Commit Graph

12263 Commits

Author SHA1 Message Date
Christian Heimes
91554e4c5c
bpo-43908: Mark ssl, hash, and hmac types as immutable (GH-25792)
Signed-off-by: Christian Heimes <christian@python.org>
2021-05-02 09:47:45 +02:00
Christian Heimes
e983252b51
bpo-43998: Default to TLS 1.2 and increase cipher suite security (GH-25778)
The ssl module now has more secure default settings. Ciphers without forward
secrecy or SHA-1 MAC are disabled by default. Security level 2 prohibits
weak RSA, DH, and ECC keys with less than 112 bits of security.
:class:`~ssl.SSLContext` defaults to minimum protocol version TLS 1.2.
Settings are based on Hynek Schlawack's research.

```
$ openssl version
OpenSSL 1.1.1k  FIPS 25 Mar 2021
$ openssl ciphers -v '@SECLEVEL=2:ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES:DHE+AES:!aNULL:!eNULL:!aDSS:!SHA1:!AESCCM'
TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
TLS_AES_128_CCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESCCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
```

Signed-off-by: Christian Heimes <christian@python.org>
2021-05-01 20:53:10 +02:00
Ma Lin
251ffa9d2b
bpo-41486: Fix initial buffer size can't > UINT32_MAX in zlib module (GH-25738)
* Fix initial buffer size can't > UINT32_MAX in zlib module

After commit f9bedb630e, in 64-bit build,
if the initial buffer size > UINT32_MAX, ValueError will be raised.

These two functions are affected:
1. zlib.decompress(data, /, wbits=MAX_WBITS, bufsize=DEF_BUF_SIZE)
2. zlib.Decompress.flush([length])

This commit re-allows the size > UINT32_MAX.

* adds curly braces per PEP 7.

* Renames `Buffer_*` to `OutputBuffer_*` for clarity
2021-04-30 16:32:49 -07:00
Victor Stinner
665c7746fc
bpo-43916: _md5.md5 uses Py_TPFLAGS_DISALLOW_INSTANTIATION (GH-25753)
The following types use Py_TPFLAGS_DISALLOW_INSTANTIATION flag:

* _md5.md5
* _sha1.sha1
* _sha256.sha224
* _sha256.sha256
* _sha512.sha384
* _sha512.sha512
2021-04-30 18:40:30 +02:00
Victor Stinner
7dcf0f6db3
bpo-43916: select.devpoll uses Py_TPFLAGS_DISALLOW_INSTANTIATION (GH-25751) 2021-04-30 18:19:57 +02:00
Erlend Egeberg Aasland
9746cda705
bpo-43916: Apply Py_TPFLAGS_DISALLOW_INSTANTIATION to selected types (GH-25748)
Apply Py_TPFLAGS_DISALLOW_INSTANTIATION to the following types:

* _dbm.dbm
* _gdbm.gdbm
* _multibytecodec.MultibyteCodec
* _sre..SRE_Scanner
* _thread._localdummy
* _thread.lock
* _winapi.Overlapped
* array.arrayiterator
* functools.KeyWrapper
* functools._lru_list_elem
* pyexpat.xmlparser
* re.Match
* re.Pattern
* unicodedata.UCD
* zlib.Compress
* zlib.Decompress
2021-04-30 16:04:57 +02:00
Erlend Egeberg Aasland
387397f8a4
bpo-43916: select.poll uses Py_TPFLAGS_DISALLOW_INSTANTIATION (GH-25750) 2021-04-30 15:49:17 +02:00
Victor Stinner
0cad068ec1
bpo-43916: Remove _disabled_new() function (GH-25745)
posix and _hashlib use the new Py_TPFLAGS_DISALLOW_INSTANTIATION
flag on their heap types, rather than using a custom tp_new function
(_disabled_new).
2021-04-30 14:06:49 +02:00
Victor Stinner
3bb09947ec
bpo-43916: Add Py_TPFLAGS_DISALLOW_INSTANTIATION type flag (GH-25721)
Add a new Py_TPFLAGS_DISALLOW_INSTANTIATION type flag to disallow
creating type instances: set tp_new to NULL and don't create the
"__new__" key in the type dictionary.

The flag is set automatically on static types if tp_base is NULL or
&PyBaseObject_Type and tp_new is NULL.

Use the flag on the following types:

* _curses.ncurses_version type
* _curses_panel.panel
* _tkinter.Tcl_Obj
* _tkinter.tkapp
* _tkinter.tktimertoken
* _xxsubinterpretersmodule.ChannelID
* sys.flags type
* sys.getwindowsversion() type
* sys.version_info type

Update MyStr example in the C API documentation to use
Py_TPFLAGS_DISALLOW_INSTANTIATION.

Add _PyStructSequence_InitType() function to create a structseq type
with the Py_TPFLAGS_DISALLOW_INSTANTIATION flag set.

type_new() calls _PyType_CheckConsistency() at exit.
2021-04-30 12:46:15 +02:00
Mark Shannon
069e81ab3d
bpo-43977: Use tp_flags for collection matching (GH-25723)
* Add Py_TPFLAGS_SEQUENCE and Py_TPFLAGS_MAPPING, add to all relevant standard builtin classes.

* Set relevant flags on collections.abc.Sequence and Mapping.

* Use flags in MATCH_SEQUENCE and MATCH_MAPPING opcodes.

* Inherit Py_TPFLAGS_SEQUENCE and Py_TPFLAGS_MAPPING.

