mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-07-24 03:35:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
76761 commits 7 branches 621 tags 3 GiB
Commit graph

246 commits

Author SHA1 Message Date
Nick Coghlan
96fe56abec Add support for the send/recvmsg API to the socket module. Patch by David Watson and Heiko Wundram. (Closes #6560) 2011-08-22 11:55:57 +10:00
Antoine Pitrou
d649480739 Issue #12551: Provide a get_channel_binding() method on SSL sockets so as 
to get channel binding data for the current SSL session (only the
"tls-unique" channel binding is implemented).  This allows the
implementation of certain authentication mechanisms such as SCRAM-SHA-1-PLUS.

Patch by Jacek Konieczny.
 2011-07-21 01:11:30 +02:00
Antoine Pitrou
7128f95bd2 Issue #12440: When testing whether some bits in SSLContext.options can be 
reset, check the version of the OpenSSL headers Python was compiled against,
rather than the runtime version of the OpenSSL library.
 2011-07-08 18:49:07 +02:00
Antoine Pitrou
b9ac25d1c3 Issue #12440: When testing whether some bits in SSLContext.options can be 
reset, check the version of the OpenSSL headers Python was compiled against,
rather than the runtime version of the OpenSSL library.
 2011-07-08 18:47:06 +02:00
Victor Stinner
2e2baa9208 Issue #12049: test_ssl now checks also that RAND_bytes() raises an error if 
there is not enough entropy.
 2011-05-25 11:15:16 +02:00
Victor Stinner
99c8b16143 Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl 
module.
 2011-05-24 12:05:19 +02:00
Victor Stinner
2e7f39e889 Issue #12012: test_ssl uses test_support.import_module() 
Skip the whole file if the SSL module is missing. It was already the case,
except that the SkipTest exception was raised in test_main().

This commit fixes an error in test_ssl if the ssl module is missing.
 2011-05-22 13:22:28 +02:00
Antoine Pitrou
7a616f2fc5 Issue #12065: connect_ex() on an SSL socket now returns the original errno 
when the socket's timeout expires (it used to return None).
 2011-05-18 18:52:20 +02:00
Antoine Pitrou
b4410dbea6 Issue #12065: connect_ex() on an SSL socket now returns the original errno 
when the socket's timeout expires (it used to return None).
 2011-05-18 18:51:06 +02:00
Victor Stinner
b1241f9619 (Merge 3.1) Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional 
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.

Optimize also ssl.get_protocol_name(): speed does matter!
 2011-05-10 01:52:03 +02:00
Victor Stinner
17ca323e7c (Merge 3.1) Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional 
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.

Optimize also ssl.get_protocol_name(): speed does matter!
 2011-05-10 00:48:41 +02:00
Victor Stinner
ee18b6f2fd Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional 
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.

Optimize also ssl.get_protocol_name(): speed does matter!
 2011-05-10 00:38:00 +02:00
Victor Stinner
3de49192aa Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional 
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.

Optimize also ssl.get_protocol_name(): speed does matter!
 2011-05-09 00:42:58 +02:00
Antoine Pitrou
ff9bfca482 Issue #12000: When a SSL certificate has a subjectAltName without any 
dNSName entry, ssl.match_hostname() should use the subject's commonName.
Patch by Nicolas Bareil.
 2011-05-06 15:20:55 +02:00
Antoine Pitrou
1c86b44506 Issue #12000: When a SSL certificate has a subjectAltName without any 
dNSName entry, ssl.match_hostname() should use the subject's commonName.
Patch by Nicolas Bareil.
 2011-05-06 15:19:49 +02:00
Antoine Pitrou
5aefa6637c Fix whitespace 2011-04-28 19:24:46 +02:00
Antoine Pitrou
15399c3f09 Issue #11811: ssl.get_server_certificate() is now IPv6-compatible. Patch 
by Charles-François Natali.
 2011-04-28 19:23:55 +02:00
Antoine Pitrou
8ef3907044 Merged revisions 88671 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r88671 | antoine.pitrou | 2011-02-27 16:44:12 +0100 (dim., 27 févr. 2011) | 3 lines

  Follow up to r88664: non-blocking connect-ex() can return EWOULDBLOCK under Windows
........
 2011-02-27 15:45:22 +00:00
Antoine Pitrou
d1c9845b54 Merged revisions 88671 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r88671 | antoine.pitrou | 2011-02-27 16:44:12 +0100 (dim., 27 févr. 2011) | 3 lines

  Follow up to r88664: non-blocking connect-ex() can return EWOULDBLOCK under Windows
........
 2011-02-27 15:45:16 +00:00
Antoine Pitrou
8a14a0c88b Follow up to r88664: non-blocking connect-ex() can return EWOULDBLOCK under Windows 2011-02-27 15:44:12 +00:00
Antoine Pitrou
d3f6ea1d1e Merged revisions 88664 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r88664 | antoine.pitrou | 2011-02-27 00:24:06 +0100 (dim., 27 févr. 2011) | 4 lines

