summaryrefslogtreecommitdiffstats
path: root/Modules/_ssl.c
Commit message (Collapse)AuthorAgeFilesLines
* Issue #9075: In the ssl module, remove the setting of a `debug` flagAntoine Pitrou2010-06-251-1/+0
| | | | on an OpenSSL structure.
* Clear the OpenSSL error queue each time an error is signalled.Antoine Pitrou2010-05-161-0/+3
| | | | When the error queue is not emptied, strange things can happen on the next SSL call, depending on the OpenSSL version.
* Improve _ssl.c formattingAntoine Pitrou2010-05-121-34/+27
|
* Untabify Modules/_ssl.cAntoine Pitrou2010-05-051-1346/+1346
|
* Remove unneeded variable initialization.Brett Cannon2010-05-031-3/+0
| | | | Found using Clang's static analyzer.
* Issue #8549: Fix compiling the _ssl extension under AIX. Patch byAntoine Pitrou2010-04-271-1/+1
| | | | Sridhar Ratnakumar.
* The do_handshake() method of SSL objects now adjusts the blocking mode ofAntoine Pitrou2010-04-241-1/+6
| | | | the SSL structure if necessary (as other methods already do).
* Issue #8108: Fix the unwrap() method of SSL objects when the socket hasAntoine Pitrou2010-04-221-6/+63
| | | | | | | | | a non-infinite timeout. Also make that method friendlier with applications wanting to continue using the socket in clear-text mode, by disabling OpenSSL's internal readahead. Thanks to Darryl Miles for guidance. Issue #8108: test_ftplib's non-blocking SSL server now has proper handling of SSL shutdowns.
* Issue #8484: Load all ciphers and digest algorithms when initializingAntoine Pitrou2010-04-211-1/+2
| | | | | the _ssl extension, such that verification of some SSL certificates doesn't fail because of an "unknown algorithm".
* Issue #8322: Add a *ciphers* argument to SSL sockets, so as to change theAntoine Pitrou2010-04-171-5/+15
| | | | available cipher list. Helps fix test_ssl with OpenSSL 1.0.0.
* Revert r79915 (temporary commit to check for buildbots -> the fix was ↵Antoine Pitrou2010-04-091-35/+6
| | | | successful)
* Temporarily commit fix to issue #8108, to check for buildbot responseAntoine Pitrou2010-04-091-6/+35
|
* SSL_MODE_AUTO_RETRY has been added in OpenSSL 0.9.6. Fix compilationAntoine Pitrou2010-04-091-0/+2
| | | | with earlier versions.
* Issue #8321: Give access to OpenSSL version numbers from the `ssl` module,Antoine Pitrou2010-04-051-1/+29
| | | | | using the new attributes `ssl.OPENSSL_VERSION`, `ssl.OPENSSL_VERSION_INFO` and `ssl.OPENSSL_VERSION_NUMBER`.
* Issue #8222: Enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that ↵Antoine Pitrou2010-03-261-2/+1
| | | | | | | | blocking reads and writes are always retried by OpenSSL itself. (this is a followup to issue #3890)
* Issue #2973: Fix gcc warning on the 2nd argument of ASN1_item_d2i() andVictor Stinner2010-03-021-0/+5
| | | | | method->d2i(): OpenSSL API changed in OpenSSL 0.9.6m. Patch written by Daniel Black.
* Issue #7133: SSL objects now support the new buffer API.Antoine Pitrou2009-10-191-11/+16
| | | | This fixes the test_ssl failure.
* Fix nearly all compilation warnings under Apple gcc-4.0. Tested with OPT="-gJeffrey Yasskin2009-05-291-1/+1
| | | | | | -Wall -Wstrict-prototypes -Werror" in both --with-pydebug mode and --without. There's still a batch of non-prototype warnings in Xlib.h that I don't know how to fix.
