master
Commits on Apr 19, 2021
-
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43837: Reverse order of precedence table to show tightly binding …
…operators first (GH-25469)
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-40849: Expose X509_V_FLAG_PARTIAL_CHAIN ssl flag (GH-20463)
This short PR exposes an openssl flag that wasn't exposed. I've also updated to doc to reflect the change. It's heavily inspired by 990fcaa.
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43669: More test_ssl cleanups (GH-25470)
Signed-off-by: Christian Heimes <christian@python.org>
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43880: Show DeprecationWarnings for deprecated ssl module features (
GH-25455) * ssl.OP_NO_SSLv2 * ssl.OP_NO_SSLv3 * ssl.OP_NO_TLSv1 * ssl.OP_NO_TLSv1_1 * ssl.OP_NO_TLSv1_2 * ssl.OP_NO_TLSv1_3 * ssl.PROTOCOL_SSLv2 * ssl.PROTOCOL_SSLv3 * ssl.PROTOCOL_SSLv23 (alias for PROTOCOL_TLS) * ssl.PROTOCOL_TLS * ssl.PROTOCOL_TLSv1 * ssl.PROTOCOL_TLSv1_1 * ssl.PROTOCOL_TLSv1_2 * ssl.TLSVersion.SSLv3 * ssl.TLSVersion.TLSv1 * ssl.TLSVersion.TLSv1_1 * ssl.wrap_socket() * ssl.RAND_pseudo_bytes() * ssl.RAND_egd() (already removed since it's not supported by OpenSSL 1.1.1) * ssl.SSLContext() without a protocol argument * ssl.match_hostname() * hashlib.pbkdf2_hmac() (pure Python implementation, fast OpenSSL function will stay) Signed-off-by: Christian Heimes <christian@python.org>
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-42854: Use SSL_read/write_ex() (GH-25468)
The ssl module now uses ``SSL_read_ex`` and ``SSL_write_ex`` internally. The functions support reading and writing of data larger than 2 GB. Writing zero-length data no longer fails with a protocol violation error. Signed-off-by: Christian Heimes <christian@python.org>
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Commits on Apr 18, 2021
-
bpo-36076: Add SNI support to ssl.get_server_certificate. (GH-16820)
Many servers in the cloud environment require SNI to be used during the SSL/TLS handshake, therefore it is not possible to fetch their certificates using the ssl.get_server_certificate interface. This change adds an additional optional hostname argument that can be used to set the SNI. Note that it is intentionally a separate argument instead of using the host part of the addr tuple, because one might want to explicitly fetch the default certificate or fetch a certificate from a specific IP address with the specified SNI hostname. A separate argument also works better for backwards compatibility. Automerge-Triggered-By: GH:tiran
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43641: Stop stating that TLS 1.2 is the most modern version in do…
…cs (GH-25041) Automerge-Triggered-By: GH:tiran
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43362: Fix invalid free and return check in _sha3 module (GH-25463)
Commit 93d50a6 / GH-21855 changed the order of variable definitions, which introduced a potential invalid free bug. Py_buffer object is now initialized earlier and the result of Keccak initialize is verified. Co-authored-by: Alex Henrie <alexhenrie24@gmail.com> Signed-off-by: Christian Heimes <christian@python.org> Co-authored-by: Alex Henrie <alexhenrie24@gmail.com>
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Commits on Apr 17, 2021
-
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-37630: Do not skip the sha3 tests in case of missing builtin sha3…
… module (GH-20986) Since we can use now the sha3 and shake algorithms from OpenSSL, we shouldn't skip the tests in case the builtin algorithm was not compiled or removed.
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-42333: Port _ssl extension to multiphase initialization (PEP 489) (…
…GH-23253) - Introduce sslmodule_slots - Introduce sslmodulestate - Use sslmodulestate - Get rid of PyState_FindModule - Move new structs and helpers to header file - Use macros to access state - Keep a strong ref to socket type
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Fix a typo in subprocess documentation (GH-25426)
Fix a typo per conversation with vstinner on IRC: in posix => on posix.
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43669: PEP 644: Require OpenSSL 1.1.1 or newer (GH-23014)
- Remove HAVE_X509_VERIFY_PARAM_SET1_HOST check - Update hashopenssl to require OpenSSL 1.1.1 - multissltests only OpenSSL > 1.1.0 - ALPN is always supported - SNI is always supported - Remove deprecated NPN code. Python wrappers are no-op. - ECDH is always supported - Remove OPENSSL_VERSION_1_1 macro - Remove locking callbacks - Drop PY_OPENSSL_1_1_API macro - Drop HAVE_SSL_CTX_CLEAR_OPTIONS macro - SSL_CTRL_GET_MAX_PROTO_VERSION is always defined now - security level is always available now - get_num_tickets is available with TLS 1.3 - X509_V_ERR MISMATCH is always available now - Always set SSL_MODE_RELEASE_BUFFERS - X509_V_FLAG_TRUSTED_FIRST is always available - get_ciphers is always supported - SSL_CTX_set_keylog_callback is always available - Update Modules/Setup with static link example - Mention PEP in whatsnew - Drop 1.0.2 and 1.1.0 from GHA tests
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43522: Fix SSLContext.hostname_checks_common_name (GH-24899)
Fix problem with ssl.SSLContext.hostname_checks_common_name. OpenSSL does not copy hostflags from *struct SSL_CTX* to *struct SSL*. Signed-off-by: Christian Heimes <christian@python.org>
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Fix typo in exceptions.rst (GH-25434)
attemps -> attempts
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Commits on Apr 16, 2021
-
bpo-43856: Add a versionadded directive to the importlib.metadata docs (
GH-25445) Use a versionadded directive to generate the text "New in version 3.8." (to match with the documentation of other modules). Automerge-Triggered-By: GH:jaraco
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43867: multiprocessing Server catchs SystemExit (GH-25441)
The multiprocessing Server class now explicitly catchs SystemExit and closes the client connection in this case. It happens when the Server.serve_client() method reachs the end of file (EOF).
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43862: Enhance -W cmdline option documentation (GH-25439)
The -W format is "action:message:category:module:lineno". Update also the Python manual page.
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43843: libregrtest uses threading.excepthook (GH-25400)
test.libregrtest now marks a test as ENV_CHANGED (altered the execution environment) if a thread raises an exception but does not catch it. It sets a hook on threading.excepthook. Use --fail-env-changed option to mark the test as failed. libregrtest regrtest_unraisable_hook() explicitly flushs sys.stdout, sys.stderr and sys.__stderr__.
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-43842: Fix race condition in test_logging SMTP test (GH-25436)
Fix a race condition in the SMTP test of test_logging. Don't close a file descriptor (socket) from a different thread while asyncore.loop() is polling the file descriptor.
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-41282: Fix distutils.utils.byte_compile() DeprecationWarning (GH-…
…25406) * byte_compile() of distutils.utils no longer logs a DeprecationWarning * test_distutils no longer logs a DeprecationWarning
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
bpo-40443: Remove unused imports (GH-25429)
* pyclbr no longer uses copy * typing no longer uses ast Issue discovered by pyflakes.
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits -
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Commits on Apr 15, 2021
-
Verified
This commit was created on GitHub.com and signed with GitHub’s verified signature.GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits