summaryrefslogtreecommitdiffstats
path: root/Modules/_ssl.c
Commit message (Collapse)AuthorAgeFilesLines
...
* bpo-37648: Fixed minor inconsistency in some __contains__. (GH-14904)Serhiy Storchaka2019-08-041-2/+1
| | | | | The collection's item is now always at the left and the needle is on the right of ==.
* bpo-37120: Fix _ssl get_num_tickets() (GH-14668)Victor Stinner2019-07-091-1/+1
| | | | | | | Replace PyLong_FromLong() with PyLong_FromSize_t(): SSL_CTX_get_num_tickets() return type is size_t. https://bugs.python.org/issue37120
* bpo-37428: Don't set PHA verify flag on client side (GH-14421)Christian Heimes2019-07-011-17/+26
| | | | | | | | | | | | SSLContext.post_handshake_auth = True no longer sets SSL_VERIFY_POST_HANDSHAKE verify flag for client connections. Although the option is documented as ignored for clients, OpenSSL implicitly enables cert chain validation when the flag is set. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue37428
* bpo-37120: Add SSLContext.num_tickets (GH-13719)Christian Heimes2019-06-031-0/+37
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-34271: Add ssl debugging helpers (GH-10031)Christian Heimes2019-05-311-11/+93
| | | | | | | | | | | The ssl module now can dump key material to a keylog file and trace TLS protocol messages with a tracing callback. The default and stdlib contexts also support SSLKEYLOGFILE env var. The msg_callback and related enums are private members. The feature is designed for internal debugging and not for end users. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-339827: Do not swallow exceptions in the _ssl module. (GH-12756)Serhiy Storchaka2019-05-311-37/+52
|
* bpo-36974: tp_print -> tp_vectorcall_offset and tp_reserved -> tp_as_async ↵Jeroen Demeyer2019-05-311-8/+8
| | | | | | | | | (GH-13464) Automatically replace tp_print -> tp_vectorcall_offset tp_compare -> tp_as_async tp_reserved -> tp_as_async
* bpo-35926: Add support for OpenSSL 1.1.1b on Windows (GH-11779)Paul Monson2019-05-151-1/+1
|
* bpo-36641: Add "const" to PyDoc_VAR macro (GH-12854)Inada Naoki2019-04-161-1/+1
| | | It reduces "data" segment in python about 200KB.
* bpo-35941: Fix ssl certificate enumeration for windows (GH-12486)kctherookie2019-03-281-20/+89
| | | Add a function to collect certificates from several certificate stores into one certificate collection store that is then enumerated. This ensures we load as many certificates as we can access.
* bpo-36254: Fix invalid uses of %d in format strings in C. (GH-12264)Serhiy Storchaka2019-03-131-1/+1
|
* bpo-35746: Fix segfault in ssl's cert parser (GH-11569)Christian Heimes2019-01-151-0/+4
| | | | | | | | | | | Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746
* bpo-35504: Fix segfaults and SystemErrors when deleting certain attrs. ↵Zackery Spytz2018-12-171-0/+4
| | | | (GH-11175)
* bpo-35436: Add missing PyErr_NoMemory() calls and other minor bug fixes. ↵Zackery Spytz2018-12-071-0/+13
| | | | | | (GH-11015) Set MemoryError when appropriate, add missing failure checks, and fix some potential leaks.
