[Python-checkins] cpython (2.7): Issue #19508: warn that ssl doesn't validate certificates by default
antoine.pitrou
python-checkins at python.org
Sun Nov 17 15:43:05 CET 2013
http://hg.python.org/cpython/rev/a197b3c3b2c9
changeset: 87204:a197b3c3b2c9
branch: 2.7
parent: 87200:1479ba6bc511
user: Antoine Pitrou <solipsis at pitrou.net>
date: Sun Nov 17 15:42:58 2013 +0100
summary:
Issue #19508: warn that ssl doesn't validate certificates by default
files:
Doc/library/ssl.rst | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@@ -31,6 +31,10 @@
cause variations in behavior.
.. warning::
+ The ssl module won't validate certificates by default. When used in
+ client mode, this means you are vulnerable to man-in-the-middle attacks.
+
+.. warning::
OpenSSL's internal random number generator does not properly handle fork.
Applications must change the PRNG state of the parent process if they use
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list