Lib/test · 6a2ba949089754dafe69d56ce0398f4b8847a4e2 · Batuhan Osman TASKAYA / cpython

Issue #21013: Enhance ssl.create_default_context() for server side contexts · 6a2ba949

Donald Stufft Mar 23, 2014 yazdı

Closes #21013 by modfying ssl.create_default_context() to:

* Move the restricted ciphers to only apply when using
  ssl.Purpose.CLIENT_AUTH. The major difference between restricted and not
  is the lack of RC4 in the restricted. However there are servers that exist
  that only expose RC4 still.
* Switches the default protocol to ssl.PROTOCOL_SSLv23 so that the context
  will select TLS1.1 or TLS1.2 if it is available.
* Add ssl.OP_NO_SSLv3 by default to continue to block SSL3.0 sockets
* Add ssl.OP_SINGLE_DH_USE and ssl.OP_SINGLE_ECDG_USE to improve the security
  of the perfect forward secrecy
* Add ssl.OP_CIPHER_SERVER_PREFERENCE so that when used for a server side
  socket the context will prioritize our ciphers which have been carefully
  selected to maximize security and performance.
* Documents the failure conditions when a SSL3.0 connection is required so
  that end users can more easily determine if they need to unset
  ssl.OP_NO_SSLv3.

6a2ba949

Adı	Son kayıt (commit)	Son güncelleme
..
audiodata		Loading commit data...
capath		Loading commit data...
cjkencodings		Loading commit data...
crashers		Loading commit data...
data		Loading commit data...
decimaltestdata		Loading commit data...
encoded_modules		Loading commit data...
imghdrdata		Loading commit data...
leakers		Loading commit data...
namespace_pkgs		Loading commit data...
sndhdrdata		Loading commit data...
subprocessdata		Loading commit data...
support		Loading commit data...
test_asyncio		Loading commit data...
test_email		Loading commit data...
test_importlib		Loading commit data...
test_json		Loading commit data...
tracedmodules		Loading commit data...
xmltestdata		Loading commit data...
185test.db		Loading commit data...
Sine-1000Hz-300ms.aif		Loading commit data...
__init__.py		Loading commit data...
__main__.py		Loading commit data...
_test_multiprocessing.py		Loading commit data...
audiotest.au		Loading commit data...
audiotests.py		Loading commit data...
autotest.py		Loading commit data...
bad_coding.py		Loading commit data...
bad_coding2.py		Loading commit data...
badcert.pem		Loading commit data...
badkey.pem		Loading commit data...
badsyntax_3131.py		Loading commit data...
badsyntax_future10.py		Loading commit data...
badsyntax_future3.py		Loading commit data...
badsyntax_future4.py		Loading commit data...
badsyntax_future5.py		Loading commit data...
badsyntax_future6.py		Loading commit data...
badsyntax_future7.py		Loading commit data...
badsyntax_future8.py		Loading commit data...
badsyntax_future9.py		Loading commit data...
badsyntax_pep3120.py		Loading commit data...
buffer_tests.py		Loading commit data...
bytecode_helper.py		Loading commit data...
cfgparser.1		Loading commit data...
cfgparser.2		Loading commit data...
cfgparser.3		Loading commit data...
check_soundcard.vbs		Loading commit data...
cmath_testcases.txt		Loading commit data...
coding20731.py		Loading commit data...
curses_tests.py		Loading commit data...
datetimetester.py		Loading commit data...
dh512.pem		Loading commit data...
dis_module.py		Loading commit data...
doctest_aliases.py		Loading commit data...
double_const.py		Loading commit data...
empty.vbs		Loading commit data...
exception_hierarchy.txt		Loading commit data...
final_a.py		Loading commit data...
final_b.py		Loading commit data...
floating_points.txt		Loading commit data...
fork_wait.py		Loading commit data...
formatfloat_testcases.txt		Loading commit data...
future_test1.py		Loading commit data...