* bpo-35059: Cleanup usage of Python macros (GH-10648)Victor Stinner2018-11-221-3/+6
| | | | | | | | | | | | | Don't pass complex expressions but regular variables to Python macros. * _datetimemodule.c: split single large "if" into two "if" in date_new(), time_new() and datetime_new(). * _pickle.c, load_extension(): flatten complex "if" expression into more regular C code. * _ssl.c: addbool() now uses a temporary bool_obj to only evaluate the value once. * weakrefobject.c: replace "Py_INCREF(result = proxy);" with "result = proxy; Py_INCREF(result);"
* bpo-34824: Fix a possible NULL pointer dereference in _ssl.c (GH-9606)Zackery Spytz2018-10-061-2/+7
| | | | | | | On failure, _PyBytes_Resize() will deallocate the bytes object and set "result" to NULL. https://bugs.python.org/issue34824
* bpo-34906: Doc: Fix typos (GH-9712)Stéphane Wirtel2018-10-051-1/+1
|
* bpo-34670: Add TLS 1.3 post handshake auth (GH-9460)Christian Heimes2018-09-231-8/+92
| | | | | | | | | | Add SSLContext.post_handshake_auth and SSLSocket.verify_client_post_handshake for TLS 1.3 post-handshake authentication. Signed-off-by: Christian Heimes <christian@python.org>q https://bugs.python.org/issue34670
* bpo-34759: Fix error handling in ssl 'unwrap()' (GH-9468)Nathaniel J. Smith2018-09-221-2/+2
| | | | | | | | | | | | | | | OpenSSL follows the convention that whenever you call a function, it returns an error indicator value; and if this value is negative, then you need to go look at the actual error code to see what happened. Commit c6fd1c1c3a introduced a small mistake in _ssl__SSLSocket_shutdown_impl: instead of checking whether the error indicator was negative, it started checking whether the actual error code was negative, and it turns out that the error codes are never negative. So the effect was that 'unwrap()' lost the ability to raise SSL errors. https://bugs.python.org/issue34759
* bpo-32533: Fixed thread-safety of error handling in _ssl. (GH-7158)Steve Dower2018-09-171-60/+68
|
* bpo-34710: fix SSL module build (GH-9347)Alexandru Ardelean2018-09-171-0/+1
| | | | | | Include ``openssl/dh.h`` header file to fix implicit function declaration of ``DH_free()``. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* bpo-31432: Revert unrelated code changes to _ssl.c and test_ssl (GH-7650)Ned Deily2018-06-121-2/+2
|
* bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (GH-3530)Christian Heimes2018-06-111-2/+2
| | | | | | | | | The documentation for CERT_NONE, CERT_OPTIONAL, and CERT_REQUIRED were misleading and partly wrong. It fails to explain that OpenSSL behaves differently in client and server mode. Also OpenSSL does validate the cert chain everytime. With SSL_VERIFY_NONE a validation error is not fatal in client mode and does not request a client cert in server mode. Also discourage people from using CERT_OPTIONAL in client mode.
* Remove an unneeded call into OpenSSL (GH-6887)Alex Gaynor2018-05-161-1/+0
|
* bpo-32257: Add ssl.OP_NO_RENEGOTIATION (GH-5904)Christian Heimes2018-05-151-0/+4
| | | | | | | | The ssl module now contains OP_NO_RENEGOTIATION constant, available with OpenSSL 1.1.0h or 1.1.1. Note, OpenSSL 1.1.0h hasn't been released yet. Signed-off-by: Christian Heimes <christian@python.org>
* Fixed an unused variable warning introduced in GH-6800 (GH-6816)Alex Gaynor2018-05-141-1/+0
|
* Remove `ifdef` check for an OpenSSL version (0.9.6) we don't support (GH-6800)Alex Gaynor2018-05-141-5/+2
|
* bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229)Christian Heimes2018-03-251-3/+4
| | | | | | | Harden ssl module against LibreSSL CVE-2018-8970. X509_VERIFY_PARAM_set1_host() is called with an explicit namelen. A new test ensures that NULL bytes are not allowed. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-33127: Compatibility patch for LibreSSL 2.7.0 (GH-6210)Christian Heimes2018-03-241-6/+16
