| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
(GH-25452)
Fix problem with ssl.SSLContext.hostname_checks_common_name. OpenSSL does not
copy hostflags from *struct SSL_CTX* to *struct SSL*.
(cherry picked from commit 330b49e397168df789fd0dd20cfe7e81b8e47258)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The private keys for test_ssl were encrypted with 3DES in traditional
PKCSGH-5 format. 3DES and the digest algorithm of PKCSGH-5 are blocked by
some strict crypto policies. Use PKCSGH-8 format with AES256 encryption
instead.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue38271
Automerge-Triggered-By: @tiran
(cherry picked from commit bfd0c963d88f3df69489ee250655e2b8f3d235bd)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
| |
Update all test certs and keys to use future proof crypto settings:
* 3072 bit RSA keys
* SHA-256 signature
Signed-off-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
| |
Add test certs and test for ECDSA cert and EC/RSA dual mode.
I'm also adding certs for IDNA 2003/2008 tests and simplify some test
data handling.
Signed-off-by: Christian Heimes <christian@python.org>
|
| |\
| |
| |
| | |
fields in X.509 certs.
|
| | |
| |
| |
| | |
fields in X.509 certs.
|
| |/
|
|
| |
Patch by Jon Dufresne.
|
| | |
|
| |
|
|
|
| |
of the context in order to enable certification revocation list (CRL)
checks or strict X509 rules.
|
| |
|
|
|
|
| |
:meth:`SSLContext.set_servername_callback` method.
Patch by Daniel Black.
|
| |
|
|
|
| |
urllib.request.urlopen now take optional arguments to allow for
server certificate checking, as recommended in public uses of HTTPS.
|
|
|
custom certificate and private key files used by SSL-related certs.
|
