The documentation for CERT_NONE, CERT_OPTIONAL, and CERT_REQUIRED were
misleading and partly wrong. It fails to explain that OpenSSL behaves
differently in client and server mode. Also OpenSSL does validate the
cert chain everytime. With SSL_VERIFY_NONE a validation error is not
fatal in client mode and does not request a client cert in server mode.
Also discourage people from using CERT_OPTIONAL in client mode.
(cherry picked from commit ef24b6c54d)
Co-authored-by: Christian Heimes <christian@python.org>
Change suggested by Eryk Sun in a comment on PR 7137 after it was merged.
(cherry picked from commit fd88f319a4)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
On Windows 8.1+ or 10, with DPI compatibility properties of the Python binary
unchanged, and a monitor resolution greater than 96 DPI, this should
make text and lines sharper. It should otherwise have no effect.
Using a magnifier, I determined that the improvement comes from horizontal and
lines being better lined up with the monitor pixels. I checked that this call causes
no problem on any Windows buildbot, including the Win7 buildbots. Unlike most
IDLE patches, this one can be easily reverted by users by removing a few lines,
at the top of idlelib/pyshell.py.
(cherry picked from commit 800415e3df)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Before Python 3.6, os.path.abspath(None) used to report an AttributeError which was properly caught inside site.abs_paths, making it ignore __main__, one of sys.modules, which has __file__ and __cached__ set to None. With 3.6, os.path.abspath(None) raises TypeError instead which site.abs_path was not expecting. This resulted in an uncaught exception if a user had PYTHONSTARTUP set and the application called site.main() which a number of third-party programs do.
(cherry picked from commit 2487f30d55)
Co-authored-by: Steve Weber <steverweber@gmail.com>
A datetime object d is aware if d.tzinfo is not None and
d.tzinfo.utcoffset(d) does not return None. If d.tzinfo is None,
or if d.tzinfo is not None but d.tzinfo.utcoffset(d) returns None,
d is naive.
This commit ensures that instances with non-None d.tzinfo, but
d.tzinfo.utcoffset(d) returning None are treated as naive.
In addition, C acceleration code will raise TypeError if
d.tzinfo.utcoffset(d) returns an object with the type other than
timedelta.
* Updated the documentation.
Assume that the term "naive" is defined elsewhere and remove the
not entirely correct clarification. Thanks, Tim.
(cherry picked from commit 877b23202b)
Co-authored-by: Alexander Belopolsky <abalkin@users.noreply.github.com>
If tests are re-run, use "xxx then yyy" result format (ex: "FAILURE
then SUCCESS") to show that some failing tests have been re-run.
Add also test_regrtest.test_rerun_fail() test.
(cherry picked from commit c45fc7673e)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
* Added a test case for strftime("%z").
The added test checks a case with UTC offest expressed in an integer
number of seconds.
* Added a test comparing naive and aware datetimes.
Check that a greater than comparison of a naive datetime instance with
an aware one raises a TypeError.
* Test datetime in fold or in gap comparison both ways.
(cherry picked from commit 4c3e39f61c)
Co-authored-by: Alexander Belopolsky <abalkin@users.noreply.github.com>
This solves a regression in logging config due to changes in BPO-23835.
(cherry picked from commit 214f18e49f)
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
- bugfix and test for fragile metavar handling in argparse (see
bpo-24089, bpo-14046, bpo-25058, bpo-11874)
- also fixes some incorrect tests that did not make 1-element tuples correctly
(cherry picked from commit 66f02aa32f)
Co-authored-by: wim glenn <wim.glenn@gmail.com>
_feed_data_to_bufferred_proto() renamed to
_feed_data_to_buffered_proto() ("bufferred" => "buffered").
Typo spotted by Nathaniel J. Smith.
(cherry picked from commit ff6c077292)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
The cancellation of an overlapped WSARecv() has a race condition
which causes data loss because of the current implementation of
proactor in asyncio.
No longer cancel overlapped WSARecv() in _ProactorReadPipeTransport
to work around the race condition.
Remove the optimized recv_into() implementation to get simple
implementation of pause_reading() using the single _pending_data
attribute.
Move _feed_data_to_bufferred_proto() to protocols.py.
Remove set_protocol() method which became useless.
(cherry picked from commit 79790bc35f)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
It wasn't testing functionality. Now it is (on Linux anyways).
(cherry picked from commit 5f3d04fa4e)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
* bpo-33789: test_asyncio: Fix ResourceWarning (GH-7460)
* Close sockets and streams to fix ResourceWarning warnings
* Catch also OSError to hide a traceback on an expected handshake
error
(cherry picked from commit 0eba7c3913)
* bpo-33789, test_asyncio: Hide PendingDeprecationWarning (GH-7461)
Hide PendingDeprecationWarning in test__register_task_3().
(cherry picked from commit 7ed61e9431)
* bpo-32676, test_asyncio: Fix warning in test_error_in_call_soon() (GH-7462)
Fix "<CoroWrapper ...> was never yielded from" warning in
PyTask_PyFuture_Tests.test_error_in_call_soon() of
test_asyncio.test_tasks.
Close manually the coroutine on error.