future_test2.py		Loading commit data...
gdb_sample.py		Loading commit data...
https_svn_python_org_root.pem		Loading commit data...
ieee754.txt		Loading commit data...
inspect_fodder.py		Loading commit data...
inspect_fodder2.py		Loading commit data...
keycert.passwd.pem		Loading commit data...
keycert.pem		Loading commit data...
keycert2.pem		Loading commit data...
keycert3.pem		Loading commit data...
keycert4.pem		Loading commit data...
list_tests.py		Loading commit data...
lock_tests.py		Loading commit data...
mailcap.txt		Loading commit data...
make_ssl_certs.py		Loading commit data...
mapping_tests.py		Loading commit data...
math_testcases.txt		Loading commit data...
memory_watchdog.py		Loading commit data...
mime.types		Loading commit data...
mock_socket.py		Loading commit data...
mp_fork_bomb.py		Loading commit data...
multibytecodec_support.py		Loading commit data...
nokia.pem		Loading commit data...
nullbytecert.pem		Loading commit data...
nullcert.pem		Loading commit data...
outstanding_bugs.py		Loading commit data...
pickletester.py		Loading commit data...
profilee.py		Loading commit data...
pstats.pck		Loading commit data...
pycacert.pem		Loading commit data...
pycakey.pem		Loading commit data...
pyclbr_input.py		Loading commit data...
pydoc_mod.py		Loading commit data...
pydocfodder.py		Loading commit data...
pystone.py		Loading commit data...
randv2_32.pck		Loading commit data...
randv2_64.pck		Loading commit data...
randv3.pck		Loading commit data...
re_tests.py		Loading commit data...
regrtest.py		Loading commit data...
relimport.py		Loading commit data...
reperf.py		Loading commit data...
revocation.crl		Loading commit data...
sample_doctest.py		Loading commit data...
sample_doctest_no_docstrings.py		Loading commit data...
sample_doctest_no_doctests.py		Loading commit data...
script_helper.py		Loading commit data...
seq_tests.py		Loading commit data...
sgml_input.html		Loading commit data...
sha256.pem		Loading commit data...
sortperf.py		Loading commit data...
ssl_cert.pem		Loading commit data...
ssl_key.passwd.pem		Loading commit data...
ssl_key.pem		Loading commit data...
ssl_servers.py		Loading commit data...
ssltests.py		Loading commit data...
string_tests.py		Loading commit data...
test___all__.py		Loading commit data...
test___future__.py		Loading commit data...
test__locale.py		Loading commit data...
test__opcode.py		Loading commit data...
test__osx_support.py		Loading commit data...
test_abc.py		Loading commit data...
test_abstract_numbers.py		Loading commit data...
test_aifc.py		Loading commit data...
test_argparse.py		Loading commit data...
test_array.py		Loading commit data...
test_ast.py		Loading commit data...
test_asynchat.py		Loading commit data...
test_asyncore.py		Loading commit data...
test_atexit.py		Loading commit data...
test_audioop.py		Loading commit data...
test_augassign.py		Loading commit data...
test_base64.py		Loading commit data...
test_bigaddrspace.py		Loading commit data...
test_bigmem.py		Loading commit data...
test_binascii.py		Loading commit data...
test_binhex.py		Loading commit data...
test_binop.py		Loading commit data...
test_bisect.py		Loading commit data...
test_bool.py		Loading commit data...
test_buffer.py		Loading commit data...
test_bufio.py		Loading commit data...
test_builtin.py		Loading commit data...
test_bytes.py		Loading commit data...
test_bz2.py		Loading commit data...
test_calendar.py		Loading commit data...
test_call.py		Loading commit data...
test_capi.py		Loading commit data...
test_cgi.py		Loading commit data...
test_cgitb.py		Loading commit data...
test_charmapcodec.py		Loading commit data...
test_class.py		Loading commit data...
test_cmath.py		Loading commit data...
test_cmd.py		Loading commit data...