* Add NEWS

* Remove interpreter-state map_abc and seq_abc fields.
2021-04-30 09:50:28 +01:00
Erlend Egeberg Aasland
c6ad03fddf
bpo-43908: Make array.array type immutable (GH-25696)
Co-authored-by: Victor Stinner <vstinner@python.org>
2021-04-29 08:47:48 +02:00
Erlend Egeberg Aasland
5daf70b22e
bpo-43908: Make re types immutable (GH-25697)
Co-authored-by: Victor Stinner <vstinner@python.org>
2021-04-29 08:47:11 +02:00
Victor Stinner
103d5e420d
bpo-28254: _posixsubprocess uses PyGC_Enable/PyGC_Disable (GH-25693) 2021-04-28 19:09:29 +02:00
scoder
3cc481b9de
bpo-28254: Add a C-API for controlling the GC state (GH-25687)
Add new C-API functions to control the state of the garbage collector:
PyGC_Enable(), PyGC_Disable(), PyGC_IsEnabled(),
corresponding to the functions in the gc module.

Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
2021-04-28 18:12:16 +02:00
Ma Lin
f9bedb630e
bpo-41486: Faster bz2/lzma/zlib via new output buffering (GH-21740)
Faster bz2/lzma/zlib via new output buffering.
Also adds .readall() function to _compression.DecompressReader class
to take best advantage of this in the consume-all-output at once scenario.

Often a 5-20% speedup in common scenarios due to less data copying.

Contributed by Ma Lin.
2021-04-27 23:58:54 -07:00
Victor Stinner
a5e64444e6
bpo-43963: Add _signal module state (GH-25676)
* Add signal_state_t structure and signal_global_state variable.
* Add a module state to the _signal module.
* Move and rename variables:

  * DefaultHandler becomes state->default_handler
  * IgnoreHandler becomes state->ignore_handler
  * sigint_event becomes state->sigint_event
  * ItimerError becomes modstate->itimer_error

* Rename SetHandler() to set_handler() to be consistent with
  get_handler().
2021-04-28 03:02:55 +02:00
Victor Stinner
a09766deab
bpo-43963: Fix import _signal in subinterpreters (GH-25674)
Importing the _signal module in a subinterpreter has no longer side
effects.

signal_module_exec() no longer modifies Handlers and no longer attempts
to set SIGINT signal handler in subinterpreters.
2021-04-28 01:50:04 +02:00
Ma Lin
93f411838a
Fix thread locks in zlib module may go wrong in rare case. (#22126)
Setting `next_in` before acquiring the thread lock may mix up compress/decompress state in other threads.
2021-04-27 10:37:11 +02:00
Erlend Egeberg Aasland
7244c0060d
bpo-43762: Add audit events for loading of sqlite3 extensions (GH-25246) 2021-04-27 00:16:46 +01:00
Christian Heimes
666991fc59
bpo-18233: Add internal methods to access peer chain (GH-25467)
The internal `_ssl._SSLSocket` object now provides methods to retrieve
the peer cert chain and verified cert chain as a list of Certificate
objects. Certificate objects have methods to convert the cert to a dict,
PEM, or DER (ASN.1).

These are private APIs for now. There is a slim chance to stabilize the
approach and provide a public API for 3.10. Otherwise I'll provide a
stable API in 3.11.

Signed-off-by: Christian Heimes <christian@python.org>
2021-04-26 15:01:40 +02:00
Serhiy Storchaka
172c0f2752
bpo-39529: Deprecate creating new event loop in asyncio.get_event_loop() (GH-23554)
asyncio.get_event_loop() emits now a deprecation warning when it creates a new event loop.
In future releases it will became an alias of asyncio.get_running_loop().
2021-04-25 13:40:44 +03:00
Segev Finer
5e437fb872
bpo-30555: Fix WindowsConsoleIO fails in the presence of fd redirection (GH-1927)
This works by not caching the handle and instead getting the handle from
the file descriptor each time, so that if the actual handle changes by
fd redirection closing/opening the console handle beneath our feet, we
will keep working correctly.
2021-04-23 23:00:27 +01:00
Steve Dower
019e9e8168
bpo-43538: Add extra arguments to os.startfile (GH-25538) 2021-04-23 18:03:17 +01:00
Zackery Spytz
7d37b86ad4
bpo-35114: Make ssl.RAND_status() return a bool (GH-20063) 2021-04-23 18:07:37 +02:00
Christian Heimes
b9ad88be03
bpo-43920: Make load_verify_locations(cadata) error message consistent (GH-25554)
Signed-off-by: Christian Heimes <christian@python.org>
2021-04-23 13:51:40 +02:00
Erlend Egeberg Aasland
e9194ea6ea
bpo-43852: Improve tuple creation in sqlite3 (GH-25421) 2021-04-23 14:21:08 +03:00
Steve Dower
e07d809889
bpo-38222: Check specifically for a drive, not just a colon (GH-25540) 2021-04-23 00:30:37 +01:00
Steve Dower
fe63a401a9
bpo-38822: Fixed os.stat failing on inaccessible directories. (GH-25527)
It would just fail if the path was inaccessible and had a trailing slash. It should fall back to the parent directory's metadata.
2021-04-22 20:45:02 +01:00
Raymond Hettinger
a07da09ad5
bpo-43475: Fix worst case collision behavior for NaN instances (GH-25493) 2021-04-22 08:34:57 -07:00
Steve Dower
dc516ef839
bpo-26227: Fixes decoding of host names on Windows from ANSI instead of UTF-8 (GH-25510) 2021-04-22 00:18:20 +01:00
Victor Stinner
cdad2724e6
bpo-40137: Add pycore_moduleobject.h internal header (GH-25507)
Add pycore_moduleobject.h internal header file with static inline
functions to access module members:

* _PyModule_GetDict()
* _PyModule_GetDef()
* _PyModule_GetState()

These functions don't check at runtime if their argument has a valid
type and can be inlined even if Python is not built with LTO.

