Skip to content

C
cpython
Kaydet (Commit) 33da1d65 authored tarafından Antoine Pitrou's avatar Antoine Pitrou
Dosyalara gözat
Seçenekler

Better description of SSL-related changes

üst 255abdd3
Hide whitespace changes
Inline Side-by-side
Showing with 15 additions and 7 deletions
Doc/whatsnew/3.2.rst
Dosyayı görüntüle @ 33da1d65
...@@ -1120,11 +1120,15 @@ The :mod:`socket` module has two new improvements. ...@@ -1120,11 +1120,15 @@ The :mod:`socket` module has two new improvements.
ssl ssl
--- ---
* The :mod:`ssl` module has a new class, :class:`~ssl.SSLContext` which serves The :mod:`ssl` module gains an array of new functionalities which make it much easier
as a container for various persistent SSL data, such as protocol settings, to satisfy common requirements for secure (encrypted, authenticated) connections
certificates, private keys, and various other options. The over the Internet:
:meth:`~ssl.SSLContext.wrap_socket` method allows to create an SSL socket from
such an SSL context. (Added by Antoine Pitrou; :issue:`8550`.) * A new class, :class:`~ssl.SSLContext`, serves as a container for various
persistent SSL data, such as protocol settings, certificates, private keys,
and various other options. The :meth:`~ssl.SSLContext.wrap_socket` method
allows to create an SSL socket from such an SSL context. (Added by Antoine
Pitrou; :issue:`8550`.)
* A new function, :func:`ssl.match_hostname`, helps implement server identity * A new function, :func:`ssl.match_hostname`, helps implement server identity
verification for higher-level protocols by implementing the rules of verification for higher-level protocols by implementing the rules of
...@@ -1142,7 +1146,7 @@ ssl ...@@ -1142,7 +1146,7 @@ ssl
protocol, allowing for several "virtual hosts" using different certificates protocol, allowing for several "virtual hosts" using different certificates
on a single IP/port. This extension is only supported in client mode, on a single IP/port. This extension is only supported in client mode,
and is activated by passing the *server_hostname* argument to and is activated by passing the *server_hostname* argument to
:meth:`SSLContext.wrap_socket`. :meth:`ssl.SSLContext.wrap_socket`.
(Added by Antoine Pitrou, :issue:`5639`.) (Added by Antoine Pitrou, :issue:`5639`.)
* Various options have been added to the :mod:`ssl` module, such as * Various options have been added to the :mod:`ssl` module, such as
...@@ -1167,7 +1171,11 @@ text semantics as well as more practical APIs. These improvements break ...@@ -1167,7 +1171,11 @@ text semantics as well as more practical APIs. These improvements break
compatibility with the nntplib version in Python 3.1, which was partly compatibility with the nntplib version in Python 3.1, which was partly
dysfunctional in itself. dysfunctional in itself.
(Contributed by Antoine Pitrou in :issue:`9360`) Support for secure connections through both implicit (using
:class:`nntplib.NNTP_SSL`) and explicit (using :meth:`nntplib.NNTP.starttls`)
TLS has also been added.
(Contributed by Antoine Pitrou in :issue:`9360` and Andrew Vant in :issue:`1926`.)
certificates certificates
------------ ------------
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment