Skip to content

Commit cccc835

Browse files
committed
gh-152709: Update ssl docs for OpenSSL 4
1 parent a5be0d8 commit cccc835

2 files changed

Lines changed: 8 additions & 10 deletions

File tree

Doc/library/ssl.rst

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -655,7 +655,7 @@ Constants
655655
Selects SSL version 3 as the channel encryption protocol.
656656

657657
This protocol is not available if OpenSSL is compiled with the
658-
``no-ssl3`` option.
658+
``no-ssl3`` option, or with OpenSSL 4.0 or later.
659659

660660
.. warning::
661661

@@ -672,6 +672,7 @@ Constants
672672
.. data:: PROTOCOL_TLSv1
673673

674674
Selects TLS version 1.0 as the channel encryption protocol.
675+
This protocol is not available with OpenSSL 4.0 or later.
675676

676677
.. deprecated:: 3.6
677678

@@ -680,7 +681,7 @@ Constants
680681
.. data:: PROTOCOL_TLSv1_1
681682

682683
Selects TLS version 1.1 as the channel encryption protocol.
683-
Available only with openssl version 1.0.1+.
684+
Available only with OpenSSL version 1.0.1 through 3.x.
684685

685686
.. versionadded:: 3.4
686687

@@ -691,7 +692,7 @@ Constants
691692
.. data:: PROTOCOL_TLSv1_2
692693

693694
Selects TLS version 1.2 as the channel encryption protocol.
694-
Available only with openssl version 1.0.1+.
695+
Available only with OpenSSL version 1.0.1 through 3.x.
695696

696697
.. versionadded:: 3.4
697698

@@ -2037,7 +2038,7 @@ to speed up repeated connections from the same clients.
20372038

20382039
import socket, ssl
20392040

2040-
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
2041+
context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
20412042
context.verify_mode = ssl.CERT_REQUIRED
20422043
context.check_hostname = True
20432044
context.load_default_certs()

Lib/ssl.py

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -50,17 +50,14 @@
5050
CERT_REQUIRED - certificates are required, and will be validated, and
5151
if validation fails, the connection will also fail
5252
53-
The following constants identify various SSL protocol variants:
53+
The following constants identify various SSL protocol variants. Some legacy,
54+
version-specific protocol constants are only available when supported by the
55+
linked OpenSSL library:
5456
55-
PROTOCOL_SSLv2
56-
PROTOCOL_SSLv3
5757
PROTOCOL_SSLv23
5858
PROTOCOL_TLS
5959
PROTOCOL_TLS_CLIENT
6060
PROTOCOL_TLS_SERVER
61-
PROTOCOL_TLSv1
62-
PROTOCOL_TLSv1_1
63-
PROTOCOL_TLSv1_2
6461
6562
The following constants identify various SSL alert message descriptions as per
6663
http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6

0 commit comments

Comments
 (0)