summaryrefslogtreecommitdiffstats
path: root/Lib/ssl.py
Commit message (Collapse)AuthorAgeFilesLines
* Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of ↵Antoine Pitrou2013-05-181-1/+8
| | | | service using certificates with many wildcards (CVE-2013-2099).
* Issue #16357: fix calling accept() on a SSLSocket created through ↵Antoine Pitrou2012-11-111-10/+5
| | | | | | SSLContext.wrap_socket(). Original patch by Jeff McNeil.
* Issue #13636: Weak ciphers are now disabled by default in the ssl moduleAntoine Pitrou2012-01-031-2/+10
| | | | (except when SSLv2 is explicitly asked for).
* Issue #12440: When testing whether some bits in SSLContext.options can beAntoine Pitrou2011-07-081-0/+2
| | | | | reset, check the version of the OpenSSL headers Python was compiled against, rather than the runtime version of the OpenSSL library.
* Issue #12065: connect_ex() on an SSL socket now returns the original errnoAntoine Pitrou2011-05-181-11/+13
| | | | when the socket's timeout expires (it used to return None).
* (Merge 3.1) Issue #12012: ssl.PROTOCOL_SSLv2 becomes optionalVictor Stinner2011-05-091-12/+13
|\ | | | | | | | | | | | | OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2 protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid. Optimize also ssl.get_protocol_name(): speed does matter!
| * Issue #12012: ssl.PROTOCOL_SSLv2 becomes optionalVictor Stinner2011-05-091-12/+13
| | | | | | | | | | | | | | OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2 protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid. Optimize also ssl.get_protocol_name(): speed does matter!
| * Merged revisions 84807 via svnmerge fromAntoine Pitrou2010-09-141-4/+6
| | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r84807 | antoine.pitrou | 2010-09-14 16:43:44 +0200 (mar., 14 sept. 2010) | 4 lines Issue #9853: Fix the signature of SSLSocket.recvfrom() and SSLSocket.sendto() to match the corresponding socket methods. ........
| * Merged revisions 84464 via svnmerge fromAntoine Pitrou2010-09-031-3/+3
| | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r84464 | antoine.pitrou | 2010-09-03 20:38:17 +0200 (ven., 03 sept. 2010) | 3 lines Issue #3805: clean up implementation of the _read method in _ssl.c. ........
| * Merged revisions 80517 via svnmerge fromAntoine Pitrou2010-04-261-1/+0
| | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r80517 | antoine.pitrou | 2010-04-27 01:06:26 +0200 (mar., 27 avril 2010) | 3 lines Remove unused import ........
| * Merged revisions 80515 via svnmerge fromAntoine Pitrou2010-04-261-12/+15
| | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r80515 | antoine.pitrou | 2010-04-27 00:17:47 +0200 (mar., 27 avril 2010) | 4 lines Hopefully fix sporadic Windows issue by avoiding calling getpeername() on a freshly dup'ed socket. ........
| * Merged revisions 80509 via svnmerge fromAntoine Pitrou2010-04-261-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r80509 | antoine.pitrou | 2010-04-26 19:29:05 +0200 (lun., 26 avril 2010) | 10 lines Merged revisions 80507 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r80507 | antoine.pitrou | 2010-04-26 19:23:33 +0200 (lun., 26 avril 2010) | 4 lines When calling getpeername() in SSLSocket.__init__, only silence exceptions caused by the "socket not connected" condition. ........ ................
| * Merged revisions 80456 via svnmerge fromAntoine Pitrou2010-04-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r80456 | antoine.pitrou | 2010-04-25 00:04:40 +0200 (dim., 25 avril 2010) | 5 lines Issue #8524: When creating an SSL socket, the timeout value of the original socket wasn't retained (instead, a socket with a positive timeout would be turned into a non-blocking SSL socket). ........
| * Merged revisions 79287,79289 via svnmerge fromAntoine Pitrou2010-03-221-19/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r79287 | antoine.pitrou | 2010-03-22 15:49:10 +0100 (lun., 22 mars 2010) | 13 lines Merged revisions 79226,79286 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r79226 | antoine.pitrou | 2010-03-21 20:33:38 +0100 (dim., 21 mars 2010) | 4 lines Issue #3890: Fix recv() and recv_into() on non-blocking SSL sockets. ........ r79286 | antoine.pitrou | 2010-03-22 15:41:48 +0100 (lun., 22 mars 2010) | 3 lines Fix an occasional test_ftplib failure, following r79226. ........ ................ r79289 | antoine.pitrou | 2010-03-22 16:07:09 +0100 (lun., 22 mars 2010) | 3 lines Fix a blunder in r79287. This part is, obviously, poorly tested (if at all). ................
| * Merged revisions 77597 via svnmerge fromEzio Melotti2010-01-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r77597 | ezio.melotti | 2010-01-18 11:15:14 +0200 (Mon, 18 Jan 2010) | 9 lines Merged revisions 77595 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r77595 | ezio.melotti | 2010-01-18 11:10:26 +0200 (Mon, 18 Jan 2010) | 1 line #7730: remove spaces after functions names ........ ................