  Issue #11326: Add the missing connect_ex() implementation for SSL sockets,
  and make it work for non-blocking connects.
........
 2011-02-26 23:35:27 +00:00
Antoine Pitrou
86cbfec50a Merged revisions 88664 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r88664 | antoine.pitrou | 2011-02-27 00:24:06 +0100 (dim., 27 févr. 2011) | 4 lines

  Issue #11326: Add the missing connect_ex() implementation for SSL sockets,
  and make it work for non-blocking connects.
........
 2011-02-26 23:25:34 +00:00
Antoine Pitrou
e93bf7aed2 Issue #11326: Add the missing connect_ex() implementation for SSL sockets, 
and make it work for non-blocking connects.
 2011-02-26 23:24:06 +00:00
Victor Stinner
80f75e684e Issue #10989: Fix a crash on SSLContext.load_verify_locations(None, True). 
Patch reviewed by Antoine Pitrou, okayed by Georg Brandl.
 2011-01-29 11:31:20 +00:00
Antoine Pitrou
d43245a965 Merged revisions 87861,87863 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r87861 | antoine.pitrou | 2011-01-08 11:23:29 +0100 (sam., 08 janv. 2011) | 3 lines

  Fix test_ssl after r87849
........
  r87863 | antoine.pitrou | 2011-01-08 11:28:11 +0100 (sam., 08 janv. 2011) | 3 lines

  Add EHOSTUNREACH ('No route to host') to the errnos trapped by transient_internet().
........
 2011-01-08 10:32:51 +00:00
Antoine Pitrou
50778ab4c2 Merged revisions 87861,87863 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r87861 | antoine.pitrou | 2011-01-08 11:23:29 +0100 (sam., 08 janv. 2011) | 3 lines

  Fix test_ssl after r87849
........
  r87863 | antoine.pitrou | 2011-01-08 11:28:11 +0100 (sam., 08 janv. 2011) | 3 lines

  Add EHOSTUNREACH ('No route to host') to the errnos trapped by transient_internet().
........
 2011-01-08 10:31:09 +00:00
Antoine Pitrou
160fd938ed Fix test_ssl after r87849 2011-01-08 10:23:29 +00:00
Victor Stinner
f332abbf15 test_ssl: test SHA256 using sha256.tbs-internet.com instead of sha2.hboeck.de 2011-01-08 03:16:05 +00:00
Antoine Pitrou
c4df784514 Issue #10272: The ssl module now raises socket.timeout instead of a generic 
SSLError on socket timeouts.
 2010-12-03 19:59:41 +00:00
Ezio Melotti
ed3a7d2d60 #10273: Rename assertRegexpMatches and assertRaisesRegexp to assertRegex and assertRaisesRegex. 2010-12-01 02:32:32 +00:00
Georg Brandl
f55aa80b37 Merged revisions 85820,85823,85825,85840,85843-85845,85849-85851,85855,85867,85875,85907-85908,85911,85914 via svnmerge from 
svn+ssh://svn.python.org/python/branches/py3k

........
  r85820 | georg.brandl | 2010-10-24 16:20:22 +0200 (So, 24 Okt 2010) | 1 line

  Remove usage of exception indexing.
........
  r85823 | georg.brandl | 2010-10-24 16:32:45 +0200 (So, 24 Okt 2010) | 1 line

  Fix style.
........
  r85825 | georg.brandl | 2010-10-24 17:16:02 +0200 (So, 24 Okt 2010) | 1 line

  Add documentation about the default warnings filters.
........
  r85840 | georg.brandl | 2010-10-25 19:50:20 +0200 (Mo, 25 Okt 2010) | 1 line

  #3018: tkinter demo fixes for py3k.
........
  r85843 | georg.brandl | 2010-10-26 08:59:23 +0200 (Di, 26 Okt 2010) | 1 line

  Markup fix.
........
  r85844 | georg.brandl | 2010-10-26 12:39:14 +0200 (Di, 26 Okt 2010) | 1 line

  Work a bit more on tkinter demos.
........
  r85845 | georg.brandl | 2010-10-26 12:42:16 +0200 (Di, 26 Okt 2010) | 1 line

  faqwiz is removed.
........
  r85849 | georg.brandl | 2010-10-26 21:31:06 +0200 (Di, 26 Okt 2010) | 1 line

  #10200: typo.
........
  r85850 | georg.brandl | 2010-10-26 21:58:11 +0200 (Di, 26 Okt 2010) | 1 line

  #10200: typo.
........
  r85851 | georg.brandl | 2010-10-26 22:12:37 +0200 (Di, 26 Okt 2010) | 1 line

  Fix import.
........
  r85855 | georg.brandl | 2010-10-27 09:21:54 +0200 (Mi, 27 Okt 2010) | 1 line

  Encoding fix.
........
  r85867 | georg.brandl | 2010-10-27 22:01:51 +0200 (Mi, 27 Okt 2010) | 1 line

  Add David.
........
  r85875 | georg.brandl | 2010-10-28 10:38:30 +0200 (Do, 28 Okt 2010) | 1 line

  Fix bytes/str issues in get-remote-certificate.py.
........
  r85907 | georg.brandl | 2010-10-29 06:54:13 +0200 (Fr, 29 Okt 2010) | 1 line

