mirror of https://github.com/python/cpython
6a2ba94908
Closes #21013 by modfying ssl.create_default_context() to: * Move the restricted ciphers to only apply when using ssl.Purpose.CLIENT_AUTH. The major difference between restricted and not is the lack of RC4 in the restricted. However there are servers that exist that only expose RC4 still. * Switches the default protocol to ssl.PROTOCOL_SSLv23 so that the context will select TLS1.1 or TLS1.2 if it is available. * Add ssl.OP_NO_SSLv3 by default to continue to block SSL3.0 sockets * Add ssl.OP_SINGLE_DH_USE and ssl.OP_SINGLE_ECDG_USE to improve the security of the perfect forward secrecy * Add ssl.OP_CIPHER_SERVER_PREFERENCE so that when used for a server side socket the context will prioritize our ciphers which have been carefully selected to maximize security and performance. * Documents the failure conditions when a SSL3.0 connection is required so that end users can more easily determine if they need to unset ssl.OP_NO_SSLv3. |
||
|---|---|---|
| .. | ||
| RPM | ||
| ACKS | ||
| HISTORY | ||
| NEWS | ||
| Porting | ||
| README | ||
| README.AIX | ||
| README.coverity | ||
| README.valgrind | ||
| SpecialBuilds.txt | ||
| coverity_model.c | ||
| gdbinit | ||
| indent.pro | ||
| python-config.in | ||
| python-config.sh.in | ||
| python-wing3.wpr | ||
| python-wing4.wpr | ||
| python-wing5.wpr | ||
| python.man | ||
| python.pc.in | ||
| svnmap.txt | ||
| valgrind-python.supp | ||
| vgrindefs | ||
README
Python Misc subdirectory ======================== This directory contains files that wouldn't fit in elsewhere. Some documents are only of historic importance. Files found here ---------------- ACKS Acknowledgements gdbinit Handy stuff to put in your .gdbinit file, if you use gdb HISTORY News from previous releases -- oldest last indent.pro GNU indent profile approximating my C style NEWS News for this release (for some meaning of "this") Porting Mini-FAQ on porting to new platforms python-config.in Python script template for python-config python.man UNIX man page for the python interpreter python.pc.in Package configuration info template for pkg-config python-wing*.wpr Wing IDE project file README The file you're reading now README.AIX Information about using Python on AIX README.coverity Information about running Coverity's Prevent on Python README.valgrind Information for Valgrind users, see valgrind-python.supp RPM (Old) tools to build RPMs SpecialBuilds.txt Describes extra symbols you can set for debug builds svnmap.txt Map of old SVN revs and branches to hg changeset ids valgrind-python.supp Valgrind suppression file, see README.valgrind vgrindefs Python configuration for vgrind (a generic pretty printer)