_PyType_GetModuleByDef() uses _PyModule_GetDef().

Replace PyModule_GetState() with _PyModule_GetState() in the
extension modules, considered as performance sensitive:

* _abc
* _functools
* _operator
* _pickle
* _queue
* _random
* _sre
* _struct
* _thread
* _winapi
* array
* posix

The following extensions are now built with the Py_BUILD_CORE_MODULE
macro defined, to be able to use the internal pycore_moduleobject.h
header: _abc, array, _operator, _queue, _sre, _struct.
2021-04-22 00:52:52 +02:00
Steve Dower
7b86e47617
bpo-43472: Ensure PyInterpreterState_New audit events are raised when called through _xxsubinterpreters module (GH-25506) 2021-04-21 23:34:29 +01:00
Raymond Hettinger
139c232f38
bpo-40137: Move state lookups out of the critical path (GH-25492) 2021-04-21 15:22:22 -07:00
Christian Heimes
3309113d61
bpo-43799: Also define SSLv3_method() (GH-25481)
Signed-off-by: Christian Heimes <christian@python.org>
2021-04-20 18:10:10 +02:00
l0x
64d975202f
bpo-40849: Expose X509_V_FLAG_PARTIAL_CHAIN ssl flag (GH-20463)
This short PR exposes an openssl flag that  wasn't exposed. I've also updated to doc to reflect the change. It's heavily inspired by 990fcaac3c.
2021-04-19 04:51:18 -07:00
Christian Heimes
2875c603b2
bpo-43880: Show DeprecationWarnings for deprecated ssl module features (GH-25455)
* ssl.OP_NO_SSLv2
* ssl.OP_NO_SSLv3
* ssl.OP_NO_TLSv1
* ssl.OP_NO_TLSv1_1
* ssl.OP_NO_TLSv1_2
* ssl.OP_NO_TLSv1_3
* ssl.PROTOCOL_SSLv2
* ssl.PROTOCOL_SSLv3
* ssl.PROTOCOL_SSLv23 (alias for PROTOCOL_TLS)
* ssl.PROTOCOL_TLS
* ssl.PROTOCOL_TLSv1
* ssl.PROTOCOL_TLSv1_1
* ssl.PROTOCOL_TLSv1_2
* ssl.TLSVersion.SSLv3
* ssl.TLSVersion.TLSv1
* ssl.TLSVersion.TLSv1_1
* ssl.wrap_socket()
* ssl.RAND_pseudo_bytes()
* ssl.RAND_egd() (already removed since it's not supported by OpenSSL 1.1.1)
* ssl.SSLContext() without a protocol argument
* ssl.match_hostname()
* hashlib.pbkdf2_hmac() (pure Python implementation, fast OpenSSL
  function will stay)

Signed-off-by: Christian Heimes <christian@python.org>
2021-04-19 07:27:10 +02:00
Christian Heimes
89d1550d14
bpo-42854: Use SSL_read/write_ex() (GH-25468)
The ssl module now uses ``SSL_read_ex`` and ``SSL_write_ex``
internally. The functions support reading and writing of data larger
than 2 GB. Writing zero-length data no longer fails with a protocol
violation error.

Signed-off-by: Christian Heimes <christian@python.org>
2021-04-19 06:55:30 +02:00
Christian Heimes
aa6da32edc
bpo-43362: Fix invalid free and return check in _sha3 module (GH-25463)
Commit 93d50a6a8d / GH-21855 changed the
order of variable definitions, which introduced a potential invalid free
bug. Py_buffer object is now initialized earlier and the result of
Keccak initialize is verified.

Co-authored-by: Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Christian Heimes <christian@python.org>

Co-authored-by: Alex Henrie <alexhenrie24@gmail.com>
2021-04-18 08:39:39 +02:00
Christian Heimes
7f1305ef9e
bpo-42333: Port _ssl extension to multiphase initialization (PEP 489) (GH-23253)
- Introduce sslmodule_slots
- Introduce sslmodulestate
- Use sslmodulestate
- Get rid of PyState_FindModule
- Move new structs and helpers to header file
- Use macros to access state
- Keep a strong ref to socket type
2021-04-17 20:06:38 +02:00
Christian Heimes
b8d0fa035d
bpo-43669: Remove OpenSSL 0.9 to 1.1.0 specific documentation (GH-25453) 2021-04-17 15:49:50 +02:00
Christian Heimes
39258d3595
bpo-43669: PEP 644: Require OpenSSL 1.1.1 or newer (GH-23014)
- Remove HAVE_X509_VERIFY_PARAM_SET1_HOST check
- Update hashopenssl to require OpenSSL 1.1.1
- multissltests only OpenSSL > 1.1.0
- ALPN is always supported
- SNI is always supported
- Remove deprecated NPN code. Python wrappers are no-op.
- ECDH is always supported
- Remove OPENSSL_VERSION_1_1 macro
- Remove locking callbacks
- Drop PY_OPENSSL_1_1_API macro
- Drop HAVE_SSL_CTX_CLEAR_OPTIONS macro
- SSL_CTRL_GET_MAX_PROTO_VERSION is always defined now
- security level is always available now
- get_num_tickets is available with TLS 1.3
- X509_V_ERR MISMATCH is always available now
- Always set SSL_MODE_RELEASE_BUFFERS
- X509_V_FLAG_TRUSTED_FIRST is always available
- get_ciphers is always supported
- SSL_CTX_set_keylog_callback is always available
- Update Modules/Setup with static link example
- Mention PEP in whatsnew
- Drop 1.0.2 and 1.1.0 from GHA tests
2021-04-17 11:36:35 +02:00
Christian Heimes
b467d9a240
bpo-43522: Fix SSLContext.hostname_checks_common_name (GH-24899)
Fix problem with ssl.SSLContext.hostname_checks_common_name. OpenSSL does not
copy hostflags from *struct SSL_CTX* to *struct SSL*.