  #10222: fix for overzealous AIX compiler.
........
  r85908 | georg.brandl | 2010-10-29 07:22:17 +0200 (Fr, 29 Okt 2010) | 1 line

  send_bytes obviously needs bytes...
........
  r85911 | georg.brandl | 2010-10-29 07:36:28 +0200 (Fr, 29 Okt 2010) | 1 line

  Fix markup error and update false positive entries from "make suspicious".
........
  r85914 | georg.brandl | 2010-10-29 08:17:38 +0200 (Fr, 29 Okt 2010) | 1 line

  (?:...) is a non-capturing, but still grouping construct.
........
 2010-11-26 08:59:40 +00:00
Antoine Pitrou
664c2d1fc0 Issue #10443: Add the SSLContext.set_default_verify_paths() method. 2010-11-17 20:29:42 +00:00
Antoine Pitrou
fb0469112f Issue #10022: The dictionary returned by the getpeercert() method 
of SSL sockets now has additional items such as `issuer` and `notBefore`.
 2010-11-09 20:21:19 +00:00
Antoine Pitrou
942d554c5b Don't fail in test_ssl when svn.python.org is unavailable 2010-10-31 13:26:53 +00:00
Antoine Pitrou
d2eca37cc5 Clean up socket closing in test_ssl and test.ssl_servers 2010-10-29 23:41:37 +00:00
Georg Brandl
b75b639a8b Remove usage of exception indexing. 2010-10-24 14:20:22 +00:00
Antoine Pitrou
eb585adbde Fix test_ssl on Ubuntu buildbot with patched OpenSSL 2010-10-22 18:24:20 +00:00
Antoine Pitrou
d532321f7b Issue #5639: Add a *server_hostname* argument to SSLContext.wrap_socket 
in order to support the TLS SNI extension.  `HTTPSConnection` and
`urlopen()` also use this argument, so that HTTPS virtual hosts are now
supported.
 2010-10-22 18:19:07 +00:00
Antoine Pitrou
05d936d2ce Let test_ssl fail gracefully if ssl support is not available 2010-10-13 11:38:36 +00:00
Antoine Pitrou
803e6d670c Issue #9003: http.client.HTTPSConnection, urllib.request.HTTPSHandler and 
urllib.request.urlopen now take optional arguments to allow for
server certificate checking, as recommended in public uses of HTTPS.
 2010-10-13 10:36:15 +00:00
Antoine Pitrou
b0182c8ca5 Issue #10075: Add a session_stats() method to SSLContext objects. 2010-10-12 20:09:02 +00:00
Antoine Pitrou
81564093a1 Issue #1051: Add a script (Lib/test/make_ssl_certs.py) to generate the 
custom certificate and private key files used by SSL-related certs.
 2010-10-08 23:06:24 +00:00
Antoine Pitrou
59fdd6736b Issue #1589: Add ssl.match_hostname(), to help implement server identity 
verification for higher-level protocols.
 2010-10-08 10:37:08 +00:00
Giampaolo Rodolà
977c707b42 Fix issue 6706: adds new handle_accepted() method to asyncore.dispatcher 2010-10-04 21:08:36 +00:00
Antoine Pitrou
5974cdd5f5 Merged revisions 84807 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r84807 | antoine.pitrou | 2010-09-14 16:43:44 +0200 (mar., 14 sept. 2010) | 4 lines

  Issue #9853: Fix the signature of SSLSocket.recvfrom() and
  SSLSocket.sendto() to match the corresponding socket methods.
........
 2010-09-14 14:47:08 +00:00
Antoine Pitrou
a468adc76d Issue #9853: Fix the signature of SSLSocket.recvfrom() and 
SSLSocket.sendto() to match the corresponding socket methods.
 2010-09-14 14:43:44 +00:00
Antoine Pitrou
f7f390a251 Issue #9729: Fix the signature of SSLSocket.recvfrom() and 
SSLSocket.sendto() to match the corresponding socket methods.  Also,
fix various SSLSocket methods to raise socket.error rather than an
unhelpful TypeError when called on an unconnected socket.  Original patch
by Andrew Bennetts.

NOTE: obviously, these methods are untested and unused in the real world...
 2010-09-14 14:37:18 +00:00
Antoine Pitrou
de30f7042f Some tests didn't get executed (because of the merge in r83728) 2010-09-14 12:54:08 +00:00
Antoine Pitrou
4e406d8ff4 Merged revisions 84650 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r84650 | antoine.pitrou | 2010-09-09 15:31:46 +0200 (jeu., 09 sept. 2010) | 4 lines

  Use transient_internet() where appropriate in test_ssl
  (svn.python.org is sometimes unavailable)
........
 2010-09-09 13:35:44 +00:00
Antoine Pitrou
78d8946d19 Merged revisions 84650 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r84650 | antoine.pitrou | 2010-09-09 15:31:46 +0200 (jeu., 09 sept. 2010) | 4 lines

  Use transient_internet() where appropriate in test_ssl
  (svn.python.org is sometimes unavailable)
........
 2010-09-09 13:33:33 +00:00