summaryrefslogtreecommitdiffstats
path: root/Modules/_ssl.c
Commit message (Collapse)AuthorAgeFilesLines
* bpo-46541: remove usage of _Py_IDENTIFIER from _ssl module (GH-31599)Kumar Aditya2022-03-011-10/+32
|
* bpo-46232: Fix parsing of certs with bit string in DN (GH-30351)Christian Heimes2022-02-201-7/+19
|
* bpo-46613: Add PyType_GetModuleByDef to the public API (GH-31081)Petr Viktorin2022-02-111-2/+2
| | | | | * Make PyType_GetModuleByDef public (remove underscore) Co-authored-by: Victor Stinner <vstinner@python.org>
* bpo-46541: Replace core use of _Py_IDENTIFIER() with statically initialized ↵Eric Snow2022-02-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | global objects. (gh-30928) We're no longer using _Py_IDENTIFIER() (or _Py_static_string()) in any core CPython code. It is still used in a number of non-builtin stdlib modules. The replacement is: PyUnicodeObject (not pointer) fields under _PyRuntimeState, statically initialized as part of _PyRuntime. A new _Py_GET_GLOBAL_IDENTIFIER() macro facilitates lookup of the fields (along with _Py_GET_GLOBAL_STRING() for non-identifier strings). https://bugs.python.org/issue46541#msg411799 explains the rationale for this change. The core of the change is in: * (new) Include/internal/pycore_global_strings.h - the declarations for the global strings, along with the macros * Include/internal/pycore_runtime_init.h - added the static initializers for the global strings * Include/internal/pycore_global_objects.h - where the struct in pycore_global_strings.h is hooked into _PyRuntimeState * Tools/scripts/generate_global_objects.py - added generation of the global string declarations and static initializers I've also added a --check flag to generate_global_objects.py (along with make check-global-objects) to check for unused global strings. That check is added to the PR CI config. The remainder of this change updates the core code to use _Py_GET_GLOBAL_IDENTIFIER() instead of _Py_IDENTIFIER() and the related _Py*Id functions (likewise for _Py_GET_GLOBAL_STRING() instead of _Py_static_string()). This includes adding a few functions where there wasn't already an alternative to _Py*Id(), replacing the _Py_Identifier * parameter with PyObject *. The following are not changed (yet): * stop using _Py_IDENTIFIER() in the stdlib modules * (maybe) get rid of _Py_IDENTIFIER(), etc. entirely -- this may not be doable as at least one package on PyPI using this (private) API * (maybe) intern the strings during runtime init https://bugs.python.org/issue46541
* bpo-46670: Remove unused macros in the Modules directory (GH-31194)Victor Stinner2022-02-071-2/+0
| | | | | * bpo-46670: Remove unused macros in the Modules directory * Add again LINKAT_DIR_FD_CONVERTER: generated by Argument Clinic
* bpo-45439: Move _PyObject_CallNoArgs() to pycore_call.h (GH-28895)Victor Stinner2021-10-121-1/+1
| | | | | | | * Move _PyObject_CallNoArgs() to pycore_call.h (internal C API). * _ssl, _sqlite and _testcapi extensions now call the public PyObject_CallNoArgs() function, rather than _PyObject_CallNoArgs(). * _lsprof extension is now built with Py_BUILD_CORE_MODULE macro defined to get access to internal _PyObject_CallNoArgs().
* bpo-45439: Rename _PyObject_CallNoArg() to _PyObject_CallNoArgs() (GH-28891)Victor Stinner2021-10-111-1/+1
| | | | | Fix typo in the private _PyObject_CallNoArg() function name: rename it to _PyObject_CallNoArgs() to be consistent with the public function PyObject_CallNoArgs().
* bpo-41710: Add private _PyDeadline_Get() function (GH-28674)Victor Stinner2021-10-011-14/+20
| | | | | | | | Add a private C API for deadlines: add _PyDeadline_Init() and _PyDeadline_Get() functions. * Add _PyTime_Add() and _PyTime_Mul() functions which compute t1+t2 and t1*t2 and clamp the result on overflow. * _PyTime_MulDiv() now uses _PyTime_Add() and _PyTime_Mul().
* bpo-41710: Add _PyTime_AsTimespec_clamp() (GH-28629)Victor Stinner2021-09-301-1/+1
| | | | | | | | | | | | | | | Add the _PyTime_AsTimespec_clamp() function: similar to _PyTime_AsTimespec(), but clamp to _PyTime_t min/max and don't raise an exception. PyThread_acquire_lock_timed() now uses _PyTime_AsTimespec_clamp() to remove the Py_UNREACHABLE() code path. * Add _PyTime_AsTime_t() function. * Add PY_TIME_T_MIN and PY_TIME_T_MAX constants. * Replace _PyTime_AsTimeval_noraise() with _PyTime_AsTimeval_clamp(). * Add pytime_divide_round_up() function. * Fix integer overflow in pytime_divide(). * Add pytime_divmod() function.
