Christian Heimes
f6365e3816
Issue #28188 : Use PyMem_Calloc() to get rid of a type-limits warning and an extra memset() call in _ssl.c.
2016-09-13 20:48:13 +02:00
Victor Stinner
410b9887e1
Issue #27866 : Fix refleak in cipher_to_dict()
2016-09-12 12:00:23 +02:00
Christian Heimes
5fe668c672
Issue #28085 : Add PROTOCOL_TLS_CLIENT and PROTOCOL_TLS_SERVER for SSLContext
2016-09-12 00:01:11 +02:00
Christian Heimes
99a6570295
Issue #19500 : Add client-side SSL session resumption to the ssl module.
2016-09-10 23:44:53 +02:00
Christian Heimes
358cfd426c
Issue 28043: SSLContext has improved default settings
...
The options OP_NO_COMPRESSION, OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE, OP_NO_SSLv2 (except for PROTOCOL_SSLv2), and OP_NO_SSLv3 (except for PROTOCOL_SSLv3) are set by default. The initial cipher suite list contains only HIGH ciphers, no NULL ciphers and MD5 ciphers (except for PROTOCOL_SSLv2).
2016-09-10 22:43:48 +02:00
Christian Heimes
fe3c9c1ee9
Issue #27691 : Fix ssl module's parsing of GEN_RID subject alternative name fields in X.509 certs.
2016-09-06 23:27:06 +02:00
Christian Heimes
1c03abd026
Issue #27691 : Fix ssl module's parsing of GEN_RID subject alternative name fields in X.509 certs.
2016-09-06 23:25:35 +02:00
Christian Heimes
0061bf5892
Issue #26470 : Use short name rather than name for compression name to fix #27958 .
2016-09-06 01:14:34 +02:00
Christian Heimes
281e5f8839
Issue #26470 : Use short name rather than name for compression name to fix #27958 .
2016-09-06 01:10:39 +02:00
Christian Heimes
25bfcd5d9e
Issue #27866 : Add SSLContext.get_ciphers() method to get a list of all enabled ciphers.
2016-09-06 00:04:45 +02:00
Christian Heimes
01113faef9
Issue #26470 : Port ssl and hashlib module to OpenSSL 1.1.0.
2016-09-05 23:23:24 +02:00
Christian Heimes
598894ff48
Issue #26470 : Port ssl and hashlib module to OpenSSL 1.1.0.
2016-09-05 23:19:05 +02:00
Benjamin Peterson
a853c479ee
merge 3.5 ( #27773 )
2016-08-15 21:56:11 -07:00
Benjamin Peterson
81b9ecd2a3
fix corner cases in the management of server_hostname ( closes #27773 )
2016-08-15 21:55:37 -07:00
Victor Stinner
d3afb62b8f
Merge 3.5 (INVALID_SOCKET)
2016-07-22 17:47:09 +02:00
Victor Stinner
524714eeda
socket: use INVALID_SOCKET
...
* Replace "fd = -1" with "fd = INVALID_SOCKET"
* Replace "fd < 0" with "fd == INVALID_SOCKET": SOCKET_T is unsigned on Windows
Bug found by Pavel Belikov ("Fragment N1"):
http://www.viva64.com/en/b/0414/#ID0ECDAE
2016-07-22 17:43:59 +02:00
Martin Panter
7386268ffd
Issue #23804 : Merge SSL recv() fix from 3.5
2016-07-11 01:32:09 +00:00
Martin Panter
bed7f1a512
Issue #23804 : Fix SSL zero-length recv() calls to not block and raise EOF
2016-07-11 00:17:13 +00:00
Serhiy Storchaka
2954f83999
- Issue #27332 : Fixed the type of the first argument of module-level functions
...
generated by Argument Clinic. Patch by Petr Viktorin.
2016-07-07 18:20:03 +03:00
Serhiy Storchaka
1a2b24f02d
Issue #27332 : Fixed the type of the first argument of module-level functions
...
generated by Argument Clinic. Patch by Petr Viktorin.
2016-07-07 17:35:15 +03:00
Benjamin Peterson
50600a78cb
merge 3.5 ( #24557 )
2016-07-06 23:58:16 -07:00
Benjamin Peterson
b8a2f51ceb
assume egd unless OPENSSL_NO_EGD is defined—remove configure check ( closes #24557 )
2016-07-06 23:55:15 -07:00
Berker Peksag
2c164b738d
Fix unused variable 'libver' warning in Modules/_ssl.c
...
It can be seen on various buildbots like 3.x.cea-indiana-amd64
and 3.x.murray-snowleopard:
/export/home/buildbot/64bits/3.x.cea-indiana-amd64/build/Modules/_ssl.c:2227: warning: unused variable 'libver'
/Users/buildbot/buildarea/3.x.murray-snowleopard/build/Modules/_ssl.c:2227: warning: unused variable ‘libver’
2016-04-14 16:49:21 +03:00
Berker Peksag
dfcb041195
Fix unused variable 'libver' warning in Modules/_ssl.c
...
