@@ -69,6 +69,37 @@ New, Improved, and Deprecated Modules
6969* The :class: `ftplib.FTP ` class now supports the context manager protocol
7070 (Contributed by Tarek Ziadé and Giampaolo Rodolà; :issue: `4972 `.)
7171
72+ * The :mod: `ssl ` module has a new class, :class: `~ssl.SSLContext ` which
73+ serves as a container for various persistent SSL data, such as protocol
74+ settings, certificates, private keys, and various other options.
75+ The :meth: `~ssl.SSLContext.wrap_socket ` method allows to create an
76+ SSL socket from such an SSL context.
77+ (Added by Antoine Pitrou; :issue: `8550 `.)
78+
79+ The :func: `ssl.wrap_socket ` constructor function now takes a
80+ *ciphers * argument that's a string listing the encryption algorithms
81+ to be allowed; the format of the string is described
82+ `in the OpenSSL documentation
83+ <http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT> `__.
84+ (Added by Antoine Pitrou; :issue: `8322 `.)
85+
86+ Various options have been added to the :mod: `ssl ` module, such as
87+ :data: `~ssl.OP_NO_SSLv2 ` which allows to force disabling of the insecure
88+ and obsolete SSLv2 protocol.
89+ (Added by Antoine Pitrou; :issue: `4870 `.)
90+
91+ Another change makes the extension load all of OpenSSL's ciphers and
92+ digest algorithms so that they're all available. Some SSL
93+ certificates couldn't be verified, reporting an "unknown algorithm"
94+ error. (Reported by Beda Kosata, and fixed by Antoine Pitrou;
95+ :issue: `8484 `.)
96+
97+ The version of OpenSSL being used is now available as the module
98+ attributes :data: `ssl.OPENSSL_VERSION ` (a string),
99+ :data: `ssl.OPENSSL_VERSION_INFO ` (a 5-tuple), and
100+ :data: `ssl.OPENSSL_VERSION_NUMBER ` (an integer). (Added by Antoine
101+ Pitrou; :issue: `8321 `.)
102+
72103* The previously deprecated :func: `string.maketrans ` function has been
73104 removed in favor of the static methods, :meth: `bytes.maketrans ` and
74105 :meth: `bytearray.maketrans `. This change solves the confusion around which
0 commit comments