From ac3065ed54db922905251980ff3d78df8b8e8254 Mon Sep 17 00:00:00 2001 From: "Asif Saif Uddin (Auvi)" Date: Tue, 19 Jan 2021 20:45:39 +0600 Subject: changlog entry for 5.0.3 --- Changelog | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/Changelog b/Changelog index 71932c6..587c94e 100644 --- a/Changelog +++ b/Changelog @@ -5,6 +5,35 @@ py-amqp is fork of amqplib used by Kombu containing additional features and impr The previous amqplib changelog is here: http://code.google.com/p/py-amqplib/source/browse/CHANGES +.. _version-5.0.3: + +5.0.3 +===== +:release-date: 2021-01-19 9:00 P.M UTC+6:00 +:release-by: Asif Saif Uddin + +- Change the default value of ssl_version to None. When not set, the + proper value between ssl.PROTOCOL_TLS_CLIENT and ssl.PROTOCOL_TLS_SERVER + will be selected based on the param server_side in order to create + a TLS Context object with better defaults that fit the desired + connection side. + +- Change the default value of cert_reqs to None. The default value + of ctx.verify_mode is ssl.CERT_NONE, but when ssl.PROTOCOL_TLS_CLIENT + is used, ctx.verify_mode defaults to ssl.CERT_REQUIRED. + +- Fix context.check_hostname logic. Checking the hostname depends on + having support of the SNI TLS extension and being provided with a + server_hostname value. Another important thing to mention is that + enabling hostname checking automatically sets verify_mode from + ssl.CERT_NONE to ssl.CERT_REQUIRED in the stdlib ssl and it cannot + be set back to ssl.CERT_NONE as long as hostname checking is enabled. + +- Refactor the SNI tests to test one thing at a time and removing some + tests that were being repeated over and over. + + + .. _version-5.0.2: 5.0.2 -- cgit v1.2.1