time bytes are received or sent. The socket timeout is now the maximum total
duration of the method.
This change fixes a denial of service if the application is regulary
interrupted by a signal and the signal handler does not raise an exception.
* Rename check_socket_and_wait_for_timeout() to PySSL_select()
* PySSL_select() is now clearly splitted betwen poll() and select()
* Add empty lines for readability
inside subjectAltName correctly. Formerly the module has used OpenSSL's
GENERAL_NAME_print() function to get the string represention of ASN.1
strings for rfc822Name (email), dNSName (DNS) and
uniformResourceIdentifier (URI).
inside subjectAltName correctly. Formerly the module has used OpenSSL's
GENERAL_NAME_print() function to get the string represention of ASN.1
strings for rfc822Name (email), dNSName (DNS) and
uniformResourceIdentifier (URI).
the input string in longer than 2 gigabytes, and
ssl.SSLContext.load_cert_chain() raises a ValueError if the password is longer
than 2 gigabytes. The ssl module does not support partial write.
string in longer than 2 gigabytes, and ssl.SSLContext.load_cert_chain() raises
a ValueError if the password is longer than 2 gigabytes. The ssl module does
not support partial write.
The str() of a SSLError is also enhanced accordingly.
NOTE: this commit creates a reference leak. The leak seems tied to the
use of PyType_FromSpec() to create the SSLError type. The leak is on the
type object when it is instantiated:
>>> e = ssl.SSLError()
>>> sys.getrefcount(ssl.SSLError)
35
>>> e = ssl.SSLError()
>>> sys.getrefcount(ssl.SSLError)
36
>>> e = ssl.SSLError()
>>> sys.getrefcount(ssl.SSLError)
37
to get channel binding data for the current SSL session (only the
"tls-unique" channel binding is implemented). This allows the
implementation of certain authentication mechanisms such as SCRAM-SHA-1-PLUS.
Patch by Jacek Konieczny.
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.
Optimize also ssl.get_protocol_name(): speed does matter!
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.
Optimize also ssl.get_protocol_name(): speed does matter!
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.
Optimize also ssl.get_protocol_name(): speed does matter!
svn+ssh://pythondev@svn.python.org/python/branches/py3k
................
r82211 | antoine.pitrou | 2010-06-25 02:07:34 +0200 (ven., 25 juin 2010) | 10 lines
Merged revisions 82210 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r82210 | antoine.pitrou | 2010-06-25 02:03:21 +0200 (ven., 25 juin 2010) | 4 lines
Issue #9075: In the ssl module, remove the setting of a `debug` flag
on an OpenSSL structure.
........
................
svn+ssh://pythondev@svn.python.org/python/trunk
........
r82210 | antoine.pitrou | 2010-06-25 02:03:21 +0200 (ven., 25 juin 2010) | 4 lines
Issue #9075: In the ssl module, remove the setting of a `debug` flag
on an OpenSSL structure.
........
svn+ssh://pythondev@svn.python.org/python/branches/py3k
........
r82204 | antoine.pitrou | 2010-06-25 00:34:04 +0200 (ven., 25 juin 2010) | 5 lines
Issue #8682: The ssl module now temporary increments the reference count of
a socket object got through `PyWeakref_GetObject`, so as to avoid possible
deallocation while the object is still being used.
........
svn+ssh://pythondev@svn.python.org/python/branches/py3k
................
r81242 | antoine.pitrou | 2010-05-17 01:14:22 +0200 (lun., 17 mai 2010) | 10 lines
Merged revisions 81241 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r81241 | antoine.pitrou | 2010-05-17 01:11:46 +0200 (lun., 17 mai 2010) | 4 lines
Clear the OpenSSL error queue each time an error is signalled.
When the error queue is not emptied, strange things can happen on the next SSL call, depending on the OpenSSL version.
........
................
svn+ssh://pythondev@svn.python.org/python/trunk
........
r81241 | antoine.pitrou | 2010-05-17 01:11:46 +0200 (lun., 17 mai 2010) | 4 lines
Clear the OpenSSL error queue each time an error is signalled.
When the error queue is not emptied, strange things can happen on the next SSL call, depending on the OpenSSL version.
