summaryrefslogtreecommitdiffstats
path: root/Modules/_ssl.c
Commit message (Collapse)AuthorAgeFilesLines
* Fix a crash when setting a servername callback on a SSL server socket and ↵Antoine Pitrou2013-04-111-12/+18
| | | | | | | the client doesn't send a server name. Patch by Kazuhiro Yoshida. (originally issue #8109)
* Fix comment about the OpenSSL version in which SNI version was introduced.Antoine Pitrou2013-03-301-1/+1
|
* Improve set_servername_callback docstring.Antoine Pitrou2013-03-301-3/+3
|
* Fix previous fix (the cause was actually a misplaced #endif, or so it seems)Antoine Pitrou2013-03-301-3/+1
|
* Further compiling fixes (issue #17581)Antoine Pitrou2013-03-301-1/+4
|
* Issue #17581: try to fix building on old OpenSSL versionsAntoine Pitrou2013-03-301-7/+27
|
* Issue #16692: The ssl module now supports TLS 1.1 and TLS 1.2. Initial ↵Antoine Pitrou2013-03-281-47/+77
| | | | patch by Michele Orrù.
* Issue #16982: Fix --without-threads build failure.Stefan Krah2013-01-171-3/+9
|
* SSLContext.load_dh_params() now properly closes the input file.Antoine Pitrou2013-01-121-0/+1
|\
| * SSLContext.load_dh_params() now properly closes the input file.Antoine Pitrou2013-01-121-0/+1
| |
* | Fix returning uninitialized variable (issue #8109).Antoine Pitrou2013-01-061-1/+1
| | | | | | | | Found by Christian with Coverity.
* | Issue #8109: The ssl module now has support for server-side SNI, thanks to a ↵Antoine Pitrou2013-01-051-5/+248
|/ | | | | | :meth:`SSLContext.set_servername_callback` method. Patch by Daniel Black.
* Issue #15977: Fix memory leak in Modules/_ssl.c when the function ↵Christian Heimes2012-09-201-0/+7
| | | | _set_npn_protocols() is called multiple times
* MERGE: Closes #15793: Stack corruption in ssl.RAND_egd()Jesus Cea2012-09-111-1/+1
|\
| * Closes #15793: Stack corruption in ssl.RAND_egd()Jesus Cea2012-09-111-1/+1
| |
* | Issue #15604: Update uses of PyObject_IsTrue() to check for and handle ↵Antoine Pitrou2012-08-151-3/+3
|\ \ | |/ | | | | | | | | errors correctly. Patch by Serhiy Storchaka.
| * Issue #15604: Update uses of PyObject_IsTrue() to check for and handle ↵Antoine Pitrou2012-08-151-1/+5
| | | | | | | | | | | | errors correctly. Patch by Serhiy Storchaka.
* | Issue #14837: SSL errors now have `library` and `reason` attributes ↵Antoine Pitrou2012-06-221-63/+199
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | describing precisely what happened and in which OpenSSL submodule. The str() of a SSLError is also enhanced accordingly. NOTE: this commit creates a reference leak. The leak seems tied to the use of PyType_FromSpec() to create the SSLError type. The leak is on the type object when it is instantiated: >>> e = ssl.SSLError() >>> sys.getrefcount(ssl.SSLError) 35 >>> e = ssl.SSLError() >>> sys.getrefcount(ssl.SSLError) 36 >>> e = ssl.SSLError() >>> sys.getrefcount(ssl.SSLError) 37
* | Issue #14204: The ssl module now has support for the Next Protocol ↵Antoine Pitrou2012-03-211-0/+115
| | | | | | | | | | | | Negotiation extension, if available in the underlying OpenSSL library. Patch by Colin Marc.
* | Fix last remaining build issues of _ssl under old OpenSSLs. Patch by Vinay.Antoine Pitrou2012-02-191-0/+5
| |
* | Try to really fix compilation failures of the _ssl module under very old ↵Antoine Pitrou2012-02-171-0/+6
| | | | | | | | OpenSSLs.
* | Fix compilation when SSL_OP_SINGLE_ECDH_USE isn't definedAntoine Pitrou2012-02-171-0/+2
| |
* | Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert().Antoine Pitrou2012-02-151-9/+14
|\ \ | |/
| * Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert().Antoine Pitrou2012-02-151-9/+14
| |
* | Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV ↵Antoine Pitrou2012-01-271-2/+4
|\ \ | |/ | | | | attack countermeasure.
| * Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV ↵Antoine Pitrou2012-01-271-2/+4
| |\ | | | | | | | | | attack countermeasure.
| | * Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV ↵Antoine Pitrou2012-01-271-1/+2
| | | | | | | | | | | | attack countermeasure.
* | | Issue #13626: Add support for SSL Diffie-Hellman key exchange, through theAntoine Pitrou2011-12-221-0/+35
| | | | | | | | | | | | SSLContext.load_dh_params() method and the ssl.OP_SINGLE_DH_USE option.
