang ae2ea33d5d Add versionadded directives to ssl.minimum_version and ssl.maximum_version (GH-11894) 2019-02-28 12:15:04 -05:00
Stéphane Wirtel e483f02423 bpo-35044, doc: Use the :exc: role for the exceptions (GH-10037) 2018-10-26 12:52:11 +02:00
Cheryl Sabella 2d6097d027 bpo-11233: Create availability directive for documentation (GH-9692)
Replace "Availability: xxx" with ".. availability:: xxx" in the doc.
Original patch by Georg Brandl.

Co-Authored-By: Georg Brandl <georg@python.org>
2018-10-12 16:55:20 +02:00
Stéphane Wirtel 07fbbfde1b bpo-34906: Doc: Fix typos (GH-9712) 2018-10-05 16:17:18 +02:00
Christian Heimes 9fb051f032 bpo-34670: Add TLS 1.3 post handshake auth (GH-9460)
Add SSLContext.post_handshake_auth and
SSLSocket.verify_client_post_handshake for TLS 1.3 post-handshake
authentication.

Signed-off-by: Christian Heimes <christian@python.org>q


https://bugs.python.org/issue34670
2018-09-22 23:32:31 -07:00
Marcin Niemira 9c5ba09748 closes bpo-34050: Fix link in SSL docs (GH-8173) 2018-07-07 15:24:20 -07:00
Andrés Delfino 5092439c2c bpo-33892: Doc: Use gender neutral words (GH-7770) 2018-06-18 13:34:30 +09:00
Christian Heimes ef24b6c54d bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (GH-3530)
The documentation for CERT_NONE, CERT_OPTIONAL, and CERT_REQUIRED were
misleading and partly wrong. It fails to explain that OpenSSL behaves
differently in client and server mode. Also OpenSSL does validate the
cert chain everytime. With SSL_VERIFY_NONE a validation error is not
fatal in client mode and does not request a client cert in server mode.
Also discourage people from using CERT_OPTIONAL in client mode.
2018-06-11 18:59:45 -04:00
Mayank Singhal 9ef1b0690b bpo-31215: Add version changed notes for OpenSSL 1.1.0 compatibility (GH-7346) 2018-06-06 00:14:37 +10:00
Serhiy Storchaka 0a36ac1a09
bpo-33641: Convert RFC references into links. (GH-7103)
85% of them are already links.
2018-05-31 07:39:00 +03:00
Christian Heimes 529525fb5a
bpo-33618: Enable TLS 1.3 in tests (GH-7079)
TLS 1.3 behaves slightly different than TLS 1.2. Session tickets and TLS
client cert auth are now handled after the initialy handshake. Tests now
either send/recv data to trigger session and client certs. Or tests
ignore ConnectionResetError / BrokenPipeError on the server side to
handle clients that force-close the socket fd.

To test TLS 1.3, OpenSSL 1.1.1-pre7-dev (git master + OpenSSL PR
https://github.com/openssl/openssl/pull/6340) is required.

Signed-off-by: Christian Heimes <christian@python.org>
2018-05-23 22:24:45 +02:00
Christian Heimes e8eb6cb792
bpo-33570: TLS 1.3 ciphers for OpenSSL 1.1.1 (GH-6976)
Change TLS 1.3 cipher suite settings for compatibility with OpenSSL
1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by
default.

Also update multissltests and Travis config to test with latest OpenSSL.

Signed-off-by: Christian Heimes <christian@python.org>
2018-05-22 22:50:12 +02:00
Christian Heimes 67c4801663 bpo-32257: Add ssl.OP_NO_RENEGOTIATION (GH-5904)
The ssl module now contains OP_NO_RENEGOTIATION constant, available with
OpenSSL 1.1.0h or 1.1.1.

Note, OpenSSL 1.1.0h hasn't been released yet.

Signed-off-by: Christian Heimes <christian@python.org>
2018-05-15 16:25:40 -04:00
Stéphane Wirtel 19177fbd5d bpo-33503: Fix the broken pypi link in the source and the documentation (GH-6814) 2018-05-15 14:58:35 -04:00
Matt Eaton 9cf8c42f32 bpo-33045: Fix typos in SSL documentation (GH-6065) 2018-03-11 04:00:04 +03:00
Christian Heimes 698dde16f6
bpo-31453: Add setter for min/max protocol version (#5259)
OpenSSL 1.1 has introduced a new API to set the minimum and maximum
supported protocol version. The API is easier to use than the old
OP_NO_TLS1 option flags, too.

Since OpenSSL has no call to set minimum version to highest supported,
the implementation emulate maximum_version = MINIMUM_SUPPORTED and
minimum_version = MAXIMUM_SUPPORTED by figuring out the minumum and
maximum supported version at compile time.

Signed-off-by: Christian Heimes <christian@python.org>
2018-02-27 11:54:43 +01:00
Christian Heimes 9d50ab563d
bpo-32951: Disable SSLSocket/SSLObject constructor (#5864)
Direct instantiation of SSLSocket and SSLObject objects is now prohibited.
The constructors were never documented, tested, or designed as public
constructors. The SSLSocket constructor had limitations. For example it was
not possible to enabled hostname verification except was
ssl_version=PROTOCOL_TLS_CLIENT with cert_reqs=CERT_REQUIRED.

SSLContext.wrap_socket() and SSLContext.wrap_bio are the recommended API
to construct SSLSocket and SSLObject instances. ssl.wrap_socket() is
also deprecated.

The only test case for direct instantiation was added a couple of days
ago for IDNA testing.

Signed-off-by: Christian Heimes <christian@python.org>
2018-02-27 10:17:30 +01:00
Christian Heimes 90f05a527c
bpo-28124: deprecate ssl.wrap_socket() (#5888)
The ssl module function ssl.wrap_socket() has been de-emphasized
and deprecated in favor of the more secure and efficient
SSLContext.wrap_socket() method.

Signed-off-by: Christian Heimes <christian@python.org>
2018-02-27 09:21:34 +01:00
Christian Heimes 05d9fe32a1
bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes (#5663)
* bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes

Misc fixes and workarounds for compatibility with OpenSSL 1.1.1-pre1 and
TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by
default. Some test cases only apply to TLS 1.2. Other tests currently
fail because the threaded or async test servers stop after failure.

I'm going to address these issues when OpenSSL 1.1.1 reaches beta.

OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS
1.3. The feature is enabled by default for maximum compatibility with
broken middle boxes. Users should be able to disable the hack and CPython's test suite needs
it to verify default options.

Signed-off-by: Christian Heimes <christian@python.org>
2018-02-27 08:55:39 +01:00
Christian Heimes 6cdb7954b0
bpo-30622: Improve NPN support detection (#5859)
The ssl module now detects missing NPN support in LibreSSL.

Co-Authored-By: Bernard Spil <brnrd@FreeBSD.org>
Signed-off-by: Christian Heimes <christian@python.org>
2018-02-24 22:12:40 +01:00
Christian Heimes 11a1493bc4 [bpo-28414] Make all hostnames in SSL module IDN A-labels (GH-5128)
Previously, the ssl module stored international domain names (IDNs)
as U-labels. This is problematic for a number of reasons -- for
example, it made it impossible for users to use a different version
of IDNA than the one built into Python.

After this change, we always convert to A-labels as soon as possible,
and use them for all internal processing. In particular, server_hostname
attribute is now an A-label, and on the server side there's a new
sni_callback that receives the SNI servername as an A-label rather than
a U-label.
2018-02-23 17:35:08 -08:00