........
svn+ssh://pythondev@svn.python.org/python/branches/py3k
................
r80454 | antoine.pitrou | 2010-04-24 23:26:44 +0200 (sam., 24 avril 2010) | 15 lines
Merged revisions 80451-80452 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r80451 | antoine.pitrou | 2010-04-24 21:57:01 +0200 (sam., 24 avril 2010) | 4 lines
The do_handshake() method of SSL objects now adjusts the blocking mode of
the SSL structure if necessary (as other methods already do).
........
r80452 | antoine.pitrou | 2010-04-24 22:04:58 +0200 (sam., 24 avril 2010) | 4 lines
Issue #5103: SSL handshake would ignore the socket timeout and block
indefinitely if the other end didn't respond.
........
................
svn+ssh://pythondev@svn.python.org/python/trunk
........
r80451 | antoine.pitrou | 2010-04-24 21:57:01 +0200 (sam., 24 avril 2010) | 4 lines
The do_handshake() method of SSL objects now adjusts the blocking mode of
the SSL structure if necessary (as other methods already do).
........
r80452 | antoine.pitrou | 2010-04-24 22:04:58 +0200 (sam., 24 avril 2010) | 4 lines
Issue #5103: SSL handshake would ignore the socket timeout and block
indefinitely if the other end didn't respond.
........
svn+ssh://pythondev@svn.python.org/python/branches/py3k
................
r80394 | antoine.pitrou | 2010-04-23 02:16:21 +0200 (ven., 23 avril 2010) | 15 lines
Merged revisions 80392 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r80392 | antoine.pitrou | 2010-04-23 01:33:02 +0200 (ven., 23 avril 2010) | 9 lines
Issue #8108: Fix the unwrap() method of SSL objects when the socket has
a non-infinite timeout. Also make that method friendlier with applications
wanting to continue using the socket in clear-text mode, by disabling
OpenSSL's internal readahead. Thanks to Darryl Miles for guidance.
Issue #8108: test_ftplib's non-blocking SSL server now has proper handling
of SSL shutdowns.
........
................
svn+ssh://pythondev@svn.python.org/python/trunk
........
r80392 | antoine.pitrou | 2010-04-23 01:33:02 +0200 (ven., 23 avril 2010) | 9 lines
Issue #8108: Fix the unwrap() method of SSL objects when the socket has
a non-infinite timeout. Also make that method friendlier with applications
wanting to continue using the socket in clear-text mode, by disabling
OpenSSL's internal readahead. Thanks to Darryl Miles for guidance.
Issue #8108: test_ftplib's non-blocking SSL server now has proper handling
of SSL shutdowns.
........
svn+ssh://pythondev@svn.python.org/python/branches/py3k
................
r80317 | antoine.pitrou | 2010-04-21 21:46:23 +0200 (mer., 21 avril 2010) | 15 lines
Merged revisions 80314-80315 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r80314 | antoine.pitrou | 2010-04-21 21:28:03 +0200 (mer., 21 avril 2010) | 5 lines
Issue #8484: Load all ciphers and digest algorithms when initializing
the _ssl extension, such that verification of some SSL certificates
doesn't fail because of an "unknown algorithm".
........
r80315 | antoine.pitrou | 2010-04-21 21:36:23 +0200 (mer., 21 avril 2010) | 3 lines
Forgot to add the sample certificate (followup to r80314)
........
................
svn+ssh://pythondev@svn.python.org/python/trunk
........
r80314 | antoine.pitrou | 2010-04-21 21:28:03 +0200 (mer., 21 avril 2010) | 5 lines
Issue #8484: Load all ciphers and digest algorithms when initializing
the _ssl extension, such that verification of some SSL certificates
doesn't fail because of an "unknown algorithm".
........
r80315 | antoine.pitrou | 2010-04-21 21:36:23 +0200 (mer., 21 avril 2010) | 3 lines
Forgot to add the sample certificate (followup to r80314)
........
svn+ssh://pythondev@svn.python.org/python/trunk
........
r80151 | antoine.pitrou | 2010-04-17 19:10:38 +0200 (sam., 17 avril 2010) | 4 lines
Issue #8322: Add a *ciphers* argument to SSL sockets, so as to change the
available cipher list. Helps fix test_ssl with OpenSSL 1.0.0.
