diff -r c29301b1503f Doc/library/ssl.rst --- a/Doc/library/ssl.rst Fri Mar 21 21:49:38 2014 -0400 +++ b/Doc/library/ssl.rst Sat Mar 22 12:26:35 2014 -0400 @@ -250,7 +250,7 @@ :const:`None`, this function can choose to trust the system's default CA certificates instead. - The settings in Python 3.4 are: :data:`PROTOCOL_TLSv1` with high encryption + The settings in Python 3.4 are: :data:`PROTOCOL_SSLv23` with high encryption cipher suites without RC4 and without unauthenticated cipher suites. Passing :data:`~Purpose.SERVER_AUTH` as *purpose* sets :data:`~SSLContext.verify_mode` to :data:`CERT_REQUIRED` and either diff -r c29301b1503f Lib/ssl.py --- a/Lib/ssl.py Fri Mar 21 21:49:38 2014 -0400 +++ b/Lib/ssl.py Sat Mar 22 12:26:35 2014 -0400 @@ -404,17 +404,27 @@ """ if not isinstance(purpose, _ASN1Object): raise TypeError(purpose) - context = SSLContext(PROTOCOL_TLSv1) + context = SSLContext(PROTOCOL_SSLv23) # SSLv2 considered harmful. context.options |= OP_NO_SSLv2 # disable compression to prevent CRIME attacks (OpenSSL 1.0+) context.options |= getattr(_ssl, "OP_NO_COMPRESSION", 0) # disallow ciphers with known vulnerabilities context.set_ciphers(_RESTRICTED_CIPHERS) - # verify certs and host name in client mode + if purpose == Purpose.SERVER_AUTH: + # verify certs and host name in client mode context.verify_mode = CERT_REQUIRED context.check_hostname = True + elif purpose == Purpose.CLIENT_AUTH: + # Prefer the server's ciphers by default so that we get stronger + # encryption + context.options |= OP_CIPHER_SERVER_PREFERENCE + + # Use single use keys in order to improve forward secrecy + context.options |= OP_SINGLE_DH_USE + context.options |= OP_SINGLE_ECDH_USE + if cafile or capath or cadata: context.load_verify_locations(cafile, capath, cadata) elif context.verify_mode != CERT_NONE: diff -r c29301b1503f Lib/test/test_ssl.py --- a/Lib/test/test_ssl.py Fri Mar 21 21:49:38 2014 -0400 +++ b/Lib/test/test_ssl.py Sat Mar 22 12:26:35 2014 -0400 @@ -1014,23 +1014,43 @@ def test_create_default_context(self): ctx = ssl.create_default_context() - self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1) + self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23) self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED) self.assertTrue(ctx.check_hostname) self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) + self.assertEqual( + ctx.options & ssl.OP_NO_COMPRESSION, + ssl.OP_NO_COMPRESSION, + ) with open(SIGNING_CA) as f: cadata = f.read() ctx = ssl.create_default_context(cafile=SIGNING_CA, capath=CAPATH, cadata=cadata) - self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1) + self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23) self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED) self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) + self.assertEqual( + ctx.options & ssl.OP_NO_COMPRESSION, + ssl.OP_NO_COMPRESSION, + ) ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) - self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1) + self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23) self.assertEqual(ctx.verify_mode, ssl.CERT_NONE) self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) + self.assertEqual( + ctx.options & ssl.OP_NO_COMPRESSION, + ssl.OP_NO_COMPRESSION, + ) + self.assertEqual( + ctx.options & ssl.OP_SINGLE_DH_USE, + ssl.OP_SINGLE_DH_USE, + ) + self.assertEqual( + ctx.options & ssl.OP_SINGLE_ECDH_USE, + ssl.OP_SINGLE_ECDH_USE, + ) def test__create_stdlib_context(self): ctx = ssl._create_stdlib_context() diff -r c29301b1503f Misc/NEWS --- a/Misc/NEWS Fri Mar 21 21:49:38 2014 -0400 +++ b/Misc/NEWS Sat Mar 22 12:26:35 2014 -0400 @@ -23,6 +23,9 @@ Library ------- +- Issue #21013: Enhance ssl.create_default_context() when used for server side + sockets to provide better security by default. + - Issue #20995: Enhance default ciphers used by the ssl module to enable better security an prioritize perfect forward secrecy.