summaryrefslogtreecommitdiffstats
path: root/Modules/_ssl.c
Commit message (Collapse)AuthorAgeFilesLines
* gh-95095: Use SSL_CTX_get_max_proto_version instead of SSL_CTX_ctrl (GH-95096)Miss Islington (bot)2022-07-211-2/+2
| | | | | | | | | | The wrapper macros are more readable and match the form recommended in the OpenSSL documentation. They also slightly less error-prone, as the mapping of arguments to SSL_CTX_ctrl is not always clear. (Though in this case it's straightforward.) https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_get_max_proto_version.html (cherry picked from commit 936f71e5d4f50f2238b0320d44f7fb5f88e39809) Co-authored-by: David Benjamin <davidben@davidben.net>
* gh-94637: Release GIL in SSLContext.set_default_verify_paths (GH-94658)Miss Islington (bot)2022-07-091-1/+5
| | | | | (cherry picked from commit 78307c7dc2352b6633138466debd4c10fae32970) Co-authored-by: Christian Heimes <christian@python.org>
* gh-94101 Disallow instantiation of SSLSession objects (GH-94102)Miss Islington (bot)2022-06-221-1/+2
| | | | | | | | Fixes GH-94101 Automerge-Triggered-By: GH:tiran (cherry picked from commit dc8e1d0390e16e90b2f74f6bd6417324a357bc23) Co-authored-by: chgnrdv <52372310+chgnrdv@users.noreply.github.com>
* bpo-46232: Fix parsing of certs with bit string in DN (GH-30351)Miss Islington (bot)2022-02-211-7/+19
| | | | | (cherry picked from commit be095f6c32188bba02079d086ac8639ea37cec3c) Co-authored-by: Christian Heimes <christian@python.org>
* Fix typo in a comment in Modules/_ssl.c: s/validata/validate/ (GH-27993) ↵Miss Islington (bot)2021-09-061-1/+1
| | | | | (GH-27997) (cherry picked from commit 28db1f61f20352c02e4ae1518e5aeb6505df3045)
* bpo-42854: Correctly use size_t for _ssl._SSLSocket.read and ↵Miss Islington (bot)2021-07-231-6/+6
| | | | | | | | | _ssl._SSLSocket.write (GH-27271) (GH-27308) (cherry picked from commit 83d1430ee5b8008631e7f2a75447e740eed065c1) Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com> Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
* bpo-44389: Fix typo in ssl deprecation warning message (GH-26754)Miss Islington (bot)2021-06-171-1/+1
| | | | | | `ssl.SSL_NO_TLS` should be `ssl.OP_NO_TLS`. (cherry picked from commit c544393b89f9b3e2b1a22588fc9ae58019314879) Co-authored-by: Joe <nigelchiang@outlook.com>
* [3.10] bpo-44389: Fix deprecation of OP_NO_TLSv1_3 (GH-26700) (GH-26705)Miss Islington (bot)2021-06-131-1/+1
| | | | | | | | | Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit bf527277d4e4907e32d76ca7ba667ab3149fe258) Co-authored-by: Christian Heimes <christian@python.org> Automerge-Triggered-By: GH:tiran
* bpo-44389: Remove duplicate SSL_OP_NO_TLSv1_2 flag (GH-26680)Miss Islington (bot)2021-06-131-1/+1
| | | | | (cherry picked from commit cb7230c7a7d6d497e54c25e9ba640eec79de10f2) Co-authored-by: Erlend Egeberg Aasland <erlend.aasland@innova.no>
* bpo-44362: ssl: improve deprecation warnings and docs (GH-26646)Miss Islington (bot)2021-06-111-14/+28
| | | | | | Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit e26014f1c47d26d6097ff7a0f25384bfbde714a9) Co-authored-by: Christian Heimes <christian@python.org>
* bpo-44252: Correctly implement gc support for SSLError objects (GH-26439) ↵Miss Islington (bot)2021-05-281-2/+1
| | | | | | | (GH-26441) (cherry picked from commit 8b4312b909abff3100c1f18fb3efa5c25617fee3) Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* bpo-42972: Fully implement GC protocol for ssl heap types (GH-26370) (GH-26399)Miss Islington (bot)2021-05-271-28/+45
| | | | | (cherry picked from commit dcb8786a9848516e823e090bb36079678913d8d3) Co-authored-by: Erlend Egeberg Aasland <erlend.aasland@innova.no>
* bpo-43908: Mark ssl, hash, and hmac types as immutable (GH-25792)Christian Heimes2021-05-021-5/+5