........
svn+ssh://pythondev@svn.python.org/python/trunk
........
r79812 | antoine.pitrou | 2010-04-05 23:35:07 +0200 (lun., 05 avril 2010) | 5 lines
Issue #8321: Give access to OpenSSL version numbers from the `ssl` module,
using the new attributes `ssl.OPENSSL_VERSION`, `ssl.OPENSSL_VERSION_INFO`
and `ssl.OPENSSL_VERSION_NUMBER`.
........
svn+ssh://pythondev@svn.python.org/python/trunk
........
r79448 | antoine.pitrou | 2010-03-26 20:27:16 +0100 (ven., 26 mars 2010) | 6 lines
Issue #8222: Enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that blocking
reads and writes are always retried by OpenSSL itself.
(this is a followup to issue #3890)
........
svn+ssh://pythondev@svn.python.org/python/branches/py3k
................
r78598 | victor.stinner | 2010-03-02 23:48:17 +0100 (mar., 02 mars 2010) | 11 lines
Merged revisions 78596 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r78596 | victor.stinner | 2010-03-02 23:44:42 +0100 (mar., 02 mars 2010) | 4 lines
Issue #2973: Fix gcc warning on the 2nd argument of ASN1_item_d2i() and
method->d2i(): OpenSSL API changed in OpenSSL 0.9.6m. Patch written by Daniel
Black.
........
................
svn+ssh://pythondev@svn.python.org/python/trunk
........
r78596 | victor.stinner | 2010-03-02 23:44:42 +0100 (mar., 02 mars 2010) | 4 lines
Issue #2973: Fix gcc warning on the 2nd argument of ASN1_item_d2i() and
method->d2i(): OpenSSL API changed in OpenSSL 0.9.6m. Patch written by Daniel
Black.
........
svn+ssh://pythondev@svn.python.org/python/branches/py3k
................
r73623 | benjamin.peterson | 2009-06-28 12:22:03 -0500 (Sun, 28 Jun 2009) | 58 lines
Merged revisions 73004,73439,73496,73509,73529,73564,73576-73577,73595-73596,73605 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r73004 | jeffrey.yasskin | 2009-05-28 22:44:31 -0500 (Thu, 28 May 2009) | 5 lines
Fix nearly all compilation warnings under Apple gcc-4.0. Tested with OPT="-g
-Wall -Wstrict-prototypes -Werror" in both --with-pydebug mode and --without.
There's still a batch of non-prototype warnings in Xlib.h that I don't know how
to fix.
........
r73439 | benjamin.peterson | 2009-06-15 19:29:31 -0500 (Mon, 15 Jun 2009) | 1 line
don't mask encoding errors when decoding a string #6289
........
r73496 | vinay.sajip | 2009-06-21 12:37:27 -0500 (Sun, 21 Jun 2009) | 1 line
Issue #6314: logging.basicConfig() performs extra checks on the "level" argument.
........
r73509 | amaury.forgeotdarc | 2009-06-22 14:33:48 -0500 (Mon, 22 Jun 2009) | 2 lines
#4490 Fix sample code run by "python -m xml.sax.xmlreader"
........
r73529 | r.david.murray | 2009-06-23 13:02:46 -0500 (Tue, 23 Jun 2009) | 4 lines
Fix issue 5230 by having pydoc's safeimport check to see if the import
error was thrown from itself in order to decide if the module can't be
found. Thanks to Lucas Prado Melo for collaborating on the fix and tests.
........
r73564 | amaury.forgeotdarc | 2009-06-25 17:29:29 -0500 (Thu, 25 Jun 2009) | 6 lines
#2016 Fix a crash in function call when the **kwargs dictionary is mutated
during the function call setup.
This even gives a slight speedup, probably because tuple allocation
is faster than PyMem_NEW.
........
r73576 | benjamin.peterson | 2009-06-26 18:37:06 -0500 (Fri, 26 Jun 2009) | 1 line
document is_declared_global()
........
r73577 | benjamin.peterson | 2009-06-27 09:16:23 -0500 (Sat, 27 Jun 2009) | 1 line
link to extensive generator docs in the reference manual
........
r73595 | ezio.melotti | 2009-06-27 18:45:39 -0500 (Sat, 27 Jun 2009) | 1 line
stmt and setup can contain multiple statements, see #5896
........
r73596 | ezio.melotti | 2009-06-27 19:07:45 -0500 (Sat, 27 Jun 2009) | 1 line
Fixed a wrong apostrophe
........
r73605 | georg.brandl | 2009-06-28 07:10:18 -0500 (Sun, 28 Jun 2009) | 1 line
Remove stray pychecker directive.
