diff options
| author | Antoine Pitrou <solipsis@pitrou.net> | 2014-04-16 16:56:28 (GMT) |
|---|---|---|
| committer | Antoine Pitrou <solipsis@pitrou.net> | 2014-04-16 16:56:28 (GMT) |
| commit | 94a5b663bf39a130fcd8b437aded6e7a7c396cff (patch) | |
| tree | 01b283bc5fdd84e1855aa20d6ac409197faf1173 /Doc/library | |
| parent | 0fba0c3ebfc8f5feed517783231bdff1e4a3e1a7 (diff) | |
| download | cpython-94a5b663bf39a130fcd8b437aded6e7a7c396cff.zip cpython-94a5b663bf39a130fcd8b437aded6e7a7c396cff.tar.gz cpython-94a5b663bf39a130fcd8b437aded6e7a7c396cff.tar.bz2 | |
Issue #20896: ssl.get_server_certificate() now uses PROTOCOL_SSLv23, not PROTOCOL_SSLv3, for maximum compatibility.
Diffstat (limited to 'Doc/library')
| -rw-r--r-- | Doc/library/ssl.rst | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index 94a0c81..422cf56 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -387,7 +387,7 @@ Certificate handling >>> time.ctime(ssl.cert_time_to_seconds("May 9 00:00:00 2007 GMT")) 'Wed May 9 00:00:00 2007' -.. function:: get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None) +.. function:: get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None) Given the address ``addr`` of an SSL-protected server, as a (*hostname*, *port-number*) pair, fetches the server's certificate, and returns it as a @@ -401,6 +401,10 @@ Certificate handling .. versionchanged:: 3.3 This function is now IPv6-compatible. + .. versionchanged:: 3.5 + The default *ssl_version* is changed from :data:`PROTOCOL_SSLv3` to + :data:`PROTOCOL_SSLv23` for maximum compatibility with modern servers. + .. function:: DER_cert_to_PEM_cert(DER_cert_bytes) Given a certificate as a DER-encoded blob of bytes, returns a PEM-encoded |