Commit Graph

86 Commits

Author SHA1 Message Date
Antoine Pitrou
d532321f7b Issue #5639: Add a *server_hostname* argument to SSLContext.wrap_socket
in order to support the TLS SNI extension.  `HTTPSConnection` and
`urlopen()` also use this argument, so that HTTPS virtual hosts are now
supported.
2010-10-22 18:19:07 +00:00
Benjamin Peterson
eb1410fc40 constify to appease compiler warnings 2010-10-13 22:06:39 +00:00
Antoine Pitrou
fc113eeb7d Define a "session_id_context" at context creation. This is recommended
for the OpenSSL server-side session cache.
2010-10-13 12:46:13 +00:00
Gregory P. Smith
bd4dacb3f9 Fix compile on NetBSD 5.0 (or anything else using an old 0.9.9-dev OpenSSL). 2010-10-13 03:53:21 +00:00
Antoine Pitrou
b0182c8ca5 Issue #10075: Add a session_stats() method to SSLContext objects. 2010-10-12 20:09:02 +00:00
Antoine Pitrou
24e561ae04 Issue #3805: clean up implementation of the _read method in _ssl.c. 2010-09-03 18:38:17 +00:00
Antoine Pitrou
67e8e5633e Try to fix some buildbot failures on test_ssl 2010-09-01 20:55:41 +00:00
Giampaolo Rodolà
e0f9863a61 Issue #9693 - msg 115273: attempt to fix ssl module failures on certain OpenSSL versions by calling ERR_clear_error() before raising IOError 2010-09-01 19:28:49 +00:00
Giampaolo Rodolà
745ab3807e Fix issue issue9706: provides a better error handling for various SSL operations 2010-08-29 19:25:49 +00:00
Mark Dickinson
ee55df5c85 Fix memory leak in ssl module. 2010-08-03 18:31:54 +00:00
Antoine Pitrou
6186bfb735 Merged revisions 82210 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r82210 | antoine.pitrou | 2010-06-25 02:03:21 +0200 (ven., 25 juin 2010) | 4 lines

  Issue #9075: In the ssl module, remove the setting of a `debug` flag
  on an OpenSSL structure.
........
2010-06-25 00:07:34 +00:00
Antoine Pitrou
8bae4ec622 Issue #8682: The ssl module now temporary increments the reference count of
a socket object got through `PyWeakref_GetObject`, so as to avoid possible
deallocation while the object is still being used.
2010-06-24 22:34:04 +00:00
Antoine Pitrou
b52187710e Issue #4870: Add an options attribute to SSL contexts, as well as
several ``OP_*`` constants to the `ssl` module.  This allows to selectively
disable protocol versions, when used in combination with `PROTOCOL_SSLv23`.
2010-05-21 09:56:06 +00:00
Antoine Pitrou
9d74b42aca Merged revisions 81241 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r81241 | antoine.pitrou | 2010-05-17 01:11:46 +0200 (lun., 17 mai 2010) | 4 lines

  Clear the OpenSSL error queue each time an error is signalled.
  When the error queue is not emptied, strange things can happen on the next SSL call, depending on the OpenSSL version.
........
2010-05-16 23:14:22 +00:00
Victor Stinner
f9faaad801 Issue #8477: ssl.RAND_egd() supports str with surrogates and bytes for the path 2010-05-16 21:36:37 +00:00
Victor Stinner
3800e1e961 Issue #8477: _ssl._test_decode_cert() supports str with surrogates and bytes
for the filename
2010-05-16 21:23:48 +00:00
Antoine Pitrou
65ec8ae47f Fix (hopefully) the remaining test_ssl buildbot failures 2010-05-16 19:56:32 +00:00
Antoine Pitrou
152efa2ae2 Issue #8550: Add first class SSLContext objects to the ssl module. 2010-05-16 18:19:27 +00:00
Antoine Pitrou
525807bf72 Merged revisions 81115 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r81115 | antoine.pitrou | 2010-05-12 16:02:34 +0200 (mer., 12 mai 2010) | 3 lines