* Fix typo in a comment in Modules/_ssl.c: s/validata/validate/ (GH-27993)Adam Dangoor2021-08-271-1/+1
|
* bpo-42854: Correctly use size_t for _ssl._SSLSocket.read and ↵Pablo Galindo Salgado2021-07-231-6/+6
| | | | _ssl._SSLSocket.write (GH-27271)
* bpo-44389: Fix typo in ssl deprecation warning message (GH-26754)Joe2021-06-171-1/+1
| | | `ssl.SSL_NO_TLS` should be `ssl.OP_NO_TLS`.
* bpo-44389: Fix deprecation of OP_NO_TLSv1_3 (GH-26700)Christian Heimes2021-06-131-1/+1
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-44389: Remove duplicate SSL_OP_NO_TLSv1_2 flag (GH-26680)Erlend Egeberg Aasland2021-06-121-1/+1
|
* bpo-44362: ssl: improve deprecation warnings and docs (GH-26646)Christian Heimes2021-06-111-14/+28
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-44252: Correctly implement gc support for SSLError objects (GH-26439)Pablo Galindo2021-05-281-2/+1
|
* bpo-42972: Fully implement GC protocol for ssl heap types (GH-26370)Erlend Egeberg Aasland2021-05-271-28/+45
|
* bpo-43908: Mark ssl, hash, and hmac types as immutable (GH-25792)Christian Heimes2021-05-021-5/+5
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43998: Default to TLS 1.2 and increase cipher suite security (GH-25778)Christian Heimes2021-05-011-5/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ssl module now has more secure default settings. Ciphers without forward secrecy or SHA-1 MAC are disabled by default. Security level 2 prohibits weak RSA, DH, and ECC keys with less than 112 bits of security. :class:`~ssl.SSLContext` defaults to minimum protocol version TLS 1.2. Settings are based on Hynek Schlawack's research. ``` $ openssl version OpenSSL 1.1.1k FIPS 25 Mar 2021 $ openssl ciphers -v '@SECLEVEL=2:ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES:DHE+AES:!aNULL:!eNULL:!aDSS:!SHA1:!AESCCM' TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD TLS_AES_128_CCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESCCM(128) Mac=AEAD ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256 ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 ``` Signed-off-by: Christian Heimes <christian@python.org>
* bpo-18233: Add internal methods to access peer chain (GH-25467)Christian Heimes2021-04-261-1/+83
| | | | | | | | | | | | The internal `_ssl._SSLSocket` object now provides methods to retrieve the peer cert chain and verified cert chain as a list of Certificate objects. Certificate objects have methods to convert the cert to a dict, PEM, or DER (ASN.1). These are private APIs for now. There is a slim chance to stabilize the approach and provide a public API for 3.10. Otherwise I'll provide a stable API in 3.11. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-35114: Make ssl.RAND_status() return a bool (GH-20063)Zackery Spytz2021-04-231-3/+3
|
* bpo-43920: Make load_verify_locations(cadata) error message consistent ↵Christian Heimes2021-04-231-7/+16
| | | | | (GH-25554) Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43799: Also define SSLv3_method() (GH-25481)Christian Heimes2021-04-201-0/+3
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-40849: Expose X509_V_FLAG_PARTIAL_CHAIN ssl flag (GH-20463)l0x2021-04-191-0/+5
| | | This short PR exposes an openssl flag that wasn't exposed. I've also updated to doc to reflect the change. It's heavily inspired by 990fcaac3c428569697f62a80fd95ab4d4b93151.
