Go to file
Donald Stufft 6a2ba94908 Issue #21013: Enhance ssl.create_default_context() for server side contexts
Closes #21013 by modfying ssl.create_default_context() to:

* Move the restricted ciphers to only apply when using
  ssl.Purpose.CLIENT_AUTH. The major difference between restricted and not
  is the lack of RC4 in the restricted. However there are servers that exist
  that only expose RC4 still.
* Switches the default protocol to ssl.PROTOCOL_SSLv23 so that the context
  will select TLS1.1 or TLS1.2 if it is available.
* Add ssl.OP_NO_SSLv3 by default to continue to block SSL3.0 sockets
* Add ssl.OP_SINGLE_DH_USE and ssl.OP_SINGLE_ECDG_USE to improve the security
  of the perfect forward secrecy
* Add ssl.OP_CIPHER_SERVER_PREFERENCE so that when used for a server side
  socket the context will prioritize our ciphers which have been carefully
  selected to maximize security and performance.
* Documents the failure conditions when a SSL3.0 connection is required so
  that end users can more easily determine if they need to unset
  ssl.OP_NO_SSLv3.
2014-03-23 19:05:28 -04:00
Doc Issue #21013: Enhance ssl.create_default_context() for server side contexts 2014-03-23 19:05:28 -04:00
Grammar Backed out changeset 521232b05b97 2013-03-20 00:39:41 -05:00
Include Issue #19537: Fix PyUnicode_DATA() alignment under m68k. Patch by Andreas Schwab. 2014-03-23 22:55:03 +01:00
Lib Issue #21013: Enhance ssl.create_default_context() for server side contexts 2014-03-23 19:05:28 -04:00
Mac Issue #20465: Update OS X installer build to use SQLite 3.8.0.1. 2014-03-01 14:00:46 -08:00
Misc Issue #21013: Enhance ssl.create_default_context() for server side contexts 2014-03-23 19:05:28 -04:00
Modules Issue #21015: SSL contexts will now automatically select an elliptic curve for ECDH key exchange on OpenSSL 1.0.2 and later, and otherwise default to "prime256v1". 2014-03-22 18:13:50 +01:00
Objects correct the fix for #20637; allow slot descriptor inheritance to take place before creating cached keys 2014-03-17 15:57:17 -05:00
PC Issue #20908: PyMem_Malloc() must be used with PyMem_Free(), not with free() 2014-03-13 19:08:10 +01:00
PCbuild Use the correct VS edition names in PCbuild/readme.txt 2014-03-19 14:46:25 -05:00
Parser Merge with 3.3 2014-02-28 15:43:36 +01:00
Python Issue #20404: reject non-text encodings early in TextIOWrapper. 2014-03-02 09:18:31 +01:00
Tools merge with 3.3 2014-03-09 10:22:46 +01:00
.bzrignore Followup for issue #14321, remove references to Parser/pgen.stamp 2012-04-04 13:20:55 +02:00
.gitignore Closes #18247: add Lib/test/data/* to .gitignore 2013-06-21 07:44:50 -04:00
.hgeol Merge with 3.3 2014-02-28 15:43:36 +01:00
.hgignore Ignore files generated by MSVC PGO builds. 2014-03-18 22:28:16 -05:00
.hgtags Merged default into 3.4 branch. 3.4 branch is now effectively 3.4.1rc1. 2014-03-16 22:54:05 -07:00
.hgtouch Fix .hgtouch to list the dependencies for auto-generated AST code correctly. 2013-09-27 08:48:19 -07:00
LICENSE Final documentation fixes for 3.4.0 final. 2014-03-15 22:43:17 -07:00
Makefile.pre.in Issue #19990: Install test/imghdrdata. 2014-02-02 14:00:39 -08:00
README Release bump for 3.4.0 final. 2014-03-15 22:34:24 -07:00
config.guess - Update config.{guess,sub} for new ports. 2013-11-19 08:54:38 +01:00
config.sub - Update config.{guess,sub} for new ports. 2013-11-19 08:54:38 +01:00
configure Attempt to fix OpenIndiana build issue introduced by #19922 2013-12-08 15:21:08 +01:00
configure.ac Attempt to fix OpenIndiana build issue introduced by #19922 2013-12-08 15:21:08 +01:00
install-sh
pyconfig.h.in Issue #19922: define _INCLUDE__STDC_A1_SOURCE in HP-UX to include mbstate_t 2013-12-07 23:39:33 +01:00
setup.py merge 3.3 2014-03-15 12:29:21 -05:00

README

This is Python version 3.4.0
============================

Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011,
2012, 2013, 2014 Python Software Foundation.  All rights reserved.

Python 3.x is a new version of the language, which is incompatible with the 2.x
line of releases.  The language is mostly the same, but many details, especially
how built-in objects like dictionaries and strings work, have changed
considerably, and a lot of deprecated features have finally been removed.


Build Instructions
------------------

On Unix, Linux, BSD, OSX, and Cygwin:

New text

    ./configure
    make
    make test
    sudo make install

This will install Python as python3.

