[3.7] bpo-33618: Enable TLS 1.3 in tests (GH-7079) (GH-7082)
TLS 1.3 behaves slightly different than TLS 1.2. Session tickets and TLS
client cert auth are now handled after the initialy handshake. Tests now
either send/recv data to trigger session and client certs. Or tests
ignore ConnectionResetError / BrokenPipeError on the server side to
handle clients that force-close the socket fd.
To test TLS 1.3, OpenSSL 1.1.1-pre7-dev (git master + OpenSSL PR
https://github.com/openssl/openssl/pull/6340) is required.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 529525fb5a8fd9b96ab4021311a598c77588b918)
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst
index 2ccea13..14eac2c 100644
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@@ -2587,7 +2587,33 @@
:func:`~ssl.RAND_pseudo_bytes` is sufficient.
-.. ssl-libressl:
+.. _ssl-tlsv1_3:
+
+TLS 1.3
+-------
+
+.. versionadded:: 3.7
+
+Python has provisional and experimental support for TLS 1.3 with OpenSSL
+1.1.1. The new protocol behaves slightly differently than previous version
+of TLS/SSL. Some new TLS 1.3 features are not yet available.
+
+- TLS 1.3 uses a disjunct set of cipher suites. All AES-GCM and
+ ChaCha20 cipher suites are enabled by default. The method
+ :meth:`SSLContext.set_ciphers` cannot enable or disable any TLS 1.3
+ ciphers yet, but :meth:`SSLContext.get_cipers` returns them.
+- Session tickets are no longer sent as part of the initial handshake and
+ are handled differently. :attr:`SSLSocket.session` and :class:`SSLSession`
+ are not compatible with TLS 1.3.
+- Client-side certificates are also no longer verified during the initial
+ handshake. A server can request a certificate at any time. Clients
+ process certificate requests while they send or receive application data
+ from the server.
+- TLS 1.3 features like early data, deferred TLS client cert request,
+ signature algorithm configuration, and rekeying are not supported yet.
+
+
+.. _ssl-libressl:
LibreSSL support
----------------