........
................
r73624 | benjamin.peterson | 2009-06-28 12:32:20 -0500 (Sun, 28 Jun 2009) | 1 line
document BufferedIOBase.raw and TextIOBase.buffer
................
svn+ssh://pythondev@svn.python.org/python/trunk
........
r73004 | jeffrey.yasskin | 2009-05-28 22:44:31 -0500 (Thu, 28 May 2009) | 5 lines
Fix nearly all compilation warnings under Apple gcc-4.0. Tested with OPT="-g
-Wall -Wstrict-prototypes -Werror" in both --with-pydebug mode and --without.
There's still a batch of non-prototype warnings in Xlib.h that I don't know how
to fix.
........
r73439 | benjamin.peterson | 2009-06-15 19:29:31 -0500 (Mon, 15 Jun 2009) | 1 line
don't mask encoding errors when decoding a string #6289
........
r73496 | vinay.sajip | 2009-06-21 12:37:27 -0500 (Sun, 21 Jun 2009) | 1 line
Issue #6314: logging.basicConfig() performs extra checks on the "level" argument.
........
r73509 | amaury.forgeotdarc | 2009-06-22 14:33:48 -0500 (Mon, 22 Jun 2009) | 2 lines
#4490 Fix sample code run by "python -m xml.sax.xmlreader"
........
r73529 | r.david.murray | 2009-06-23 13:02:46 -0500 (Tue, 23 Jun 2009) | 4 lines
Fix issue 5230 by having pydoc's safeimport check to see if the import
error was thrown from itself in order to decide if the module can't be
found. Thanks to Lucas Prado Melo for collaborating on the fix and tests.
........
r73564 | amaury.forgeotdarc | 2009-06-25 17:29:29 -0500 (Thu, 25 Jun 2009) | 6 lines
#2016 Fix a crash in function call when the **kwargs dictionary is mutated
during the function call setup.
This even gives a slight speedup, probably because tuple allocation
is faster than PyMem_NEW.
........
r73576 | benjamin.peterson | 2009-06-26 18:37:06 -0500 (Fri, 26 Jun 2009) | 1 line
document is_declared_global()
........
r73577 | benjamin.peterson | 2009-06-27 09:16:23 -0500 (Sat, 27 Jun 2009) | 1 line
link to extensive generator docs in the reference manual
........
r73595 | ezio.melotti | 2009-06-27 18:45:39 -0500 (Sat, 27 Jun 2009) | 1 line
stmt and setup can contain multiple statements, see #5896
........
r73596 | ezio.melotti | 2009-06-27 19:07:45 -0500 (Sat, 27 Jun 2009) | 1 line
Fixed a wrong apostrophe
........
r73605 | georg.brandl | 2009-06-28 07:10:18 -0500 (Sun, 28 Jun 2009) | 1 line
Remove stray pychecker directive.
........
PyUnicode_AsStringAndSize -> _PyUnicode_AsStringAndSize to mark
them for interpreter internal use only.
We'll have to rework these APIs or create new ones for the
purpose of accessing the UTF-8 representation of Unicode objects
for 3.1.
Otherwise dir(_sre.SRE_Match) returns an empty list.
First step: handle most occurrences, remove tp_getattr and fill the tp_methods and tp_members slots.
Add some test about attribute access.
svn+ssh://pythondev@svn.python.org/python/trunk
........
r61964 | benjamin.peterson | 2008-03-27 01:25:33 +0100 (Thu, 27 Mar 2008) | 2 lines
add commas for introductory clauses
........
r61965 | christian.heimes | 2008-03-27 02:36:21 +0100 (Thu, 27 Mar 2008) | 1 line
Hopefully added _fileio module to the Windows build system
........
r61966 | christian.heimes | 2008-03-27 02:38:47 +0100 (Thu, 27 Mar 2008) | 1 line
Revert commit accident
........
r61967 | neal.norwitz | 2008-03-27 04:49:54 +0100 (Thu, 27 Mar 2008) | 3 lines
Fix bytes so it works on 64-bit platforms.
(Also remove some #if 0 code that is already handled in _getbytevalue.)