* bpo-43880: Show DeprecationWarnings for deprecated ssl module features ↵Christian Heimes2021-04-191-14/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | (GH-25455) * ssl.OP_NO_SSLv2 * ssl.OP_NO_SSLv3 * ssl.OP_NO_TLSv1 * ssl.OP_NO_TLSv1_1 * ssl.OP_NO_TLSv1_2 * ssl.OP_NO_TLSv1_3 * ssl.PROTOCOL_SSLv2 * ssl.PROTOCOL_SSLv3 * ssl.PROTOCOL_SSLv23 (alias for PROTOCOL_TLS) * ssl.PROTOCOL_TLS * ssl.PROTOCOL_TLSv1 * ssl.PROTOCOL_TLSv1_1 * ssl.PROTOCOL_TLSv1_2 * ssl.TLSVersion.SSLv3 * ssl.TLSVersion.TLSv1 * ssl.TLSVersion.TLSv1_1 * ssl.wrap_socket() * ssl.RAND_pseudo_bytes() * ssl.RAND_egd() (already removed since it's not supported by OpenSSL 1.1.1) * ssl.SSLContext() without a protocol argument * ssl.match_hostname() * hashlib.pbkdf2_hmac() (pure Python implementation, fast OpenSSL function will stay) Signed-off-by: Christian Heimes <christian@python.org>
* bpo-42854: Use SSL_read/write_ex() (GH-25468)Christian Heimes2021-04-191-18/+14
| | | | | | | | The ssl module now uses ``SSL_read_ex`` and ``SSL_write_ex`` internally. The functions support reading and writing of data larger than 2 GB. Writing zero-length data no longer fails with a protocol violation error. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-42333: Port _ssl extension to multiphase initialization (PEP 489) (GH-23253)Christian Heimes2021-04-171-344/+408
| | | | | | | | | - Introduce sslmodule_slots - Introduce sslmodulestate - Use sslmodulestate - Get rid of PyState_FindModule - Move new structs and helpers to header file - Use macros to access state - Keep a strong ref to socket type
* bpo-43669: Remove OpenSSL 0.9 to 1.1.0 specific documentation (GH-25453)Christian Heimes2021-04-171-33/+0
|
* bpo-43669: PEP 644: Require OpenSSL 1.1.1 or newer (GH-23014)Christian Heimes2021-04-171-527/+10
| | | | | | | | | | | | | | | | | | | | | | | | - Remove HAVE_X509_VERIFY_PARAM_SET1_HOST check - Update hashopenssl to require OpenSSL 1.1.1 - multissltests only OpenSSL > 1.1.0 - ALPN is always supported - SNI is always supported - Remove deprecated NPN code. Python wrappers are no-op. - ECDH is always supported - Remove OPENSSL_VERSION_1_1 macro - Remove locking callbacks - Drop PY_OPENSSL_1_1_API macro - Drop HAVE_SSL_CTX_CLEAR_OPTIONS macro - SSL_CTRL_GET_MAX_PROTO_VERSION is always defined now - security level is always available now - get_num_tickets is available with TLS 1.3 - X509_V_ERR MISMATCH is always available now - Always set SSL_MODE_RELEASE_BUFFERS - X509_V_FLAG_TRUSTED_FIRST is always available - get_ciphers is always supported - SSL_CTX_set_keylog_callback is always available - Update Modules/Setup with static link example - Mention PEP in whatsnew - Drop 1.0.2 and 1.1.0 from GHA tests
* bpo-43522: Fix SSLContext.hostname_checks_common_name (GH-24899)Christian Heimes2021-04-171-0/+5
| | | | | | Fix problem with ssl.SSLContext.hostname_checks_common_name. OpenSSL does not copy hostflags from *struct SSL_CTX* to *struct SSL*. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43799: OpenSSL 3.0.0: declare OPENSSL_API_COMPAT 1.1.1 (GH-25329)Christian Heimes2021-04-131-19/+14
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43794: OpenSSL 3.0.0: set OP_IGNORE_UNEXPECTED_EOF by default (GH-25309)Christian Heimes2021-04-091-0/+8
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43788: Generate version specific _ssl_data.h (GH-25300)Christian Heimes2021-04-091-0/+6
| | | | | Signed-off-by: Christian Heimes <christian@python.org> Automerge-Triggered-By: GH:tiran
* bpo-43789: OpenSSL 3.0.0 Don't call passwd callback again in error case ↵Christian Heimes2021-04-091-0/+7
| | | | (GH-25303)
* bpo-43577: Fix deadlock with SSLContext._msg_callback and sni_callback ↵Christian Heimes2021-03-211-0/+5
| | | | | | | | | | | | (GH-24957) OpenSSL copies the internal message callback from SSL_CTX->msg_callback to SSL->msg_callback. SSL_set_SSL_CTX() does not update SSL->msg_callback to use the callback value of the new context. PySSL_set_context() now resets the callback and _PySSL_msg_callback() resets thread state in error path. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-39342: Expose X509_V_FLAG_ALLOW_PROXY_CERTS in ssl module (GH-18011)Chris Burr2021-03-181-0/+2
| | | Exposes the `X509_V_FLAG_ALLOW_PROXY_CERTS` constant as `ssl.VERIFY_ALLOW_PROXY_CERTS` to allow for proxy certificate validation as described in: https://www.openssl.org/docs/man1.1.1/man7/proxy-certificates.html
* Correct return type in Modules/_ssl.c::sslmodule_legacy (GH-23609)Pablo Galindo2020-12-021-1/+1
|
* bpo-42519: Replace PyObject_MALLOC() with PyObject_Malloc() (GH-23587)Victor Stinner2020-12-011-1/+1
| | | | | | | | | No longer use deprecated aliases to functions: * Replace PyObject_MALLOC() with PyObject_Malloc() * Replace PyObject_REALLOC() with PyObject_Realloc() * Replace PyObject_FREE() with PyObject_Free() * Replace PyObject_Del() with PyObject_Free() * Replace PyObject_DEL() with PyObject_Free()
* bpo-42519: Replace PyMem_MALLOC() with PyMem_Malloc() (GH-23586)Victor Stinner2020-12-011-3/+3
| | | | | | | | | | | No longer use deprecated aliases to functions: * Replace PyMem_MALLOC() with PyMem_Malloc() * Replace PyMem_REALLOC() with PyMem_Realloc() * Replace PyMem_FREE() with PyMem_Free() * Replace PyMem_Del() with PyMem_Free() * Replace PyMem_DEL() with PyMem_Free() Modify also the PyMem_DEL() macro to use directly PyMem_Free().