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43998: Default to TLS 1.2 and increase cipher suite security (GH-25778)Christian Heimes2021-05-011-5/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ssl module now has more secure default settings. Ciphers without forward secrecy or SHA-1 MAC are disabled by default. Security level 2 prohibits weak RSA, DH, and ECC keys with less than 112 bits of security. :class:`~ssl.SSLContext` defaults to minimum protocol version TLS 1.2. Settings are based on Hynek Schlawack's research. ``` $ openssl version OpenSSL 1.1.1k FIPS 25 Mar 2021 $ openssl ciphers -v '@SECLEVEL=2:ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES:DHE+AES:!aNULL:!eNULL:!aDSS:!SHA1:!AESCCM' TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD TLS_AES_128_CCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESCCM(128) Mac=AEAD ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256 ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 ``` Signed-off-by: Christian Heimes <christian@python.org>
* bpo-18233: Add internal methods to access peer chain (GH-25467)Christian Heimes2021-04-261-1/+83
| | | | | | | | | | | | The internal `_ssl._SSLSocket` object now provides methods to retrieve the peer cert chain and verified cert chain as a list of Certificate objects. Certificate objects have methods to convert the cert to a dict, PEM, or DER (ASN.1). These are private APIs for now. There is a slim chance to stabilize the approach and provide a public API for 3.10. Otherwise I'll provide a stable API in 3.11. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-35114: Make ssl.RAND_status() return a bool (GH-20063)Zackery Spytz2021-04-231-3/+3
|
* bpo-43920: Make load_verify_locations(cadata) error message consistent ↵Christian Heimes2021-04-231-7/+16
| | | | | (GH-25554) Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43799: Also define SSLv3_method() (GH-25481)Christian Heimes2021-04-201-0/+3
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-40849: Expose X509_V_FLAG_PARTIAL_CHAIN ssl flag (GH-20463)l0x2021-04-191-0/+5
| | | This short PR exposes an openssl flag that wasn't exposed. I've also updated to doc to reflect the change. It's heavily inspired by 990fcaac3c428569697f62a80fd95ab4d4b93151.
* bpo-43880: Show DeprecationWarnings for deprecated ssl module features ↵Christian Heimes2021-04-191-14/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | (GH-25455) * ssl.OP_NO_SSLv2 * ssl.OP_NO_SSLv3 * ssl.OP_NO_TLSv1 * ssl.OP_NO_TLSv1_1 * ssl.OP_NO_TLSv1_2 * ssl.OP_NO_TLSv1_3 * ssl.PROTOCOL_SSLv2 * ssl.PROTOCOL_SSLv3 * ssl.PROTOCOL_SSLv23 (alias for PROTOCOL_TLS) * ssl.PROTOCOL_TLS * ssl.PROTOCOL_TLSv1 * ssl.PROTOCOL_TLSv1_1 * ssl.PROTOCOL_TLSv1_2 * ssl.TLSVersion.SSLv3 * ssl.TLSVersion.TLSv1 * ssl.TLSVersion.TLSv1_1 * ssl.wrap_socket() * ssl.RAND_pseudo_bytes() * ssl.RAND_egd() (already removed since it's not supported by OpenSSL 1.1.1) * ssl.SSLContext() without a protocol argument * ssl.match_hostname() * hashlib.pbkdf2_hmac() (pure Python implementation, fast OpenSSL function will stay) Signed-off-by: Christian Heimes <christian@python.org>
* bpo-42854: Use SSL_read/write_ex() (GH-25468)Christian Heimes2021-04-191-18/+14
| | | | | | | | The ssl module now uses ``SSL_read_ex`` and ``SSL_write_ex`` internally. The functions support reading and writing of data larger than 2 GB. Writing zero-length data no longer fails with a protocol violation error. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-42333: Port _ssl extension to multiphase initialization (PEP 489) (GH-23253)Christian Heimes2021-04-171-344/+408
| | | | | | | | | - Introduce sslmodule_slots - Introduce sslmodulestate - Use sslmodulestate - Get rid of PyState_FindModule - Move new structs and helpers to header file - Use macros to access state - Keep a strong ref to socket type
