mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-22 09:45:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 13
109111 commits 7 branches 624 tags 3.9 GiB
Commit graph

413 commits

Author SHA1 Message Date
Victor Stinner
4e3cfa46dc Issue #23853: Cleanup _ssl.c 
* Rename check_socket_and_wait_for_timeout() to PySSL_select()
* PySSL_select() is now clearly splitted betwen poll() and select()
* Add empty lines for readability
 2015-04-02 21:28:28 +02:00
Victor Stinner
869e1778c0 Issue #22117: Replace usage of _PyTime_ROUND_UP with _PyTime_ROUND_CEILING 
All these functions only accept positive timeouts, so this change has no effect
in practice.
 2015-03-30 03:49:14 +02:00
Victor Stinner
ea9c0dd2c2 Issue #22117: Fix usage of _PyTime_AsTimeval() 
Add _PyTime_AsTimeval_noraise() function. Call it when it's not possible (or
not useful) to raise a Python exception on overflow.
 2015-03-30 02:51:13 +02:00
Victor Stinner
e245231fab Issue #22117: Fix ssl to use _PyTime_t API on sock_timeout 
I didn't notice that the ssl module uses private attributes of socket objects.
 2015-03-28 03:00:46 +01:00
Serhiy Storchaka
8490f5acfe Issue #23001: Few functions in modules mmap, ossaudiodev, socket, ssl, and 
codecs, that accepted only read-only bytes-like object now accept writable
bytes-like object too.
 2015-03-20 09:00:36 +02:00
Victor Stinner
e42ccd2bfd Issue #23694: Enhance _Py_fopen(), it now raises an exception on error 
* If fopen() fails, OSError is raised with the original filename object.
* The GIL is now released while calling fopen()
 2015-03-18 01:39:23 +01:00
Benjamin Peterson
de8eca4638 merge 3.4 2015-03-04 22:50:25 -05:00
Benjamin Peterson
990fcaac3c expose X509_V_FLAG_TRUSTED_FIRST 2015-03-04 22:49:41 -05:00
Benjamin Peterson
b64ae7bf2d merge 3.4 (#23476) 2015-03-04 22:11:48 -05:00
Benjamin Peterson
fdb1971587 enable X509_V_FLAG_TRUSTED_FIRST when possible (closes #23476) 2015-03-04 22:11:12 -05:00
Antoine Pitrou
0bfd0a4048 Issue #23576: Avoid stalling in SSL reads when EOF has been reached in the SSL layer but the underlying connection hasn't been closed. 2015-03-04 20:54:57 +01:00
Antoine Pitrou
f7f3b0a14a Issue #23576: Avoid stalling in SSL reads when EOF has been reached in the SSL layer but the underlying connection hasn't been closed. 2015-03-04 20:51:55 +01:00
Serhiy Storchaka
4d0d982985 Issue #23446: Use PyMem_New instead of PyMem_Malloc to avoid possible integer 
overflows.  Added few missed PyErr_NoMemory().
 2015-02-16 13:33:32 +02:00
Serhiy Storchaka
1a1ff29659 Issue #23446: Use PyMem_New instead of PyMem_Malloc to avoid possible integer 
overflows.  Added few missed PyErr_NoMemory().
 2015-02-16 13:28:22 +02:00
Benjamin Peterson
c54de47759 ifdef our way to compatibility with old openssl (closes #23335) 2015-01-28 12:06:39 -05:00
Benjamin Peterson
07f0515667 disable ALPN on LibreSSL, which has a large version number, but not ALPN support (closes #23329) 2015-01-27 11:10:18 -05:00
Benjamin Peterson
8861502e07 prefer server alpn ordering over the client's 2015-01-23 17:30:26 -05:00
Benjamin Peterson
cca2732a82 add support for ALPN (closes #20188) 2015-01-23 16:35:37 -05:00
Benjamin Peterson
baf7c1e546 use SSL_get_session 2015-01-07 11:32:00 -06:00
Benjamin Peterson
4cb17812d9 expose the client's cipher suites from the handshake (closes #23186) 2015-01-07 11:14:26 -06:00
Victor Stinner
fcfed19913 Issue #21356: Make ssl.RAND_egd() optional to support LibreSSL. The 
availability of the function is checked during the compilation. Patch written
by Bernard Spil.
 2015-01-06 13:54:58 +01:00
Antoine Pitrou
5e8430d02c Issue #23143: Remove compatibility with OpenSSLs older than 0.9.8. 
(the last 0.9.7 release was in 2007)
 2015-01-03 23:17:23 +01:00
Benjamin Peterson
e32467cf6a allow ssl module to compile if openssl doesn't support SSL 3 (closes #22935) 
Patch by Kurt Roeckx.
 2014-12-05 21:59:35 -05:00
Benjamin Peterson
7243b574e5 don't require OpenSSL SNI to pass hostname to ssl functions (#22921) 
Patch by Donald Stufft.
 2014-11-23 17:04:34 -06:00
Benjamin Peterson
22293df016 merge 3.4 (#22935) 2014-12-05 22:11:33 -05:00
Victor Stinner
beeb512fe1 Issue #21356: Make ssl.RAND_egd() optional to support LibreSSL. The 
availability of the function is checked during the compilation.