  Improve _ssl.c formatting
........
2010-05-12 14:05:24 +00:00
Antoine Pitrou
cbb82ebd75 Merged revisions 80789 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r80789 | antoine.pitrou | 2010-05-05 17:53:45 +0200 (mer., 05 mai 2010) | 3 lines

  Untabify Modules/_ssl.c
........
2010-05-05 15:57:33 +00:00
Antoine Pitrou
06e34a9476 Merged revisions 80540 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r80540 | antoine.pitrou | 2010-04-27 21:09:59 +0200 (mar., 27 avril 2010) | 4 lines

  Issue #8549: Fix compiling the _ssl extension under AIX.  Patch by
  Sridhar Ratnakumar.
........
2010-04-27 19:14:15 +00:00
Antoine Pitrou
d3f8ab8bd3 Merged revisions 80451-80452 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r80451 | antoine.pitrou | 2010-04-24 21:57:01 +0200 (sam., 24 avril 2010) | 4 lines

  The do_handshake() method of SSL objects now adjusts the blocking mode of
  the SSL structure if necessary (as other methods already do).
........
  r80452 | antoine.pitrou | 2010-04-24 22:04:58 +0200 (sam., 24 avril 2010) | 4 lines

  Issue #5103: SSL handshake would ignore the socket timeout and block
  indefinitely if the other end didn't respond.
........
2010-04-24 21:26:44 +00:00
Antoine Pitrou
2c4f98b3c5 Merged revisions 80392 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r80392 | antoine.pitrou | 2010-04-23 01:33:02 +0200 (ven., 23 avril 2010) | 9 lines

  Issue #8108: Fix the unwrap() method of SSL objects when the socket has
  a non-infinite timeout.  Also make that method friendlier with applications
  wanting to continue using the socket in clear-text mode, by disabling
  OpenSSL's internal readahead.  Thanks to Darryl Miles for guidance.

  Issue #8108: test_ftplib's non-blocking SSL server now has proper handling
  of SSL shutdowns.
........
2010-04-23 00:16:21 +00:00
Antoine Pitrou
fec12fff0f Merged revisions 80314-80315 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r80314 | antoine.pitrou | 2010-04-21 21:28:03 +0200 (mer., 21 avril 2010) | 5 lines

  Issue #8484: Load all ciphers and digest algorithms when initializing
  the _ssl extension, such that verification of some SSL certificates
  doesn't fail because of an "unknown algorithm".
........
  r80315 | antoine.pitrou | 2010-04-21 21:36:23 +0200 (mer., 21 avril 2010) | 3 lines

  Forgot to add the sample certificate (followup to r80314)
........
2010-04-21 19:46:23 +00:00
Antoine Pitrou
2d9cb9c1cb Merged revisions 80151 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r80151 | antoine.pitrou | 2010-04-17 19:10:38 +0200 (sam., 17 avril 2010) | 4 lines

  Issue #8322: Add a *ciphers* argument to SSL sockets, so as to change the
  available cipher list.  Helps fix test_ssl with OpenSSL 1.0.0.
........
2010-04-17 17:40:45 +00:00
Antoine Pitrou
0ae7b5897e Merged revisions 79910 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r79910 | antoine.pitrou | 2010-04-09 22:38:39 +0200 (ven., 09 avril 2010) | 4 lines

  SSL_MODE_AUTO_RETRY has been added in OpenSSL 0.9.6.  Fix compilation
  with earlier versions.
........
2010-04-09 20:42:09 +00:00
Antoine Pitrou
04f6a32dff Merged revisions 79812 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r79812 | antoine.pitrou | 2010-04-05 23:35:07 +0200 (lun., 05 avril 2010) | 5 lines

  Issue #8321: Give access to OpenSSL version numbers from the `ssl` module,
  using the new attributes `ssl.OPENSSL_VERSION`, `ssl.OPENSSL_VERSION_INFO`
  and `ssl.OPENSSL_VERSION_NUMBER`.
........
2010-04-05 21:40:07 +00:00
Antoine Pitrou
5f1c38f06b Merged revisions 79448 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r79448 | antoine.pitrou | 2010-03-26 20:27:16 +0100 (ven., 26 mars 2010) | 6 lines

  Issue #8222: Enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that blocking
  reads and writes are always retried by OpenSSL itself.

