| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Closes #21013 by modfying ssl.create_default_context() to:
* Move the restricted ciphers to only apply when using
ssl.Purpose.CLIENT_AUTH. The major difference between restricted and not
is the lack of RC4 in the restricted. However there are servers that exist
that only expose RC4 still.
* Switches the default protocol to ssl.PROTOCOL_SSLv23 so that the context
will select TLS1.1 or TLS1.2 if it is available.
* Add ssl.OP_NO_SSLv3 by default to continue to block SSL3.0 sockets
* Add ssl.OP_SINGLE_DH_USE and ssl.OP_SINGLE_ECDG_USE to improve the security
of the perfect forward secrecy
* Add ssl.OP_CIPHER_SERVER_PREFERENCE so that when used for a server side
socket the context will prioritize our ciphers which have been carefully
selected to maximize security and performance.
* Documents the failure conditions when a SSL3.0 connection is required so
that end users can more easily determine if they need to unset
ssl.OP_NO_SSLv3.
|
| |\ \
| |/
| |
| | |
Schwab.
|
| | |
| |
| |
| | |
Schwab.
|
| | |
| |
| |
| |
| |
| |
| | |
Previously a non-string, non-regex second argument could cause the test
to always pass.
Initial patch by Kamilla Holanda.
|
| |\ \
| |/ |
|
| | |\ |
|
| | | | |
|
| |\ \ \
| |/ / |
|
| | | | |
|
| |\ \ \
| |/ / |
|
| | | | |
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | | |
for ECDH key exchange on OpenSSL 1.0.2 and later, and otherwise default to "prime256v1".
(should also fix a buildbot failure introduced by #20995)
|
| | | |
| | |
| | |
| | |
| | |
| | | |
for ECDH key exchange on OpenSSL 1.0.2 and later, and otherwise default to "prime256v1".
(should also fix a buildbot failure introduced by #20995)
|
| | | |
| | |
| | |
| | | |
A patch from Berker Peksag.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
solution.
Currently, Tix is not built in Debug configuration.
This change also:
- simplifies some Tcl/Tk-related msbuild properties for _tkinter
- copies the Tcl and Tk DLLs into the build output directory, meaning
they will always be available after a build without having to copy
them manually or change PATH
- removes PCbuild/build_tkinter.py: the solution does the build without
needing to invoke Python (so Tcl/Tk/Tix can be built in parallel with
the rest of the build using the `/m` msbuild command line switch)
- removes an outdated README concerning building Tcl/Tk on AMD64
|
| | | | |
|
| |\ \ \
| |/ / |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Closes #20995 by Enabling better security by prioritizing ciphers
such that:
* Prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE)
* Prefer ECDHE over DHE for better performance
* Prefer any AES-GCM over any AES-CBC for better performance and security
* Then Use HIGH cipher suites as a fallback
* Then Use 3DES as fallback which is secure but slow
* Finally use RC4 as a fallback which is problematic but needed for
compatibility some times.
* Disable NULL authentication, NULL encryption, and MD5 MACs for security
reasons
|
| | | |
| | |
| | |
| | | |
defined.
|
| | | |
| | |
| | |
| | | |
Patch by Claudiu Popa.
|
| | | | |
|
| | | | |
|
| | | | |
|
| |\ \ \
| |/ / |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
:py:data:`sys.stdin` and :py:data:`sys.stdout` are now using the
``surrogateescape`` error handler, instead of the ``strict`` error handler.
|
| | | |
| | |
| | |
| | | |
(Windows code page 65001, Microsoft UTF-8).
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | | |
tables for base32, ascii85 and base85 codecs in the base64 module, and delay
the initialization of the unquote_to_bytes() table of the urllib.parse module,
to not waste memory if these modules are not used.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
base32, ascii85 and base85 codecs in the base64 module, and delay the
initialization of the unquote_to_bytes() table of the urllib.parse module, to
not waste memory if these modules are not used.
|
| | | |
| | |
| | |
| | | |
Changes of 3.4 after 3.4.0 must already be present in the 3.4 branch.
|
| | | |
| | |
| | |
| | | |
In fact, items were already present by Misc/NEWS format was improved.
|
| | | | |
|
| | | | |
|
| |\ \ \
| |/ / |
|
| | |\ \
| |/ /
|/| | |
|
| |\ \ \
| | |/
| |/| |
|
| | | |
| | |
| | |
| | | |
Patch by Andreas Schwab.
|
| |\ \ \
| |/ / |
|
| | | |
| | |
| | |
| | | |
new redirect of http://www.python.org/ to https://www.python.org.
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Also move NEWS item to correct position (it was in 3.3).
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- based on pip and other PyPA tools
- includes references to the new Python Packaging User Guide
where appropriate (and the relevant section is at least
partially filled in)
- started new FAQ sections
- both guides aim to introduce users to basic open source
concepts if they aren't aware of them
- existing guides have been relocated (now linked from the
distutils docs) rather then removed, since there is
some needed material that has yet to be relocated to the
distutils docs as a reference for the legacy formats
|
| |\ \ \
| |/ / |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When running external programs such as a C compiler and getting an
error code, distutils only prints the program name. With this change,
one can get the full command line by setting the DISTUTILS_DEBUG
environment variable.
This should have no compatibility issues, unless there are tools
that depend on the exact format of distutils debug messages.
|
| |\ \ \
| |/ / |
|
| | | | |
|
| |\ \ \
| |/ / |
|