Patch written by Bernard Spil.
 2014-11-28 13:28:25 +01:00
Benjamin Peterson
f9284ae8ed merge 3.4 (#22921) 2014-11-23 17:06:39 -06:00
Antoine Pitrou
b1fdf47ff5 Issue #21965: Add support for in-memory SSL to the ssl module. 
Patch by Geert Jansen.
 2014-10-05 20:41:53 +02:00
Antoine Pitrou
47e40429fb Issue #20421: Add a .version() method to SSL sockets exposing the actual protocol version in use. 2014-09-04 21:00:10 +02:00
Victor Stinner
e03de09ff2 (Merge 3.4) Issue #21781, _ssl: Fix asn1obj2py() on Windows 64-bit, "s#" format 
requires size to be a Py_ssize_t, not an int. _ssl.c is now "Py_ssize_t clean".
 2014-07-07 21:52:49 +02:00
Victor Stinner
cd75298611 Issue #21781, _ssl: Fix asn1obj2py() on Windows 64-bit, "s#" format requires 
size to be a Py_ssize_t, not an int. _ssl.c is now "Py_ssize_t clean".
 2014-07-07 21:52:29 +02:00
Victor Stinner
7f084064e8 (Merge 3.4) Issue #21781: Make the ssl module "ssize_t clean" for parsing 
parameters.  ssl.RAND_add() now supports strings longer than 2 GB.
 2014-07-01 16:39:23 +02:00
Victor Stinner
2e57b4e488 Issue #21781: Make the ssl module "ssize_t clean" for parsing parameters. 
ssl.RAND_add() now supports strings longer than 2 GB.
 2014-07-01 16:37:17 +02:00
Victor Stinner
45e8e2f218 Issue #21490: Add new C macros: Py_ABS() and Py_STRINGIFY() 
Keep _Py_STRINGIZE() in PC/pyconfig.h to not introduce a dependency between
pyconfig.h and pymacros.h.
 2014-05-14 17:24:35 +02:00
Antoine Pitrou
0bebbc33fa Issue #21015: SSL contexts will now automatically select an elliptic curve for ECDH key exchange on OpenSSL 1.0.2 and later, and otherwise default to "prime256v1". 
(should also fix a buildbot failure introduced by #20995)
 2014-03-22 18:13:50 +01:00
Gregory P. Smith
83fed26953 avoid a compiler warning about assigning const char * to char *. 2014-01-17 12:09:05 -08:00
Gregory P. Smith
f34890937b avoid a compiler warning about assigning const char * to char *. 2014-01-17 12:08:49 -08:00
Antoine Pitrou
78ace81c93 Issue #20207: Always disable SSLv2 except when PROTOCOL_SSLv2 is explicitly asked for. 2014-01-09 20:09:03 +01:00
Antoine Pitrou
2f7c31678a Remove conditional: it is useless at this point (OpenSSL headers are not yet included) 2014-01-09 20:07:41 +01:00
Antoine Pitrou
cd3d7cabef Issue #20207: Always disable SSLv2 except when PROTOCOL_SSLv2 is explicitly asked for. 2014-01-09 20:02:20 +01:00
Victor Stinner
36e96b8716 (Merge 3.3) Issue #20025: ssl.RAND_bytes() and ssl.RAND_pseudo_bytes() now 
raise a ValueError if num is negative (instead of raising a SystemError).
 2013-12-19 16:47:25 +01:00
Victor Stinner
1e81a399a2 Issue #20025: ssl.RAND_bytes() and ssl.RAND_pseudo_bytes() now raise a 
ValueError if num is negative (instead of raising a SystemError).
 2013-12-19 16:47:04 +01:00
Christian Heimes
1aa9a75fbf Issue #19509: Add SSLContext.check_hostname to match the peer's certificate 
with server_hostname on handshake.
 2013-12-02 02:41:19 +01:00
Christian Heimes
470fba1f9f SNI was added in OpenSSL 0.9.8f [11 Oct 2007], too 2013-11-28 15:12:15 +01:00
Christian Heimes
2427b50fdd Issue #8813: X509_VERIFY_PARAM is only available on OpenSSL 0.9.8+ 
The patch removes the verify_flags feature on Mac OS X 10.4 with OpenSSL 0.9.7l 28 Sep 2006.
 2013-11-23 11:24:32 +01:00
Christian Heimes
5398e1a56e Issue #19448: report name / NID in exception message of ASN1Object 2013-11-22 16:20:53 +01:00
Christian Heimes
f22e8e5426 Issue #18147: Add missing documentation for SSLContext.get_ca_certs(). 
Also change the argument name to the same name as getpeercert()
 2013-11-22 02:22:51 +01:00
Christian Heimes
44109d7de7 Issue #17134: Finalize interface to Windows' certificate store. Cert and 
CRL enumeration are now two functions. enum_certificates() also returns
purpose flags as set of OIDs.
 2013-11-22 01:51:30 +01:00
Christian Heimes
1dbf61fa46 downcast len to int. The code has already checked that len < INT_MAX 2013-11-22 00:34:18 +01:00
Christian Heimes
18fc7be80d lst might be NULL here 
CID 1130752:  Dereference after null check  (FORWARD_NULL)
 2013-11-21 23:57:49 +01:00