- 04 Kas, 2014 1 kayıt (commit)
-
-
Benjamin Peterson yazdı
-
- 03 Kas, 2014 1 kayıt (commit)
-
-
Benjamin Peterson yazdı
Patch by Alex Gaynor with some modifications by me.
-
- 03 Eki, 2014 2 kayıt (commit)
-
-
Benjamin Peterson yazdı
-
Benjamin Peterson yazdı
Patch by Christian Heimes and Alex Gaynor.
-
- 21 Tem, 2014 1 kayıt (commit)
-
-
Antoine Pitrou yazdı
Thanks to William Orr.
-
- 16 Nis, 2014 1 kayıt (commit)
-
-
Antoine Pitrou yazdı
-
- 23 Mar, 2014 1 kayıt (commit)
-
-
Donald Stufft yazdı
Closes #21013 by modfying ssl.create_default_context() to: * Move the restricted ciphers to only apply when using ssl.Purpose.CLIENT_AUTH. The major difference between restricted and not is the lack of RC4 in the restricted. However there are servers that exist that only expose RC4 still. * Switches the default protocol to ssl.PROTOCOL_SSLv23 so that the context will select TLS1.1 or TLS1.2 if it is available. * Add ssl.OP_NO_SSLv3 by default to continue to block SSL3.0 sockets * Add ssl.OP_SINGLE_DH_USE and ssl.OP_SINGLE_ECDG_USE to improve the security of the perfect forward secrecy * Add ssl.OP_CIPHER_SERVER_PREFERENCE so that when used for a server side socket the context will prioritize our ciphers which have been carefully selected to maximize security and performance. * Documents the failure conditions when a SSL3.0 connection is required so that end users can more easily determine if they need to unset ssl.OP_NO_SSLv3.
-
- 22 Mar, 2014 1 kayıt (commit)
-
-
Antoine Pitrou yazdı
Issue #21015: SSL contexts will now automatically select an elliptic curve for ECDH key exchange on OpenSSL 1.0.2 and later, and otherwise default to "prime256v1". (should also fix a buildbot failure introduced by #20995)
-
- 12 Mar, 2014 4 kayıt (commit)
-
-
Benjamin Peterson yazdı
-
Benjamin Peterson yazdı
-
Benjamin Peterson yazdı
-
Victor Stinner yazdı
-
- 09 Ock, 2014 2 kayıt (commit)
-
-
Antoine Pitrou yazdı
-
Antoine Pitrou yazdı
-
- 28 Ara, 2013 1 kayıt (commit)
-
-
Antoine Pitrou yazdı
Issue #19422: Explicitly disallow non-SOCK_STREAM sockets in the ssl module, rather than silently let them emit clear text data.
-
- 19 Ara, 2013 1 kayıt (commit)
-
-
Victor Stinner yazdı
ValueError if num is negative (instead of raising a SystemError).
-
- 16 Ara, 2013 1 kayıt (commit)
-
-
Christian Heimes yazdı
EWOULDBLOCK on Windows or VMs hosted on Windows.
-
- 15 Ara, 2013 1 kayıt (commit)
-
-
Christian Heimes yazdı
-
- 05 Ara, 2013 1 kayıt (commit)
-
-
Christian Heimes yazdı
-
- 02 Ara, 2013 2 kayıt (commit)
-
-
Christian Heimes yazdı
-
Christian Heimes yazdı
with server_hostname on handshake.
-
- 23 Kas, 2013 4 kayıt (commit)
-
-
Christian Heimes yazdı
create SSLContext objects in Python's stdlib module. It provides a single configuration point and makes use of SSLContext.load_default_certs().
-
Christian Heimes yazdı
a new SSLContext object with secure default settings.
-
Christian Heimes yazdı
certificates from default stores or system stores. By default the method loads CA certs for authentication of server certs.
-
Christian Heimes yazdı
The patch removes the verify_flags feature on Mac OS X 10.4 with OpenSSL 0.9.7l 28 Sep 2006.
-
- 22 Kas, 2013 4 kayıt (commit)
-
-
Christian Heimes yazdı
-
Christian Heimes yazdı
-
Christian Heimes yazdı
-
Christian Heimes yazdı
CRL enumeration are now two functions. enum_certificates() also returns purpose flags as set of OIDs.
-
- 21 Kas, 2013 4 kayıt (commit)
-
-
Christian Heimes yazdı
-
Christian Heimes yazdı
of the context in order to enable certification revocation list (CRL) checks or strict X509 rules.
-
Christian Heimes yazdı
and CRL distribution points.
-
Christian Heimes yazdı
to load CA certificates and CRL from memory. It supports PEM and DER encoded strings.
-
- 17 Kas, 2013 1 kayıt (commit)
-
-
Christian Heimes yazdı
Issue #19448: Add private API to SSL module to lookup ASN.1 objects by OID, NID, short name and long name.
-
- 30 Eyl, 2014 1 kayıt (commit)
-
-
Georg Brandl yazdı
inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and ``uniformResourceIdentifier`` (URI).
-
- 27 Eki, 2013 1 kayıt (commit)
-
-
Georg Brandl yazdı
for security reasons. It now doesn't match multiple wildcards nor wildcards inside IDN fragments.
-
- 29 Eyl, 2013 1 kayıt (commit)
-
-
Antoine Pitrou yazdı
Issue #19095: SSLSocket.getpeercert() now raises ValueError when the SSL handshake hasn't been done.
-
- 25 Agu, 2013 1 kayıt (commit)
-
-
Christian Heimes yazdı
-
- 21 Agu, 2013 1 kayıt (commit)
-
-
Christian Heimes yazdı
A pthread_atfork() child handler is used to seeded the PRNG with pid, time and some stack data.
-
- 16 Agu, 2013 1 kayıt (commit)
-
-
Christian Heimes yazdı
inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for rfc822Name (email), dNSName (DNS) and uniformResourceIdentifier (URI).
-