summaryrefslogtreecommitdiffstats
path: root/Doc/library/ssl.rst
Commit message (Collapse)AuthorAgeFilesLines
* Fix #22987: update the compatibility matrix for a SSLv23 client.Antoine Pitrou2014-12-031-4/+3
|\
| * Fix #22987: update the compatibility matrix for a SSLv23 client.Antoine Pitrou2014-12-031-4/+3
| |
| * correct versionchanged versionBenjamin Peterson2014-11-241-1/+1
| |
* | merge 3.4 (#22921)Benjamin Peterson2014-11-231-7/+7
|\ \ | |/
| * don't require OpenSSL SNI to pass hostname to ssl functions (#22921)Benjamin Peterson2014-11-231-7/+7
| | | | | | | | Patch by Donald Stufft.
* | merge with 3.4Georg Brandl2014-10-291-2/+2
|\ \ | |/
| * Fixing broken links in doc, part 4: some more breaks and redirectsGeorg Brandl2014-10-291-2/+2
| |
* | Issue #22660: update various mentions in the ssl module documentation.Antoine Pitrou2014-10-201-115/+95
|\ \ | |/
| * Issue #22660: update various mentions in the ssl module documentation.Antoine Pitrou2014-10-201-115/+95
| |
* | Issue #22564: cleanup SSLObject docVictor Stinner2014-10-101-25/+38
| |
* | Issue #22564: ssl doc, add more links to the non-blocking sectionVictor Stinner2014-10-101-5/+7
| |
* | Issue #22564: ssl doc: reorganize and reindent documentation of SSLObject andVictor Stinner2014-10-101-69/+69
| | | | | | | | MemoryBIO; move documentation of SSLContext.wrap_bio()
* | Merge 3.4Victor Stinner2014-10-101-2/+10
|\ \ | |/
| * Issue #22564: ssl doc: mention asyncio in the non-blocking sectionVictor Stinner2014-10-101-2/+10
| |
* | Merge 3.4Victor Stinner2014-10-101-35/+51
|\ \ | |/
| * Issue #22564: ssl doc: mention how SSLSocket are usually createdVictor Stinner2014-10-101-0/+3
| |
| * Issue #22564: ssl doc: use "class" marker to document the SSLSocket classVictor Stinner2014-10-101-24/+26
| |
| * Issue #22564: ssl doc: document read(), write(), pending, server_side andVictor Stinner2014-10-101-0/+54
| | | | | | | | server_hostname methods and attributes of SSLSocket.
| * Issue #22564: ssl doc: fix typosVictor Stinner2014-10-101-2/+2
| |
* | Issue #21965: Add support for in-memory SSL to the ssl module.Antoine Pitrou2014-10-051-0/+168
| | | | | | | | Patch by Geert Jansen.
* | Revert #22251Berker Peksag2014-09-271-3/+0
|\ \ | |/
| * Revert #22251Berker Peksag2014-09-271-3/+0
| |
* | Issue #22251: Fix ReST markup to avoid errors building docs.Berker Peksag2014-09-271-0/+3
|\ \ | |/
| * Issue #22251: Fix ReST markup to avoid errors building docs.Berker Peksag2014-09-271-0/+3
| |
* | Issue #20421: Add a .version() method to SSL sockets exposing the actual ↵Antoine Pitrou2014-09-041-4/+14
| | | | | | | | protocol version in use.
* | Closes #22072: Merge typo fixes from 3.4Zachary Ware2014-07-251-2/+2
|\ \ | |/
| * Issue #22072: Fix a couple of SSL doc typos. Patch by Alex Gaynor.Zachary Ware2014-07-251-2/+2
| |
* | Issue #21994: Merge with 3.4.Berker Peksag2014-07-171-2/+2
|\ \ | |/
| * Issue #21994: Fix SyntaxError in the SSLContext.check_hostname documentation.Berker Peksag2014-07-171-2/+2
| |
* | Fix doc build warningZachary Ware2014-06-111-1/+3
| |
* | fix issue #17552: add socket.sendfile() method allowing to send a file over ↵Giampaolo Rodola'2014-06-111-0/+3
| | | | | | | | a socket by using high-performance os.sendfile() on UNIX. Patch by Giampaolo Rodola'·
* | Fix Issue #21528 - Fix documentation typosDonald Stufft2014-05-201-2/+2
| |
* | Issue #21430: additions to the description of non-blocking SSL socketsAntoine Pitrou2014-05-171-1/+7
|\ \ | |/
| * Issue #21430: additions to the description of non-blocking SSL socketsAntoine Pitrou2014-05-171-3/+20
| |
* | Issue #20951: SSLSocket.send() now raises either SSLWantReadError or ↵Antoine Pitrou2014-04-291-2/+19
| | | | | | | | | | | | SSLWantWriteError on a non-blocking socket if the operation would block. Previously, it would return 0. Patch by Nikolaus Rath.