Signed-off-by: Christian Heimes <christian@python.org>
2021-04-17 10:07:19 +02:00
Erlend Egeberg Aasland
5cb601f956
bpo-43296: Handle sqlite3_value_blob() errors (GH-24674) 2021-04-15 00:09:11 +03:00
Erlend Egeberg Aasland
def919342f
bpo-43505: Explicitly initialize and shutdown sqlite3 (GH-25404) 2021-04-14 17:50:16 +03:00
Erlend Egeberg Aasland
c1ae741997
bpo-43265: Improve sqlite3.Connection.backup error handling (GH-24586) 2021-04-14 14:45:49 +03:00
Erlend Egeberg Aasland
6f1e8ccffa
bpo-43752: Fix sqlite3 regression for zero-sized blobs with converters (GH-25228) 2021-04-14 14:18:49 +03:00
Christian Heimes
a4833883c9
bpo-43799: OpenSSL 3.0.0: declare OPENSSL_API_COMPAT 1.1.1 (GH-25329)
Signed-off-by: Christian Heimes <christian@python.org>
2021-04-13 08:17:26 +02:00
Victor Stinner
09bbebea16
bpo-43753: Add Py_Is() and Py_IsNone() functions (GH-25227)
Add the Py_Is(x, y) function to test if the 'x' object is the 'y'
object, the same as "x is y" in Python. Add also the Py_IsNone(),
Py_IsTrue(), Py_IsFalse() functions to test if an object is,
respectively, the None singleton, the True singleton or the False
singleton.
2021-04-11 00:17:39 +02:00
Christian Heimes
6f37ebc61e
bpo-43794: OpenSSL 3.0.0: set OP_IGNORE_UNEXPECTED_EOF by default (GH-25309)
Signed-off-by: Christian Heimes <christian@python.org>
2021-04-09 17:59:21 +02:00
Christian Heimes
150af75432
bpo-43788: Generate version specific _ssl_data.h (GH-25300)
Signed-off-by: Christian Heimes <christian@python.org>

Automerge-Triggered-By: GH:tiran
2021-04-09 08:02:00 -07:00
Christian Heimes
d3b73f32ef
bpo-43789: OpenSSL 3.0.0 Don't call passwd callback again in error case (GH-25303) 2021-04-09 15:23:38 +02:00
Steve Dower
04732ca993
bpo-43105: Importlib now resolves relative paths when creating module spec objects from file locations (GH-25121) 2021-04-07 01:02:07 +01:00
Serhiy Storchaka
b1dc1aacf8
bpo-43084: Return bool instead of int from curses.window.enclose() (GH-24398) 2021-04-05 16:50:24 +03:00
Zackery Spytz
afd1265058
bpo-31956: Add start and stop parameters to array.index() (GH-25059)
Co-Authored-By: Anders Lorentsen <Phaqui@gmail.com>
2021-04-03 00:28:35 +09:00
Victor Stinner
240bcf82a1
bpo-41111: xxlimited.c defines Py_LIMITED_API (GH-25151)
xxlimited.c and xxlimited_35.c now define the Py_LIMITED_API macro,
rather than having to do it in the build recipe.

Co-authored-by: Hai Shi <shihai1992@gmail.com>
2021-04-02 16:48:11 +02:00
Inada Naoki
bec8c787ec
bpo-43510: Fix emitting EncodingWarning from _io module. (GH-25146)
I forget to check PyErr_WarnEx() return value. But it will fail when -Werror is used.
2021-04-02 17:38:59 +09:00
Inada Naoki
cfa176685a
Revert "bpo-43510: PEP 597: Accept encoding="locale" in binary mode (GH-25103)" (#25108)
This reverts commit ff3c9739bd.
2021-03-31 18:49:41 +09:00
Inada Naoki
ff3c9739bd
bpo-43510: PEP 597: Accept encoding="locale" in binary mode (GH-25103)
It make `encoding="locale"` usable everywhere `encoding=None` is
allowed.
2021-03-31 14:26:08 +09:00
Antoine Pitrou
73b20ae2fb
bpo-41369: Finish updating the vendored libmpdec to version 2.5.1 (GH-24962)
Complete the update to libmpdec-2.5.1.

Co-authored-by: Stefan Krah <skrah@bytereef.org>
2021-03-30 18:11:06 +02:00
Inada Naoki
068ebf9729
bpo-33164: blake2: Fix Coverity scan (GH-25060) 2021-03-30 12:25:28 +09:00
Pablo Galindo
70cdf1812c
bpo-40645: Fix reference leak in the _hashopenssl extension (GH-25063) 2021-03-29 06:17:40 -07:00
Inada Naoki
4827483f47
bpo-43510: Implement PEP 597 opt-in EncodingWarning. (GH-19481)
See [PEP 597](https://www.python.org/dev/peps/pep-0597/).

* Add `-X warn_default_encoding` and `PYTHONWARNDEFAULTENCODING`.
* Add EncodingWarning
* Add io.text_encoding()
* open(), TextIOWrapper() emits EncodingWarning when encoding is omitted and warn_default_encoding is enabled.
* _pyio.TextIOWrapper() uses UTF-8 as fallback default encoding used when failed to import locale module. (used during building Python)
* bz2, configparser, gzip, lzma, pathlib, tempfile modules use io.text_encoding().
* What's new entry
2021-03-29 12:28:14 +09:00
Christian Heimes
933dfd7504
bpo-40645: use C implementation of HMAC (GH-24920)
- [x] fix tests
- [ ] add test scenarios for old/new code.

