bpo-19180: Updated references for RFC 1750, RFC 3280 & RFC 4366 (GH-148)

* RFC 1750 has been been obsoleted by RFC 4086.
* RFC 3280 has been obsoleted by RFC 5280.
* RFC 4366 has been obsoleted by RFC 6066.
This commit is contained in:
Chandan Kumar 2017-06-09 15:13:58 +05:30 committed by Nick Coghlan
parent 59fdf0f3ba
commit 63c2c8ac17
3 changed files with 10 additions and 13 deletions

View File

@ -378,9 +378,9 @@ Certificate handling
Verify that *cert* (in decoded format as returned by Verify that *cert* (in decoded format as returned by
:meth:`SSLSocket.getpeercert`) matches the given *hostname*. The rules :meth:`SSLSocket.getpeercert`) matches the given *hostname*. The rules
applied are those for checking the identity of HTTPS servers as outlined applied are those for checking the identity of HTTPS servers as outlined
in :rfc:`2818` and :rfc:`6125`. In addition to HTTPS, this function in :rfc:`2818`, :rfc:`5280` and :rfc:`6125`. In addition to HTTPS, this
should be suitable for checking the identity of servers in various function should be suitable for checking the identity of servers in
SSL-based protocols such as FTPS, IMAPS, POPS and others. various SSL-based protocols such as FTPS, IMAPS, POPS and others.
:exc:`CertificateError` is raised on failure. On success, the function :exc:`CertificateError` is raised on failure. On success, the function
returns nothing:: returns nothing::
@ -824,7 +824,7 @@ Constants
.. data:: HAS_SNI .. data:: HAS_SNI
Whether the OpenSSL library has built-in support for the *Server Name Whether the OpenSSL library has built-in support for the *Server Name
Indication* extension (as defined in :rfc:`4366`). Indication* extension (as defined in :rfc:`6066`).
.. versionadded:: 3.2 .. versionadded:: 3.2
@ -2313,14 +2313,11 @@ successful call of :func:`~ssl.RAND_add`, :func:`~ssl.RAND_bytes` or
`RFC 1422: Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management <https://www.ietf.org/rfc/rfc1422>`_ `RFC 1422: Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management <https://www.ietf.org/rfc/rfc1422>`_
Steve Kent Steve Kent
`RFC 1750: Randomness Recommendations for Security <https://www.ietf.org/rfc/rfc1750>`_ `RFC 4086: Randomness Requirements for Security <http://datatracker.ietf.org/doc/rfc4086/>`_
D. Eastlake et. al. Donald E., Jeffrey I. Schiller
`RFC 3280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile <https://www.ietf.org/rfc/rfc3280>`_ `RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile <http://datatracker.ietf.org/doc/rfc5280/>`_
Housley et. al. D. Cooper
`RFC 4366: Transport Layer Security (TLS) Extensions <https://www.ietf.org/rfc/rfc4366>`_
Blake-Wilson et. al.
`RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2 <https://tools.ietf.org/html/rfc5246>`_ `RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2 <https://tools.ietf.org/html/rfc5246>`_
T. Dierks et. al. T. Dierks et. al.

View File

@ -4440,7 +4440,7 @@ _ssl.RAND_add
Mix string into the OpenSSL PRNG state. Mix string into the OpenSSL PRNG state.
entropy (a float) is a lower bound on the entropy contained in entropy (a float) is a lower bound on the entropy contained in
string. See RFC 1750. string. See RFC 4086.
[clinic start generated code]*/ [clinic start generated code]*/
static PyObject * static PyObject *

View File

@ -847,7 +847,7 @@ PyDoc_STRVAR(_ssl_RAND_add__doc__,
"Mix string into the OpenSSL PRNG state.\n" "Mix string into the OpenSSL PRNG state.\n"
"\n" "\n"
"entropy (a float) is a lower bound on the entropy contained in\n" "entropy (a float) is a lower bound on the entropy contained in\n"
"string. See RFC 1750."); "string. See RFC 4086.");
#define _SSL_RAND_ADD_METHODDEF \ #define _SSL_RAND_ADD_METHODDEF \
{"RAND_add", (PyCFunction)_ssl_RAND_add, METH_FASTCALL, _ssl_RAND_add__doc__}, {"RAND_add", (PyCFunction)_ssl_RAND_add, METH_FASTCALL, _ssl_RAND_add__doc__},