classification
Title: Use better default context in asyncio
Type: security Stage: resolved
Components: asyncio, Library (Lib) Versions: Python 3.5, Python 3.4
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: alex, christian.heimes, giampaolo.rodola, gvanrossum, haypo, pitrou, python-dev, yselivanov
Priority: normal Keywords: patch

Created on 2014-10-15 09:53 by pitrou, last changed 2014-10-15 15:01 by pitrou. This issue is now closed.

Files
File name Uploaded Description Edit
asyncio_default_context.patch pitrou, 2014-10-15 09:59 review
Messages (4)
msg229424 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2014-10-15 09:53
asyncio is not yet bound by legacy use cases, so this patch switches asyncio to stronger default SSL settings for client connections. It also adds tests for that (the code path was untested).
msg229450 - (view) Author: Guido van Rossum (gvanrossum) * (Python committer) Date: 2014-10-15 14:15
LGTM. Thanks!
msg229456 - (view) Author: Roundup Robot (python-dev) Date: 2014-10-15 15:00
New changeset c2ccbcd11d47 by Antoine Pitrou in branch '3.4':
Issue #22641: In asyncio, the default SSL context for client connections is now created using ssl.create_default_context(), for stronger security.
https://hg.python.org/cpython/rev/c2ccbcd11d47

New changeset d75b63cb3e78 by Antoine Pitrou in branch 'default':
Issue #22641: In asyncio, the default SSL context for client connections is now created using ssl.create_default_context(), for stronger security.
https://hg.python.org/cpython/rev/d75b63cb3e78
msg229457 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2014-10-15 15:00
Ok, I've now pushed it to 3.4 and 3.5.
History
Date User Action Args
2014-10-15 15:01:00pitrousetstatus: open -> closed
resolution: fixed
messages: + msg229457

stage: patch review -> resolved
2014-10-15 15:00:23python-devsetnosy: + python-dev
messages: + msg229456
2014-10-15 14:15:06gvanrossumsetmessages: + msg229450
2014-10-15 09:59:23pitrousetfiles: + asyncio_default_context.patch
2014-10-15 09:59:17pitrousetfiles: - asyncio_default_context.patch
2014-10-15 09:53:41pitroucreate