* | Issue #12000: When a SSL certificate has a subjectAltName without anyAntoine Pitrou2011-05-061-2/+3
| | | | | | | | | | dNSName entry, ssl.match_hostname() should use the subject's commonName. Patch by Nicolas Bareil.
* | Merged revisions 88664 via svnmerge fromAntoine Pitrou2011-02-261-8/+22
| | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r88664 | antoine.pitrou | 2011-02-27 00:24:06 +0100 (dim., 27 févr. 2011) | 4 lines Issue #11326: Add the missing connect_ex() implementation for SSL sockets, and make it work for non-blocking connects. ........
* | Issue #5639: Add a *server_hostname* argument to `SSLContext.wrap_socket`Antoine Pitrou2010-10-221-3/+12
| | | | | | | | | | | | in order to support the TLS SNI extension. `HTTPSConnection` and `urlopen()` also use this argument, so that HTTPS virtual hosts are now supported.
* | Issue #1589: Add ssl.match_hostname(), to help implement server identityAntoine Pitrou2010-10-081-0/+59
| | | | | | | | verification for higher-level protocols.
* | Issue #9853: Fix the signature of SSLSocket.recvfrom() andAntoine Pitrou2010-09-141-4/+6
| | | | | | | | SSLSocket.sendto() to match the corresponding socket methods.
* | Issue #3805: clean up implementation of the _read method in _ssl.c.Antoine Pitrou2010-09-031-3/+3
| |
* | Fix issue #9711: raise ValueError is SSLConnection constructor is invoked ↵Giampaolo Rodolà2010-08-301-0/+2
| | | | | | | | with keyfile and not certfile.
* | Fix issue issue9706: provides a better error handling for various SSL operationsGiampaolo Rodolà2010-08-291-2/+6
| |
* | Raise ValuError if non-zero flag argument is provided for sendall() method ↵Giampaolo Rodolà2010-08-291-0/+4
| | | | | | | | for conformity with send(), recv() and recv_into()
* | Followup to r83869 and issue #8524: rename socket.forget() to socket.detach()Antoine Pitrou2010-08-091-1/+1
| | | | | | | | and make it return the file descriptor.
* | Issue #8524: Add a forget() method to socket objects, so as to put theAntoine Pitrou2010-08-081-3/+2
| | | | | | | | | | socket into the closed state without closing the underlying file descriptor.
* | Issue #4870: Add an `options` attribute to SSL contexts, as well asAntoine Pitrou2010-05-211-0/+1
| | | | | | | | | | several ``OP_*`` constants to the `ssl` module. This allows to selectively disable protocol versions, when used in combination with `PROTOCOL_SSLv23`.
* | Issue #8550: Add first class `SSLContext` objects to the ssl module.Antoine Pitrou2010-05-161-22/+49
| |
* | Remove unused importAntoine Pitrou2010-04-261-1/+0
| |
* | Hopefully fix sporadic Windows issue by avoiding calling getpeername()Antoine Pitrou2010-04-261-12/+15
| | | | | | | | on a freshly dup'ed socket.
* | Merged revisions 80507 via svnmerge fromAntoine Pitrou2010-04-261-1/+4
| | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/trunk ........ r80507 | antoine.pitrou | 2010-04-26 19:23:33 +0200 (lun., 26 avril 2010) | 4 lines When calling getpeername() in SSLSocket.__init__, only silence exceptions caused by the "socket not connected" condition. ........
* | Issue #8524: When creating an SSL socket, the timeout value of theAntoine Pitrou2010-04-241-0/+1
| | | | | | | | | | original socket wasn't retained (instead, a socket with a positive timeout would be turned into a non-blocking SSL socket).
* | Merged revisions 80151 via svnmerge fromAntoine Pitrou2010-04-171-5/+9
| | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/trunk ........ r80151 | antoine.pitrou | 2010-04-17 19:10:38 +0200 (sam., 17 avril 2010) | 4 lines Issue #8322: Add a *ciphers* argument to SSL sockets, so as to change the available cipher list. Helps fix test_ssl with OpenSSL 1.0.0. ........