* bpo-43669: Remove OpenSSL 0.9 to 1.1.0 specific documentation (GH-25453)Christian Heimes2021-04-171-33/+0
|
* bpo-43669: PEP 644: Require OpenSSL 1.1.1 or newer (GH-23014)Christian Heimes2021-04-171-527/+10
| | | | | | | | | | | | | | | | | | | | | | | | - Remove HAVE_X509_VERIFY_PARAM_SET1_HOST check - Update hashopenssl to require OpenSSL 1.1.1 - multissltests only OpenSSL > 1.1.0 - ALPN is always supported - SNI is always supported - Remove deprecated NPN code. Python wrappers are no-op. - ECDH is always supported - Remove OPENSSL_VERSION_1_1 macro - Remove locking callbacks - Drop PY_OPENSSL_1_1_API macro - Drop HAVE_SSL_CTX_CLEAR_OPTIONS macro - SSL_CTRL_GET_MAX_PROTO_VERSION is always defined now - security level is always available now - get_num_tickets is available with TLS 1.3 - X509_V_ERR MISMATCH is always available now - Always set SSL_MODE_RELEASE_BUFFERS - X509_V_FLAG_TRUSTED_FIRST is always available - get_ciphers is always supported - SSL_CTX_set_keylog_callback is always available - Update Modules/Setup with static link example - Mention PEP in whatsnew - Drop 1.0.2 and 1.1.0 from GHA tests
* bpo-43522: Fix SSLContext.hostname_checks_common_name (GH-24899)Christian Heimes2021-04-171-0/+5
| | | | | | Fix problem with ssl.SSLContext.hostname_checks_common_name. OpenSSL does not copy hostflags from *struct SSL_CTX* to *struct SSL*. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43799: OpenSSL 3.0.0: declare OPENSSL_API_COMPAT 1.1.1 (GH-25329)Christian Heimes2021-04-131-19/+14
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43794: OpenSSL 3.0.0: set OP_IGNORE_UNEXPECTED_EOF by default (GH-25309)Christian Heimes2021-04-091-0/+8
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43788: Generate version specific _ssl_data.h (GH-25300)Christian Heimes2021-04-091-0/+6
| | | | | Signed-off-by: Christian Heimes <christian@python.org> Automerge-Triggered-By: GH:tiran
* bpo-43789: OpenSSL 3.0.0 Don't call passwd callback again in error case ↵Christian Heimes2021-04-091-0/+7
| | | | (GH-25303)
* bpo-43577: Fix deadlock with SSLContext._msg_callback and sni_callback ↵Christian Heimes2021-03-211-0/+5
| | | | | | | | | | | | (GH-24957) OpenSSL copies the internal message callback from SSL_CTX->msg_callback to SSL->msg_callback. SSL_set_SSL_CTX() does not update SSL->msg_callback to use the callback value of the new context. PySSL_set_context() now resets the callback and _PySSL_msg_callback() resets thread state in error path. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-39342: Expose X509_V_FLAG_ALLOW_PROXY_CERTS in ssl module (GH-18011)Chris Burr2021-03-181-0/+2
| | | Exposes the `X509_V_FLAG_ALLOW_PROXY_CERTS` constant as `ssl.VERIFY_ALLOW_PROXY_CERTS` to allow for proxy certificate validation as described in: https://www.openssl.org/docs/man1.1.1/man7/proxy-certificates.html
* Correct return type in Modules/_ssl.c::sslmodule_legacy (GH-23609)Pablo Galindo2020-12-021-1/+1
|
* bpo-42519: Replace PyObject_MALLOC() with PyObject_Malloc() (GH-23587)Victor Stinner2020-12-011-1/+1
| | | | | | | | | No longer use deprecated aliases to functions: * Replace PyObject_MALLOC() with PyObject_Malloc() * Replace PyObject_REALLOC() with PyObject_Realloc() * Replace PyObject_FREE() with PyObject_Free() * Replace PyObject_Del() with PyObject_Free() * Replace PyObject_DEL() with PyObject_Free()
* bpo-42519: Replace PyMem_MALLOC() with PyMem_Malloc() (GH-23586)Victor Stinner2020-12-011-3/+3
| | | | | | | | | | | No longer use deprecated aliases to functions: * Replace PyMem_MALLOC() with PyMem_Malloc() * Replace PyMem_REALLOC() with PyMem_Realloc() * Replace PyMem_FREE() with PyMem_Free() * Replace PyMem_Del() with PyMem_Free() * Replace PyMem_DEL() with PyMem_Free() Modify also the PyMem_DEL() macro to use directly PyMem_Free().
