Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use better default context in asyncio #66831

Closed
pitrou opened this issue Oct 15, 2014 · 4 comments
Closed

Use better default context in asyncio #66831

pitrou opened this issue Oct 15, 2014 · 4 comments
Labels
stdlib Python modules in the Lib dir topic-asyncio type-security A security issue

Comments

@pitrou
Copy link
Member

pitrou commented Oct 15, 2014

BPO 22641
Nosy @gvanrossum, @pitrou, @vstinner, @giampaolo, @tiran, @alex, @1st1
Files
  • asyncio_default_context.patch
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = <Date 2014-10-15.15:01:00.039>
created_at = <Date 2014-10-15.09:53:41.420>
labels = ['type-security', 'library', 'expert-asyncio']
title = 'Use better default context in asyncio'
updated_at = <Date 2014-10-15.15:01:00.038>
user = 'https://github.com/pitrou'

    bugs.python.org fields:

    activity = <Date 2014-10-15.15:01:00.038>
actor = 'pitrou'
assignee = 'none'
closed = True
closed_date = <Date 2014-10-15.15:01:00.039>
closer = 'pitrou'
components = ['Library (Lib)', 'asyncio']
creation = <Date 2014-10-15.09:53:41.420>
creator = 'pitrou'
dependencies = []
files = ['36936']
hgrepos = []
issue_num = 22641
keywords = ['patch']
message_count = 4.0
messages = ['229424', '229450', '229456', '229457']
nosy_count = 8.0
nosy_names = ['gvanrossum', 'pitrou', 'vstinner', 'giampaolo.rodola', 'christian.heimes', 'alex', 'python-dev', 'yselivanov']
pr_nums = []
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'security'
url = 'https://bugs.python.org/issue22641'
versions = ['Python 3.4', 'Python 3.5']
    @pitrou
    Copy link
    Member Author

    pitrou commented Oct 15, 2014

    asyncio is not yet bound by legacy use cases, so this patch switches asyncio to stronger default SSL settings for client connections. It also adds tests for that (the code path was untested).

    @pitrou pitrou added stdlib Python modules in the Lib dir topic-asyncio type-security A security issue labels Oct 15, 2014
    @gvanrossum
    Copy link
    Member

    LGTM. Thanks!

    @python-dev
    Copy link
    Mannequin

    python-dev mannequin commented Oct 15, 2014

    New changeset c2ccbcd11d47 by Antoine Pitrou in branch '3.4':
    Issue bpo-22641: In asyncio, the default SSL context for client connections is now created using ssl.create_default_context(), for stronger security.
    https://hg.python.org/cpython/rev/c2ccbcd11d47

    New changeset d75b63cb3e78 by Antoine Pitrou in branch 'default':
    Issue bpo-22641: In asyncio, the default SSL context for client connections is now created using ssl.create_default_context(), for stronger security.
    https://hg.python.org/cpython/rev/d75b63cb3e78

    @pitrou
    Copy link
    Member Author

    pitrou commented Oct 15, 2014

    Ok, I've now pushed it to 3.4 and 3.5.

    @pitrou pitrou closed this as completed Oct 15, 2014
    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees
    No one assigned
    Labels
    stdlib Python modules in the Lib dir topic-asyncio type-security A security issue
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    2 participants
    @pitrou @gvanrossum