[Python-checkins] cpython (merge 3.6 -> default): Explain why PROTOCOL_SSLv23 does not support SSLv2 and SSLv3 by default.
christian.heimes
python-checkins at python.org
Tue Sep 13 06:10:52 EDT 2016
https://hg.python.org/cpython/rev/5cf9144fc229
changeset: 103754:5cf9144fc229
parent: 103752:e03c1b6830fd
parent: 103753:f1a72a576bf2
user: Christian Heimes <christian at python.org>
date: Tue Sep 13 12:10:45 2016 +0200
summary:
Explain why PROTOCOL_SSLv23 does not support SSLv2 and SSLv3 by default.
files:
Doc/library/ssl.rst | 24 ++++++++++++++----------
1 files changed, 14 insertions(+), 10 deletions(-)
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@@ -192,16 +192,20 @@
.. table::
- ======================== ========= ========= ========== ========= =========== ===========
- *client* / **server** **SSLv2** **SSLv3** **TLS** **TLSv1** **TLSv1.1** **TLSv1.2**
- ------------------------ --------- --------- ---------- --------- ----------- -----------
- *SSLv2* yes no yes no no no
- *SSLv3* no yes yes no no no
- *TLS* (*SSLv23*) no yes yes yes yes yes
- *TLSv1* no no yes yes no no
- *TLSv1.1* no no yes no yes no
- *TLSv1.2* no no yes no no yes
- ======================== ========= ========= ========== ========= =========== ===========
+ ======================== ============ ============ ============= ========= =========== ===========
+ *client* / **server** **SSLv2** **SSLv3** **TLS** **TLSv1** **TLSv1.1** **TLSv1.2**
+ ------------------------ ------------ ------------ ------------- --------- ----------- -----------
+ *SSLv2* yes no no [1]_ no no no
+ *SSLv3* no yes no [2]_ no no no
+ *TLS* (*SSLv23*) no [1]_ no [2]_ yes yes yes yes
+ *TLSv1* no no yes yes no no
+ *TLSv1.1* no no yes no yes no
+ *TLSv1.2* no no yes no no yes
+ ======================== ============ ============ ============= ========= =========== ===========
+
+ .. rubric:: Footnotes
+ .. [1] :class:`SSLContext` disables SSLv2 with :data:`OP_NO_SSLv2` by default.
+ .. [2] :class:`SSLContext` disables SSLv2 with :data:`OP_NO_SSLv2` by default.
.. note::
--
Repository URL: https://hg.python.org/cpython
More information about the Python-checkins
mailing list