* | Merged revisions 79812 via svnmerge fromAntoine Pitrou2010-04-051-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/trunk ........ r79812 | antoine.pitrou | 2010-04-05 23:35:07 +0200 (lun., 05 avril 2010) | 5 lines Issue #8321: Give access to OpenSSL version numbers from the `ssl` module, using the new attributes `ssl.OPENSSL_VERSION`, `ssl.OPENSSL_VERSION_INFO` and `ssl.OPENSSL_VERSION_NUMBER`. ........
* | Fix a blunder in r79287. This part is, obviously, poorly tested (if at all).Antoine Pitrou2010-03-221-9/+0
| |
* | Merged revisions 79226,79286 via svnmerge fromAntoine Pitrou2010-03-221-10/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/trunk ........ r79226 | antoine.pitrou | 2010-03-21 20:33:38 +0100 (dim., 21 mars 2010) | 4 lines Issue #3890: Fix recv() and recv_into() on non-blocking SSL sockets. ........ r79286 | antoine.pitrou | 2010-03-22 15:41:48 +0100 (lun., 22 mars 2010) | 3 lines Fix an occasional test_ftplib failure, following r79226. ........
* | Merged revisions 77595 via svnmerge fromEzio Melotti2010-01-181-1/+1
|/ | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/trunk ........ r77595 | ezio.melotti | 2010-01-18 11:10:26 +0200 (Mon, 18 Jan 2010) | 1 line #7730: remove spaces after functions names ........
* More codestring -> codebytes.Georg Brandl2009-06-041-1/+1
|
* fix name usageBenjamin Peterson2008-12-311-1/+1
|
* #4788 qualify remove a bare exceptBenjamin Peterson2008-12-311-1/+1
|
* fixes from issue 3162 for SSL moduleBill Janssen2008-09-081-0/+8
|
* clean up ssl.py; expose unwrap and add test for itBill Janssen2008-08-121-1/+9
|
* fix bad method names in ssl module (and typo in ssl doc)Bill Janssen2008-06-291-6/+6
|
* Merged revisions 60990-61002 via svnmerge fromChristian Heimes2008-02-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/trunk ........ r60990 | eric.smith | 2008-02-23 17:05:26 +0100 (Sat, 23 Feb 2008) | 1 line Removed duplicate Py_CHARMASK define. It's already defined in Python.h. ........ r60991 | andrew.kuchling | 2008-02-23 17:23:05 +0100 (Sat, 23 Feb 2008) | 4 lines #1330538: Improve comparison of xmlrpclib.DateTime and datetime instances. Remove automatic handling of datetime.date and datetime.time. This breaks backward compatibility, but python-dev discussion was strongly against this automatic conversion; see the bug for a link. ........ r60994 | andrew.kuchling | 2008-02-23 17:39:43 +0100 (Sat, 23 Feb 2008) | 1 line #835521: Add index entries for various pickle-protocol methods and attributes ........ r60995 | andrew.kuchling | 2008-02-23 18:10:46 +0100 (Sat, 23 Feb 2008) | 2 lines #1433694: minidom's .normalize() failed to set .nextSibling for last element. Fix by Malte Helmert ........ r61000 | christian.heimes | 2008-02-23 18:40:11 +0100 (Sat, 23 Feb 2008) | 1 line Patch #2167 from calvin: Remove unused imports ........ r61001 | christian.heimes | 2008-02-23 18:42:31 +0100 (Sat, 23 Feb 2008) | 1 line Patch #1957: syslogmodule: Release GIL when calling syslog(3) ........ r61002 | christian.heimes | 2008-02-23 18:52:07 +0100 (Sat, 23 Feb 2008) | 2 lines Issue #2051 and patch from Alexander Belopolsky: Permission for pyc and pyo files are inherited from the py file. ........
* update to fix leak in SSL codeBill Janssen2007-12-141-23/+23
|
* Reverting revision 59394. We'll sort this out later.Guido van Rossum2007-12-061-5/+4
|
* Fix the leaks in test_ssl. Issue 1469. Patch by Christian Heimes:Guido van Rossum2007-12-061-4/+5
| | | | | | | (a) added GC support to the PySSL object (b) move the call to _real_close() from __del__ methods in Python to PySSL_dealloc(). (c) remove those __del__ methods -- this makes SSL and socket objects GC'able.
* most recent changes to SSL module to support non-blocking sockets properlyBill Janssen2007-12-051-10/+25
|
* Disable dup() of SSLSocket. I don't think it can be made to work.Guido van Rossum2007-11-161-0/+4
|
* This is roughly socket2.diff from issue 1378, with a few changes appliedGuido van Rossum2007-11-161-15/+6
| | | | | | | to ssl.py (no need to test whether we can dup any more). Regular sockets no longer have a _base, but we still have explicit reference counting of socket objects for the benefit of makefile(); using duplicate sockets won't work for SSLSocket.
generated by cgit v0.12 at 2024-10-19 15:46:37 (GMT)