summaryrefslogtreecommitdiffstats
path: root/Doc/whatsnew/3.7.rst
diff options
context:
space:
mode:
authorChristian Heimes <christian@python.org>2018-02-27 09:17:30 (GMT)
committerGitHub <noreply@github.com>2018-02-27 09:17:30 (GMT)
commit9d50ab563df6307cabbcc9883cb8c52c614b0f22 (patch)
treec3e294b7e97d43152f87b00255ff5b875635448b /Doc/whatsnew/3.7.rst
parent90f05a527c7d439f1d0cba80f2eb32e60ee20fc3 (diff)
downloadcpython-9d50ab563df6307cabbcc9883cb8c52c614b0f22.zip
cpython-9d50ab563df6307cabbcc9883cb8c52c614b0f22.tar.gz
cpython-9d50ab563df6307cabbcc9883cb8c52c614b0f22.tar.bz2
bpo-32951: Disable SSLSocket/SSLObject constructor (#5864)
Direct instantiation of SSLSocket and SSLObject objects is now prohibited. The constructors were never documented, tested, or designed as public constructors. The SSLSocket constructor had limitations. For example it was not possible to enabled hostname verification except was ssl_version=PROTOCOL_TLS_CLIENT with cert_reqs=CERT_REQUIRED. SSLContext.wrap_socket() and SSLContext.wrap_bio are the recommended API to construct SSLSocket and SSLObject instances. ssl.wrap_socket() is also deprecated. The only test case for direct instantiation was added a couple of days ago for IDNA testing. Signed-off-by: Christian Heimes <christian@python.org>
Diffstat (limited to 'Doc/whatsnew/3.7.rst')
-rw-r--r--Doc/whatsnew/3.7.rst6
1 files changed, 6 insertions, 0 deletions
diff --git a/Doc/whatsnew/3.7.rst b/Doc/whatsnew/3.7.rst
index e25ff10..2d62ffa 100644
--- a/Doc/whatsnew/3.7.rst
+++ b/Doc/whatsnew/3.7.rst
@@ -677,6 +677,12 @@ OpenSSL 1.1.1. (Contributed by Christian Heimes in :issue:`32947`,
recommend :meth:`~ssl.SSLContext.wrap_socket` instead.
(Contributed by Christian Heimes in :issue:`28124`.)
+:class:`~ssl.SSLSocket` and :class:`~ssl.SSLObject` no longer have a public
+constructor. Direct instantiation was never a documented and supported
+feature. Instances must be created with :class:`~ssl.SSLContext` methods
+:meth:`~ssl.SSLContext.wrap_socket` and :meth:`~ssl.SSLContext.wrap_bio`.
+(Contributed by Christian Heimes in :issue:`32951`)
+
string
------