  (this is a followup to issue #3890)
........
2010-03-26 19:32:24 +00:00
Victor Stinner
7124a41da2 Merged revisions 78596 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r78596 | victor.stinner | 2010-03-02 23:44:42 +0100 (mar., 02 mars 2010) | 4 lines

  Issue #2973: Fix gcc warning on the 2nd argument of ASN1_item_d2i() and
  method->d2i(): OpenSSL API changed in OpenSSL 0.9.6m. Patch written by Daniel
  Black.
........
2010-03-02 22:48:17 +00:00
Antoine Pitrou
7d7aede558 Merged revisions 75529 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r75529 | antoine.pitrou | 2009-10-19 19:59:07 +0200 (lun., 19 oct. 2009) | 5 lines

  Issue #7133: SSL objects now support the new buffer API.

  This fixes the test_ssl failure.
........
2009-11-25 18:55:32 +00:00
Benjamin Peterson
0289b15820 Merged revisions 73004,73439,73496,73509,73529,73564,73576-73577,73595-73596,73605 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r73004 | jeffrey.yasskin | 2009-05-28 22:44:31 -0500 (Thu, 28 May 2009) | 5 lines

  Fix nearly all compilation warnings under Apple gcc-4.0.  Tested with OPT="-g
  -Wall -Wstrict-prototypes -Werror" in both --with-pydebug mode and --without.
  There's still a batch of non-prototype warnings in Xlib.h that I don't know how
  to fix.
........
  r73439 | benjamin.peterson | 2009-06-15 19:29:31 -0500 (Mon, 15 Jun 2009) | 1 line

  don't mask encoding errors when decoding a string #6289
........
  r73496 | vinay.sajip | 2009-06-21 12:37:27 -0500 (Sun, 21 Jun 2009) | 1 line

  Issue #6314: logging.basicConfig() performs extra checks on the "level" argument.
........
  r73509 | amaury.forgeotdarc | 2009-06-22 14:33:48 -0500 (Mon, 22 Jun 2009) | 2 lines

  #4490 Fix sample code run by "python -m xml.sax.xmlreader"
........
  r73529 | r.david.murray | 2009-06-23 13:02:46 -0500 (Tue, 23 Jun 2009) | 4 lines

  Fix issue 5230 by having pydoc's safeimport check to see if the import
  error was thrown from itself in order to decide if the module can't be
  found.  Thanks to Lucas Prado Melo for collaborating on the fix and tests.
........
  r73564 | amaury.forgeotdarc | 2009-06-25 17:29:29 -0500 (Thu, 25 Jun 2009) | 6 lines

  #2016 Fix a crash in function call when the **kwargs dictionary is mutated
  during the function call setup.

  This even gives a slight speedup, probably because tuple allocation
  is faster than PyMem_NEW.
........
  r73576 | benjamin.peterson | 2009-06-26 18:37:06 -0500 (Fri, 26 Jun 2009) | 1 line

  document is_declared_global()
........
  r73577 | benjamin.peterson | 2009-06-27 09:16:23 -0500 (Sat, 27 Jun 2009) | 1 line

  link to extensive generator docs in the reference manual
........
  r73595 | ezio.melotti | 2009-06-27 18:45:39 -0500 (Sat, 27 Jun 2009) | 1 line

  stmt and setup can contain multiple statements, see #5896
........
  r73596 | ezio.melotti | 2009-06-27 19:07:45 -0500 (Sat, 27 Jun 2009) | 1 line

  Fixed a wrong apostrophe
........
  r73605 | georg.brandl | 2009-06-28 07:10:18 -0500 (Sun, 28 Jun 2009) | 1 line

  Remove stray pychecker directive.
........
2009-06-28 17:22:03 +00:00
Benjamin Peterson
b173f7853e add a replacement API for PyCObject, PyCapsule #5630
All stdlib modules with C-APIs now use this.