* | Issue #19940: ssl.cert_time_to_seconds() now interprets the given time ↵Antoine Pitrou2014-04-281-11/+23
| | | | | | | | | | | | string in the UTC timezone (as specified in RFC 5280), not the local timezone. Patch by Akira.
* | Issue #20896: ssl.get_server_certificate() now uses PROTOCOL_SSLv23, not ↵Antoine Pitrou2014-04-161-1/+5
|/ | | | PROTOCOL_SSLv3, for maximum compatibility.
* Issue #21043: Remove the recommendation for specific CA organizationsDonald Stufft2014-03-241-14/+3
| | | | | | | Closes #21043 by updating the documentation to remove specific CA organizations and update the text to no longer need to tell you to download root certificates, but instead use the OS certificates avaialble through SSLContext.load_default_certs.
* Issue #21013: Enhance ssl.create_default_context() for server side contextsDonald Stufft2014-03-231-7/+20
| | | | | | | | | | | | | | | | | | | | Closes #21013 by modfying ssl.create_default_context() to: * Move the restricted ciphers to only apply when using ssl.Purpose.CLIENT_AUTH. The major difference between restricted and not is the lack of RC4 in the restricted. However there are servers that exist that only expose RC4 still. * Switches the default protocol to ssl.PROTOCOL_SSLv23 so that the context will select TLS1.1 or TLS1.2 if it is available. * Add ssl.OP_NO_SSLv3 by default to continue to block SSL3.0 sockets * Add ssl.OP_SINGLE_DH_USE and ssl.OP_SINGLE_ECDG_USE to improve the security of the perfect forward secrecy * Add ssl.OP_CIPHER_SERVER_PREFERENCE so that when used for a server side socket the context will prioritize our ciphers which have been carefully selected to maximize security and performance. * Documents the failure conditions when a SSL3.0 connection is required so that end users can more easily determine if they need to unset ssl.OP_NO_SSLv3.
* Issue #20913: make it clear that create_default_context() also enables ↵Antoine Pitrou2014-03-231-4/+5
| | | | hostname checking
* Issue #20913: improve the SSL security considerations to first advocate ↵Antoine Pitrou2014-03-221-6/+36
| | | | using create_default_context().
* Issue #20995: Enhance default ciphers used by the ssl moduleDonald Stufft2014-03-221-11/+4
| | | | | | | | | | | | | | | Closes #20995 by Enabling better security by prioritizing ciphers such that: * Prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE) * Prefer ECDHE over DHE for better performance * Prefer any AES-GCM over any AES-CBC for better performance and security * Then Use HIGH cipher suites as a fallback * Then Use 3DES as fallback which is secure but slow * Finally use RC4 as a fallback which is problematic but needed for compatibility some times. * Disable NULL authentication, NULL encryption, and MD5 MACs for security reasons
* Merge in all documentation changes since branching 3.4.0rc1.Larry Hastings2014-03-161-3/+2
|
* Issue #19422: Explicitly disallow non-SOCK_STREAM sockets in the ssl module, ↵Antoine Pitrou2013-12-281-8/+14
|\ | | | | | | rather than silently let them emit clear text data.
| * Issue #19422: Explicitly disallow non-SOCK_STREAM sockets in the ssl module, ↵Antoine Pitrou2013-12-281-8/+14
| | | | | | | | rather than silently let them emit clear text data.
* | Tidy up ssl whatsnew references, make ssl section formatting consistent.R David Murray2013-12-201-4/+1
| | | | | | | | | | Also remove some extra blank lines in the ssl doc acctions for tls1.1/1.2, and reflow a paragraph.
* | Issue #19509: Add SSLContext.check_hostname to match the peer's certificateChristian Heimes2013-12-021-1/+35
| | | | | | | | with server_hostname on handshake.
* | Issue #19795: Improved markup of True/False constants.Serhiy Storchaka2013-11-291-4/+4
|\ \ | |/
| * Issue #19795: Improved markup of True/False constants.Serhiy Storchaka2013-11-291-3/+3
| |
* | Tweak ssl docsAntoine Pitrou2013-11-231-23/+53
| |
generated by cgit v0.12 at 2025-02-08 08:36:27 (GMT)