* | | Fix ssl module compilation if ECDH support was disabled in the OpenSSL build.Antoine Pitrou2011-12-211-0/+12
| | | | | | | | | | | | (followup to issue #13627)
* | | Issue #13634: Add support for querying and disabling SSL compression.Antoine Pitrou2011-12-201-0/+24
| | |
* | | Issue #13627: Add support for SSL Elliptic Curve-based Diffie-HellmanAntoine Pitrou2011-12-191-0/+30
| | | | | | | | | | | | | | | key exchange, through the SSLContext.set_ecdh_curve() method and the ssl.OP_SINGLE_ECDH_USE option.
* | | Issue #13635: Add ssl.OP_CIPHER_SERVER_PREFERENCE, so that SSL serversAntoine Pitrou2011-12-191-0/+2
| | | | | | | | | | | | | | | choose the cipher based on their own preferences, rather than on the client's.
* | | Issue #13458: Fix a memory leak in the ssl module when decoding a ↵Antoine Pitrou2011-11-231-0/+1
|\ \ \ | |/ / | | | | | | | | | | | | certificate with a subjectAltName. Patch by Robert Xiao.
| * | Issue #13458: Fix a memory leak in the ssl module when decoding a ↵Antoine Pitrou2011-11-231-0/+1
| | | | | | | | | | | | | | | | | | certificate with a subjectAltName. Patch by Robert Xiao.
* | | Issue #11183: Add finer-grained exceptions to the ssl module, so thatAntoine Pitrou2011-10-271-3/+57
| | | | | | | | | | | | you don't have to inspect the exception's attributes in the common case.
* | | Add a docstring to SSLErrorAntoine Pitrou2011-10-221-3/+8
| | |
* | | Use PyExc_OSError directly instead of grabbing it from the socket module APIAntoine Pitrou2011-10-221-1/+1
| | |
* | | Issue #13034: When decoding some SSL certificates, the subjectAltName ↵Antoine Pitrou2011-10-011-1/+1
|\ \ \ | |/ / | | | | | | extension could be unreported.
| * | Issue #13034: When decoding some SSL certificates, the subjectAltName ↵Antoine Pitrou2011-10-011-1/+1
| | | | | | | | | | | | extension could be unreported.
* | | Issue #12287: Fix a stack corruption in ossaudiodev module when the FD isCharles-François Natali2011-08-281-3/+1
|\ \ \ | |/ / | | | | | | greater than FD_SETSIZE.
| * | Issue #12287: Fix a stack corruption in ossaudiodev module when the FD isCharles-François Natali2011-08-281-3/+1
| | | | | | | | | | | | greater than FD_SETSIZE.
* | | Issue #12803: SSLContext.load_cert_chain() now accepts a password argumentAntoine Pitrou2011-08-251-21/+149
| | | | | | | | | | | | to be used if the private key is encrypted. Patch by Adam Simpkins.
* | | Issue #12551: Provide a get_channel_binding() method on SSL sockets so asAntoine Pitrou2011-07-201-0/+60
| | | | | | | | | | | | | | | | | | | | | | | | to get channel binding data for the current SSL session (only the "tls-unique" channel binding is implemented). This allows the implementation of certain authentication mechanisms such as SCRAM-SHA-1-PLUS. Patch by Jacek Konieczny.
* | | Issue #12440: When testing whether some bits in SSLContext.options can beAntoine Pitrou2011-07-081-9/+25
|\ \ \ | |/ / | | | | | | | | | reset, check the version of the OpenSSL headers Python was compiled against, rather than the runtime version of the OpenSSL library.
| * | Issue #12440: When testing whether some bits in SSLContext.options can beAntoine Pitrou2011-07-081-9/+25
| | | | | | | | | | | | | | | reset, check the version of the OpenSSL headers Python was compiled against, rather than the runtime version of the OpenSSL library.
| * | (Merge 3.1) Issue #12012: ssl.PROTOCOL_SSLv2 becomes optionalVictor Stinner2011-05-091-1/+7
| |\ \ | | |/ | | | | | | | | | | | | | | | OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2 protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid. Optimize also ssl.get_protocol_name(): speed does matter!
| | * Issue #12012: ssl.PROTOCOL_SSLv2 becomes optionalVictor Stinner2011-05-091-1/+7
| | | | | | | | | | | | | | | | | | | | | OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2 protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid. Optimize also ssl.get_protocol_name(): speed does matter!
| | * Merged revisions 87140 via svnmerge fromHirokazu Yamamoto2010-12-091-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r87140 | hirokazu.yamamoto | 2010-12-09 19:49:00 +0900 (木, 09 12 2010) | 2 lines Should call Py_INCREF for Py_None (Modules/_ssl.c: PySSL_cipher) ........
| | * Merged revisions 85432 via svnmerge fromBenjamin Peterson2010-10-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r85432 | benjamin.peterson | 2010-10-13 17:06:39 -0500 (Wed, 13 Oct 2010) | 1 line constify to appease compiler warnings ........
| | * Merged revisions 84464 via svnmerge fromAntoine Pitrou2010-09-031-29/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r84464 | antoine.pitrou | 2010-09-03 20:38:17 +0200 (ven., 03 sept. 2010) | 3 lines Issue #3805: clean up implementation of the _read method in _ssl.c. ........
generated by cgit v0.12 at 2025-03-02 12:34:50 (GMT)