| | | | | | | | | | LibreSSL 2.7 introduced OpenSSL 1.1.0 API. The ssl module now detects LibreSSL 2.7 and only provides API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7. Documentation updates and fixes for failing tests will be provided in another patch set. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-31453: Add setter for min/max protocol version (#5259)Christian Heimes2018-02-271-22/+212
| | | | | | | | | | | | OpenSSL 1.1 has introduced a new API to set the minimum and maximum supported protocol version. The API is easier to use than the old OP_NO_TLS1 option flags, too. Since OpenSSL has no call to set minimum version to highest supported, the implementation emulate maximum_version = MINIMUM_SUPPORTED and minimum_version = MAXIMUM_SUPPORTED by figuring out the minumum and maximum supported version at compile time. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes (#5663)Christian Heimes2018-02-271-0/+4
| | | | | | | | | | | | | | | | | | * bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes Misc fixes and workarounds for compatibility with OpenSSL 1.1.1-pre1 and TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by default. Some test cases only apply to TLS 1.2. Other tests currently fail because the threaded or async test servers stop after failure. I'm going to address these issues when OpenSSL 1.1.1 reaches beta. OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS 1.3. The feature is enabled by default for maximum compatibility with broken middle boxes. Users should be able to disable the hack and CPython's test suite needs it to verify default options. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-30622: Fix NPN for OpenSSL 1.1.1-pre1 (#5876)Christian Heimes2018-02-251-20/+25
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-30622: Improve NPN support detection (#5859)Christian Heimes2018-02-241-8/+21
| | | | | | The ssl module now detects missing NPN support in LibreSSL. Co-Authored-By: Bernard Spil <brnrd@FreeBSD.org> Signed-off-by: Christian Heimes <christian@python.org>
* bpo-24334: Cleanup SSLSocket (#5252)Christian Heimes2018-02-241-30/+60
| | | | | | | | | | | | | * The SSLSocket is no longer implemented on top of SSLObject to avoid an extra level of indirection. * Owner and session are now handled in the internal constructor. * _ssl._SSLSocket now uses the same method names as SSLSocket and SSLObject. * Channel binding type check is now handled in C code. Channel binding is always available. The patch also changes the signature of SSLObject.__init__(). In my opinion it's fine. A SSLObject is not a user-constructable object. SSLContext.wrap_bio() is the only valid factory.
* [bpo-28414] Make all hostnames in SSL module IDN A-labels (GH-5128)Christian Heimes2018-02-241-54/+77
| | | | | | | | | | | | Previously, the ssl module stored international domain names (IDNs) as U-labels. This is problematic for a number of reasons -- for example, it made it impossible for users to use a different version of IDNA than the one built into Python. After this change, we always convert to A-labels as soon as possible, and use them for all internal processing. In particular, server_hostname attribute is now an A-label, and on the server side there's a new sni_callback that receives the SNI servername as an A-label rather than a U-label.
* bpo-31429: Define TLS cipher suite on build time (#3532)Christian Heimes2018-01-291-1/+34
| | | | | | | | | | | | | Until now Python used a hard coded white list of default TLS cipher suites. The old approach has multiple downsides. OpenSSL's default selection was completely overruled. Python did neither benefit from new cipher suites (ChaCha20, TLS 1.3 suites) nor blacklisted cipher suites. For example we used to re-enable 3DES. Python now defaults to OpenSSL DEFAULT cipher suite selection and black lists all unwanted ciphers. Downstream vendors can override the default cipher list with --with-ssl-default-suites. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-31399: Let OpenSSL verify hostname and IP address (#3462)Christian Heimes2018-01-271-32/+140
