Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 06651ee418)
Co-authored-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue37081
Check for sys.abiflags before using since not all platforms have it defined.
(cherry picked from commit a7987e7193)
Co-authored-by: AraHaan <15173749+AraHaan@users.noreply.github.com>
* bpo-35296: make install now installs the internal API (GH-10665)
make install now also installs the internal API: Include/internal/*.h
header files.
(cherry picked from commit f653fd4d95)
* Windows installer now also install Include/internal/
The Windows installer (MSI) now also install header files of the
Include/internal/ subdirectory.
Two kind of mistakes:
1. Missed space. After concatenating there is no space between words.
2. Missed comma. Causes unintentional concatenating in a list of strings.
(cherry picked from commit 34fd4c2019)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
python-gdb.py now handles errors on computing the line number
of a Python frame.
Changes:
* PyFrameObjectPtr.current_line_num() now catchs any Exception on
calling addr2line(), instead of failing with a surprising "<class
'TypeError'> 'FakeRepr' object is not subscriptable" error.
* All callers of current_line_num() now handle current_line_num()
returning None.
* PyFrameObjectPtr.current_line() now also catchs IndexError on
getting a line from the Python source file.
(cherry picked from commit 2e438cc255)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Add SSLContext.post_handshake_auth and
SSLSocket.verify_client_post_handshake for TLS 1.3 post-handshake
authentication.
Signed-off-by: Christian Heimes <christian@python.org>q
https://bugs.python.org/issue34670.
(cherry picked from commit 9fb051f032)
Co-authored-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue34670
* Fix Tools/clinic/clinic_test.py: add missing
FakeClinic.destination_buffers attribute and pass a file argument
to Clinic().
* Rename Tools/clinic/clinic_test.py to Lib/test/test_clinic.py:
add temporary Tools/clinic/ to sys.path to import the clinic
module.
Co-Authored-By: Pablo Galindo <pablogsal@gmail.com>
(cherry picked from commit 65fc98e7b1)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
* bpo-32962: python-gdb catchs ValueError on read_var() (GH-7692)
python-gdb now catchs ValueError on read_var(): when Python has no
debug symbols for example.
(cherry picked from commit 019d33b7a4)
* bpo-32962: python-gdb catchs UnicodeDecodeError (GH-7693)
python-gdb now catchs UnicodeDecodeError exceptions when calling
string().
(cherry picked from commit d22fc0bc7d)
* bpo-32962: Fix test_gdb failure in debug build with -mcet -fcf-protection -O0 (GH-6754)
When Python is built with the intel control-flow protection flags,
-mcet -fcf-protection, gdb is not able to read the stack without
actually jumping inside the function. This means an extra
'next' command is required to make the $pc (program counter)
enter the function and make the stack of the function exposed to gdb.
(cherry picked from commit 9b7c74ca32)
Remove the docstring attribute of AST types and restore docstring
expression as a first stmt in their body.
Co-authored-by: INADA Naoki <methane@users.noreply.github.com>
TLS 1.3 behaves slightly different than TLS 1.2. Session tickets and TLS
client cert auth are now handled after the initialy handshake. Tests now
either send/recv data to trigger session and client certs. Or tests
ignore ConnectionResetError / BrokenPipeError on the server side to
handle clients that force-close the socket fd.
To test TLS 1.3, OpenSSL 1.1.1-pre7-dev (git master + OpenSSL PR
https://github.com/openssl/openssl/pull/6340) is required.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 529525fb5a)
Change TLS 1.3 cipher suite settings for compatibility with OpenSSL
1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by
default.
Also update multissltests and Travis config to test with latest OpenSSL.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit e8eb6cb792)
Co-authored-by: Christian Heimes <christian@python.org>
as docstrings and translatable strings, and rejects
bytes literals and f-string expressions.
(cherry picked from commit 69524821a8)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
LibreSSL 2.7 introduced OpenSSL 1.1.0 API. The ssl module now detects
LibreSSL 2.7 and only provides API shims for OpenSSL < 1.1.0 and
LibreSSL < 2.7.
Documentation updates and fixes for failing tests will be provided in
another patch set.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 4ca0739c9d)
Co-authored-by: Christian Heimes <christian@python.org>
Creating backup files with ~ suffix can be undesirable in some environment,
such as when building RPM packages. Instead of requiring the user to remove
those files manually, option -n was added, that simply disables this feature.
-n was selected because 2to3 has the same option with this behavior.
(cherry picked from commit 5affd5c29e)
Co-authored-by: Miro Hrončok <miro@hroncok.cz>
* bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes
Misc fixes and workarounds for compatibility with OpenSSL 1.1.1-pre1 and
TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by
default. Some test cases only apply to TLS 1.2. Other tests currently
fail because the threaded or async test servers stop after failure.
I'm going to address these issues when OpenSSL 1.1.1 reaches beta.
OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS
1.3. The feature is enabled by default for maximum compatibility with
broken middle boxes. Users should be able to disable the hack and CPython's test suite needs
it to verify default options.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 05d9fe32a1)
Co-authored-by: Christian Heimes <christian@python.org>
Steve Dower
Miss Islington (bot)
Serhiy Storchaka
Steve Dower
Victor Stinner
Christian Heimes
Xtreak
Victor Stinner
Yury Selivanov