test_cmd_line.py		Loading commit data...
test_cmd_line_script.py		Loading commit data...
test_code.py		Loading commit data...
test_code_module.py		Loading commit data...
test_codeccallbacks.py		Loading commit data...
test_codecencodings_cn.py		Loading commit data...
test_codecencodings_hk.py		Loading commit data...
test_codecencodings_iso2022.py		Loading commit data...
test_codecencodings_jp.py		Loading commit data...
test_codecencodings_kr.py		Loading commit data...
test_codecencodings_tw.py		Loading commit data...
test_codecmaps_cn.py		Loading commit data...
test_codecmaps_hk.py		Loading commit data...
test_codecmaps_jp.py		Loading commit data...
test_codecmaps_kr.py		Loading commit data...
test_codecmaps_tw.py		Loading commit data...
test_codecs.py		Loading commit data...
test_codeop.py		Loading commit data...
test_collections.py		Loading commit data...
test_colorsys.py		Loading commit data...
test_compare.py		Loading commit data...
test_compile.py		Loading commit data...
test_compileall.py		Loading commit data...
test_complex.py		Loading commit data...
test_concurrent_futures.py		Loading commit data...
test_configparser.py		Loading commit data...
test_contains.py		Loading commit data...
test_contextlib.py		Loading commit data...
test_copy.py		Loading commit data...
test_copyreg.py		Loading commit data...
test_cprofile.py		Loading commit data...
test_crashers.py		Loading commit data...
test_crypt.py		Loading commit data...
test_csv.py		Loading commit data...
test_ctypes.py		Loading commit data...
test_curses.py		Loading commit data...
test_datetime.py		Loading commit data...
test_dbm.py		Loading commit data...
test_dbm_dumb.py		Loading commit data...
test_dbm_gnu.py		Loading commit data...
test_dbm_ndbm.py		Loading commit data...
test_decimal.py		Loading commit data...
test_decorators.py		Loading commit data...
test_defaultdict.py		Loading commit data...
test_deque.py		Loading commit data...
test_descr.py		Loading commit data...
test_descrtut.py		Loading commit data...
test_devpoll.py		Loading commit data...
test_dict.py		Loading commit data...
test_dictcomps.py		Loading commit data...
test_dictviews.py		Loading commit data...
test_difflib.py		Loading commit data...
test_difflib_expect.html		Loading commit data...
test_dis.py		Loading commit data...
test_distutils.py		Loading commit data...
test_doctest.py		Loading commit data...
test_doctest.txt		Loading commit data...
test_doctest2.py		Loading commit data...
test_doctest2.txt		Loading commit data...
test_doctest3.txt		Loading commit data...
test_doctest4.txt		Loading commit data...
test_docxmlrpc.py		Loading commit data...
test_dummy_thread.py		Loading commit data...
test_dummy_threading.py		Loading commit data...
test_dynamic.py		Loading commit data...
test_dynamicclassattribute.py		Loading commit data...
test_ensurepip.py		Loading commit data...
test_enum.py		Loading commit data...
test_enumerate.py		Loading commit data...
test_eof.py		Loading commit data...
test_epoll.py		Loading commit data...
test_errno.py		Loading commit data...
test_exception_variations.py		Loading commit data...
test_exceptions.py		Loading commit data...
test_extcall.py		Loading commit data...
test_faulthandler.py		Loading commit data...
test_fcntl.py		Loading commit data...
test_file.py		Loading commit data...
test_file_eintr.py		Loading commit data...
test_filecmp.py		Loading commit data...
test_fileinput.py		Loading commit data...
test_fileio.py		Loading commit data...
test_finalization.py		Loading commit data...
test_float.py		Loading commit data...
test_flufl.py		Loading commit data...
test_fnmatch.py		Loading commit data...
test_fork1.py		Loading commit data...
test_format.py		Loading commit data...
test_fractions.py		Loading commit data...
test_frame.py		Loading commit data...
