➜
This issue trackerhas been migrated toGitHub, and is currentlyread-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.
Created on2019-06-28 14:29 bychristian.heimes, last changed2022-04-11 14:59 byadmin. This issue is nowclosed.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 14448 | merged | christian.heimes,2019-06-28 14:49 | |
| PR 14495 | merged | miss-islington,2019-07-01 06:32 | |
| PR 14496 | merged | miss-islington,2019-07-01 06:32 | |
| Messages (10) | |||
|---|---|---|---|
| msg346820 -(view) | Author: Christian Heimes (christian.heimes)* | Date: 2019-06-28 14:29 | |
httplib.client does not enable post-handshake authentication for TLS 1.3 connections. PHA is necessary for TLS 1.3 connections to servers that have conditional client cert authentication. For example Apache mod_ssl uses PHA when only certain paths or request methods require a client cert to authenticate a client.Since TLS 1.3 is enabled by default with OpenSSL 1.1.1 and TLS 1.3 is preferred over TLS 1.2, the lack of PHA extension breaks backwards compatibility. | |||
| msg346895 -(view) | Author: Ned Deily (ned.deily)* | Date: 2019-06-29 19:34 | |
Blocking 3.7.4 final pending resolution | |||
| msg346962 -(view) | Author: miss-islington (miss-islington) | Date: 2019-07-01 06:32 | |
New changesetd1bd6e79da1ee56dc1b902d804216ffd267399db by Miss Islington (bot) (Christian Heimes) in branch 'master':bpo-37440: Enable TLS 1.3 post-handshake auth in http.client (GH-14448)https://github.com/python/cpython/commit/d1bd6e79da1ee56dc1b902d804216ffd267399db | |||
| msg346967 -(view) | Author: miss-islington (miss-islington) | Date: 2019-07-01 07:07 | |
New changesetee72dda9616258b57c19eb5af00f3e80a3fb8e22 by Miss Islington (bot) in branch '3.8':[3.8]bpo-37440: Enable TLS 1.3 post-handshake auth in http.client (GH-14448) (GH-14495)https://github.com/python/cpython/commit/ee72dda9616258b57c19eb5af00f3e80a3fb8e22 | |||
| msg346968 -(view) | Author: miss-islington (miss-islington) | Date: 2019-07-01 07:07 | |
New changeset6be91102f75aa4b4b8c1e55960aa22008ff9e319 by Miss Islington (bot) in branch '3.7':[3.7]bpo-37440: Enable TLS 1.3 post-handshake auth in http.client (GH-14448) (GH-14496)https://github.com/python/cpython/commit/6be91102f75aa4b4b8c1e55960aa22008ff9e319 | |||
| msg347165 -(view) | Author: Ned Deily (ned.deily)* | Date: 2019-07-02 22:34 | |
New changesetf97eb883d8a29ee9718147b3631ebd2741273d9b by Ned Deily (Miss Islington (bot)) in branch '3.7':[3.7]bpo-37440: Enable TLS 1.3 post-handshake auth in http.client (GH-14448) (GH-14496)https://github.com/python/cpython/commit/f97eb883d8a29ee9718147b3631ebd2741273d9b | |||
| msg350287 -(view) | Author: Łukasz Langa (lukasz.langa)* | Date: 2019-08-23 14:03 | |
Should this be closed? | |||
| msg350657 -(view) | Author: Christian Heimes (christian.heimes)* | Date: 2019-08-28 05:21 | |
3.7 to 3.9 are fixed.Benjamin, do you want the fix in 2.7? | |||
| msg350702 -(view) | Author: Benjamin Peterson (benjamin.peterson)* | Date: 2019-08-29 02:03 | |
Yes, makes sense for 2.7, too. Thanks. | |||
| msg378778 -(view) | Author: Irit Katriel (iritkatriel)* | Date: 2020-10-16 22:49 | |
Can this be closed? 2.7 is no longer relevant. | |||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:17 | admin | set | github: 81621 |
| 2020-10-17 02:23:17 | benjamin.peterson | set | status: open -> closed resolution: fixed stage: patch review -> resolved |
| 2020-10-16 22:49:54 | iritkatriel | set | nosy: +iritkatriel messages: +msg378778 |
| 2019-08-29 02:03:54 | benjamin.peterson | set | messages: +msg350702 |
| 2019-08-28 05:21:29 | christian.heimes | set | priority: release blocker -> high messages: +msg350657 |
| 2019-08-23 14:03:06 | lukasz.langa | set | messages: +msg350287 |
| 2019-07-02 22:34:03 | ned.deily | set | messages: +msg347165 |
| 2019-07-01 07:07:55 | miss-islington | set | messages: +msg346968 |
| 2019-07-01 07:07:49 | miss-islington | set | messages: +msg346967 |
| 2019-07-01 06:32:41 | miss-islington | set | pull_requests: +pull_request14313 |
| 2019-07-01 06:32:35 | miss-islington | set | pull_requests: +pull_request14311 |
| 2019-07-01 06:32:28 | miss-islington | set | nosy: +miss-islington messages: +msg346962 |
| 2019-06-30 09:53:53 | The Compiler | set | nosy: +The Compiler |
| 2019-06-29 19:34:56 | ned.deily | set | messages: +msg346895 |
| 2019-06-29 19:33:34 | ned.deily | set | priority: deferred blocker -> release blocker nosy: +lukasz.langa,benjamin.peterson |
| 2019-06-28 14:49:08 | christian.heimes | set | keywords: +patch stage: patch review pull_requests: +pull_request14264 |
| 2019-06-28 14:44:25 | christian.heimes | set | dependencies: +SSLContext.post_handshake_auth implicitly enables cert validation |
| 2019-06-28 14:29:05 | christian.heimes | create | |