Signed-off-by: Christian Heimes <christian@python.org>
2021-03-27 06:55:03 -07:00
Raymond Hettinger
3bb19873ab
Revert "bpo-40521: Remove freelist from collections.deque() (GH-21073)" (GH-24944)
This reverts commit 32f2eda859.
It can be re-applied if the subinterpreter PEP is approved.
Otherwise, the commit degraded performance with no offsetting
benefit.
2021-03-25 13:32:23 -07:00
Ikko Ashimine
232f4cb667
Fix typo in fuzzer.c (GH-25013) 2021-03-25 00:47:21 +09:00
Victor Stinner
94faa0724f
bpo-43244: Remove ast.h, asdl.h, Python-ast.h headers (GH-24933)
These functions were undocumented and excluded from the limited C
API.

Most names defined by these header files were not prefixed by "Py"
and so could create names conflicts. For example, Python-ast.h
defined a "Yield" macro which was conflict with the "Yield" name used
by the Windows <winbase.h> header.

Use the Python ast module instead.

* Move Include/asdl.h to Include/internal/pycore_asdl.h.
* Move Include/Python-ast.h to Include/internal/pycore_ast.h.
* Remove ast.h header file.
* pycore_symtable.h no longer includes Python-ast.h.
2021-03-23 20:47:40 +01:00
Antoine Pitrou
cdddc2b742
bpo-43422: Revert _decimal C API addition (GH-24960)
Stefan Krah requested the reversal of these (unreleased) changes, quoting him:
> The capsule API does not meet my testing standards, since I've focused
on the upstream mpdecimal in the last couple of months.
> Additionally, I'd like to refine the API, perhaps together with the
Arrow community.

Automerge-Triggered-By: GH:pitrou
2021-03-21 09:27:54 -07:00
Christian Heimes
77cde5042a
bpo-43577: Fix deadlock with SSLContext._msg_callback and sni_callback (GH-24957)
OpenSSL copies the internal message callback from SSL_CTX->msg_callback to
SSL->msg_callback. SSL_set_SSL_CTX() does not update SSL->msg_callback
to use the callback value of the new context.

PySSL_set_context() now resets the callback and _PySSL_msg_callback()
resets thread state in error path.

Signed-off-by: Christian Heimes <christian@python.org>
2021-03-21 16:13:09 +01:00
Rui Cunha
b05b48dd7a
bpo-43571: Add IPPROTO_MPTCP macro (GH-24946)
Add IPPROTO_MPTCP constant when defined in the system headers.
2021-03-20 15:04:56 -07:00
Victor Stinner
28ad12f8fe
bpo-43244: Remove symtable.h header file (GH-24910)
Rename Include/symtable.h to to Include/internal/pycore_symtable.h,
don't export symbols anymore (replace PyAPI_FUNC and PyAPI_DATA with
extern) and rename functions:

* PyST_GetScope() to _PyST_GetScope()
* PySymtable_BuildObject() to _PySymtable_Build()
* PySymtable_Free() to _PySymtable_Free()

Remove PySymtable_Build(), Py_SymtableString() and
Py_SymtableStringObject() functions.

The Py_SymtableString() function was part the stable ABI by mistake
but it could not be used, since the symtable.h header file was
excluded from the limited C API.

The Python symtable module remains available and is unchanged.
2021-03-19 12:41:49 +01:00
Chris Burr
e0b4aa0f5c
bpo-39342: Expose X509_V_FLAG_ALLOW_PROXY_CERTS in ssl module (GH-18011)
Exposes the `X509_V_FLAG_ALLOW_PROXY_CERTS` constant as `ssl.VERIFY_ALLOW_PROXY_CERTS` to allow for proxy certificate validation as described in: https://www.openssl.org/docs/man1.1.1/man7/proxy-certificates.html
2021-03-18 01:24:01 -07:00
Dennis Sweeney
448801da96
bpo-41361: Optimized argument parsing for deque_rotate (GH-24796) 2021-03-15 21:02:25 -07:00
Pablo Galindo
9c376bc1c4
bpo-43439: Wrapt the tuple in the audit events for the gc module (GH-24836) 2021-03-14 04:04:47 +01:00
Erlend Egeberg Aasland
2256a2876b
bpo-43444: Move sqlite3 MODULE_NAME from setup.py to module.h (GH-24801) 2021-03-13 17:33:39 +02:00
Antoine Pitrou
ba251c2ae6
bpo-43356: Allow passing a signal number to interrupt_main() (GH-24755)
Also introduce a new C API ``PyErr_SetInterruptEx(int signum)``.
2021-03-11 23:35:45 +01:00
Pablo Galindo
b4f9089d4a
bpo-43439: Add audit hooks for gc functions (GH-24794) 2021-03-10 00:53:57 +00:00
Antoine Pitrou
68245b7a10
bpo-43406: Fix possible race condition where `PyErr_CheckSignals` tries to execute a non-Python signal handler (GH-24756)
We can receive signals (at the C level, in `trip_signal()` in signalmodule.c) while `signal.signal` is being called to modify the corresponding handler.  Later when `PyErr_CheckSignals()` is called to handle the given signal, the handler may be a non-callable object and would raise a cryptic asynchronous exception.
2021-03-05 10:32:50 +01:00
Erlend Egeberg Aasland
e161ec5dd7
bpo-43369: sqlite3_column_{text,blob} failures now raise MemoryError (GH-24723) 2021-03-04 11:50:25 +02:00
Brandt Bucher
c61ec7e6b8
bpo-43394: Fix -Wstrict-prototypes warnings (GH-24737) 2021-03-03 21:53:59 -08:00
Mariusz Felisiak
3b4b2cf418
bpo-43368: Fix fetching empty bytes in sqlite3 (GH-24706)
Regression introduced in 47feb1feb2.
2021-03-03 16:16:24 +02:00
Alperen Serkan Aksöz
09605ad726
missing multiply symbol in the documentation (GH-24686) 2021-03-03 14:59:52 +01:00
Alex Henrie
25e244c925
bpo-39523: Use do-while loop pysqlite_cursor_executescript() (GH-18305) 2021-03-02 09:40:34 +02:00
Filipe Laíns
0d7ad9fb38
bpo-29753: fix merging packed bitfields in ctypes struct/union (GH-19850)
From the commit message:

> When the structure is packed we should always expand when needed,
> otherwise we will add some padding between the fields. This patch makes
> sure we always merge bitfields together. It also changes the field merging
> algorithm so that it handles bitfields correctly.