test_ftplib.py		Loading commit data...
test_funcattrs.py		Loading commit data...
test_functools.py		Loading commit data...
test_future.py		Loading commit data...
test_future3.py		Loading commit data...
test_future4.py		Loading commit data...
test_future5.py		Loading commit data...
test_gc.py		Loading commit data...
test_gdb.py		Loading commit data...
test_generators.py		Loading commit data...
test_genericpath.py		Loading commit data...
test_genexps.py		Loading commit data...
test_getargs2.py		Loading commit data...
test_getopt.py		Loading commit data...
test_getpass.py		Loading commit data...
test_gettext.py		Loading commit data...
test_glob.py		Loading commit data...
test_global.py		Loading commit data...
test_grammar.py		Loading commit data...
test_grp.py		Loading commit data...
test_gzip.py		Loading commit data...
test_hash.py		Loading commit data...
test_hashlib.py		Loading commit data...
test_heapq.py		Loading commit data...
test_hmac.py		Loading commit data...
test_html.py		Loading commit data...
test_htmlparser.py		Loading commit data...
test_http_cookiejar.py		Loading commit data...
test_http_cookies.py		Loading commit data...
test_httplib.py		Loading commit data...
test_httpservers.py		Loading commit data...
test_idle.py		Loading commit data...
test_imaplib.py		Loading commit data...
test_imghdr.py		Loading commit data...
test_imp.py		Loading commit data...
test_import.py		Loading commit data...
test_index.py		Loading commit data...
test_inspect.py		Loading commit data...
test_int.py		Loading commit data...
test_int_literal.py		Loading commit data...
test_io.py		Loading commit data...
test_ioctl.py		Loading commit data...
test_ipaddress.py		Loading commit data...
test_isinstance.py		Loading commit data...
test_iter.py		Loading commit data...
test_iterlen.py		Loading commit data...
test_itertools.py		Loading commit data...
test_keyword.py		Loading commit data...
test_keywordonlyarg.py		Loading commit data...
test_kqueue.py		Loading commit data...
test_largefile.py		Loading commit data...
test_lib2to3.py		Loading commit data...
test_linecache.py		Loading commit data...
test_list.py		Loading commit data...
test_listcomps.py		Loading commit data...
test_locale.py		Loading commit data...
test_logging.py		Loading commit data...
test_long.py		Loading commit data...
test_longexp.py		Loading commit data...
test_lzma.py		Loading commit data...
test_macpath.py		Loading commit data...
test_macurl2path.py		Loading commit data...
test_mailbox.py		Loading commit data...
test_mailcap.py		Loading commit data...
test_marshal.py		Loading commit data...
test_math.py		Loading commit data...
test_memoryio.py		Loading commit data...
test_memoryview.py		Loading commit data...
test_metaclass.py		Loading commit data...
test_mimetypes.py		Loading commit data...
test_minidom.py		Loading commit data...
test_mmap.py		Loading commit data...
test_module.py		Loading commit data...
test_modulefinder.py		Loading commit data...
test_msilib.py		Loading commit data...
test_multibytecodec.py		Loading commit data...
test_multiprocessing_fork.py		Loading commit data...
test_multiprocessing_forkserver.py		Loading commit data...
test_multiprocessing_main_handling.py		Loading commit data...
test_multiprocessing_spawn.py		Loading commit data...
test_namespace_pkgs.py		Loading commit data...
test_netrc.py		Loading commit data...
test_nis.py		Loading commit data...
test_nntplib.py		Loading commit data...
test_normalization.py		Loading commit data...
test_ntpath.py		Loading commit data...
test_numeric_tower.py		Loading commit data...
test_opcodes.py		Loading commit data...
test_openpty.py		Loading commit data...
test_operator.py		Loading commit data...
test_optparse.py		Loading commit data...
test_os.py		Loading commit data...
test_ossaudiodev.py		Loading commit data...
test_osx_env.py		Loading commit data...
