cpython: 653dfb1240d5 (original) (raw)

Mercurial > cpython

changeset 93544:653dfb1240d5 3.4

Issue #22638: SSLv3 is now disabled throughout the standard library. It can still be enabled by instantiating a SSLContext manually. [#22638]

Antoine Pitrou solipsis@pitrou.net
date	Fri, 17 Oct 2014 19:28:30 +0200
parents	7d1bd8eed59e
children	334659e8a625 993e8f795194
files	Lib/ssl.py Misc/NEWS
diffstat	2 files changed, 6 insertions(+), 0 deletions(-)[+] [-] Lib/ssl.py 3 Misc/NEWS 3

line wrap: on

line diff

--- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -458,6 +458,9 @@ def _create_unverified_context(protocol= context = SSLContext(protocol) # SSLv2 considered harmful. context.options |= OP_NO_SSLv2

SSLv3 has problematic security and is only required for really old
clients such as IE6 on Windows XP
context.options |= OP_NO_SSLv3

if cert_reqs is not None: context.verify_mode = cert_reqs

--- a/Misc/NEWS +++ b/Misc/NEWS @@ -36,6 +36,9 @@ Core and Builtins Library ------- +- Issue #22638: SSLv3 is now disabled throughout the standard library.

It can still be enabled by instantiating a SSLContext manually. +

Issue #22370: Windows detection in pathlib is now more robust.
Issue #22841: Reject coroutines in asyncio add_signal_handler().

cpython: 653dfb1240d5 (original) (raw)

Mercurial > cpython

changeset 93544:653dfb1240d5 3.4

SSLv3 has problematic security and is only required for really old

clients such as IE6 on Windows XP