Automerge-Triggered-By: GH:jaraco
2021-02-28 14:43:19 -08:00
Erlend Egeberg Aasland
2183d06bc8
bpo-43251: sqlite3_column_name() failures now raise MemoryError (GH-24609) 2021-02-28 19:01:06 +02:00
Dong-hee Na
bf9de7ab24
bpo-43335: Update macro to check gcc version (GH-24662) 2021-02-28 09:16:24 +09:00
Erlend Egeberg Aasland
5e48e83688
bpo-43294: Remove unused variables in pysqlite_connection_*() (GH-24658) 2021-02-26 16:30:22 +02:00
Erlend Egeberg Aasland
3150754f91
bpo-43314: Remove SQLITE_OPEN_URI ifdef (GH-24637)
SQLite 3.7.15 is required as by GH-24106. SQLITE_OPEN_URI was added in
SQLite 3.7.7.
2021-02-26 02:48:19 +02:00
Erlend Egeberg Aasland
91ea37c84a
bpo-43290: Remove workaround from pysqlite_step() (GH-24638)
From the SQLite 3.5.3 changelog:

sqlite3_step() returns SQLITE_MISUSE instead of crashing when called
with a NULL parameter.

The workaround no longer needed because we no longer support
SQLite releases older than 3.7.15.
2021-02-26 01:39:34 +02:00
Inada Naoki
01806d5beb
bpo-43260: io: Prevent large data remains in textio buffer. (GH-24592)
When very large data remains in TextIOWrapper, flush() may fail forever.

So prevent that data larger than chunk_size is remained in TextIOWrapper internal
buffer.

Co-Authored-By: Eryk Sun
2021-02-22 08:29:30 +09:00
Erlend Egeberg Aasland
38b6c2acd4
bpo-43269: Remove redundant extern keywords (GH-24605) 2021-02-21 12:07:49 +02:00
Erlend Egeberg Aasland
bf838a6e7e
bpo-43269: Clean up sqlite3 file scope (GH-24578) 2021-02-21 02:29:19 +02:00
Victor Stinner
839184f85c
bpo-43268: local_clear() uses _PyInterpreterState_GET() (GH-24583)
Cleanup also the code.
2021-02-19 15:51:36 +01:00
Victor Stinner
bcb094b41f
bpo-43268: Pass interp rather than tstate to internal functions (GH-24580)
Pass the current interpreter (interp) rather than the current Python
thread state (tstate) to internal functions which only use the
interpreter.

Modified functions:

* _PyXXX_Fini() and _PyXXX_ClearFreeList() functions
* _PyEval_SignalAsyncExc(), make_pending_calls()
* _PySys_GetObject(), sys_set_object(), sys_set_object_id(), sys_set_object_str()
* should_audit(), set_flags_from_config(), make_flags()
* _PyAtExit_Call()
* init_stdio_encoding()
* etc.
2021-02-19 15:10:45 +01:00
Victor Stinner
5592f2b9da
bpo-43268: Replace _PyThreadState_GET() with _PyInterpreterState_GET() (GH-24576)
Replace _PyThreadState_GET() with _PyInterpreterState_GET() in
functions which only need the current interpreter, but don't need the
current Python thread state.

Replace also _PyThreadState_UncheckedGet() with _PyThreadState_GET()
in faulthandler.c, since _PyThreadState_UncheckedGet() is just an
alias to _PyThreadState_GET() in practice.
2021-02-19 13:21:28 +01:00
Erlend Egeberg Aasland
2bb0bf4dd8
bpo-43258: Make sqlite3 callback functions static (GH-24574) 2021-02-19 13:59:24 +02:00
Erlend Egeberg Aasland
979b23cbe4
bpo-43258: Don't allocate sqlite3 aggregate context for empty queries (GH-24569) 2021-02-19 13:20:32 +02:00
Erlend Egeberg Aasland
cc96231f0a
bpo-43249: Improve scoping in _pysqlite_fetch_one_row() (GH-24565) 2021-02-18 19:13:14 +02:00
Erlend Egeberg Aasland
47feb1feb2
bpo-43249: sqlite3_column_bytes() must follow sqlite_column_blob() (GH-24562) 2021-02-18 17:44:43 +02:00
David CARLIER
7be00ee64a
bpo-42960: Add resource.RLIMIT_KQUEUES constant from FreeBSD (GH-24251) 2021-02-18 16:26:20 +01:00
Nicholas Sim
17dbd4078b
bpo-35134, Include: Move pytime.h to cpython/pytime.h (GH-23988)
This change is backward compatible since C extension modules
must not include "pytime.h" directly, but only include "Python.h".
2021-02-16 13:04:38 +01:00
Dustin Rodrigues
755f3c1521
bpo-42819, readline: Disable bracketed paste (GH-24108) 2021-02-16 00:28:24 +01:00
Erlend Egeberg Aasland
1b57426e3a
bpo-43210: Fix byteswap comment in sha512.module.c (GH-24518) 2021-02-14 23:14:26 +09:00
Gregory P. Smith
fd053fdd39
bpo-43172: readline now passes its tests when built against libedit (GH-24499)
bpo-43172: readline now passes its tests when built against libedit.