Patch by Larry Hastings
2009-05-05 22:31:58 +00:00
Benjamin Peterson
56420b406d #4967 fix buggy read() 2009-02-28 19:06:54 +00:00
Mark Dickinson
e94c679df0 Issue #1717: rename tp_compare to tp_reserved. I'll change the
type of tp_compare in a separate commit, for ease of reversion
should things go wrong.
2009-02-02 20:36:42 +00:00
Raymond Hettinger
26dd760636 Fix signed/unsigned mismatch. 2009-01-26 16:53:29 +00:00
Bill Janssen
40a0f66e95 clean up ssl.py; expose unwrap and add test for it 2008-08-12 16:56:25 +00:00
Marc-André Lemburg
4cc0f24857 Rename PyUnicode_AsString -> _PyUnicode_AsString and
PyUnicode_AsStringAndSize -> _PyUnicode_AsStringAndSize to mark
them for interpreter internal use only.

We'll have to rework these APIs or create new ones for the
purpose of accessing the UTF-8 representation of Unicode objects
for 3.1.
2008-08-07 18:54:33 +00:00
Amaury Forgeot d'Arc
e43d33a4db #3247 Get rid of Py_FindMethod; use tp_members instead.
Otherwise dir(_sre.SRE_Match) returns an empty list.

First step: handle most occurrences, remove tp_getattr and fill the tp_methods and tp_members slots.
Add some test about attribute access.
2008-07-02 20:50:16 +00:00
Martin v. Löwis
1a21451b1d Implement PEP 3121: new module initialization and finalization API. 2008-06-11 05:26:20 +00:00
Christian Heimes
72b710a596 Renamed PyString to PyBytes 2008-05-26 13:28:38 +00:00
Christian Heimes
9c4756ea26 Renamed PyBytes to PyByteArray 2008-05-26 13:22:05 +00:00
Christian Heimes
ba4af493a5 Merged revisions 61964-61979 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r61964 | benjamin.peterson | 2008-03-27 01:25:33 +0100 (Thu, 27 Mar 2008) | 2 lines

  add commas for introductory clauses
........
  r61965 | christian.heimes | 2008-03-27 02:36:21 +0100 (Thu, 27 Mar 2008) | 1 line

  Hopefully added _fileio module to the Windows build system
........
  r61966 | christian.heimes | 2008-03-27 02:38:47 +0100 (Thu, 27 Mar 2008) | 1 line

  Revert commit accident
........
  r61967 | neal.norwitz | 2008-03-27 04:49:54 +0100 (Thu, 27 Mar 2008) | 3 lines

  Fix bytes so it works on 64-bit platforms.
  (Also remove some #if 0 code that is already handled in _getbytevalue.)
........
  r61968 | neal.norwitz | 2008-03-27 05:40:07 +0100 (Thu, 27 Mar 2008) | 1 line

  Fix memory leaks
........
  r61969 | neal.norwitz | 2008-03-27 05:40:50 +0100 (Thu, 27 Mar 2008) | 3 lines

  Fix warnings about using char as an array subscript.  This is not portable
  since char is signed on some platforms and unsigned on others.
........
  r61970 | neal.norwitz | 2008-03-27 06:02:57 +0100 (Thu, 27 Mar 2008) | 1 line

  Fix test_compiler after adding unicode_literals
........
  r61971 | neal.norwitz | 2008-03-27 06:03:11 +0100 (Thu, 27 Mar 2008) | 1 line

