Avoid concatenating bytes with str in the typically rare subprocess error path (exec failed). Includes a mock based unittest to exercise the codepath.
(cherry picked from commit 3fc499bca1)
One test case of test_xmlrpc uses HTTPServer with a subclass of
BaseHTTPRequestHandler. The BaseRequestHandler class logs to
sys.stderr by default. Override log_message() to not clobber
test output.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 3463ee3972)
SSLObject.version() now correctly returns None when handshake over BIO has
not been performed yet.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 6877111)
* fixed OrderedDict.__init__ docstring re PEP 468
* tightened comment and mirrored to C impl
* added space after period per marco-buttu
* preserved substituted for stable
* drop references to Python 3.6 and PEP 468
(cherry picked from commit faa57cbe70)
In case PROTOCOL_TLS_SERVER is used for both client context and server
context, the test thread dies with OSError. Catch OSError to avoid
traceback on sys.stderr
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 305e56c27a)
Running under coverage sometimes causes 'in comparison' to be added to the end of the RecursionError message, which is acceptable.
Patched by Maria Mckinley
(cherry picked from commit 3480ef9dd3)
Drop handshake_done and peer_cert members from PySSLSocket struct. The
peer certificate can be acquired from *SSL directly.
SSL_get_peer_certificate() does not trigger any network activity.
Instead of manually tracking the handshake state, simply use
SSL_is_init_finished().
In combination these changes fix auto-handshake for non-blocking
MemoryBIO connections.
Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 66dc33b682)
The ssl and hashlib modules now call OPENSSL_add_all_algorithms_noconf() on
OpenSSL < 1.1.0. The function detects CPU features and enables optimizations
on some CPU architectures such as POWER8. Patch is based on research from
Gustavo Serra Scalet.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit c941e62)
Include sys/sysmacros.h for major(), minor(), and makedev(). GNU C libray
plans to remove the functions from sys/types.h.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 75b9618)
* Change NPN detection:
Version breakdown, support disabled (pre-patch/post-patch):
- pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False
- 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will not be defined ->
False/False
- 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and
OPENSSL_NO_NEXTPROTONEG will be defined -> True/False
Version breakdown support enabled (pre-patch/post-patch):
- pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False
- 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will be defined and
OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True
- 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and
OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True
* Refine NPN guard:
- If NPN is disabled, but ALPN is available we need our callback
- Make clinic's ssl behave the same way
This created a working ssl module for me, with NPN disabled and ALPN
enabled for OpenSSL 1.1.0f.
Concerns to address:
The initial commit for NPN support into OpenSSL [1], had the
OPENSSL_NPN_* variables defined inside the OPENSSL_NO_NEXTPROTONEG
guard. The question is if that ever made it into a release.
This would need an ugly hack, something like:
GH-if defined(OPENSSL_NO_NEXTPROTONEG) && \
!defined(OPENSSL_NPN_NEGOTIATED)
GH- define OPENSSL_NPN_UNSUPPORTED 0
GH- define OPENSSL_NPN_NEGOTIATED 1
GH- define OPENSSL_NPN_NO_OVERLAP 2
GH-endif
[1] https://github.com/openssl/openssl/commit/68b33cc5c7
(cherry picked from commit b2d096b)
* [3.6] bpo-22536: Set the filename in FileNotFoundError. (GH-3194)
Have the subprocess module set the filename in the FileNotFoundError
exception raised on POSIX systems when the executable or cwd are missing.
(cherry picked from commit 8621bb5d93)
* bpo-22536 [3.6] (GH-3202) skip non-windows tests.
bpo-29212: Fix the ugly ThreadPoolExecutor thread name.
Fixes the newly introduced ugly default thread name for concurrent.futures
thread.ThreadPoolExecutor threads. They'll now resemble the old <=3.5
threading default Thread-x names by being named ThreadPoolExecutor-y_n..
(cherry picked from commit a3d91b43c2)
* [3.6] bpo-9146: Raise a ValueError if OpenSSL fails to init a hash func. (GH-1777)
This helps people in weird FIPS mode environments where common things
like MD5 are not available in the binary as a matter of policy.
(cherry picked from commit 07244a8301)
* Include a NEWS entry.
* Fixes#30581 by adding a path to use newer GetMaximumProcessorCount API on Windows calls to os.cpu_count()
* Add NEWS.d entry for bpo-30581, os.cpu_count on Windows.
* Tweak NEWS entry
Use a pool of integer objects toprevent false alarm when checking for
memory block leaks. Fill the pool with values in -1000..1000 which
are the most common (reference, memory block, file descriptor)
differences.
Co-Authored-By: Antoine Pitrou <pitrou@free.fr>
(cherry picked from commit 6c2feabc5d)
Ctypes currently produces wrong pep3118 type codes for several types.
E.g. memoryview(ctypes.c_long()).format gives "<l" on 64-bit platforms,
but it should be "<q" instead for sizeof(c_long) == 8
The problem is that the '<>' endian specification in the struct syntax
also turns on the "standard size" mode, which makes type characters have
a platform-independent meaning, which does not match with the codes used
internally in ctypes. The struct module format syntax also does not
allow specifying native-size non-native-endian items.
This commit adds a converter function that maps the internal ctypes
codes to appropriate struct module standard-size codes in the pep3118
format strings. The tests are modified to check for this.
(cherry picked from commit 07f1658aa0)
- Link to the regular expressions object documentation
- Clarify that it can be used with more than the two methods currently stated.
(cherry picked from commit ed94a8b285)
Miss Islington (bot)
Steve Dower
Gregory P. Smith
Christian Heimes
Victor Stinner
Mariatta
Zachary Ware
Benjamin Peterson
Ned Deily
larryhastings
Segev Finer
INADA Naoki
Antoine Pitrou
Serhiy Storchaka
Christopher Wilcox
Oren Milman
Pauli Virtanen
Terry Jan Reedy