* Fix signed/unsigned mismatch.Raymond Hettinger2009-01-261-1/+1
|
* various SSL fixes; issues 1251, 3162, 3212Bill Janssen2008-06-281-58/+145
|
* This reverts r63675 based on the discussion in this thread:Gregory P. Smith2008-06-091-21/+21
| | | | | | | http://mail.python.org/pipermail/python-dev/2008-June/079988.html Python 2.6 should stick with PyString_* in its codebase. The PyBytes_* names in the spirit of 3.0 are available via a #define only. See the email thread.
* Renamed PyString to PyBytesChristian Heimes2008-05-261-21/+21
|
* Fix compiler warningsNeal Norwitz2008-03-271-2/+2
|
* Initialize variable to prevent warning on some platform/config.Neal Norwitz2008-01-271-2/+2
|
* #1629: Renamed Py_Size, Py_Type and Py_Refcnt to Py_SIZE, Py_TYPE and ↵Christian Heimes2007-12-191-3/+3
| | | | Py_REFCNT. Macros for b/w compatibility are available.
* Fixed warning in ssl moduleChristian Heimes2007-12-141-1/+1
|
* Add support for asyncore server-side SSL support. This requiresBill Janssen2007-09-161-49/+4
| | | | | | | | | | | | | | | adding the 'makefile' method to ssl.SSLSocket, and importing the requisite fakefile class from socket.py, and making the appropriate changes to it to make it use the SSL connection. Added sample HTTPS server to test_ssl.py, and test that uses it. Change SSL tests to use https://svn.python.org/, instead of www.sf.net and pop.gmail.com. Added utility function to ssl module, get_server_certificate, to wrap up the several things to be done to pull a certificate from a remote server.
* More work on SSL support.Bill Janssen2007-09-101-131/+672
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Much expanded test suite: All protocols tested against all other protocols. All protocols tested with all certificate options. Tests for bad key and bad cert. Test of STARTTLS functionality. Test of RAND_* functions. * Fixes for threading/malloc bug. * Issue 1065 fixed: sslsocket class renamed to SSLSocket. sslerror class renamed to SSLError. Function "wrap_socket" now used to wrap an existing socket. * Issue 1583946 finally fixed: Support for subjectAltName added. Subject name now returned as proper DN list of RDNs. * SSLError exported from socket as "sslerror". * RAND_* functions properly exported from ssl.py. * Documentation improved: Example of how to create a self-signed certificate. Better indexing.
* SSL certificate distinguished names should be represented by tuplesBill Janssen2007-09-051-10/+15
|
* > Some of the code sets the error string in this directly beforeGuido van Rossum2007-08-271-88/+110
| | | | | | | | | | | | | | | | | | | | | | | | | | | > returning NULL, and other pieces of the code call PySSL_SetError, > which creates the error string. I think some of the places which set > the string directly probably shouldn't; instead, they should call > PySSL_SetError to cons up the error name directly from the err code. > However, PySSL_SetError only works after the construction of an ssl > object, which means it can't be used there... I'll take a longer look > at it and see if there's a reasonable fix. Here's a patch which addresses this. It also fixes the indentation in PySSL_SetError, bringing it into line with PEP 7, fixes a compile warning about one of the OpenSSL macros, and makes the namespace a bit more consistent. I've tested it on FC 7 and OS X 10.4. % ./python ./Lib/test/regrtest.py -R :1: -u all test_ssl test_ssl beginning 6 repetitions 123456 ...... 1 test OK. [29244 refs] % [GvR: slightly edited to enforce 79-char line length, even if it required violating the style guide.]
* Fix a few more variables to try to get this to compile with Visual Studio.Neal Norwitz2007-08-251-2/+3
|
* Try to get this to build with Visual Studio by moving all the variableNeal Norwitz2007-08-251-17/+24
| | | | declarations to the beginning of a scope.
