diff options
| author | Christian Heimes <christian@python.org> | 2021-04-17 09:36:35 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-04-17 09:36:35 (GMT) |
| commit | 39258d3595300bc7b952854c915f63ae2d4b9c3e (patch) | |
| tree | c15a6172739d53516aa45042f22658e0af6ff992 /Doc | |
| parent | b467d9a24011992242c95d9157d3455f8a84466b (diff) | |
| download | cpython-39258d3595300bc7b952854c915f63ae2d4b9c3e.zip cpython-39258d3595300bc7b952854c915f63ae2d4b9c3e.tar.gz cpython-39258d3595300bc7b952854c915f63ae2d4b9c3e.tar.bz2 | |
bpo-43669: PEP 644: Require OpenSSL 1.1.1 or newer (GH-23014)
- Remove HAVE_X509_VERIFY_PARAM_SET1_HOST check
- Update hashopenssl to require OpenSSL 1.1.1
- multissltests only OpenSSL > 1.1.0
- ALPN is always supported
- SNI is always supported
- Remove deprecated NPN code. Python wrappers are no-op.
- ECDH is always supported
- Remove OPENSSL_VERSION_1_1 macro
- Remove locking callbacks
- Drop PY_OPENSSL_1_1_API macro
- Drop HAVE_SSL_CTX_CLEAR_OPTIONS macro
- SSL_CTRL_GET_MAX_PROTO_VERSION is always defined now
- security level is always available now
- get_num_tickets is available with TLS 1.3
- X509_V_ERR MISMATCH is always available now
- Always set SSL_MODE_RELEASE_BUFFERS
- X509_V_FLAG_TRUSTED_FIRST is always available
- get_ciphers is always supported
- SSL_CTX_set_keylog_callback is always available
- Update Modules/Setup with static link example
- Mention PEP in whatsnew
- Drop 1.0.2 and 1.1.0 from GHA tests
Diffstat (limited to 'Doc')
| -rw-r--r-- | Doc/using/unix.rst | 1 | ||||
| -rw-r--r-- | Doc/whatsnew/3.10.rst | 6 |
2 files changed, 6 insertions, 1 deletions
diff --git a/Doc/using/unix.rst b/Doc/using/unix.rst index 09dd5b0..1d1fa8b 100644 --- a/Doc/using/unix.rst +++ b/Doc/using/unix.rst @@ -135,6 +135,7 @@ some Unices may not have the :program:`env` command, so you may need to hardcode To use shell commands in your Python scripts, look at the :mod:`subprocess` module. +.. _unix_custom_openssl: Custom OpenSSL ============== diff --git a/Doc/whatsnew/3.10.rst b/Doc/whatsnew/3.10.rst index 6623adf..0198b6e 100644 --- a/Doc/whatsnew/3.10.rst +++ b/Doc/whatsnew/3.10.rst @@ -65,6 +65,7 @@ Summary -- Release highlights .. PEP-sized items next. +* :pep:`644`, require OpenSSL 1.1.1 or newer New Features @@ -1438,6 +1439,10 @@ CPython bytecode changes Build Changes ============= +* :pep:`644`: Python now requires OpenSSL 1.1.1 or newer. OpenSSL 1.0.2 is no + longer supported. + (Contributed by Christian Heimes in :issue:`43669`.) + * The C99 functions :c:func:`snprintf` and :c:func:`vsnprintf` are now required to build Python. (Contributed by Victor Stinner in :issue:`36020`.) @@ -1483,7 +1488,6 @@ Build Changes (Contributed by Christian Heimes in :issue:`43466`.) - C API Changes ============= |