test_parser.py		Loading commit data...
test_pathlib.py		Loading commit data...
test_pdb.py		Loading commit data...
test_peepholer.py		Loading commit data...
test_pep247.py		Loading commit data...
test_pep277.py		Loading commit data...
test_pep292.py		Loading commit data...
test_pep3120.py		Loading commit data...
test_pep3131.py		Loading commit data...
test_pep3151.py		Loading commit data...
test_pep352.py		Loading commit data...
test_pep380.py		Loading commit data...
test_pickle.py		Loading commit data...
test_pickletools.py		Loading commit data...
test_pipes.py		Loading commit data...
test_pkg.py		Loading commit data...
test_pkgimport.py		Loading commit data...
test_pkgutil.py		Loading commit data...
test_platform.py		Loading commit data...
test_plistlib.py		Loading commit data...
test_poll.py		Loading commit data...
test_popen.py		Loading commit data...
test_poplib.py		Loading commit data...
test_posix.py		Loading commit data...
test_posixpath.py		Loading commit data...
test_pow.py		Loading commit data...
test_pprint.py		Loading commit data...
test_print.py		Loading commit data...
test_profile.py		Loading commit data...
test_property.py		Loading commit data...
test_pstats.py		Loading commit data...
test_pty.py		Loading commit data...
test_pulldom.py		Loading commit data...
test_pwd.py		Loading commit data...
test_py_compile.py		Loading commit data...
test_pyclbr.py		Loading commit data...
test_pydoc.py		Loading commit data...
test_pyexpat.py		Loading commit data...
test_queue.py		Loading commit data...
test_quopri.py		Loading commit data...
test_raise.py		Loading commit data...
test_random.py		Loading commit data...
test_range.py		Loading commit data...
test_re.py		Loading commit data...
test_readline.py		Loading commit data...
test_regrtest.py		Loading commit data...
test_reprlib.py		Loading commit data...
test_resource.py		Loading commit data...
test_richcmp.py		Loading commit data...
test_rlcompleter.py		Loading commit data...
test_robotparser.py		Loading commit data...
test_runpy.py		Loading commit data...
test_sax.py		Loading commit data...
test_sched.py		Loading commit data...
test_scope.py		Loading commit data...
test_select.py		Loading commit data...
test_selectors.py		Loading commit data...
test_set.py		Loading commit data...
test_setcomps.py		Loading commit data...
test_shelve.py		Loading commit data...
test_shlex.py		Loading commit data...
test_shutil.py		Loading commit data...
test_signal.py		Loading commit data...
test_site.py		Loading commit data...
test_slice.py		Loading commit data...
test_smtpd.py		Loading commit data...
test_smtplib.py		Loading commit data...
test_smtpnet.py		Loading commit data...
test_sndhdr.py		Loading commit data...
test_socket.py		Loading commit data...
test_socketserver.py		Loading commit data...
test_sort.py		Loading commit data...
test_source_encoding.py		Loading commit data...
test_sqlite.py		Loading commit data...
test_ssl.py		Loading commit data...
test_startfile.py		Loading commit data...
test_stat.py		Loading commit data...
test_statistics.py		Loading commit data...
test_strftime.py		Loading commit data...
test_string.py		Loading commit data...
test_stringprep.py		Loading commit data...
test_strlit.py		Loading commit data...
test_strptime.py		Loading commit data...
test_strtod.py		Loading commit data...
test_struct.py		Loading commit data...
test_structmembers.py		Loading commit data...
test_structseq.py		Loading commit data...
test_subprocess.py		Loading commit data...
test_sunau.py		Loading commit data...
test_sundry.py		Loading commit data...
test_super.py		Loading commit data...
test_support.py		Loading commit data...
test_symtable.py		Loading commit data...
test_syntax.py		Loading commit data...
test_sys.py		Loading commit data...
test_sys_setprofile.py		Loading commit data...
test_sys_settrace.py		Loading commit data...