| | | | | | | | | | | | | | | bpo-31399: Let OpenSSL verify hostname and IP The ssl module now uses OpenSSL's X509_VERIFY_PARAM_set1_host() and X509_VERIFY_PARAM_set1_ip() API to verify hostname and IP addresses. * Remove match_hostname calls * Check for libssl with set1_host, libssl must provide X509_VERIFY_PARAM_set1_host() * Add documentation for OpenSSL 1.0.2 requirement * Don't support OpenSSL special mode with a leading dot, e.g. ".example.org" matches "www.example.org". It's not standard conform. * Add hostname_checks_common_name Signed-off-by: Christian Heimes <christian@python.org>
* bpo-32598: Use autoconf to detect usable OpenSSL (#5242)Christian Heimes2018-01-201-0/+7
| | | | | | | | | | | | | | Add https://www.gnu.org/software/autoconf-archive/ax_check_openssl.html to auto-detect compiler flags, linker flags and libraries to compile OpenSSL extensions. The M4 macro uses pkg-config and falls back to manual detection. Add autoconf magic to detect usable X509_VERIFY_PARAM_set1_host() and related functions. Refactor setup.py to use new config vars to compile _ssl and _hashlib modules. Signed-off-by: Christian Heimes <christian@python.org>
* completly -> completely (#3999) (closes bpo-31788)Semen Zhydenko2017-10-151-1/+1
|
* bpo-31431: SSLContext.check_hostname auto-sets CERT_REQUIRED (#3531)Christian Heimes2017-09-151-4/+4
| | | Signed-off-by: Christian Heimes <christian@python.org>
* _ssl_: Fix compiler warning (#3559)Victor Stinner2017-09-141-1/+1
| | | | | | | Cast Py_buffer.len (Py_ssize_t, signed) to size_t (unsigned) to prevent the following warning: Modules/_ssl.c:3089:21: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
* bpo-31400: Improve SSL error handling on Windows (#3463)Steve Dower2017-09-081-10/+48
| | | | | | * bpo-31392: Improve SSL error handling on Windows * Remove unnecessary Windows mention in NEWS
* bpo-28182: restore backwards compatibility (#3464)Christian Heimes2017-09-081-0/+5
| | | | | b3ad0e5 broke backwards compatibility with OpenSSL < 1.0.2. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-28182: Expose OpenSSL verification results (#3412)Christian Heimes2017-09-081-17/+91
| | | | | | | | | The SSL module now raises SSLCertVerificationError when OpenSSL fails to verify the peer's certificate. The exception contains more information about the error. Original patch by Chi Hsuan Yen Signed-off-by: Christian Heimes <christian@python.org>
* bpo-29136: Add TLS 1.3 cipher suites and OP_NO_TLSv1_3 (#1363)Christian Heimes2017-09-081-0/+13
| | | | | | | | | | | | | | | | * bpo-29136: Add TLS 1.3 support TLS 1.3 introduces a new, distinct set of cipher suites. The TLS 1.3 cipher suites don't overlap with cipher suites from TLS 1.2 and earlier. Since Python sets its own set of permitted ciphers, TLS 1.3 handshake will fail as soon as OpenSSL 1.1.1 is released. Let's enable the common AES-GCM and ChaCha20 suites. Additionally the flag OP_NO_TLSv1_3 is added. It defaults to 0 (no op) with OpenSSL prior to 1.1.1. This allows applications to opt-out from TLS 1.3 now. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-28958: Improve SSLContext error reporting. (#3414)Christian Heimes2017-09-071-2/+1
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-31370: Remove support for threads-less builds (#3385)Antoine Pitrou2017-09-071-29/+1
| | | | | | * Remove Setup.config * Always define WITH_THREAD for compatibility.
* bpo-29781: Fix SSLObject.version before handshake (#3364)Christian Heimes2017-09-061-0/+4
| | | | | | SSLObject.version() now correctly returns None when handshake over BIO has not been performed yet. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-30102: Call OPENSSL_add_all_algorithms_noconf (#3112)Christian Heimes2017-09-051-1/+5
| | | | | | | | The ssl and hashlib modules now call OPENSSL_add_all_algorithms_noconf() on OpenSSL < 1.1.0. The function detects CPU features and enables optimizations on some CPU architectures such as POWER8. Patch is based on research from Gustavo Serra Scalet. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-30502: Fix handling of long oids in ssl. (#2909)Serhiy Storchaka2017-09-041-43/+47
|
generated by cgit v0.12 at 2025-04-10 13:29:39 (GMT)