(cherry picked from commit 9f04f0df6f)
Document that the default value of repeat changed from 3 to 5 in
Python 3.7.
(cherry picked from commit 3ef769fcd3)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Substract one because listdir() opens internally a file
descriptor to list the content of the /proc/self/fd/ directory.
Add test_support.test_fd_count().
Move also MAXFD code before msvcrt.CrtSetReportMode(), to make sure
that the report mode is always restored on failure.
(cherry picked from commit 492d6424a7)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
testModeStrings and testTruncateOnWindows were depended on
a file leaked in other tests.
Also improve cleaning up after tests.
(cherry picked from commit c2745d2d05)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
In addition to that, mark SSLTransport as "closed" in its "abort()" method to prevent bogus warnings.
(cherry picked from commit 415bc46a78)
Co-authored-by: Yury Selivanov <yury@magic.io>
With addCleanup() f.close() was executed after tearDown().
(cherry picked from commit 6592d7fe11)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Fix test_warnings.test_module_globals() when python3 is run with
-Werror.
(cherry picked from commit e292b75e3e)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
* Fix AttributeError (not all SSL exceptions have 'errno' attribute)
* Increase default handshake timeout from 10 to 60 seconds
* Make sure start_tls can be cancelled correctly
* Make sure any error in SSLProtocol gets propagated (instead of just being logged)
(cherry picked from commit 9602643120)
Co-authored-by: Yury Selivanov <yury@magic.io>
Previously, the mouse wheel and scrollbar slider moved text by a fixed
number of pixels, resulting in partial lines at the top of the editor
box. The change also applies to the shell and grep output windows,
but not to read-only text views.
(cherry picked from commit d49dbd9acc)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>
Separate tests leaked files or were depended on files leaked in other tests.
(cherry picked from commit 027f95c736)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
The difference from before is that the settings are now on the
Highlights tab instead of the Extensions tab and only change one theme
at a time instead of all themes. The default for light themes is black
on light gray, as before. The default for the IDLE Dark theme is white
on dark gray, which better fits the dark theme.
When one starts IDLE from a console and loads a custom theme without
definitions for 'context', one will see a warning message on the console.
To stop the warning, go to Options => Configure IDLE => Highlights,
select the custom theme if not selected already, select 'Code Context',
and select foreground and background colors.
(cherry picked from commit de6516264e)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>
Instead of displaying a fixed number of lines, some blank, Code Context
now displays the variable number of actual context lines. When there
are no context lines, it shows a single blank line to indicate that the
feature is turned on.
The Code Context configuration option is changed from 'numlines'
(default 3) to 'maxlines' (default 15) to avoid possible interference
between user settings for the old and new versions of Code Context.
(cherry picked from commit 29996a1c4e)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>
Use also support.SOCK_MAX_SIZE, not only support.PIPE_MAX_SIZE, to
get the size for a blocking send into a multiprocessing pipe.
(cherry picked from commit 252f6abe0a)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Fix test_ignore() of multiprocessing tests like
test_multiprocessing_forkserver: use support.PIPE_MAX_SIZE to make
sure that send_bytes() blocks.
(cherry picked from commit 5d6c7ed5e3)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
* Add a space to ensurepip's --altinstall option
* Add periods to the arguments of ensurepip that didn't have it
This makes --help for all optional arguments consistent and also makes it
consistent with pip --help.
(cherry picked from commit e9537ad6a1)
Co-authored-by: Wieland Hoffmann <mineo@users.noreply.github.com>
* [3.7] bpo-31639: Change ThreadedHTTPServer to ThreadingHTTPServer class name (GH-7195).
(cherry picked from commit 1cee216cf3)
* Fix whatsnew entry about ThreadedHTTPServer. (GH-7220)
(cherry picked from commit a34e424bdb)
Currently, asyncio.wait_for(fut), upon reaching the timeout deadline,
cancels the future and returns immediately. This is problematic for
when *fut* is a Task, because it will be left running for an arbitrary
amount of time. This behavior is iself surprising and may lead to
related bugs such as the one described in bpo-33638:
condition = asyncio.Condition()
async with condition:
await asyncio.wait_for(condition.wait(), timeout=0.5)
Currently, instead of raising a TimeoutError, the above code will fail
with `RuntimeError: cannot wait on un-acquired lock`, because
`__aexit__` is reached _before_ `condition.wait()` finishes its
cancellation and re-acquires the condition lock.
To resolve this, make `wait_for` await for the task cancellation.
The tradeoff here is that the `timeout` promise may be broken if the
task decides to handle its cancellation in a slow way. This represents
a behavior change and should probably not be back-patched to 3.6 and
earlier.
(cherry picked from commit e2b340ab41)
Co-authored-by: Elvis Pranskevichus <elvis@magic.io>
Use transport.set_write_buffer_limits() in sendfile tests of
test_asyncio to make sure that the protocol is paused after sending
4 KiB. Previously,
test_sendfile_fallback_close_peer_in_the_middle_of_receiving() failed
on FreeBSD if the DATA was smaller than the default limit of 64 KiB.
(cherry picked from commit 9551f77192)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Remove the docstring attribute of AST types and restore docstring
expression as a first stmt in their body.
