diff options
author | Christian Heimes <christian@python.org> | 2018-02-24 22:12:40 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-02-24 22:12:40 +0100 |
commit | 6cdb7954b0a578d899e4b78b868ea59eef08480a (patch) | |
tree | 8e84ffb724490814d5d01858162bfde792646f59 /Doc/library/ssl.rst | |
parent | 141c5e8c2437a9fed95a04c81e400ef725592a17 (diff) | |
download | cpython-git-6cdb7954b0a578d899e4b78b868ea59eef08480a.tar.gz |
bpo-30622: Improve NPN support detection (#5859)
The ssl module now detects missing NPN support in LibreSSL.
Co-Authored-By: Bernard Spil <brnrd@FreeBSD.org>
Signed-off-by: Christian Heimes <christian@python.org>
Diffstat (limited to 'Doc/library/ssl.rst')
-rw-r--r-- | Doc/library/ssl.rst | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index 4cad9f667c..7371024dce 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -2434,6 +2434,23 @@ successful call of :func:`~ssl.RAND_add`, :func:`~ssl.RAND_bytes` or :func:`~ssl.RAND_pseudo_bytes` is sufficient. +.. ssl-libressl: + +LibreSSL support +---------------- + +LibreSSL is a fork of OpenSSL 1.0.1. The ssl module has limited support for +LibreSSL. Some features are not available when the ssl module is compiled +with LibreSSL. + +* LibreSSL >= 2.6.1 no longer supports NPN. The methods + :meth:`SSLContext.set_npn_protocols` and + :meth:`SSLSocket.selected_npn_protocol` are not available. +* :meth:`SSLContext.set_default_verify_paths` ignores the env vars + :envvar:`SSL_CERT_FILE` and :envvar:`SSL_CERT_PATH` although + :func:`get_default_verify_paths` still reports them. + + .. seealso:: Class :class:`socket.socket` |