Skip to content

v5.0.3
Compare
Choose a tag to compare
@auvipy auvipy released this 19 Jan 20:23
· 71 commits to master since this release
v5.0.3
32d2b7e

5.0.3

:release-date: 2021-01-19 9:00 P.M UTC+6:00
:release-by: Asif Saif Uddin

  • Change the default value of ssl_version to None. When not set, the
    proper value between ssl.PROTOCOL_TLS_CLIENT and ssl.PROTOCOL_TLS_SERVER
    will be selected based on the param server_side in order to create
    a TLS Context object with better defaults that fit the desired
    connection side.

  • Change the default value of cert_reqs to None. The default value
    of ctx.verify_mode is ssl.CERT_NONE, but when ssl.PROTOCOL_TLS_CLIENT
    is used, ctx.verify_mode defaults to ssl.CERT_REQUIRED.

  • Fix context.check_hostname logic. Checking the hostname depends on
    having support of the SNI TLS extension and being provided with a
    server_hostname value. Another important thing to mention is that
    enabling hostname checking automatically sets verify_mode from
    ssl.CERT_NONE to ssl.CERT_REQUIRED in the stdlib ssl and it cannot
    be set back to ssl.CERT_NONE as long as hostname checking is enabled.

  • Refactor the SNI tests to test one thing at a time and removing some
    tests that were being repeated over and over.

Assets 2
Loading