Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prefer PROTOCOL_TLS_CLIENT/SERVER #75527

Closed
tiran opened this issue Sep 4, 2017 · 2 comments
Closed

Prefer PROTOCOL_TLS_CLIENT/SERVER #75527

tiran opened this issue Sep 4, 2017 · 2 comments
Assignees
@tiran
Labels
3.7 (EOL) end of life topic-SSL type-feature A feature request or enhancement

Comments

@tiran
Copy link
Member

tiran commented Sep 4, 2017

BPO 31346
Nosy @tiran
PRs
  • bpo-31346: Use PROTOCOL_TLS_CLIENT/SERVER #3058
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = 'https://github.com/tiran'
closed_at = <Date 2017-09-17.14:35:33.296>
created_at = <Date 2017-09-04.23:20:29.353>
labels = ['expert-SSL', 'type-feature', '3.7']
title = 'Prefer PROTOCOL_TLS_CLIENT/SERVER'
updated_at = <Date 2017-09-17.14:35:33.295>
user = 'https://github.com/tiran'

    bugs.python.org fields:

    activity = <Date 2017-09-17.14:35:33.295>
actor = 'christian.heimes'
assignee = 'christian.heimes'
closed = True
closed_date = <Date 2017-09-17.14:35:33.296>
closer = 'christian.heimes'
components = ['SSL']
creation = <Date 2017-09-04.23:20:29.353>
creator = 'christian.heimes'
dependencies = []
files = []
hgrepos = []
issue_num = 31346
keywords = []
message_count = 2.0
messages = ['301282', '302287']
nosy_count = 1.0
nosy_names = ['christian.heimes']
pr_nums = ['3058']
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'enhancement'
url = 'https://bugs.python.org/issue31346'
versions = ['Python 3.7']
    @tiran
    Copy link
    Member Author

    tiran commented Sep 4, 2017

    Since Python 3.6 the ssl module has three new protocols:

    • PROTOCOL_TLS is the new, preferred, and less confusing name of PROTOCOL_SSLv23. It performs auto-negotiation of the best TLS/SSL protocol supported by client and server.
    • PROTOCOL_TLS_CLIENT is a client-only variant of PROTOCOL_TLS. The protocol also enables check_hostname and CERT_REQUIRED.
    • PROTOCOL_TLS_SERVER is server side-only variant. It leaves check_hostname disabled and has CERT_NONE (no client cert validation).

    Tests and code should prefer PROTOCOL_TLS_CLIENT and PROTOCOL_TLS_SERVER whenever possible.

    @tiran tiran added the 3.7 (EOL) end of life label Sep 4, 2017
    @tiran tiran self-assigned this Sep 4, 2017
    @tiran tiran added topic-SSL type-feature A feature request or enhancement labels Sep 4, 2017
    @tiran
    Copy link
    Member Author

    tiran commented Sep 15, 2017

    New changeset a170fa1 by Christian Heimes in branch 'master':
    bpo-31346: Use PROTOCOL_TLS_CLIENT/SERVER (bpo-3058)
    a170fa1

    @tiran tiran closed this as completed Sep 17, 2017
    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees

    @tiran tiran

    Labels
    3.7 (EOL) end of life topic-SSL type-feature A feature request or enhancement
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    1 participant
    @tiran