bpo-25910: Link redirections in docs (#1933) · python/cpython@338cd83 (original) (raw)

`@@ -868,9 +868,9 @@ Constants

`

868

868

`.. data:: HAS_NPN

`

869

869

``

870

870

` Whether the OpenSSL library has built-in support for *Next Protocol

`

871

``

`` -

Negotiation* as described in the `NPN draft specification

``

872

``

`` -

https://tools.ietf.org/html/draft-agl-tls-nextprotoneg`_. When true,

``

873

``

`` -

you can use the :meth:SSLContext.set_npn_protocols method to advertise

``

``

871

`` +

Negotiation* as described in the `Application Layer Protocol

``

``

872

`` +

Negotiation https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation`_.

``

``

873

`` +

When true, you can use the :meth:SSLContext.set_npn_protocols method to advertise

``

874

874

` which protocols you want to support.

`

875

875

``

876

876

` .. versionadded:: 3.3

`

`@@ -1374,7 +1374,7 @@ to speed up repeated connections from the same clients.

`

1374

1374

` The capath string, if present, is

`

1375

1375

` the path to a directory containing several CA certificates in PEM format,

`

1376

1376

`` following an `OpenSSL specific layout

``

1377

``

`` -

https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_load_verify_locations.html`_.

``

``

1377

`` +

https://www.openssl.org/docs/manmaster/man3/SSL_CTX_load_verify_locations.html`_.

``

1378

1378

``

1379

1379

` The cadata object, if present, is either an ASCII string of one or more

`

1380

1380

`` PEM-encoded certificates or a :term:bytes-like object of DER-encoded

``

`@@ -1501,8 +1501,8 @@ to speed up repeated connections from the same clients.

`

1501

1501

` Specify which protocols the socket should advertise during the SSL/TLS

`

1502

1502

``` handshake. It should be a list of strings, like ['http/1.1', 'spdy/2'],


`1503`

`1503`

` ordered by preference. The selection of a protocol will happen during the

`

`1504`

``

`` -

handshake, and will play out according to the `NPN draft specification

``

`1505`

``

`` -

<https://tools.ietf.org/html/draft-agl-tls-nextprotoneg>`_. After a

``

``

`1504`

`` +

handshake, and will play out according to the `Application Layer Protocol Negotiation

``

``

`1505`

`` +

<https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_. After a

``

`1506`

`1506`

``  successful handshake, the :meth:`SSLSocket.selected_npn_protocol` method will

``

`1507`

`1507`

` return the agreed-upon protocol.

`

`1508`

`1508`

``

`@@ -1663,8 +1663,7 @@ to speed up repeated connections from the same clients.

`

`1663`

`1663`

`.. method:: SSLContext.session_stats()

`

`1664`

`1664`

``

`1665`

`1665`

` Get statistics about the SSL sessions created or managed by this context.

`

`1666`

``

`` -

A dictionary is returned which maps the names of each `piece of information

``

`1667`

``

`` -

<https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_sess_number.html>`_ to their

``

``

`1666`

`` +

A dictionary is returned which maps the names of each `piece of information <https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_sess_number.html>`_ to their

``

`1668`

`1667`

` numeric values. For example, here is the total number of hits and misses

`

`1669`

`1668`

` in the session cache since the context was created::

`

`1670`

`1669`

``

`@@ -2365,7 +2364,7 @@ enabled when negotiating a SSL session is possible through the

`

`2365`

`2364`

`` :meth:`SSLContext.set_ciphers` method. Starting from Python 3.2.3, the

``

`2366`

`2365`

`ssl module disables certain weak ciphers by default, but you may want

`

`2367`

`2366`

`to further restrict the cipher choice. Be sure to read OpenSSL's documentation

`

`2368`

``

`` -

about the `cipher list format <https://www.openssl.org/docs/apps/ciphers.html#CIPHER-LIST-FORMAT>`_.

``

``

`2367`

`` +

about the `cipher list format <https://www.openssl.org/docs/manmaster/man1/ciphers.html#CIPHER-LIST-FORMAT>`_.

``

`2369`

`2368`

`If you want to check which ciphers are enabled by a given cipher list, use

`

`2370`

`2369`

``` :meth:`SSLContext.get_ciphers` or the ``openssl ciphers`` command on your

2371

2370

`system.

`

`` @@ -2393,10 +2392,10 @@ successful call of :func:~ssl.RAND_add, :func:~ssl.RAND_bytes or

``

2393

2392

`` RFC 1422: Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management <https://www.ietf.org/rfc/rfc1422>_

``

2394

2393

` Steve Kent

`

2395

2394

``

2396

``

`` -

RFC 4086: Randomness Requirements for Security <http://datatracker.ietf.org/doc/rfc4086/>_

``

``

2395

`` +

RFC 4086: Randomness Requirements for Security <https://datatracker.ietf.org/doc/rfc4086/>_

``

2397

2396

` Donald E., Jeffrey I. Schiller

`

2398

2397

``

2399

``

`` -

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile <http://datatracker.ietf.org/doc/rfc5280/>_

``

``

2398

`` +

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile <https://datatracker.ietf.org/doc/rfc5280/>_

``

2400

2399

` D. Cooper

`

2401

2400

``

2402

2401

`` RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2 <https://tools.ietf.org/html/rfc5246>_

``