* Server-side SSL and certificate validation, by Bill Janssen.Guido van Rossum2007-08-251-91/+386
| | | | | While cleaning up Bill's C style, I may have cleaned up some code he didn't touch as well (in _ssl.c).
* PEP 3123: Provide forward compatibility with Python 3.0, while keepingMartin v. Löwis2007-07-211-5/+4
| | | | | backwards compatibility. Add Py_Refcnt, Py_Type, Py_Size, and PyVarObject_HEAD_INIT.
* Fix various minor errors in passing arguments toMartin v. Löwis2006-10-191-1/+1
| | | | PyArg_ParseTuple.
* #1494314: Fix a regression with high-numbered sockets in 2.4.3. ThisAnthony Baxter2006-07-111-1/+28
| | | | | means that select() on sockets > FD_SETSIZE (typically 1024) work again. The patch makes sockets use poll() internally where available.
* Don't mask a no memory error with a less meaningful one as discussed on ↵Neal Norwitz2006-05-111-3/+1
| | | | python-checkins
* Fix problems found by Coverity.Neal Norwitz2006-05-101-3/+3
| | | | | | | | | | | | | longobject.c: also fix an ssize_t problem <a> could have been NULL, so hoist the size calc to not use <a>. _ssl.c: under fail: self is DECREF'd, but it would have been NULL. _elementtree.c: delete self if there was an error. _csv.c: I'm not sure if lineterminator could have been anything other than a string. However, other string method calls are checked, so check this one too.
* Remove unused fieldNeal Norwitz2006-04-171-1/+0
|
* Patch #1380952: fix SSL objects timing out on consecutive read()sGeorg Brandl2006-03-311-8/+15
|
* Try to improve name based on discussion on python-checkins with Jim JewettNeal Norwitz2006-02-131-5/+5
|
* Introduce Py_SOCKET_FD_CAN_BE_GE_FD_SETSIZE.Martin v. Löwis2006-02-111-0/+2
| | | | Proposed by Tim Peters.
* Bug #876637, prevent stack corruption when socket descriptorNeal Norwitz2006-02-071-0/+14
| | | | | | | | | | | | | | | | | | is larger than FD_SETSIZE. This can only be acheived with ulimit -n SOME_NUMBER_BIGGER_THAN_FD_SETSIZE which is typically only available to root. Since this wouldn't normally be run in a test (ie, run as root), it doesn't seem too worthwhile to add a normal test. The bug report has one version of a test. I've written another. Not sure what the best thing to do is. Do the check before calling internal_select() because we can't set an error in between Py_BEGIN_ALLOW_THREADS and Py_END_ALLOW_THREADS. This seemed the clearest solution, ie handle before calling internal_select() rather than inside. Plus there is at least one place outside of internal_select() that needed to be handled. Will backport.
* Fix indentation (whitespace only).Neal Norwitz2006-02-071-3/+3
|
* Check return result from Py_InitModule*(). This API can fail.Neal Norwitz2006-01-191-0/+2
| | | | Probably should be backported.
* Add a missing decref -- PyErr_SetObject increfs the 'object'!Michael W. Hudson2004-08-041-0/+1
|
* [Patch #909007] Enable a bunch of safe bug workarounds in OpenSSL, for ↵Andrew M. Kuchling2004-07-101-0/+1
| | | | compatibility with various broken SSL implementations out there.
* [Patch #945642] Fix non-blocking SSL sockets, which blocked on reads/writes ↵Andrew M. Kuchling2004-07-101-26/+60
| | | | | | | in Python 2.3. (It turns out that the Debian unstable packaging of Python 2.3.4 includes this patch.) Patch by Tino Lange.
* Make socket.sslerror a subclass of socket.error .Brett Cannon2004-03-231-1/+3
| | | | Added socket.error to the socket module's C API.
* Patch #803998: Correctly check for error in SSL_write.Martin v. Löwis2003-10-271-2/+3
|
generated by cgit v0.12 at 2025-08-27 16:37:38 (GMT)