cpython: aa2eb034c4f7 (original) (raw)

Mercurial > cpython

changeset 89942:aa2eb034c4f7

Merge the patch for issue #21013 into default [#21013]

Donald Stufft donald@stufft.io
date	Sun, 23 Mar 2014 19:12:13 -0400
parents	fa89769a4279(current diff)92efd86d1a38(diff)
children	dd02c32f42f7
files	Misc/NEWS
diffstat	4 files changed, 70 insertions(+), 16 deletions(-)[+] [-] Doc/library/ssl.rst 27 Lib/ssl.py 30 Lib/test/test_ssl.py 26 Misc/NEWS 3

line wrap: on

line diff

--- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -250,13 +250,13 @@ purposes. :const:None, this function can choose to trust the system's default CA certificates instead.

The settings in Python 3.4 are: :data:PROTOCOL_TLSv1 with high encryption
cipher suites without RC4 and without unauthenticated cipher suites.
Passing :data:~Purpose.SERVER_AUTH as purpose sets
:data:~SSLContext.verify_mode to :data:CERT_REQUIRED and either
loads CA certificates (when at least one of cafile, capath or cadata
is given) or uses :meth:SSLContext.load_default_certs to load default
CA certificates.

The settings in Python 3.4 are: :data:PROTOCOL_SSLv23, :data:OP_NO_SSLv2,
and :data:OP_NO_SSLv3 with high encryption cipher suites without RC4 and
without unauthenticated cipher suites. Passing :data:~Purpose.SERVER_AUTH
as purpose sets :data:~SSLContext.verify_mode to :data:CERT_REQUIRED
and either loads CA certificates (when at least one of cafile, capath or
cadata is given) or uses :meth:SSLContext.load_default_certs to load
default CA certificates. .. note:: The protocol, options, cipher and other settings may change to more @@ -266,6 +266,19 @@ purposes. If your application needs specific settings, you should create a :class:SSLContext and apply the settings yourself.
.. note::

 If you find that when certain older clients or servers attempt to connect[](#l1.29)

 with a :class:`SSLContext` created by this function that they get an[](#l1.30)

 error stating "Protocol or cipher suite mismatch", it may be that they[](#l1.31)

 only support SSL3.0 which this function excludes using the[](#l1.32)

 :data:`OP_NO_SSLv3`. SSL3.0 has problematic security due to a number of[](#l1.33)

 poor implementations and it's reliance on MD5 within the protocol. If you[](#l1.34)

 wish to continue to use this function but still allow SSL 3.0 connections[](#l1.35)

 you can re-enable them using::[](#l1.36)

    ctx = ssl.create_default_context(Purpose.CLIENT_AUTH)[](#l1.38)

    ctx.options &= ~ssl.OP_NO_SSLv3[](#l1.39)

+ .. versionadded:: 3.4

--- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -179,7 +179,7 @@ else: 'DH+RC4:RSA+RC4:!aNULL:!eNULL:!MD5' ) -# Restricted and more secure ciphers +# Restricted and more secure ciphers for the server side

This list has been explicitly chosen to:

* Prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE)

* Prefer ECDHE over DHE for better performance

@@ -188,7 +188,7 @@ else:

* Then Use 3DES as fallback which is secure but slow

* Disable NULL authentication, NULL encryption, MD5 MACs, DSS, and RC4 for

security reasons

-_RESTRICTED_CIPHERS = ( +_RESTRICTED_SERVER_CIPHERS = ( 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:' 'DH+HIGH:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+HIGH:RSA+3DES:!aNULL:' '!eNULL:!MD5:!DSS:!RC4' @@ -404,17 +404,35 @@ def create_default_context(purpose=Purpo """ if not isinstance(purpose, _ASN1Object): raise TypeError(purpose)

context = SSLContext(PROTOCOL_TLSv1)

context = SSLContext(PROTOCOL_SSLv23)

+ # SSLv2 considered harmful. context.options |= OP_NO_SSLv2 +

SSLv3 has problematic security and is only required for really old
clients such as IE6 on Windows XP
context.options |= OP_NO_SSLv3

+ # disable compression to prevent CRIME attacks (OpenSSL 1.0+) context.options |= getattr(_ssl, "OP_NO_COMPRESSION", 0)

disallow ciphers with known vulnerabilities
context.set_ciphers(_RESTRICTED_CIPHERS)
verify certs and host name in client mode

+ if purpose == Purpose.SERVER_AUTH:

