Antoine Pitrou
db5012ab47
In test_ssl, threaded tests shouldn't need the "network" resource to be enabled
2013-01-12 22:00:09 +01:00
Antoine Pitrou
e1ceb50cdf
Issue #16923 : Fix ResourceWarnings in test_ssl.
2013-01-12 21:54:44 +01:00
Benjamin Peterson
36f7b97787
remove __del__ because it's evil and also prevents the ResourceWarning on the socket from happening ( closes #16900 )
2013-01-10 14:16:20 -06:00
Antoine Pitrou
6464b84b3e
Forward port new test for SSLSocket.connect_ex()
2012-12-28 19:08:49 +01:00
Antoine Pitrou
ddb87ab1b4
Forward port new test for SSLSocket.connect_ex()
2012-12-28 19:07:43 +01:00
Antoine Pitrou
40f12ab0c5
Backport Python 3.2 fix for issue #12065 , and add another test for SSLSocket.connect_ex().
2012-12-28 19:03:43 +01:00
Antoine Pitrou
73e9bd4d25
Issue #16357 : fix calling accept() on a SSLSocket created through SSLContext.wrap_socket().
...
Original patch by Jeff McNeil.
2012-11-11 01:27:33 +01:00
Antoine Pitrou
5c89b4ec55
Issue #16357 : fix calling accept() on a SSLSocket created through SSLContext.wrap_socket().
...
Original patch by Jeff McNeil.
2012-11-11 01:25:36 +01:00
Jesus Cea
b7a2800831
MERGE: Closes #15793 : Stack corruption in ssl.RAND_egd()
2012-09-11 02:08:48 +02:00
Jesus Cea
c8754a13e6
Closes #15793 : Stack corruption in ssl.RAND_egd()
2012-09-11 02:00:58 +02:00
Jesus Cea
a8a5b397c1
Closes #15793 : Stack corruption in ssl.RAND_egd(). Python 2.7 hasn't any issue about this, but add a test just to be sure
2012-09-11 01:55:04 +02:00
Antoine Pitrou
3b36fb1f53
Issue #14837 : SSL errors now have `library` and `reason` attributes describing precisely what happened and in which OpenSSL submodule.
...
The str() of a SSLError is also enhanced accordingly.
NOTE: this commit creates a reference leak. The leak seems tied to the
use of PyType_FromSpec() to create the SSLError type. The leak is on the
type object when it is instantiated:
>>> e = ssl.SSLError()
>>> sys.getrefcount(ssl.SSLError)
35
>>> e = ssl.SSLError()
>>> sys.getrefcount(ssl.SSLError)
36
>>> e = ssl.SSLError()
>>> sys.getrefcount(ssl.SSLError)
37
2012-06-22 21:11:52 +02:00
Antoine Pitrou
c642f67c63
Skip test_algorithms (known remote hosts need SNI, which is only available on 3.2+)
2012-05-04 16:33:30 +02:00
Antoine Pitrou
f340c21ca9
Fix test connecting to sha256.tbs-internet.com.
...
The certificate has changed and the test now needs SNI to pass.
2012-05-04 16:26:56 +02:00
Antoine Pitrou
16f6f8338b
Fix test connecting to sha256.tbs-internet.com.
...
The certificate has changed and the test now needs SNI to pass.
2012-05-04 16:26:02 +02:00
Antoine Pitrou
d5d17eb653
Issue #14204 : The ssl module now has support for the Next Protocol Negotiation extension, if available in the underlying OpenSSL library.
...
Patch by Colin Marc.
2012-03-22 00:23:03 +01:00
Antoine Pitrou
c135fa424e
Fix last remaining build issues of _ssl under old OpenSSLs. Patch by Vinay.
2012-02-19 21:22:39 +01:00
Antoine Pitrou
ce816a5111
Issue #13895 : fix test_ssl hanging under Ubuntu
2012-01-28 17:40:23 +01:00
Antoine Pitrou
eba63c4203
Issue #13895 : fix test_ssl hanging under Ubuntu
2012-01-28 17:38:34 +01:00
Antoine Pitrou
6636887104
Fix intermittent test_ssl failure.
2012-01-27 17:34:56 +01:00
Antoine Pitrou
eced82ecbf
Fix intermittent test_ssl failure.
2012-01-27 17:33:01 +01:00
Antoine Pitrou
7a556846d4
Fix intermittent test_ssl failure.
2012-01-27 17:33:01 +01:00
Antoine Pitrou
d76088d972
Issue #13636 : Weak ciphers are now disabled by default in the ssl module
...
(except when SSLv2 is explicitly asked for).
2012-01-03 22:46:48 +01:00
Antoine Pitrou
8f85f907e3
Issue #13636 : Weak ciphers are now disabled by default in the ssl module
...
(except when SSLv2 is explicitly asked for).
2012-01-03 22:46:48 +01:00
Antoine Pitrou
65a3f4b8c5
Use context managers in test_ssl to simplify test writing.
2011-12-21 16:52:40 +01:00
Antoine Pitrou
5b95eb90a7
Use context managers in test_ssl to simplify test writing.