........
r61968 | neal.norwitz | 2008-03-27 05:40:07 +0100 (Thu, 27 Mar 2008) | 1 line
Fix memory leaks
........
r61969 | neal.norwitz | 2008-03-27 05:40:50 +0100 (Thu, 27 Mar 2008) | 3 lines
Fix warnings about using char as an array subscript. This is not portable
since char is signed on some platforms and unsigned on others.
........
r61970 | neal.norwitz | 2008-03-27 06:02:57 +0100 (Thu, 27 Mar 2008) | 1 line
Fix test_compiler after adding unicode_literals
........
r61971 | neal.norwitz | 2008-03-27 06:03:11 +0100 (Thu, 27 Mar 2008) | 1 line
Fix compiler warnings
........
r61972 | neal.norwitz | 2008-03-27 07:52:01 +0100 (Thu, 27 Mar 2008) | 1 line
Pluralss only need one s, not 2 (intss -> ints)
........
r61973 | christian.heimes | 2008-03-27 10:02:33 +0100 (Thu, 27 Mar 2008) | 1 line
Quick 'n dirty hack: Increase the magic by 2 to force a rebuild of pyc/pyo files on the build bots
........
r61974 | eric.smith | 2008-03-27 10:42:35 +0100 (Thu, 27 Mar 2008) | 3 lines
Added test cases for single quoted strings, both forms of triple quotes,
and some string concatenations.
Removed unneeded __future__ print_function import.
........
r61975 | christian.heimes | 2008-03-27 11:35:52 +0100 (Thu, 27 Mar 2008) | 1 line
Build bots are working again - removing the hack
........
r61976 | christian.heimes | 2008-03-27 12:46:37 +0100 (Thu, 27 Mar 2008) | 2 lines
Fixed tokenize tests
The tokenize module doesn't understand __future__.unicode_literals yet
........
r61977 | georg.brandl | 2008-03-27 14:27:31 +0100 (Thu, 27 Mar 2008) | 2 lines
#2248: return result of QUIT from quit().
........
r61978 | georg.brandl | 2008-03-27 14:34:59 +0100 (Thu, 27 Mar 2008) | 2 lines
The bug for which there was a test in outstanding_bugs.py was agreed not to be a bug.
........
r61979 | amaury.forgeotdarc | 2008-03-28 00:23:54 +0100 (Fri, 28 Mar 2008) | 5 lines
Issue2495: tokenize.untokenize did not insert space between two consecutive string literals:
"" "" => """", which is invalid code.
Will backport
........
svn+ssh://pythondev@svn.python.org/python/trunk
........
r60355 | neal.norwitz | 2008-01-27 18:10:14 +0100 (Sun, 27 Jan 2008) | 1 line
Whitespace cleanup
........
r60356 | neal.norwitz | 2008-01-27 18:10:29 +0100 (Sun, 27 Jan 2008) | 1 line
Add assertion that we do not blow out newl
........
r60357 | neal.norwitz | 2008-01-27 18:10:35 +0100 (Sun, 27 Jan 2008) | 1 line
Initialize variable to prevent warning on some platform/config.
........
r60358 | neal.norwitz | 2008-01-27 18:10:43 +0100 (Sun, 27 Jan 2008) | 1 line
Update to newer version of ffi. Fixes crashes and test failures of longdouble
........
r60359 | neal.norwitz | 2008-01-27 18:10:50 +0100 (Sun, 27 Jan 2008) | 1 line
Add a tiny sleep and additional flush to force the file to really be synced.
........
r60360 | neal.norwitz | 2008-01-27 18:10:58 +0100 (Sun, 27 Jan 2008) | 1 line
Retry connection in case it fails to reduce flakiness
........
r60361 | neal.norwitz | 2008-01-27 18:11:11 +0100 (Sun, 27 Jan 2008) | 4 lines
Catch socket errors that are often the cause of transient failures.
Many of these exceptions are due to resource unavailable, so the
existing code should be able to handle many more spurious errors.
........
r60362 | neal.norwitz | 2008-01-27 18:12:15 +0100 (Sun, 27 Jan 2008) | 1 line
Reduce buffer size since we do not need 1k
........
r60363 | neal.norwitz | 2008-01-27 18:13:07 +0100 (Sun, 27 Jan 2008) | 1 line
Print periodic "still working" messages since this suite is slow.
........