Existing irreconcilable API differences remain in readline.get_begidx
and readline.get_endidx behavior based on libreadline vs libedit use.
A note about that has been documented.
2021-02-12 12:04:46 -08:00
Erlend Egeberg Aasland
5ec7d53558
bpo-43204: Fix LibTomCrypt URL in md5module.c and sha*module.c comments (GH-24507)
Automerge-Triggered-By: GH:tiran
2021-02-12 02:34:11 -08:00
Erlend Egeberg Aasland
ea46579067
bpo-40956: Fix segfault when Connection.backup is called without target (GH-24503) 2021-02-11 01:04:02 +02:00
Roland Hieber
e1f7769513
bpo-13501: allow choosing between readline and libedit (GH-24189)
In contrast to macOS, libedit is available as its own include file and
library on Linux systems to prevent file name clashes. So if both
libraries are available on the system, readline is currently chosen by
default; and if only libedit is available, it is not found at all. This
patch adds a way to link against libedit by adding the following
arguments to configure:

  --with-readline           link against libreadline (the default)
  --with-readline=editline  link against libeditline
  --with-readline=no        disable building the readline module
  --without-readline        (same)

The runtime detection of libedit vs. readline was already done in commit
7105319ada (2019-12-04, serge-sans-paille: "bpo-38634: Allow
non-apple build to cope with libedit (GH-16986)").

Fixes: GH-12076 ("bpo-13501 Build or disable readline with Editline")
Fixes: bpo-13501 ("Make libedit support more generic; port readline / libedit to FreeBSD")
Co-authored-by: Enji Cooper (ngie-eign)
Co-authored-by: Martin Panter (vadmium)
Co-authored-by: Robert Marshall (kellinm)
2021-02-08 17:05:25 -08:00
Zackery Spytz
effaec0bb5
bpo-43132: Fix incorrect handling of PyObject_RichCompareBool() in _zoneinfo (GH-24450)
PyObject_RichCompareBool() returns -1 on error, but this case is
not handled by the find_in_strong_cache() function.  Any exception
raised by PyObject_RichCompareBool() should be propagated.
2021-02-05 10:25:30 +02:00
Dong-hee Na
f917c243c5
bpo-43106: Add os.O_EVTONLY/O_FSYNC/O_SYMLINK/O_NOFOLLOW_ANY (GH-24428) 2021-02-04 08:32:55 +09:00
Pablo Galindo
bb739ec922
bpo-43108: Fix a reference leak in the curses module (GH-24420) 2021-02-02 20:38:26 +00:00
Ken Jin
b5931f1d9f
bpo-42834: Fix _json internal caches for subinterpreters (GH-24121)
Make internal caches of the _json extension module
compatible with subinterpreters.
2021-02-01 17:26:56 +01:00
Anonymous Maarten
3243e8a4b4
bpo-41604: Don't decrement the reference count of the previous user_ptr when set_panel_usertpr fails (GH-21933) 2021-01-31 19:55:15 +02:00
Serhiy Storchaka
9073180db5
bpo-43083: Fix error handling in _sqlite3 (GH-24395) 2021-01-31 17:42:38 +02:00
Victor Stinner
0837f99d33
bpo-42323: Fix math.nextafter() on AIX (GH-24381)
math_nextafter_impl() must return a Python object, not a C double.
2021-01-29 23:04:50 +01:00
Victor Stinner
c9b8e9c421
bpo-42979: Enhance abstract.c assertions checking slot result (GH-24352)
* bpo-42979: Enhance abstract.c assertions checking slot result

Add _Py_CheckSlotResult() function which fails with a fatal error if
a slot function succeeded with an exception set or failed with no
exception set: write the slot name, the type name and the current
exception (if an exception is set).
2021-01-27 16:39:16 +00:00
Hai Shi
eeb701adc0
bpo-42979: _zoneinfo exec function checks for PyDateTime_IMPORT failure (GH-24333)
Importing datetime can fail.
2021-01-27 11:23:33 +01:00
Zackery Spytz
5327f37034
bpo-43033: Fix the handling of PyObject_SetAttrString() in _zoneinfo.c (GH-24345) 2021-01-27 10:16:20 +02:00
borispopoff
c7c3b7db29
Typo in comment (GH-24199)
Automerge-Triggered-By: GH:Mariatta
2021-01-25 14:51:48 -08:00
Hai Shi
2f12a1b7ec
bpo-41798: Allocate the _curses._C_API on the heap memory (GH-24186) 2021-01-22 11:06:43 +01:00
Victor Stinner
c1c3493fb7
bpo-42323: Fix math.nextafter() for NaN on AIX (GH-24265) 2021-01-20 15:20:13 +01:00
Erlend Egeberg Aasland
61d26394f9
bpo-41798: Allocate unicodedata CAPI on the heap (GH-24128) 2021-01-20 12:03:53 +01:00
Yunlongs
f1ff800db1
bpo-41995: Handle allocation failure in _tracemalloc and _zoneinfo (GH-22635) 2021-01-20 09:38:28 +01:00
Benjamin Peterson
916610ef90
closes bpo-42938: Replace snprintf with Python unicode formatting in ctypes param reprs. (24239) 2021-01-18 14:47:05 -06:00
Victor Stinner
250035d134
bpo-42923: Dump extension modules on fatal error (GH-24207)
The Py_FatalError() function and the faulthandler module now dump the
list of extension modules on a fatal error.

