The ctypes module used to depend on indirect linking for dlopen. The shared
extension is now explicitly linked against libdl on platforms with dl.
Signed-off-by: Christian Heimes <christian@python.org>
bpo-31399: Let OpenSSL verify hostname and IP
The ssl module now uses OpenSSL's X509_VERIFY_PARAM_set1_host() and
X509_VERIFY_PARAM_set1_ip() API to verify hostname and IP addresses.
* Remove match_hostname calls
* Check for libssl with set1_host, libssl must provide X509_VERIFY_PARAM_set1_host()
* Add documentation for OpenSSL 1.0.2 requirement
* Don't support OpenSSL special mode with a leading dot, e.g. ".example.org" matches "www.example.org". It's not standard conform.
* Add hostname_checks_common_name
Signed-off-by: Christian Heimes <christian@python.org>
Add https://www.gnu.org/software/autoconf-archive/ax_check_openssl.html
to auto-detect compiler flags, linker flags and libraries to compile
OpenSSL extensions. The M4 macro uses pkg-config and falls back to
manual detection.
Add autoconf magic to detect usable X509_VERIFY_PARAM_set1_host()
and related functions.
Refactor setup.py to use new config vars to compile _ssl and _hashlib
modules.
Signed-off-by: Christian Heimes <christian@python.org>
* Fix multiple typos in code comments
* Add spacing in comments (test_logging.py, test_math.py)
* Fix spaces at the beginning of comments in test_logging.py
find_file() returns an empty list if it finds the requested
header on the standard include path, so header existence
checks need to be explicitly against "is not None".
kB (*kilo* byte) unit means 1000 bytes, whereas KiB ("kibibyte")
means 1024 bytes. KB was misused: replace kB or KB with KiB when
appropriate.
Same change for MB and GB which become MiB and GiB.
Change the output of Tools/iobench/iobench.py.
Round also the size of the documentation from 5.5 MB to 5 MiB.
Rework the code choosing BLAKE2 code paths from using the optimized
variant on all x86_64 machines to using it when SSSE3 or better
supported instructions sets are available.
Firstly, this solves the problem of using pure SSE2 code path on x86_64
machines. As reported in the bug, this code is slower than the reference
code on all tested x86_64 machines. Furthermore, on Athlon64 that lacks
SSSE3, it is even 2.5 times slower than the reference code! Checking
for SSSE3 therefore ensures that the optimized implementation will only
be used when it has a chance of performing better.
Secondly, this makes it possible to use SSSE3+ optimizations on 32-bit
x86 systems. This allows for even 2 times speed gain on modern 32-bit
x86 systems (tested in a 32-bit chroot).
Various platforms have various methods of handling multiarch libffi which probably won't match the previously looked-for defines. Now we just make sure that ffi.h is available.
Add basic fuzz tests for a few common builtin functions.
This is an easy place to start, and these functions are probably safe.
We'll want to add more fuzz tests later. Lets bootstrap using these.
While the fuzz tests are included in CPython and compiled / tested on a
very basic level inside CPython itself, the actual fuzzing happens as
part of oss-fuzz (https://github.com/google/oss-fuzz). The reason to
include the tests in CPython is to make sure that they're maintained
as part of the CPython project, especially when (as some eventually
will) they use internal implementation details in the test.
(This will be necessary sometimes because e.g. the fuzz test should
never enter Python's interpreter loop, whereas some APIs only expose
themselves publicly as Python functions.)
This particular set of changes is part of testing Python's builtins,
tracked internally at Google by b/37562550.
The _xxtestfuzz module that this change adds need not be shipped with binary distributions of Python.
As of Xcode 7, SDKs for Apple platforms now include textual-format stub
libraries whose file names have a .tbd extension rather than the
standard OS X .dylib extension. The Apple compiler tool chain handles
these stub libraries transparently and the installed system shared libraries
are still .dylibs. However, the new stub libraries cause problems for
third-party programs that support building with Apple SDKs and make
build-time decisions based on the presence or paths of system-supplied
shared libraries in the SDK. In particular, building Python itself with
an SDK fails to find system-supplied libraries during setup.py's build of
standard library extension modules. The solution is to have
find_library_file() in Distutils search for .tbd files, along with
the existing types (.a, .so, and .dylib). Patch by Tim Smith.
Known limitations of the current implementation:
- documentation changes are incomplete
- there's a reference leak I haven't tracked down yet
The leak is most visible by running:
./python -m test -R3:3 test_importlib
However, you can also see it by running:
./python -X showrefcount
Importing the array or _testmultiphase modules, and
then deleting them from both sys.modules and the local
namespace shows significant increases in the total
number of active references each cycle. By contrast,
with _testcapi (which continues to use single-phase
initialisation) the global refcounts stabilise after
a couple of cycles.
Along the way, dismantle importlib._bootstrap._SpecMethods as it was
no longer relevant and constructing the new function required
partially dismantling the class anyway.
_decimal:
o Make all "mpd_t to C integer" conversion functions available in both the
64-bit and the 32-bit versions.
o Make all mixed mpd_t/C integer arithmetic functions available in the
32-bit version.
o Better handling of __STDC_LIMIT_MACROS for C++ users.
o Add struct tags (at the request of C++ users).
2) Check for libmpdec.so.2 if --with-system-libmpdec is used.
when building _tkinter. configure has two new options; if used, both must
be specified:
./configure \
--with-tcltk-includes="-I/opt/local/include" \
--with-tcltk-libs="-L/opt/local/lib -ltcl8.5 -ltk8.5"
In addition, the options can be overridden with make:
make \
TCLTK_INCLUDES="-I/opt/local/include" \
TCLTK_LIBS="-L/opt/local/lib -ltcl8.6 -ltk8.6"
when building _tkinter. configure has two new options; if used, both must
be specified:
./configure \
--with-tcltk-includes="-I/opt/local/include" \
--with-tcltk-libs="-L/opt/local/lib -ltcl8.5 -ltk8.5"
In addition, the options can be overridden with make:
make \
TCLTK_INCLUDES="-I/opt/local/include" \
TCLTK_LIBS="-L/opt/local/lib -ltcl8.6 -ltk8.6"
The "Gestalt" function on OSX is deprecated (starting with OSX 10.8),
remove its usage from the stdlib. The patch removes a number of private
functions and a private module, but does not change the public API.
The removed code was effectively dead, the platform module has used
other code to fetch the OSX version for years and could only use
on the Gestalt-based code as a fallback. That fallback can only trigger
on broken OSX installs (that is, someone has removed parts of the system
install)
Brett Cannon
Christian Heimes
Ivan Levkivskyi
Eric Snow
Yury Selivanov
Victor Stinner
Antoine Pitrou
Mike
Stefan Krah
Nick Coghlan
xdegaye
Benjamin Peterson
Michał Górny
Shlomi Fish
Devin Jeanpierre
Neil Schemenauer
Xavier de Gaye
INADA Naoki
Zachary Ware
R David Murray
Vinay Sajip
doko@ubuntu.com
Martin Panter
Ned Deily
Serhiy Storchaka
Berker Peksag
Antoine Pitrou
Ned Deily
Brett Cannon
Martin v. Löwis
Larry Hastings
Ronald Oussoren