* bpo-42423: Accept single base class in PyType_FromModuleAndSpec() (GH-23441)Serhiy Storchaka2020-11-221-6/+1
|
* bpo-42333: Port _ssl extension module to heap types (GH-23392)Christian Heimes2020-11-201-328/+354
| | | All types in _ssl module are now heap types.
* bpo-42413: socket.timeout is now an alias of TimeoutError (GH-23413)Christian Heimes2020-11-201-6/+6
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-42144: Add a missing "goto error;" in the _ssl module (GH-22959)Zackery Spytz2020-10-251-0/+1
|
* bpo-31122: ssl.wrap_socket() now raises ssl.SSLEOFError rather than OSError ↵Dima Tisnek2020-08-151-4/+5
| | | | | | | when peer closes connection during TLS negotiation (GH-18772) [bpo-31122](): ssl.wrap_socket() now raises ssl.SSLEOFError rather than OSError when peer closes connection during TLS negotiation Reproducer: http://tiny.cc/f4ztnz (tiny url because some bot keeps renaming b.p.o.-nnn as bpo links)
* bpo-41195: Add getter for Openssl security level (GH-21282)matthewhughes9342020-07-171-0/+13
| | | | | | | | | | | Add an accessor under SSLContext.security_level as a wrapper around SSL_CTX_get_security_level, see: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_get_security_level.html ------ This is my first time contributing, so please pull me up on all the things I missed or did incorrectly. Automerge-Triggered-By: @tiran
* bpo-41252: Fix incorrect refcounting in _ssl.c's _servername_callback() ↵Zackery Spytz2020-07-091-1/+2
| | | | (GH-21407)
* closes bpo-41235: Fix the error handling in SSLContext.load_dh_params() ↵Zackery Spytz2020-07-081-2/+4
| | | | (GH-21385)
* bpo-30008: Fix OpenSSL no-deprecated compilation (GH-20397)Christian Heimes2020-06-011-11/+45
| | | | | | | | | Fix :mod:`ssl`` code to be compatible with OpenSSL 1.1.x builds that use ``no-deprecated`` and ``--api=1.1.0``. Note: Tests assume full OpenSSL API and fail with limited API. Signed-off-by: Christian Heimes <christian@python.org> Co-authored-by: Mark Wright <gienah@gentoo.org>
* bpo-40457: Support OpenSSL without TLS 1.0/1.1 (GH-19862)Christian Heimes2020-05-161-34/+27
| | | | | | | | | | | OpenSSL can be build without support for TLS 1.0 and 1.1. The ssl module now correctly adheres to OPENSSL_NO_TLS1 and OPENSSL_NO_TLS1_1 flags. Also update multissltest to test with latest OpenSSL and LibreSSL releases. Signed-off-by: Christian Heimes <christian@python.org> Automerge-Triggered-By: @tiran
* bpo-40515: Require OPENSSL_THREADS (GH-19953)Christian Heimes2020-05-151-1/+5
| | | | | | | The ``ssl`` and ``hashlib`` modules now actively check that OpenSSL is build with thread support. Python 3.7.0 made thread support mandatory and no longer works safely with a no-thread builds. Signed-off-by: Christian Heimes <christian@python.org>
generated by cgit v0.12 at 2024-12-04 01:11:48 (GMT)