It can be seen on various buildbots like 3.x.cea-indiana-amd64
and 3.x.murray-snowleopard:
/export/home/buildbot/64bits/3.x.cea-indiana-amd64/build/Modules/_ssl.c:2227: warning: unused variable 'libver'
/Users/buildbot/buildarea/3.x.murray-snowleopard/build/Modules/_ssl.c:2227: warning: unused variable ‘libver’
2016-04-14 16:48:48 +03:00
Serhiy Storchaka
f01e408c16
Issue #26200 : Added Py_SETREF and replaced Py_XSETREF with Py_SETREF
...
in places where Py_DECREF was used.
2016-04-10 18:12:01 +03:00
Serhiy Storchaka
57a01d3a0e
Issue #26200 : Added Py_SETREF and replaced Py_XSETREF with Py_SETREF
...
in places where Py_DECREF was used.
2016-04-10 18:05:40 +03:00
Serhiy Storchaka
ec39756960
Issue #22570 : Renamed Py_SETREF to Py_XSETREF.
2016-04-06 09:50:03 +03:00
Serhiy Storchaka
48842714b9
Issue #22570 : Renamed Py_SETREF to Py_XSETREF.
2016-04-06 09:45:48 +03:00
Martin Panter
afd465d497
Issue #26644 : Merge SSL negative read fix from 3.5
2016-03-27 10:40:22 +00:00
Martin Panter
5503d4731e
Issue #26644 : Raise ValueError for negative SSLSocket.recv() and read()
2016-03-27 05:35:19 +00:00
Benjamin Peterson
4a180a693f
merge 3.5 ( closes #25939 )
2016-02-17 22:18:35 -08:00
Benjamin Peterson
1378f7ca68
merge 3.4 ( closes #25939 )
2016-02-17 22:18:20 -08:00
Benjamin Peterson
9491272751
open the cert store readonly
...
Patch from Chi Hsuan Yen.
2016-02-17 22:13:19 -08:00
Benjamin Peterson
5db60aa84e
merge 3.5 ( closes #25672 )
2016-01-07 21:38:51 -08:00
Benjamin Peterson
3b1a8b3bbe
enable SSL_MODE_RELEASE_BUFFERS
...
Patch by Cory Benfield.
2016-01-07 21:37:37 -08:00
Serhiy Storchaka
ef1585eb9a
Issue #25923 : Added more const qualifiers to signatures of static and private functions.
2015-12-25 20:01:53 +02:00
Serhiy Storchaka
5a57ade58e
Issue #20440 : Massive replacing unsafe attribute setting code with special
...
macro Py_SETREF.
2015-12-24 10:35:59 +02:00
Benjamin Peterson
fcc2e71e99
merge 3.4 ( #25578 )
2015-11-14 15:14:42 -08:00
Benjamin Peterson
025a1fd990
rm trailing ws
2015-11-14 15:12:38 -08:00
Benjamin Peterson
f0c9038a36
fix possible memory lea k in _get_aia_uri ( closes #25578 )
2015-11-14 15:12:18 -08:00
Benjamin Peterson
2463001a15
merge 3.4 ( #25569 )
2015-11-14 00:11:09 -08:00
Benjamin Peterson
806fb25405
fix build with older openssl ( #25569 )
2015-11-14 00:09:22 -08:00
Benjamin Peterson
45bde5d2ee
merge 3.4 ( #25530 )
2015-11-11 22:45:22 -08:00
Benjamin Peterson
a9dcdabccb
always set OP_NO_SSLv3 by default ( closes #25530 )
2015-11-11 22:38:41 -08:00
Benjamin Peterson
86429bd174
merge 3.5 ( #25569 )
2015-11-11 22:14:08 -08:00
Benjamin Peterson
eda06c8f5e
fix memory leak in _get_crl_dp ( closes #25569 )
...
Patch started by Stéphane Wirtel.
2015-11-11 22:07:38 -08:00
Serhiy Storchaka
f51d715845
Issue #25523 : Further a-to-an corrections new in 3.5.
2015-11-02 14:40:41 +02:00
Serhiy Storchaka
a84f6c3dd3
Issue #25523 : Merge a-to-an corrections from 3.4.
2015-11-02 14:39:05 +02:00
Serhiy Storchaka
d65c9496da
Issue #25523 : Further a-to-an corrections.
2015-11-02 14:10:23 +02:00
Benjamin Peterson
d330822c12
detect alpn by feature flag not openssl version ( closes #23329 )
2015-09-27 00:09:02 -07:00