summaryrefslogtreecommitdiffstats
path: root/Modules/_ssl.c
Commit message (Collapse)AuthorAgeFilesLines
* Issue #15977: Fix memory leak in Modules/_ssl.c when the function ↵Christian Heimes2012-09-201-0/+7
| | | | _set_npn_protocols() is called multiple times
* MERGE: Closes #15793: Stack corruption in ssl.RAND_egd()Jesus Cea2012-09-111-1/+1
|\
| * Closes #15793: Stack corruption in ssl.RAND_egd()Jesus Cea2012-09-111-1/+1
| |
* | Issue #15604: Update uses of PyObject_IsTrue() to check for and handle ↵Antoine Pitrou2012-08-151-3/+3
|\ \ | |/ | | | | | | | | errors correctly. Patch by Serhiy Storchaka.
| * Issue #15604: Update uses of PyObject_IsTrue() to check for and handle ↵Antoine Pitrou2012-08-151-1/+5
| | | | | | | | | | | | errors correctly. Patch by Serhiy Storchaka.
* | Issue #14837: SSL errors now have `library` and `reason` attributes ↵Antoine Pitrou2012-06-221-63/+199
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | describing precisely what happened and in which OpenSSL submodule. The str() of a SSLError is also enhanced accordingly. NOTE: this commit creates a reference leak. The leak seems tied to the use of PyType_FromSpec() to create the SSLError type. The leak is on the type object when it is instantiated: >>> e = ssl.SSLError() >>> sys.getrefcount(ssl.SSLError) 35 >>> e = ssl.SSLError() >>> sys.getrefcount(ssl.SSLError) 36 >>> e = ssl.SSLError() >>> sys.getrefcount(ssl.SSLError) 37
* | Issue #14204: The ssl module now has support for the Next Protocol ↵Antoine Pitrou2012-03-211-0/+115
| | | | | | | | | | | | Negotiation extension, if available in the underlying OpenSSL library. Patch by Colin Marc.
* | Fix last remaining build issues of _ssl under old OpenSSLs. Patch by Vinay.Antoine Pitrou2012-02-191-0/+5
| |
* | Try to really fix compilation failures of the _ssl module under very old ↵Antoine Pitrou2012-02-171-0/+6
| | | | | | | | OpenSSLs.
* | Fix compilation when SSL_OP_SINGLE_ECDH_USE isn't definedAntoine Pitrou2012-02-171-0/+2
| |
* | Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert().Antoine Pitrou2012-02-151-9/+14
|\ \ | |/
| * Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert().Antoine Pitrou2012-02-151-9/+14
| |
* | Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV ↵Antoine Pitrou2012-01-271-2/+4
|\ \ | |/ | | | | attack countermeasure.
| * Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV ↵Antoine Pitrou2012-01-271-2/+4
| |\ | | | | | | | | | attack countermeasure.
| | * Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV ↵Antoine Pitrou2012-01-271-1/+2
| | | | | | | | | | | | attack countermeasure.
* | | Issue #13626: Add support for SSL Diffie-Hellman key exchange, through theAntoine Pitrou2011-12-221-0/+35
| | | | | | | | | | | | SSLContext.load_dh_params() method and the ssl.OP_SINGLE_DH_USE option.
* | | Fix ssl module compilation if ECDH support was disabled in the OpenSSL build.Antoine Pitrou2011-12-211-0/+12
| | | | | | | | | | | | (followup to issue #13627)
* | | Issue #13634: Add support for querying and disabling SSL compression.Antoine Pitrou2011-12-201-0/+24
| | |
* | | Issue #13627: Add support for SSL Elliptic Curve-based Diffie-HellmanAntoine Pitrou2011-12-191-0/+30
| | | | | | | | | | | | | | | key exchange, through the SSLContext.set_ecdh_curve() method and the ssl.OP_SINGLE_ECDH_USE option.
* | | Issue #13635: Add ssl.OP_CIPHER_SERVER_PREFERENCE, so that SSL serversAntoine Pitrou2011-12-191-0/+2
| | | | | | | | | | | | | | | choose the cipher based on their own preferences, rather than on the client's.
* | | Issue #13458: Fix a memory leak in the ssl module when decoding a ↵Antoine Pitrou2011-11-231-0/+1
|\ \ \ | |/ / | | | | | | | | | | | | certificate with a subjectAltName. Patch by Robert Xiao.
| * | Issue #13458: Fix a memory leak in the ssl module when decoding a ↵Antoine Pitrou2011-11-231-0/+1
| | | | | | | | | | | | | | | | | | certificate with a subjectAltName. Patch by Robert Xiao.
* | | Issue #11183: Add finer-grained exceptions to the ssl module, so thatAntoine Pitrou2011-10-271-3/+57
| | | | | | | | | | | | you don't have to inspect the exception's attributes in the common case.