  Fix compiler warnings
........
  r61972 | neal.norwitz | 2008-03-27 07:52:01 +0100 (Thu, 27 Mar 2008) | 1 line

  Pluralss only need one s, not 2 (intss -> ints)
........
  r61973 | christian.heimes | 2008-03-27 10:02:33 +0100 (Thu, 27 Mar 2008) | 1 line

  Quick 'n dirty hack: Increase the magic by 2 to force a rebuild of pyc/pyo files on the build bots
........
  r61974 | eric.smith | 2008-03-27 10:42:35 +0100 (Thu, 27 Mar 2008) | 3 lines

  Added test cases for single quoted strings, both forms of triple quotes,
   and some string concatenations.
  Removed unneeded __future__ print_function import.
........
  r61975 | christian.heimes | 2008-03-27 11:35:52 +0100 (Thu, 27 Mar 2008) | 1 line

  Build bots are working again - removing the hack
........
  r61976 | christian.heimes | 2008-03-27 12:46:37 +0100 (Thu, 27 Mar 2008) | 2 lines

  Fixed tokenize tests
  The tokenize module doesn't understand __future__.unicode_literals yet
........
  r61977 | georg.brandl | 2008-03-27 14:27:31 +0100 (Thu, 27 Mar 2008) | 2 lines

  #2248: return result of QUIT from quit().
........
  r61978 | georg.brandl | 2008-03-27 14:34:59 +0100 (Thu, 27 Mar 2008) | 2 lines

  The bug for which there was a test in outstanding_bugs.py was agreed not to be a bug.
........
  r61979 | amaury.forgeotdarc | 2008-03-28 00:23:54 +0100 (Fri, 28 Mar 2008) | 5 lines

  Issue2495: tokenize.untokenize did not insert space between two consecutive string literals:
  "" "" => """", which is invalid code.

  Will backport
........
2008-03-28 00:55:15 +00:00
Christian Heimes
412dc9c88f Merged revisions 60350-60363 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r60355 | neal.norwitz | 2008-01-27 18:10:14 +0100 (Sun, 27 Jan 2008) | 1 line

  Whitespace cleanup
........
  r60356 | neal.norwitz | 2008-01-27 18:10:29 +0100 (Sun, 27 Jan 2008) | 1 line

  Add assertion that we do not blow out newl
........
  r60357 | neal.norwitz | 2008-01-27 18:10:35 +0100 (Sun, 27 Jan 2008) | 1 line

  Initialize variable to prevent warning on some platform/config.
........
  r60358 | neal.norwitz | 2008-01-27 18:10:43 +0100 (Sun, 27 Jan 2008) | 1 line

  Update to newer version of ffi.  Fixes crashes and test failures of longdouble
........
  r60359 | neal.norwitz | 2008-01-27 18:10:50 +0100 (Sun, 27 Jan 2008) | 1 line

  Add a tiny sleep and additional flush to force the file to really be synced.
........
  r60360 | neal.norwitz | 2008-01-27 18:10:58 +0100 (Sun, 27 Jan 2008) | 1 line

  Retry connection in case it fails to reduce flakiness
........
  r60361 | neal.norwitz | 2008-01-27 18:11:11 +0100 (Sun, 27 Jan 2008) | 4 lines

  Catch socket errors that are often the cause of transient failures.
  Many of these exceptions are due to resource unavailable, so the
  existing code should be able to handle many more spurious errors.
........
  r60362 | neal.norwitz | 2008-01-27 18:12:15 +0100 (Sun, 27 Jan 2008) | 1 line

  Reduce buffer size since we do not need 1k
........
  r60363 | neal.norwitz | 2008-01-27 18:13:07 +0100 (Sun, 27 Jan 2008) | 1 line

