Benjamin Peterson
4a180a693f
merge 3.5 ( closes #25939 )
2016-02-17 22:18:35 -08:00
Benjamin Peterson
1378f7ca68
merge 3.4 ( closes #25939 )
2016-02-17 22:18:20 -08:00
Benjamin Peterson
9491272751
open the cert store readonly
...
Patch from Chi Hsuan Yen.
2016-02-17 22:13:19 -08:00
Benjamin Peterson
5db60aa84e
merge 3.5 ( closes #25672 )
2016-01-07 21:38:51 -08:00
Benjamin Peterson
3b1a8b3bbe
enable SSL_MODE_RELEASE_BUFFERS
...
Patch by Cory Benfield.
2016-01-07 21:37:37 -08:00
Serhiy Storchaka
ef1585eb9a
Issue #25923 : Added more const qualifiers to signatures of static and private functions.
2015-12-25 20:01:53 +02:00
Serhiy Storchaka
5a57ade58e
Issue #20440 : Massive replacing unsafe attribute setting code with special
...
macro Py_SETREF.
2015-12-24 10:35:59 +02:00
Benjamin Peterson
fcc2e71e99
merge 3.4 ( #25578 )
2015-11-14 15:14:42 -08:00
Benjamin Peterson
025a1fd990
rm trailing ws
2015-11-14 15:12:38 -08:00
Benjamin Peterson
f0c9038a36
fix possible memory lea k in _get_aia_uri ( closes #25578 )
2015-11-14 15:12:18 -08:00
Benjamin Peterson
2463001a15
merge 3.4 ( #25569 )
2015-11-14 00:11:09 -08:00
Benjamin Peterson
806fb25405
fix build with older openssl ( #25569 )
2015-11-14 00:09:22 -08:00
Benjamin Peterson
45bde5d2ee
merge 3.4 ( #25530 )
2015-11-11 22:45:22 -08:00
Benjamin Peterson
a9dcdabccb
always set OP_NO_SSLv3 by default ( closes #25530 )
2015-11-11 22:38:41 -08:00
Benjamin Peterson
86429bd174
merge 3.5 ( #25569 )
2015-11-11 22:14:08 -08:00
Benjamin Peterson
eda06c8f5e
fix memory leak in _get_crl_dp ( closes #25569 )
...
Patch started by Stéphane Wirtel.
2015-11-11 22:07:38 -08:00
Serhiy Storchaka
f51d715845
Issue #25523 : Further a-to-an corrections new in 3.5.
2015-11-02 14:40:41 +02:00
Serhiy Storchaka
a84f6c3dd3
Issue #25523 : Merge a-to-an corrections from 3.4.
2015-11-02 14:39:05 +02:00
Serhiy Storchaka
d65c9496da
Issue #25523 : Further a-to-an corrections.
2015-11-02 14:10:23 +02:00
Benjamin Peterson
d330822c12
detect alpn by feature flag not openssl version ( closes #23329 )
2015-09-27 00:09:02 -07:00
Benjamin Peterson
d113c967b4
improve style of the convert macro ( #24655 )
...
Patch by Brian Cain.
2015-07-18 10:59:13 -07:00
Benjamin Peterson
0544cf0eb9
merge 3.4 ( #24655 )
2015-07-18 11:00:00 -07:00
Larry Hastings
dbfdc380df
Issue #24001 : Argument Clinic converters now use accept={type}
...
instead of types={'type'} to specify the types the converter accepts.
2015-05-04 06:59:46 -07:00
Serhiy Storchaka
4b7b82f133
Issue #20179 : Converted the _ssl module to Argument Clinic.
2015-05-03 16:14:08 +03:00
Victor Stinner
146907081c
Issue #23853 : Methods of SSL socket don't reset the socket timeout anymore each
...
time bytes are received or sent. The socket timeout is now the maximum total
duration of the method.
This change fixes a denial of service if the application is regulary
interrupted by a signal and the signal handler does not raise an exception.
2015-04-06 22:46:13 +02:00
Benjamin Peterson
7d71c97ec3
merge 3.4 ( #23875 )
2015-04-06 13:06:21 -04:00
Benjamin Peterson
43b842775f
remove extra arguments in arg parsing format codes ( closes #23875 )
2015-04-06 13:05:22 -04:00
Victor Stinner
4e3cfa46dc
Issue #23853 : Cleanup _ssl.c
...