2011-12-21 16:52:40 +01:00
Antoine Pitrou
72aeec35a1
Issue #13636 : Weak ciphers are now disabled by default in the ssl module
...
(except when SSLv2 is explicitly asked for).
2012-01-03 22:49:08 +01:00
Antoine Pitrou
0e576f1f50
Issue #13626 : Add support for SSL Diffie-Hellman key exchange, through the
...
SSLContext.load_dh_params() method and the ssl.OP_SINGLE_DH_USE option.
2011-12-22 10:03:38 +01:00
Antoine Pitrou
6b15c90fd8
Use context managers in test_ssl to simplify test writing.
2011-12-21 16:54:45 +01:00
Antoine Pitrou
501da61671
Fix ssl module compilation if ECDH support was disabled in the OpenSSL build.
...
(followup to issue #13627 )
2011-12-21 09:27:41 +01:00
Antoine Pitrou
8691bff6db
Fix for buggy test
2011-12-20 10:47:42 +01:00
Antoine Pitrou
8abdb8abd8
Issue #13634 : Add support for querying and disabling SSL compression.
2011-12-20 10:13:40 +01:00
Antoine Pitrou
923df6f22a
Issue #13627 : Add support for SSL Elliptic Curve-based Diffie-Hellman
...
key exchange, through the SSLContext.set_ecdh_curve() method and the
ssl.OP_SINGLE_ECDH_USE option.
2011-12-19 17:16:51 +01:00
Antoine Pitrou
6db4944cc5
Issue #13635 : Add ssl.OP_CIPHER_SERVER_PREFERENCE, so that SSL servers
...
choose the cipher based on their own preferences, rather than on the
client's.
2011-12-19 13:27:11 +01:00
Antoine Pitrou
cf9943de97
Backout redundant changeset 1de4d92cd6a4
2011-10-31 20:23:00 +01:00
Barry Warsaw
39aec0171d
test_protocol_sslv2(): Skip this test if ssl.PROTOCOL_SSLv2 is not
...
defined (as is the case with Ubuntu 11.10).
2011-10-31 14:08:15 -04:00
Antoine Pitrou
6361ea2b07
Remove unstable SSL tests in the absence of ssl.OP_NO_{SSLv2,SSLv3,TLSv1}
2011-10-30 21:31:34 +01:00
Barry Warsaw
be83698f21
- Issue #13218 : Fix test_ssl failures on Debian/Ubuntu.
2011-10-28 16:14:44 -04:00
Barry Warsaw
c21a81bf76
- Issue #13218 : Fix test_ssl failures on Debian/Ubuntu.
2011-10-28 17:08:12 -04:00
Barry Warsaw
46ae0efce1
- Issue #13218 : Fix test_ssl failures on Debian/Ubuntu.
2011-10-28 16:52:17 -04:00
Antoine Pitrou
41032a69c1
Issue #11183 : Add finer-grained exceptions to the ssl module, so that
...
you don't have to inspect the exception's attributes in the common case.
2011-10-27 23:56:55 +02:00
Antoine Pitrou
f06eb46918
Issue #13034 : When decoding some SSL certificates, the subjectAltName extension could be unreported.
2011-10-01 19:30:58 +02:00
Antoine Pitrou
a02a12c517
Issue #13034 : When decoding some SSL certificates, the subjectAltName extension could be unreported.
2011-10-01 19:22:30 +02:00
Antoine Pitrou
d8c347a8de
Issue #13034 : When decoding some SSL certificates, the subjectAltName extension could be unreported.
2011-10-01 19:20:25 +02:00
Nick Coghlan
513886aabb
Fix #12835 : prevent use of the unencrypted sendmsg/recvmsg APIs on SSL wrapped sockets (Patch by David Watson)
2011-08-28 00:00:27 +10:00
Antoine Pitrou
4fd1e6a3ba
Issue #12803 : SSLContext.load_cert_chain() now accepts a password argument
...
to be used if the private key is encrypted. Patch by Adam Simpkins.
2011-08-25 14:39:44 +02:00
Nick Coghlan
5fab03fd15
Remove the SSLSocket versions of sendmsg/recvmsg due to lack of proper tests and documentation in conjunction with lack of any known use cases (see issue #6560 for details)
2011-08-23 22:26:44 +10:00
Nick Coghlan
96fe56abec
Add support for the send/recvmsg API to the socket module. Patch by David Watson and Heiko Wundram. ( Closes #6560 )
2011-08-22 11:55:57 +10:00
Antoine Pitrou
d649480739
Issue #12551 : Provide a get_channel_binding() method on SSL sockets so as
...
to get channel binding data for the current SSL session (only the
"tls-unique" channel binding is implemented). This allows the
implementation of certain authentication mechanisms such as SCRAM-SHA-1-PLUS.
Patch by Jacek Konieczny.
2011-07-21 01:11:30 +02:00
Antoine Pitrou
7128f95bd2
Issue #12440 : When testing whether some bits in SSLContext.options can be
...
reset, check the version of the OpenSSL headers Python was compiled against,
rather than the runtime version of the OpenSSL library.
2011-07-08 18:49:07 +02:00