* bpo-40791: Make compare_digest more constant-time.
The existing volatile `left`/`right` pointers guarantee that the reads will all occur, but does not guarantee that they will be _used_. So a compiler can still short-circuit the loop, saving e.g. the overhead of doing the xors and especially the overhead of the data dependency between `result` and the reads. That would change performance depending on where the first unequal byte occurs. This change removes that optimization.
(This is change GH-1 from https://bugs.python.org/issue40791 .)
(cherry picked from commit 31729366e2)
Co-authored-by: Devin Jeanpierre <jeanpierreda@google.com>
bpo-41686, bpo-41713: On Windows, the SIGINT event,
_PyOS_SigintEvent(), is now created even if Python is configured to
not install signal handlers (PyConfig.install_signal_handlers=0 or
Py_InitializeEx(0)).
(cherry picked from commit 05a5d697f4)
* When the parameters argument is a list, correctly handle the case
of changing it during iteration.
* When the parameters argument is a custom sequence, no longer
override an exception raised in ``__len__()``.
(cherry picked from commit 0b419b7910)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Use wide-char _W_* fields of lconv structure on Windows
Remove "ps_AF" from test__locale.known_numerics on Windows
(cherry picked from commit f2312037e3)
Co-authored-by: TIGirardi <tiagoigirardi@gmail.com>
[bpo-31122](): ssl.wrap_socket() now raises ssl.SSLEOFError rather than OSError when peer closes connection during TLS negotiation
Reproducer: http://tiny.cc/f4ztnz (tiny url because some bot keeps renaming b.p.o.-nnn as bpo links)
(cherry picked from commit 495bd03566)
Co-authored-by: Dima Tisnek <dimaqq@gmail.com>
Define UNUSED only when mpdecimal.h doesn't define it. This would support
building with system libmpdec 2.5 while retaining compatibility with system
libmpdec 2.4 or the vendored copy.
Tested to build fine with either system libmpdec or the vendored one.
The running loop holder cache variable was always set to NULL when
calling set_running_loop.
Now set_running_loop saves the newly created running loop holder in the
cache variable for faster access in get_running_loop.
Also enables using debug build of `python3_d.dll`
Reference: CVE-2020-15523
(cherry picked from commit dcbaa1b49c)
Co-authored-by: Steve Dower <steve.dower@python.org>
Fix integer overflow in the :meth:`array.array.index` method on 64-bit Windows
for index larger than ``2**31``.
(cherry picked from commit 1d3dad5f96)
Co-authored-by: WildCard65 <WildCard65@users.noreply.github.com>
* bpo-40826: Fix GIL usage in PyOS_Readline() (GH-20579)
Fix GIL usage in PyOS_Readline(): lock the GIL to set an exception.
Pass tstate to my_fgets() and _PyOS_WindowsConsoleReadline(). Cleanup
these functions.
(cherry picked from commit c353764fd5)
* bpo-40826: Add _PyOS_InterruptOccurred(tstate) function (GH-20599)
my_fgets() now calls _PyOS_InterruptOccurred(tstate) to check for
pending signals, rather calling PyOS_InterruptOccurred().
my_fgets() is called with the GIL released, whereas
PyOS_InterruptOccurred() must be called with the GIL held.
test_repl: use text=True and avoid SuppressCrashReport in
test_multiline_string_parsing().
Fix my_fgets() on Windows: fgets(fp) does crash if fileno(fp) is closed.
(cherry picked from commit fa7ab6aa0f)
Fix :mod:`ssl`` code to be compatible with OpenSSL 1.1.x builds that use
``no-deprecated`` and ``--api=1.1.0``.
Note: Tests assume full OpenSSL API and fail with limited API.
Signed-off-by: Christian Heimes <christian@python.org>
Co-authored-by: Mark Wright <gienah@gentoo.org>
(cherry picked from commit a871f692b4)
Co-authored-by: Christian Heimes <christian@python.org>
If ctypes fails to convert the result of a callback or if a ctypes
callback function raises an exception, sys.unraisablehook is now
called with an exception set. Previously, the error was logged into
stderr by PyErr_Print().
(cherry picked from commit 10228bad04)
Co-authored-by: Victor Stinner <vstinner@python.org>
ctypes now raises an ArgumentError when a callback
is invoked with more than 1024 arguments.
The ctypes module allocates arguments on the stack in
ctypes_callproc() using alloca(), which is problematic
when large numbers of arguments are passed. Instead
of a stack overflow, this commit raises an ArgumentError
if more than 1024 parameters are passed.
(cherry picked from commit 29a1384c04)
Co-authored-by: Sean Gillespie <sean@swgillespie.me>
This allows building with older versions of the Windows SDK where the value is not defined.
(cherry picked from commit 711f9e180a)
Co-authored-by: Minmin Gong <gongminmin@msn.com>
Ifdef is not necessary, as AF_INET6 is supported from Windows Vista, and other code in overlapped.c uses AF_INET6 and is not ifdef'd.
Change the raised exception so users are not fooled to think it comes from Windows API.
Automerge-Triggered-By: @njsmith
(cherry picked from commit 442634c42f)
Co-authored-by: Kjell Braden <afflux@pentabarf.de>
OpenSSL can be build without support for TLS 1.0 and 1.1. The ssl module
now correctly adheres to OPENSSL_NO_TLS1 and OPENSSL_NO_TLS1_1 flags.
Also update multissltest to test with latest OpenSSL and LibreSSL
releases.
Signed-off-by: Christian Heimes <christian@python.org>
Automerge-Triggered-By: @tiran
(cherry picked from commit 6e8cda91d9)
Co-authored-by: Christian Heimes <christian@python.org>
This fixes a possible memory leak in the C implementation of
asyncio.Task.
(cherry picked from commit d2c349b190)
Co-authored-by: Chris Jerdonek <chris.jerdonek@gmail.com>
I updated the error codes using the OpenSSL 1.1.1f source tree.
(cherry picked from commit 3e0dd3730b)
Co-authored-by: Benjamin Peterson <benjamin@python.org>
Fix os.getgrouplist(): if getgrouplist() function fails because the
group list is too small, retry with a larger group list.
On failure, the glibc implementation of getgrouplist() sets ngroups
to the total number of groups. For other implementations, double the
group list size.
(cherry picked from commit f5c7cabb2b)
Co-authored-by: Victor Stinner <vstinner@python.org>
Miss Islington (bot)
Victor Stinner
Jakub Stasiak
Jakub Kulík
Thomas Grainger
Felix Yan
Tony Solomonik
scoder
Guido van Rossum
Anthony Sottile
Stefan Krah
Tal Einat
Zackery Spytz
Christian Heimes
Serhiy Storchaka