* | | Add a docstring to SSLErrorAntoine Pitrou2011-10-221-3/+8
| | |
* | | Use PyExc_OSError directly instead of grabbing it from the socket module APIAntoine Pitrou2011-10-221-1/+1
| | |
* | | Issue #13034: When decoding some SSL certificates, the subjectAltName ↵Antoine Pitrou2011-10-011-1/+1
|\ \ \ | |/ / | | | | | | extension could be unreported.
| * | Issue #13034: When decoding some SSL certificates, the subjectAltName ↵Antoine Pitrou2011-10-011-1/+1
| | | | | | | | | | | | extension could be unreported.
* | | Issue #12287: Fix a stack corruption in ossaudiodev module when the FD isCharles-François Natali2011-08-281-3/+1
|\ \ \ | |/ / | | | | | | greater than FD_SETSIZE.
| * | Issue #12287: Fix a stack corruption in ossaudiodev module when the FD isCharles-François Natali2011-08-281-3/+1
| | | | | | | | | | | | greater than FD_SETSIZE.
* | | Issue #12803: SSLContext.load_cert_chain() now accepts a password argumentAntoine Pitrou2011-08-251-21/+149
| | | | | | | | | | | | to be used if the private key is encrypted. Patch by Adam Simpkins.
* | | Issue #12551: Provide a get_channel_binding() method on SSL sockets so asAntoine Pitrou2011-07-201-0/+60
| | | | | | | | | | | | | | | | | | | | | | | | to get channel binding data for the current SSL session (only the "tls-unique" channel binding is implemented). This allows the implementation of certain authentication mechanisms such as SCRAM-SHA-1-PLUS. Patch by Jacek Konieczny.
* | | Issue #12440: When testing whether some bits in SSLContext.options can beAntoine Pitrou2011-07-081-9/+25
|\ \ \ | |/ / | | | | | | | | | reset, check the version of the OpenSSL headers Python was compiled against, rather than the runtime version of the OpenSSL library.
| * | Issue #12440: When testing whether some bits in SSLContext.options can beAntoine Pitrou2011-07-081-9/+25
| | | | | | | | | | | | | | | reset, check the version of the OpenSSL headers Python was compiled against, rather than the runtime version of the OpenSSL library.
| * | (Merge 3.1) Issue #12012: ssl.PROTOCOL_SSLv2 becomes optionalVictor Stinner2011-05-091-1/+7
| |\ \ | | |/ | | | | | | | | | | | | | | | OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2 protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid. Optimize also ssl.get_protocol_name(): speed does matter!
| | * Issue #12012: ssl.PROTOCOL_SSLv2 becomes optionalVictor Stinner2011-05-091-1/+7
| | | | | | | | | | | | | | | | | | | | | OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2 protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid. Optimize also ssl.get_protocol_name(): speed does matter!
| | * Merged revisions 87140 via svnmerge fromHirokazu Yamamoto2010-12-091-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r87140 | hirokazu.yamamoto | 2010-12-09 19:49:00 +0900 (木, 09 12 2010) | 2 lines Should call Py_INCREF for Py_None (Modules/_ssl.c: PySSL_cipher) ........
| | * Merged revisions 85432 via svnmerge fromBenjamin Peterson2010-10-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r85432 | benjamin.peterson | 2010-10-13 17:06:39 -0500 (Wed, 13 Oct 2010) | 1 line constify to appease compiler warnings ........
| | * Merged revisions 84464 via svnmerge fromAntoine Pitrou2010-09-031-29/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r84464 | antoine.pitrou | 2010-09-03 20:38:17 +0200 (ven., 03 sept. 2010) | 3 lines Issue #3805: clean up implementation of the _read method in _ssl.c. ........
| | * Merged revisions 83677 via svnmerge fromMark Dickinson2010-08-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r83677 | mark.dickinson | 2010-08-03 19:31:54 +0100 (Tue, 03 Aug 2010) | 1 line Fix memory leak in ssl module. ........
| | * Merged revisions 82211 via svnmerge fromAntoine Pitrou2010-06-251-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r82211 | antoine.pitrou | 2010-06-25 02:07:34 +0200 (ven., 25 juin 2010) | 10 lines Merged revisions 82210 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r82210 | antoine.pitrou | 2010-06-25 02:03:21 +0200 (ven., 25 juin 2010) | 4 lines Issue #9075: In the ssl module, remove the setting of a `debug` flag on an OpenSSL structure. ........ ................
| | * Merged revisions 82204 via svnmerge fromAntoine Pitrou2010-06-241-27/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r82204 | antoine.pitrou | 2010-06-25 00:34:04 +0200 (ven., 25 juin 2010) | 5 lines Issue #8682: The ssl module now temporary increments the reference count of a socket object got through `PyWeakref_GetObject`, so as to avoid possible deallocation while the object is still being used. ........
| | * Merged revisions 81242 via svnmerge fromAntoine Pitrou2010-05-161-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r81242 | antoine.pitrou | 2010-05-17 01:14:22 +0200 (lun., 17 mai 2010) | 10 lines Merged revisions 81241 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r81241 | antoine.pitrou | 2010-05-17 01:11:46 +0200 (lun., 17 mai 2010) | 4 lines Clear the OpenSSL error queue each time an error is signalled. When the error queue is not emptied, strange things can happen on the next SSL call, depending on the OpenSSL version. ........ ................
