Change TLS 1.3 cipher suite settings for compatibility with OpenSSL
1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by
default.
Also update multissltests to test with latest OpenSSL.
Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 3e630c541b)
Co-authored-by: Christian Heimes <christian@python.org>
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue35746
(cherry picked from commit a37f52436f)
Co-authored-by: Christian Heimes <christian@python.org>
This reverts commit aa58050843.
Due to regressions found with using Tk 8.6.9.1, build the python.org
macOS installers with Tcl/Tk 8.6.8 as used in previous releases.
This addresses C extension build errors related to an undefined _hypot
symbol when building with the Microsoft Visual C++ Compiler for Python
2.7 [1] or MinGWPy [2]. It also addresses errors when building a C++
extension with MinGWPy and C++11 from cmath, 'error "::hypot' has not
been declared'
[1] https://www.microsoft.com/en-us/download/details.aspx?id=44266
[2] https://mingwpy.github.io/
"dll" would leak if an error occurred in _validate_paramflags() or
GenericPyCData_new().
(cherry picked from commit d77d97c9a1)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
In _localemodule.c and selectmodule.c, remove dead code that would
cause double decrefs if run.
In addition, replace PyList_SetItem() with PyList_SET_ITEM() in cases
where a new list is populated and there is no possibility of an error.
In addition, check if the list changed size in the loop in array_array_fromlist().
(cherry picked from commit 99d56b5356)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
check_environ() of distutils.utils now catchs KeyError on calling
pwd.getpwuid(): don't create the HOME environment variable in this
case.
(cherry picked from commit 17d0c0595e)
bpo-34279, bpo-35412: support.run_unittest() no longer raises
TestDidNotRun if a test result contains skipped tests. The
exception is now only raised if no test have been run and no test
have been skipped.
(cherry picked from commit 3a8f4fef4a)
* bpo-16039: CVE-2013-1752: Change use of readline() in
imaplib.IMAP4_SSL to limit line length. Remove IMAP4_SSL.readline()
and IMAP4_SSL.read() to inherit safe IMAP4 implementation.
* bpo-20118: reenable test_linetoolong() of test_imaplib
on ThreadedNetworkedTests and ThreadedNetworkedTestsSSL.
The test now sets the _MAXLINE limit to 10 characters.
Include <pyconfig.h> ealier in Modules/expat/xmltok.c to define
properly _POSIX_C_SOURCE. Python defines _POSIX_C_SOURCE as 200809L,
whereas <features.h> (included indirectly by <string.h>) defines
_POSIX_C_SOURCE as 199506L.
(cherry picked from commit cf247359d5)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Fix xml.dom.minidom cloneNode() on a document with an entity: pass
the correct arguments to the user data handler of an entity (fix an
old copy/paste mistake).
Bug spotted and fix proposed by Charalampos Stratakis, initial
reproducer written by Petr Viktorin.
Co-Authored-By: Charalampos Stratakis <cstratak@redhat.com>
Co-Authored-By: Petr Viktorin <encukou@gmail.com>
(cherry picked from commit 8e04186889)
Define _CRT_SECURE_NO_WARNINGS in the Visual Studio pythoncore
project to make quiet security warnings when building zlib C files
(Modules\zlib\ subdirectory).
* posixpath.expanduser() now returns the input path unchanged if
the HOME environment variable is not set and pwd.getpwuid() raises
KeyError (the current user identifier doesn't exist in the password
database).
* Add test_no_home_directory() to test_site.
(cherry picked from commit f2f4555d82)
When running test_bdb.py as a script, `import test_module` would be
importing the existing Lib/test/test_modules.py instead of the
tempcwd/test_module.py module which was dynamically created by
test_bdb.py itself.
(cherry picked from commit 54fd45505b)
Co-authored-by: Alex H <1884912+lajarre@users.noreply.github.com>
On Travis CI, FTP tests of test_urllib2net randomly fail with "425
Security: Bad IP connecting".
test.pythoninfo now also logs TRAVIS environment variable.
(cherry picked from commit c11b3b19a5)
Co-authored-by: Victor Stinner <vstinner@redhat.com>