* bpo-42423: Accept single base class in PyType_FromModuleAndSpec() (GH-23441)Serhiy Storchaka2020-11-221-6/+1
|
* bpo-42333: Port _ssl extension module to heap types (GH-23392)Christian Heimes2020-11-201-328/+354
| | | All types in _ssl module are now heap types.
* bpo-42413: socket.timeout is now an alias of TimeoutError (GH-23413)Christian Heimes2020-11-201-6/+6
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-42144: Add a missing "goto error;" in the _ssl module (GH-22959)Zackery Spytz2020-10-251-0/+1
|
* bpo-31122: ssl.wrap_socket() now raises ssl.SSLEOFError rather than OSError ↵Dima Tisnek2020-08-151-4/+5
| | | | | | | when peer closes connection during TLS negotiation (GH-18772) [bpo-31122](): ssl.wrap_socket() now raises ssl.SSLEOFError rather than OSError when peer closes connection during TLS negotiation Reproducer: http://tiny.cc/f4ztnz (tiny url because some bot keeps renaming b.p.o.-nnn as bpo links)
* bpo-41195: Add getter for Openssl security level (GH-21282)matthewhughes9342020-07-171-0/+13
| | | | | | | | | | | Add an accessor under SSLContext.security_level as a wrapper around SSL_CTX_get_security_level, see: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_get_security_level.html ------ This is my first time contributing, so please pull me up on all the things I missed or did incorrectly. Automerge-Triggered-By: @tiran
* bpo-41252: Fix incorrect refcounting in _ssl.c's _servername_callback() ↵Zackery Spytz2020-07-091-1/+2
| | | | (GH-21407)
* closes bpo-41235: Fix the error handling in SSLContext.load_dh_params() ↵Zackery Spytz2020-07-081-2/+4
| | | | (GH-21385)
* bpo-30008: Fix OpenSSL no-deprecated compilation (GH-20397)Christian Heimes2020-06-011-11/+45
| | | | | | | | | Fix :mod:`ssl`` code to be compatible with OpenSSL 1.1.x builds that use ``no-deprecated`` and ``--api=1.1.0``. Note: Tests assume full OpenSSL API and fail with limited API. Signed-off-by: Christian Heimes <christian@python.org> Co-authored-by: Mark Wright <gienah@gentoo.org>
* bpo-40457: Support OpenSSL without TLS 1.0/1.1 (GH-19862)Christian Heimes2020-05-161-34/+27
| | | | | | | | | | | OpenSSL can be build without support for TLS 1.0 and 1.1. The ssl module now correctly adheres to OPENSSL_NO_TLS1 and OPENSSL_NO_TLS1_1 flags. Also update multissltest to test with latest OpenSSL and LibreSSL releases. Signed-off-by: Christian Heimes <christian@python.org> Automerge-Triggered-By: @tiran
* bpo-40515: Require OPENSSL_THREADS (GH-19953)Christian Heimes2020-05-151-1/+5
| | | | | | | The ``ssl`` and ``hashlib`` modules now actively check that OpenSSL is build with thread support. Python 3.7.0 made thread support mandatory and no longer works safely with a no-thread builds. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-40268: Remove explicit pythread.h includes (#19529)Victor Stinner2020-04-151-2/+0
| | | | Remove explicit pythread.h includes: it is always included by Python.h.
* bpo-39943: Add the const qualifier to pointers on non-mutable PyBytes data. ↵Serhiy Storchaka2020-04-121-1/+1
| | | | (GH-19472)
* bpo-39573: Clean up modules and headers to use Py_IS_TYPE() function (GH-18521)Dong-hee Na2020-02-171-3/+3
|
* bpo-39272: Remove dead assignment from ↵Alex Henrie2020-01-091-1/+0
| | | | _ssl__SSLContext_load_verify_locations_impl (GH-17916)
* bpo-38820: OpenSSL 3.0.0 compatibility. (GH-17190)Christian Heimes2019-12-071-1/+48
| | | | | | | | | | test_openssl_version now accepts version 3.0.0. getpeercert() no longer returns IPv6 addresses with a trailing new line. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue38820
generated by cgit v0.12 at 2026-01-04 10:23:19 (GMT)