Co-authored-by: INADA Naoki <methane@users.noreply.github.com>
Fix a race condition in SSLProtocol.connection_made() of
asyncio.sslproto: start immediately the handshake instead of using
call_soon(). Previously, data_received() could be called before the
handshake started, causing the handshake to hang or fail.
(cherry picked from commit be00a5583a)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
In this commit:
* Support BufferedProtocol in set_protocol() and start_tls()
* Fix proactor to cancel readers reliably
* Update tests to be compatible with OpenSSL 1.1.1
* Clarify BufferedProtocol docs
* Bump TLS tests timeouts to 60 seconds; eliminate possible race from start_serving
* Rewrite test_start_tls_server_1
(cherry picked from commit dbf102271f)
Co-authored-by: Yury Selivanov <yury@magic.io>
Fixed bug where calling write_eof() on a _SelectorSocketTransport after
it's already closed raises AttributeError.
(cherry picked from commit 23f587e395)
Co-authored-by: twisteroid ambassador <twisteroidambassador@users.noreply.github.com>
The failure may be due to the use oF ZFS, a case we already ignore
for Solaris-based systems where ZFS is frequently used.
(cherry picked from commit 09c4a7dee2)
Co-authored-by: Ned Deily <nad@python.org>
Pickles of type variables and subscripted generics are now future-proof
and compatible with older Python versions.
(cherry picked from commit 09f3221fbb)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
bpo-32374, bpo-33629: Use support.SuppressCrashReport() in
test_bad_traverse() of MultiPhaseExtensionModuleTests to prevent
leaking a core dump file.
(cherry picked from commit 483000e164)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
bpo-26510 in 3.7.0a2 changed the behavior of argparse to make
subparsers required by default, returning to the behavior of 2.7
and 3.2. The behavior was changed in 3.3 to be no longer required.
While it might make more sense to have the default to required,
compatibility with 3.3 through 3.6 is probably less disruptive
than trying to reintroduce compatibility with 2.7 at this point.
This change restores the 3.6 behavior.
(cherry picked from commit 8ebf5ceb0f)
Co-authored-by: Ned Deily <nad@python.org>
Add a new block_on_close class attribute to ForkingMixIn and
ThreadingMixIn classes of socketserver to opt-in for pre-3.7 behaviour.
(cherry picked from commit 453bd0bc65)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
* bpo-33353: test_asyncio uses smaller sendfile data (#7083)
bpo-32622, bpo-33353: sendfile() tests of test_asyncio use socket
buffers of 1 kB "to test on relative small data sets". Send only
160 KiB rather 10 MB to make the test much faster.
Shrink also SendfileBase.DATA from 1600 KiB to 160 KiB.
On Linux, 3 test_sock_sendfile_mix_with_regular_send() runs now take
less than 1 second, instead of 18 seconds.
On FreeBSD, the 3 tests didn't hang, but took 3 minutes. Now
the 3 tests pass in less than 1 seconds.
(cherry picked from commit 2932755cc1)
* bpo-33353: test_asyncio set SO_SNDBUF after connect (GH-7086)
bpo-32622, bpo-33353: On macOS, sock.connect() changes the
SO_SNDBUF value. Only set SO_SNDBUF and SO_RCVBUF buffer sizes
once a socket is connected or binded, not before.
(cherry picked from commit b97de3dd86)
TLS 1.3 behaves slightly different than TLS 1.2. Session tickets and TLS
client cert auth are now handled after the initialy handshake. Tests now
either send/recv data to trigger session and client certs. Or tests
ignore ConnectionResetError / BrokenPipeError on the server side to
handle clients that force-close the socket fd.
To test TLS 1.3, OpenSSL 1.1.1-pre7-dev (git master + OpenSSL PR
https://github.com/openssl/openssl/pull/6340) is required.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 529525fb5a)
bpo-33604: Bump removal notice from 3.6 to 3.8 and change PendingDeprecationWarning to DeprecationWarning as we had intended to do earlier...
(cherry picked from commit 8bb0b5b03c)
Co-authored-by: Matthias Bussonnier <bussonniermatthias@gmail.com>
Change TLS 1.3 cipher suite settings for compatibility with OpenSSL
1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by
default.
Also update multissltests and Travis config to test with latest OpenSSL.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit e8eb6cb792)
Co-authored-by: Christian Heimes <christian@python.org>
* bpo-33263 Fix FD leak in _SelectorSocketTransport. (GH-6450)
Under particular circumstances _SelectorSocketTransport can try to add a reader
even the transport is already being closed. This can lead to FD leak and
invalid stated of the following connections. Fixed the SelectorSocketTransport
to add the reader only if the trasport is still active.
(cherry picked from commit a84d0b361a)
Co-authored-by: Vlad Starostin <drtyrsa@yandex.ru>
uuid._ipconfig_getnode did not validate the maximum length of the value,
so long as the value had the same type of formatting as a MAC address.
This let it select DUIDs as MAC addresses. It now requires an exact
length match.
(cherry picked from commit c66c342cb4)
Co-authored-by: CtrlZvi <viz+github@flippedperspective.com>