| | * Merged revisions 81116 via svnmerge fromAntoine Pitrou2010-05-121-33/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r81116 | antoine.pitrou | 2010-05-12 16:05:24 +0200 (mer., 12 mai 2010) | 9 lines Merged revisions 81115 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r81115 | antoine.pitrou | 2010-05-12 16:02:34 +0200 (mer., 12 mai 2010) | 3 lines Improve _ssl.c formatting ........ ................
| | * Merged revisions 80790 via svnmerge fromAntoine Pitrou2010-05-051-1376/+1376
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r80790 | antoine.pitrou | 2010-05-05 17:57:33 +0200 (mer., 05 mai 2010) | 9 lines Merged revisions 80789 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r80789 | antoine.pitrou | 2010-05-05 17:53:45 +0200 (mer., 05 mai 2010) | 3 lines Untabify Modules/_ssl.c ........ ................
| | * Merged revisions 80542 via svnmerge fromAntoine Pitrou2010-04-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r80542 | antoine.pitrou | 2010-04-27 21:14:15 +0200 (mar., 27 avril 2010) | 10 lines Merged revisions 80540 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r80540 | antoine.pitrou | 2010-04-27 21:09:59 +0200 (mar., 27 avril 2010) | 4 lines Issue #8549: Fix compiling the _ssl extension under AIX. Patch by Sridhar Ratnakumar. ........ ................
| | * Merged revisions 80454 via svnmerge fromAntoine Pitrou2010-04-241-9/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r80454 | antoine.pitrou | 2010-04-24 23:26:44 +0200 (sam., 24 avril 2010) | 15 lines Merged revisions 80451-80452 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r80451 | antoine.pitrou | 2010-04-24 21:57:01 +0200 (sam., 24 avril 2010) | 4 lines The do_handshake() method of SSL objects now adjusts the blocking mode of the SSL structure if necessary (as other methods already do). ........ r80452 | antoine.pitrou | 2010-04-24 22:04:58 +0200 (sam., 24 avril 2010) | 4 lines Issue #5103: SSL handshake would ignore the socket timeout and block indefinitely if the other end didn't respond. ........ ................
| | * Merged revisions 80394 via svnmerge fromAntoine Pitrou2010-04-231-6/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r80394 | antoine.pitrou | 2010-04-23 02:16:21 +0200 (ven., 23 avril 2010) | 15 lines Merged revisions 80392 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r80392 | antoine.pitrou | 2010-04-23 01:33:02 +0200 (ven., 23 avril 2010) | 9 lines Issue #8108: Fix the unwrap() method of SSL objects when the socket has a non-infinite timeout. Also make that method friendlier with applications wanting to continue using the socket in clear-text mode, by disabling OpenSSL's internal readahead. Thanks to Darryl Miles for guidance. Issue #8108: test_ftplib's non-blocking SSL server now has proper handling of SSL shutdowns. ........ ................
| | * Merged revisions 80317 via svnmerge fromAntoine Pitrou2010-04-211-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r80317 | antoine.pitrou | 2010-04-21 21:46:23 +0200 (mer., 21 avril 2010) | 15 lines Merged revisions 80314-80315 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r80314 | antoine.pitrou | 2010-04-21 21:28:03 +0200 (mer., 21 avril 2010) | 5 lines Issue #8484: Load all ciphers and digest algorithms when initializing the _ssl extension, such that verification of some SSL certificates doesn't fail because of an "unknown algorithm". ........ r80315 | antoine.pitrou | 2010-04-21 21:36:23 +0200 (mer., 21 avril 2010) | 3 lines Forgot to add the sample certificate (followup to r80314) ........ ................
| | * Merged revisions 79912 via svnmerge fromAntoine Pitrou2010-04-091-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r79912 | antoine.pitrou | 2010-04-09 22:42:09 +0200 (ven., 09 avril 2010) | 10 lines Merged revisions 79910 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r79910 | antoine.pitrou | 2010-04-09 22:38:39 +0200 (ven., 09 avril 2010) | 4 lines SSL_MODE_AUTO_RETRY has been added in OpenSSL 0.9.6. Fix compilation with earlier versions. ........ ................
| | * Merged revisions 79449,79452 via svnmerge fromAntoine Pitrou2010-03-261-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r79449 | antoine.pitrou | 2010-03-26 20:32:24 +0100 (ven., 26 mars 2010) | 12 lines Merged revisions 79448 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r79448 | antoine.pitrou | 2010-03-26 20:27:16 +0100 (ven., 26 mars 2010) | 6 lines Issue #8222: Enable the SSL_MODE_AUTO_RETRY flag on SSL sockets, so that blocking reads and writes are always retried by OpenSSL itself. (this is a followup to issue #3890) ........ ................ r79452 | antoine.pitrou | 2010-03-26 20:36:14 +0100 (ven., 26 mars 2010) | 3 lines Add NEWS entry for r79449. ................
generated by cgit v0.12 at 2024-12-04 08:30:25 (GMT)