]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c49f63c) | patch
[2.7] bpo-28043: improved default settings for SSLContext (GH-10608)
authorstratakis <cstratak@redhat.com>
Fri, 15 Feb 2019 14:24:11 +0000 (15:24 +0100)
committerVictor Stinner <vstinner@redhat.com>
Fri, 15 Feb 2019 14:24:11 +0000 (15:24 +0100)
commitb8eaec697a2b5d9d2def2950a0aa50e8ffcf1059
tree3999b0fe5427d530a0a0aec871db684e45580cf4tree | snapshot
parentc49f63c1761ce03df7850b9e0b31a18c432dac64commit | diff
[2.7] bpo-28043: improved default settings for SSLContext (GH-10608)

The options OP_NO_COMPRESSION, OP_CIPHER_SERVER_PREFERENCE,
OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE, OP_NO_SSLv2 (except
for PROTOCOL_SSLv2), and OP_NO_SSLv3 (except for PROTOCOL_SSLv3)
are set by default. The initial cipher suite list contains only
HIGH ciphers, no NULL ciphers and MD5 ciphers (except for PROTOCOL_SSLv2).

(cherry picked from commit 358cfd426ccc0fcd6a7940d306602138e76420ae)
Doc/library/ssl.rst diff | blob | blame | history
Lib/ssl.py diff | blob | blame | history
Lib/test/test_ssl.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2018-11-20-16-50-03.bpo-28043.qOoOqW.rst [new file with mode: 0644] blob
Modules/_ssl.c diff | blob | blame | history
Mirror of https://github.com/python/cpython.git