  Print periodic "still working" messages since this suite is slow.
........
2008-01-27 18:55:54 +00:00
Christian Heimes
90aa7646af #1629: Renamed Py_Size, Py_Type and Py_Refcnt to Py_SIZE, Py_TYPE and Py_REFCNT. 2007-12-19 02:45:37 +00:00
Christian Heimes
0449f63f53 Merged revisions 59488-59511 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r59489 | christian.heimes | 2007-12-14 03:33:57 +0100 (Fri, 14 Dec 2007) | 1 line

  Silence a warning about an unsed variable in debug builds
........
  r59490 | christian.heimes | 2007-12-14 03:35:23 +0100 (Fri, 14 Dec 2007) | 2 lines

  Fixed bug #1620: New @spam.getter property syntax modifies the property in place.
  I added also the feature that a @prop.getter decorator does not overwrite the doc string of the property if it was given as an argument to property().
........
  r59491 | raymond.hettinger | 2007-12-14 03:49:47 +0100 (Fri, 14 Dec 2007) | 1 line

  Cleaner method naming convention
........
  r59492 | christian.heimes | 2007-12-14 04:02:34 +0100 (Fri, 14 Dec 2007) | 1 line

  Fixed a warning in _codecs_iso2022.c and some non C89 conform // comments.
........
  r59493 | christian.heimes | 2007-12-14 05:38:13 +0100 (Fri, 14 Dec 2007) | 1 line

  Fixed warning in ssl module
........
  r59500 | raymond.hettinger | 2007-12-14 19:08:20 +0100 (Fri, 14 Dec 2007) | 1 line

  Add line spacing for readability
........
  r59501 | raymond.hettinger | 2007-12-14 19:12:21 +0100 (Fri, 14 Dec 2007) | 3 lines

  Update method names for named tuples.
........
  r59503 | georg.brandl | 2007-12-14 20:03:36 +0100 (Fri, 14 Dec 2007) | 3 lines

  Add a section about nested listcomps to the tutorial.
  Thanks to Ian Bruntlett and Robert Lehmann.
........
  r59504 | raymond.hettinger | 2007-12-14 20:19:59 +0100 (Fri, 14 Dec 2007) | 1 line

  Faster and simpler _replace() method
........
  r59505 | raymond.hettinger | 2007-12-14 22:51:50 +0100 (Fri, 14 Dec 2007) | 1 line

  Add usage note
........
  r59507 | andrew.kuchling | 2007-12-14 23:41:18 +0100 (Fri, 14 Dec 2007) | 1 line

  Remove warning about URL
........
  r59510 | andrew.kuchling | 2007-12-14 23:52:36 +0100 (Fri, 14 Dec 2007) | 1 line

  Bump the version number, and make a few small edits
........
  r59511 | christian.heimes | 2007-12-15 00:42:36 +0100 (Sat, 15 Dec 2007) | 2 lines

  Fixed bug #1628
  The detection now works on Unix with Makefile, Makefile with VPATH and on Windows.
........
2007-12-15 01:27:15 +00:00
Bill Janssen
54cc54c1fe update to fix leak in SSL code 2007-12-14 22:08:56 +00:00
Guido van Rossum
e6650f91ea Reverting revision 59394. We'll sort this out later. 2007-12-06 19:05:55 +00:00
Guido van Rossum
03b5c9ae75 Fix the leaks in test_ssl. Issue 1469. Patch by Christian Heimes:
(a) added GC support to the PySSL object
(b) move the call to _real_close() from __del__ methods in Python to
PySSL_dealloc().
(c) remove those __del__ methods -- this makes SSL and socket objects GC'able.
2007-12-06 18:39:46 +00:00
Christian Heimes
217cfd1c86 Cleanup: Replaced most PyInt_ aliases with PyLong_ and disabled the aliases in intobject.h 2007-12-02 14:31:20 +00:00
Guido van Rossum
f06628b072 Make read() and certificate() return bytes instead of bytearray instances. 2007-11-21 20:01:53 +00:00