test_sysconfig.py		Loading commit data...
test_syslog.py		Loading commit data...
test_tarfile.py		Loading commit data...
test_tcl.py		Loading commit data...
test_telnetlib.py		Loading commit data...
test_tempfile.py		Loading commit data...
test_textwrap.py		Loading commit data...
test_thread.py		Loading commit data...
test_threaded_import.py		Loading commit data...
test_threadedtempfile.py		Loading commit data...
test_threading.py		Loading commit data...
test_threading_local.py		Loading commit data...
test_threadsignals.py		Loading commit data...
test_time.py		Loading commit data...
test_timeit.py		Loading commit data...
test_timeout.py		Loading commit data...
test_tk.py		Loading commit data...
test_tokenize.py		Loading commit data...
test_tools.py		Loading commit data...
test_trace.py		Loading commit data...
test_traceback.py		Loading commit data...
test_tracemalloc.py		Loading commit data...
test_ttk_guionly.py		Loading commit data...
test_ttk_textonly.py		Loading commit data...
test_tuple.py		Loading commit data...
test_typechecks.py		Loading commit data...
test_types.py		Loading commit data...
test_ucn.py		Loading commit data...
test_unary.py		Loading commit data...
test_unicode.py		Loading commit data...
test_unicode_file.py		Loading commit data...
test_unicodedata.py		Loading commit data...
test_unittest.py		Loading commit data...
test_univnewlines.py		Loading commit data...
test_unpack.py		Loading commit data...
test_unpack_ex.py		Loading commit data...
test_urllib.py		Loading commit data...
test_urllib2.py		Loading commit data...
test_urllib2_localnet.py		Loading commit data...
test_urllib2net.py		Loading commit data...
test_urllib_response.py		Loading commit data...
test_urllibnet.py		Loading commit data...
test_urlparse.py		Loading commit data...
test_userdict.py		Loading commit data...
test_userlist.py		Loading commit data...
test_userstring.py		Loading commit data...
test_uu.py		Loading commit data...
test_uuid.py		Loading commit data...
test_venv.py		Loading commit data...
test_wait3.py		Loading commit data...
test_wait4.py		Loading commit data...
test_warnings.py		Loading commit data...
test_wave.py		Loading commit data...
test_weakref.py		Loading commit data...
test_weakset.py		Loading commit data...
test_webbrowser.py		Loading commit data...
test_winreg.py		Loading commit data...
test_winsound.py		Loading commit data...
test_with.py		Loading commit data...
test_wsgiref.py		Loading commit data...
test_xdrlib.py		Loading commit data...
test_xml_dom_minicompat.py		Loading commit data...
test_xml_etree.py		Loading commit data...
test_xml_etree_c.py		Loading commit data...
test_xmlrpc.py		Loading commit data...
test_xmlrpc_net.py		Loading commit data...
test_zipfile.py		Loading commit data...
test_zipfile64.py		Loading commit data...
test_zipimport.py		Loading commit data...
test_zipimport_support.py		Loading commit data...
test_zlib.py		Loading commit data...
testcodec.py		Loading commit data...
testtar.tar		Loading commit data...
tf_inherit_check.py		Loading commit data...
threaded_import_hangers.py		Loading commit data...
time_hashlib.py		Loading commit data...
tokenize_tests-latin1-coding-cookie-and-utf8-bom-sig.txt		Loading commit data...
tokenize_tests-no-coding-cookie-and-utf8-bom-sig-only.txt		Loading commit data...
tokenize_tests-utf8-coding-cookie-and-no-utf8-bom-sig.txt		Loading commit data...
tokenize_tests-utf8-coding-cookie-and-utf8-bom-sig.txt		Loading commit data...
tokenize_tests.txt		Loading commit data...
warning_tests.py		Loading commit data...
win_console_handler.py		Loading commit data...
xmltests.py		Loading commit data...
zip_cp437_header.zip		Loading commit data...
zipdir.zip		Loading commit data...