* Rename check_socket_and_wait_for_timeout() to PySSL_select()
* PySSL_select() is now clearly splitted betwen poll() and select()
* Add empty lines for readability
2015-04-02 21:28:28 +02:00
Victor Stinner
869e1778c0
Issue #22117 : Replace usage of _PyTime_ROUND_UP with _PyTime_ROUND_CEILING
...
All these functions only accept positive timeouts, so this change has no effect
in practice.
2015-03-30 03:49:14 +02:00
Victor Stinner
ea9c0dd2c2
Issue #22117 : Fix usage of _PyTime_AsTimeval()
...
Add _PyTime_AsTimeval_noraise() function. Call it when it's not possible (or
not useful) to raise a Python exception on overflow.
2015-03-30 02:51:13 +02:00
Victor Stinner
e245231fab
Issue #22117 : Fix ssl to use _PyTime_t API on sock_timeout
...
I didn't notice that the ssl module uses private attributes of socket objects.
2015-03-28 03:00:46 +01:00
Serhiy Storchaka
8490f5acfe
Issue #23001 : Few functions in modules mmap, ossaudiodev, socket, ssl, and
...
codecs, that accepted only read-only bytes-like object now accept writable
bytes-like object too.
2015-03-20 09:00:36 +02:00
Victor Stinner
e42ccd2bfd
Issue #23694 : Enhance _Py_fopen(), it now raises an exception on error
...
* If fopen() fails, OSError is raised with the original filename object.
* The GIL is now released while calling fopen()
2015-03-18 01:39:23 +01:00
Benjamin Peterson
de8eca4638
merge 3.4
2015-03-04 22:50:25 -05:00
Benjamin Peterson
990fcaac3c
expose X509_V_FLAG_TRUSTED_FIRST
2015-03-04 22:49:41 -05:00
Benjamin Peterson
b64ae7bf2d
merge 3.4 ( #23476 )
2015-03-04 22:11:48 -05:00
Benjamin Peterson
fdb1971587
enable X509_V_FLAG_TRUSTED_FIRST when possible ( closes #23476 )
2015-03-04 22:11:12 -05:00
Antoine Pitrou
0bfd0a4048
Issue #23576 : Avoid stalling in SSL reads when EOF has been reached in the SSL layer but the underlying connection hasn't been closed.
2015-03-04 20:54:57 +01:00
Antoine Pitrou
f7f3b0a14a
Issue #23576 : Avoid stalling in SSL reads when EOF has been reached in the SSL layer but the underlying connection hasn't been closed.
2015-03-04 20:51:55 +01:00
Serhiy Storchaka
4d0d982985
Issue #23446 : Use PyMem_New instead of PyMem_Malloc to avoid possible integer
...
overflows. Added few missed PyErr_NoMemory().
2015-02-16 13:33:32 +02:00
Serhiy Storchaka
1a1ff29659
Issue #23446 : Use PyMem_New instead of PyMem_Malloc to avoid possible integer
...
overflows. Added few missed PyErr_NoMemory().
2015-02-16 13:28:22 +02:00
Benjamin Peterson
c54de47759
ifdef our way to compatibility with old openssl ( closes #23335 )
2015-01-28 12:06:39 -05:00
Benjamin Peterson
07f0515667
disable ALPN on LibreSSL, which has a large version number, but not ALPN support ( closes #23329 )
2015-01-27 11:10:18 -05:00
Benjamin Peterson
8861502e07
prefer server alpn ordering over the client's
2015-01-23 17:30:26 -05:00
Benjamin Peterson
cca2732a82
add support for ALPN ( closes #20188 )
2015-01-23 16:35:37 -05:00
Benjamin Peterson
baf7c1e546
use SSL_get_session
2015-01-07 11:32:00 -06:00
Benjamin Peterson
4cb17812d9
expose the client's cipher suites from the handshake ( closes #23186 )
2015-01-07 11:14:26 -06:00
Victor Stinner
fcfed19913
Issue #21356 : Make ssl.RAND_egd() optional to support LibreSSL. The
...
availability of the function is checked during the compilation. Patch written
by Bernard Spil.
2015-01-06 13:54:58 +01:00
Antoine Pitrou
5e8430d02c
Issue #23143 : Remove compatibility with OpenSSLs older than 0.9.8.
...
(the last 0.9.7 release was in 2007)
2015-01-03 23:17:23 +01:00
Benjamin Peterson
e32467cf6a
allow ssl module to compile if openssl doesn't support SSL 3 ( closes #22935 )
...
Patch by Kurt Roeckx.
2014-12-05 21:59:35 -05:00