   # verify certs and host name in client mode[](#l2.43)
   context.verify_mode = CERT_REQUIRED[](#l2.44)
   context.check_hostname = True[](#l2.45)

elif purpose == Purpose.CLIENT_AUTH:

   # Prefer the server's ciphers by default so that we get stronger[](#l2.47)

```
   # encryption[](#l2.48)
```

   context.options |= getattr(_ssl, "OP_CIPHER_SERVER_PREFERENCE", 0)[](#l2.49)

   # Use single use keys in order to improve forward secrecy[](#l2.51)

   context.options |= getattr(_ssl, "OP_SINGLE_DH_USE", 0)[](#l2.52)

   context.options |= getattr(_ssl, "OP_SINGLE_ECDH_USE", 0)[](#l2.53)

   # disallow ciphers with known vulnerabilities[](#l2.55)

   context.set_ciphers(_RESTRICTED_SERVER_CIPHERS)[](#l2.56)

+ if cafile or capath or cadata: context.load_verify_locations(cafile, capath, cadata) elif context.verify_mode != CERT_NONE:

--- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -1014,23 +1014,43 @@ class ContextTests(unittest.TestCase): def test_create_default_context(self): ctx = ssl.create_default_context()

   self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)[](#l3.7)

   self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23)[](#l3.8)
   self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED)[](#l3.9)
   self.assertTrue(ctx.check_hostname)[](#l3.10)
   self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2)[](#l3.11)

```
   self.assertEqual([](#l3.12)
```

       ctx.options & getattr(ssl, "OP_NO_COMPRESSION", 0),[](#l3.13)

       getattr(ssl, "OP_NO_COMPRESSION", 0),[](#l3.14)

```
   )[](#l3.15)
```

with open(SIGNING_CA) as f: cadata = f.read() ctx = ssl.create_default_context(cafile=SIGNING_CA, capath=CAPATH, cadata=cadata)

   self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)[](#l3.21)

   self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23)[](#l3.22)
   self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED)[](#l3.23)
   self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2)[](#l3.24)

```
   self.assertEqual([](#l3.25)
```

       ctx.options & getattr(ssl, "OP_NO_COMPRESSION", 0),[](#l3.26)

       getattr(ssl, "OP_NO_COMPRESSION", 0),[](#l3.27)

```
   )[](#l3.28)
```

ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)

   self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)[](#l3.31)

   self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23)[](#l3.32)
   self.assertEqual(ctx.verify_mode, ssl.CERT_NONE)[](#l3.33)
   self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2)[](#l3.34)

```
   self.assertEqual([](#l3.35)
```

       ctx.options & getattr(ssl, "OP_NO_COMPRESSION", 0),[](#l3.36)

       getattr(ssl, "OP_NO_COMPRESSION", 0),[](#l3.37)

```
   )[](#l3.38)
```
```
   self.assertEqual([](#l3.39)
```

       ctx.options & getattr(ssl, "OP_SINGLE_DH_USE", 0),[](#l3.40)

       getattr(ssl, "OP_SINGLE_DH_USE", 0),[](#l3.41)

```
   )[](#l3.42)
```
```
   self.assertEqual([](#l3.43)
```

       ctx.options & getattr(ssl, "OP_SINGLE_ECDH_USE", 0),[](#l3.44)

       getattr(ssl, "OP_SINGLE_ECDH_USE", 0),[](#l3.45)

```
   )[](#l3.46)
```

def test__create_stdlib_context(self): ctx = ssl._create_stdlib_context()

--- a/Misc/NEWS +++ b/Misc/NEWS @@ -26,6 +26,9 @@ Core and Builtins Library ------- +- Issue #21013: Enhance ssl.create_default_context() when used for server side

sockets to provide better security by default. +

Issue #20145: assertRaisesRegex and assertWarnsRegex now raise a TypeError if the second argument is not a string or compiled regex.

cpython: aa2eb034c4f7 (original) (raw)

Mercurial > cpython

changeset 89942:aa2eb034c4f7

This list has been explicitly chosen to:

* Prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE)

* Prefer ECDHE over DHE for better performance

* Then Use 3DES as fallback which is secure but slow

* Disable NULL authentication, NULL encryption, MD5 MACs, DSS, and RC4 for

security reasons

SSLv3 has problematic security and is only required for really old

clients such as IE6 on Windows XP

disallow ciphers with known vulnerabilities

verify certs and host name in client mode