Add _Py_DumpExtensionModules() and _PyModule_IsExtension() internal
functions.
2021-01-18 20:47:13 +01:00
Victor Stinner
e232025025
bpo-42923: Add Py_FatalError() test in test_capi (GH-24240)
Move faulthandler._fatal_error() to _testcapi.fatal_error().
2021-01-18 18:24:29 +01:00
Zackery Spytz
14cfa325c2
bpo-39273: Expose BUTTON5_* constants in the curses module if available (GH-17996) 2021-01-14 11:40:09 +02:00
Erlend Egeberg Aasland
a330365ca5
bpo-40956: Fix sqlite3.Cursor.fetchmany() default value (GH-24214) 2021-01-14 01:17:33 +02:00
Victor Stinner
11ef53aefb
bpo-42866: Add traverse func to _multibytecodec.MultibyteCodec (GH-24166)
Convert _multibytecodec.MultibyteCodec type to a GC type and adds a
traverse function.
2021-01-08 15:43:59 +01:00
Victor Stinner
e542d417b9
bpo-42866: Fix refleak in CJK getcodec() (GH-24165)
Fix a reference leak in the getcodec() function of CJK codecs.
2021-01-08 15:01:38 +01:00
Victor Stinner
07f2cee93f
bpo-42846: Convert CJK codec extensions to multiphase init (GH-24157)
Convert the 6 CJK codec extension modules (_codecs_cn, _codecs_hk,
_codecs_iso2022, _codecs_jp, _codecs_kr and _codecs_tw) to the
multiphase initialization API (PEP 489).

Remove getmultibytecodec() local cache: always import
_multibytecodec. It should be uncommon to get a codec. For example,
this function is only called once per CJK codec module.

Fix a reference leak in register_maps() error path.
2021-01-08 00:15:22 +01:00
Hai Shi
1ab045933b
bpo-41798: Allocate the _datetime.datetime_CAPI on the heap memory (GH-24096) 2021-01-06 20:47:19 +01:00
Erlend Egeberg Aasland
f22b7ca1af
bpo-41798: Allocate _socket module C API on the heap (GH-24126) 2021-01-06 20:43:06 +01:00
Erlend Egeberg Aasland
fe9f446afe
bpo-41798: Allocate _decimal extension module C API on the heap (GH-24117) 2021-01-06 12:47:28 +01:00
Erlend Egeberg Aasland
203b2493ae
bpo-40959: Remove unused declarations from sqlite3 headers (GH-20828) 2021-01-06 02:56:05 +02:00
Erlend Egeberg Aasland
cf0b23908c
bpo-40810: Require SQLite 3.7.15 (GH-24106) 2021-01-06 02:02:43 +02:00
Erlend Egeberg Aasland
c7f8d3caf0
bpo-40956: Convert _sqlite3.Cursor to Argument Clinic (GH-24007) 2021-01-06 01:57:25 +02:00
Serhiy Storchaka
59f9b4e450
bpo-42681: Fix test_curses failures related to color pairs (GH-24089)
On ncurses 6.1 pair numbers are limited by SHORT_MAX-1, even
with extended color support.

Improve error reporting and tests for color functions.
2021-01-05 09:13:15 +02:00
Erlend Egeberg Aasland
0b858cdd5d
bpo-1635741: Convert _multibytecodec to multi-phase init (GH-24095)
Convert the _multibytecodec extension module (CJK codecs) to multi-phase
initialization (PEP 489).
2021-01-04 22:33:45 +01:00
Mohamed Koubaa
c8a87addb1
bpo-1635741: Port pyexpat to multi-phase init (PEP 489) (GH-22222) 2021-01-04 15:34:26 +01:00
Joshua Root
df21f502fd
bpo-42692: fix __builtin_available check on older compilers (GH-23873)
A compiler that doesn't define `__has_builtin` will error out when it is
used on the same line as the check for it.

Automerge-Triggered-By: GH:ronaldoussoren
2021-01-04 02:36:58 -08:00
Serhiy Storchaka
1470edd613
bpo-42681: Fix range checks for color and pair numbers in curses (GH-23874) 2021-01-03 22:51:11 +02:00
Hai Shi
7c83eaa536
bpo-41798: pyexpat: Allocate the expat_CAPI on the heap memory (GH-24061) 2021-01-03 16:47:44 +01:00
Erlend Egeberg Aasland
b8eb376590
bpo-40077: Add traverse/clear/free to arraymodule (GH-24066) 2021-01-03 14:11:15 +01:00
Erlend Egeberg Aasland
75bf107c62
bpo-40077: Convert arraymodule to use heap types and establish module state (GH-23124) 2021-01-02 17:38:47 +01:00
Erlend Egeberg Aasland
f4936ad1c4
bpo-42393: Raise OverflowError iso. DeprecationWarning on overflow in socket.ntohs and socket.htons (GH-23980) 2020-12-31 15:16:50 +02:00
Victor Stinner
ba0e49a464
bpo-40137: Fix refleak in _functools_exec() (GH-24006) 2020-12-30 02:24:43 +01:00
Erlend Egeberg Aasland
84d79cfda9
bpo-40956: Convert _sqlite3.Row to Argument Clinic (GH-23964) 2020-12-29 15:22:55 +02:00
Jakub Kulík
0159e5efee
bpo-42655: Fix subprocess extra_groups gid conversion (GH-23762) 2020-12-29 14:58:27 +02:00
Hai Shi
dd39123970
bpo-40137: Convert _functools module to use PyType_FromModuleAndSpec. (GH-23405) 2020-12-29 04:45:07 -08:00
Jero Bado
a4258e8cd7
Fix minor typo in comments in readline.c (GH-23911) 2020-12-29 14:26:57 +02:00
Pablo Galindo
a6d63a20df
Fix compiler warnings regarding loss of data (GH-23983) 2020-12-29 00:28:09 +00:00