You can pass many options to the configure script; run "./configure --help" to
find out more.  On OSX and Cygwin, the executable is called python.exe;
elsewhere it's just python.

On Mac OS X, if you have configured Python with --enable-framework, you should
use "make frameworkinstall" to do the installation.  Note that this installs the
Python executable in a place that is not normally on your PATH, you may want to
set up a symlink in /usr/local/bin.

On Windows, see PCbuild/readme.txt.

If you wish, you can create a subdirectory and invoke configure from there.  For
example:

    mkdir debug
    cd debug
    ../configure --with-pydebug
    make
    make test

(This will fail if you *also* built at the top-level directory.  You should do a
"make clean" at the toplevel first.)


What's New
----------

We try to have a comprehensive overview of the changes in the "What's New in
Python 3.4" document, found at

    http://docs.python.org/3.4/whatsnew/3.4.html

For a more detailed change log, read Misc/NEWS (though this file, too, is
incomplete, and also doesn't list anything merged in from the 2.7 release under
development).

If you want to install multiple versions of Python see the section below
entitled "Installing multiple versions".


Documentation
-------------

Documentation for Python 3.4 is online, updated daily:

    http://docs.python.org/3.4/

It can also be downloaded in many formats for faster access.  The documentation
is downloadable in HTML, PDF, and reStructuredText formats; the latter version
is primarily for documentation authors, translators, and people with special
formatting requirements.

If you would like to contribute to the development of Python, relevant
documentation is available at:

    http://docs.python.org/devguide/

For information about building Python's documentation, refer to Doc/README.txt.


Converting From Python 2.x to 3.x
---------------------------------

Python starting with 2.6 contains features to help locating code that needs to
be changed, such as optional warnings when deprecated features are used, and
backported versions of certain key Python 3.x features.

A source-to-source translation tool, "2to3", can take care of the mundane task
of converting large amounts of source code.  It is not a complete solution but
is complemented by the deprecation warnings in 2.6.  See
http://docs.python.org/3.4/library/2to3.html for more information.


Testing
-------

To test the interpreter, type "make test" in the top-level directory.  The test
set produces some output.  You can generally ignore the messages about skipped
tests due to optional features which can't be imported.  If a message is printed
about a failed test or a traceback or core dump is produced, something is wrong.

By default, tests are prevented from overusing resources like disk space and
memory.  To enable these tests, run "make testall".

IMPORTANT: If the tests fail and you decide to mail a bug report, *don't*
include the output of "make test".  It is useless.  Run the failing test
manually, as follows:

        ./python -m test -v test_whatever

(substituting the top of the source tree for '.' if you built in a different
directory).  This runs the test in verbose mode.


Installing multiple versions
----------------------------

On Unix and Mac systems if you intend to install multiple versions of Python
using the same installation prefix (--prefix argument to the configure script)
you must take care that your primary python executable is not overwritten by the
installation of a different version.  All files and directories installed using
"make altinstall" contain the major and minor version and can thus live
side-by-side.  "make install" also creates ${prefix}/bin/python3 which refers to
${prefix}/bin/pythonX.Y.  If you intend to install multiple versions using the
same prefix you must decide which version (if any) is your "primary" version.
Install that version using "make install".  Install all other versions using
"make altinstall".

For example, if you want to install Python 2.6, 2.7 and 3.4 with 2.7 being the
primary version, you would execute "make install" in your 2.7 build directory
and "make altinstall" in the others.


Issue Tracker and Mailing List
------------------------------

We're soliciting bug reports about all aspects of the language.  Fixes are also
welcome, preferable in unified diff format.  Please use the issue tracker:

    http://bugs.python.org/

If you're not sure whether you're dealing with a bug or a feature, use the
mailing list:

    python-dev@python.org

To subscribe to the list, use the mailman form:

    http://mail.python.org/mailman/listinfo/python-dev/


Proposals for enhancement
-------------------------

If you have a proposal to change Python, you may want to send an email to the
comp.lang.python or python-ideas mailing lists for inital feedback.  A Python
Enhancement Proposal (PEP) may be submitted if your idea gains ground.  All
current PEPs, as well as guidelines for submitting a new PEP, are listed at
http://www.python.org/dev/peps/.


Release Schedule
----------------

See PEP 429 for release details: http://www.python.org/dev/peps/pep-0429/


Copyright and License Information
---------------------------------

Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011,
2012, 2013, 2014 Python Software Foundation.  All rights reserved.

Copyright (c) 2000 BeOpen.com.  All rights reserved.

Copyright (c) 1995-2001 Corporation for National Research Initiatives.  All
rights reserved.

Copyright (c) 1991-1995 Stichting Mathematisch Centrum.  All rights reserved.

See the file "LICENSE" for information on the history of this software, terms &
conditions for usage, and a DISCLAIMER OF ALL WARRANTIES.

This Python distribution contains *no* GNU General Public License (GPL) code, so
it may be used in proprietary projects.  There are interfaces to some GNU code
but these are entirely optional.

All trademarks referenced herein are property of their respective holders.