summaryrefslogtreecommitdiffstats
path: root/Modules/_ssl.c
Commit message (Collapse)AuthorAgeFilesLines
* Issue #21781, _ssl: Fix asn1obj2py() on Windows 64-bit, "s#" format requiresVictor Stinner2014-07-071-1/+1
| | | | size to be a Py_ssize_t, not an int. _ssl.c is now "Py_ssize_t clean".
* Issue #21781: Make the ssl module "ssize_t clean" for parsing parameters.Victor Stinner2014-07-011-2/+9
| | | | ssl.RAND_add() now supports strings longer than 2 GB.
* Issue #21015: SSL contexts will now automatically select an elliptic curve ↵Antoine Pitrou2014-03-221-0/+15
| | | | | | for ECDH key exchange on OpenSSL 1.0.2 and later, and otherwise default to "prime256v1". (should also fix a buildbot failure introduced by #20995)
* avoid a compiler warning about assigning const char * to char *.Gregory P. Smith2014-01-171-1/+1
|\
| * avoid a compiler warning about assigning const char * to char *.Gregory P. Smith2014-01-171-1/+1
| |
* | Issue #20207: Always disable SSLv2 except when PROTOCOL_SSLv2 is explicitly ↵Antoine Pitrou2014-01-091-4/+5
|\ \ | |/ | | | | asked for.
| * Remove conditional: it is useless at this point (OpenSSL headers are not yet ↵Antoine Pitrou2014-01-091-2/+0
| | | | | | | | included)
| * Issue #20207: Always disable SSLv2 except when PROTOCOL_SSLv2 is explicitly ↵Antoine Pitrou2014-01-091-2/+5
| | | | | | | | asked for.
* | (Merge 3.3) Issue #20025: ssl.RAND_bytes() and ssl.RAND_pseudo_bytes() nowVictor Stinner2013-12-191-0/+5
|\ \ | |/ | | | | raise a ValueError if num is negative (instead of raising a SystemError).
| * Issue #20025: ssl.RAND_bytes() and ssl.RAND_pseudo_bytes() now raise aVictor Stinner2013-12-191-0/+5
| | | | | | | | ValueError if num is negative (instead of raising a SystemError).
* | Issue #19509: Add SSLContext.check_hostname to match the peer's certificateChristian Heimes2013-12-021-0/+35
| | | | | | | | with server_hostname on handshake.
* | SNI was added in OpenSSL 0.9.8f [11 Oct 2007], tooChristian Heimes2013-11-281-1/+1
| |
* | Issue #8813: X509_VERIFY_PARAM is only available on OpenSSL 0.9.8+Christian Heimes2013-11-231-0/+9
| | | | | | | | The patch removes the verify_flags feature on Mac OS X 10.4 with OpenSSL 0.9.7l 28 Sep 2006.
* | Issue #19448: report name / NID in exception message of ASN1ObjectChristian Heimes2013-11-221-3/+3
| |
* | Issue #18147: Add missing documentation for SSLContext.get_ca_certs().Christian Heimes2013-11-221-4/+6
| | | | | | | | Also change the argument name to the same name as getpeercert()
* | Issue #17134: Finalize interface to Windows' certificate store. Cert andChristian Heimes2013-11-221-95/+219
| | | | | | | | | | CRL enumeration are now two functions. enum_certificates() also returns purpose flags as set of OIDs.
* | downcast len to int. The code has already checked that len < INT_MAXChristian Heimes2013-11-211-1/+1
| |
* | lst might be NULL hereChristian Heimes2013-11-211-1/+1
| | | | | | | | CID 1130752: Dereference after null check (FORWARD_NULL)
* | Issue #8813: Add SSLContext.verify_flags to change the verification flagsChristian Heimes2013-11-211-0/+49
| | | | | | | | | | of the context in order to enable certification revocation list (CRL) checks or strict X509 rules.
* | Issue #19682: Fix compatibility issue with old version of OpenSSL thatChristian Heimes2013-11-211-0/+6
| | | | | | | | was introduced by Issue #18379.
* | Issue #18379: SSLSocket.getpeercert() returns CA issuer AIA fields, OCSPChristian Heimes2013-11-211-1/+151
| | | | | | | | and CRL distribution points.
* | Issue #18138: Implement cadata argument of SSLContext.load_verify_location()Christian Heimes2013-11-211-27/+167
| | | | | | | | | | to load CA certificates and CRL from memory. It supports PEM and DER encoded strings.
* | Safely downcast SOCKET_T to int in _ssl moduleChristian Heimes2013-11-181-3/+5
| |
* | Issue #19448: Add private API to SSL module to lookup ASN.1 objects by OID, ↵Christian Heimes2013-11-171-0/+91
| | | | | | | | NID, short name and long name.
* | Issue #19437: Fix newPySSLSocket(), handle PyWeakref_NewRef() failureVictor Stinner2013-10-311-0/+4
| |
* | Issue #19437: Fix fill_and_set_sslerror() of _ssl, handle Py_BuildValue()Victor Stinner2013-10-311-1/+5
| | | | | | | | | | | | failure Don't call PyObject_CallObject() with NULL parameters and an exception set.
* | Issue #19227 / Issue #18747: Remove pthread_atfork() handler to remove ↵Christian Heimes2013-10-291-67/+0
|\ \ | |/ | | | | | | | | OpenSSL re-seeding It is causing trouble like e.g. hanging processes.
| * Issue #19227 / Issue #18747: Remove pthread_atfork() handler to remove ↵Christian Heimes2013-10-291-67/+0
| | | | | | | | | | | | OpenSSL re-seeding It is causing trouble like e.g. hanging processes.
* | #19227: merge with 3.3Georg Brandl2013-10-271-7/+8
|\ \ | |/
| * Issue #19227: Try to fix deadlocks caused by re-seeding then OpenSSLGeorg Brandl2013-10-271-7/+8
| | | | | | | | pseudo-random number generator on fork().
* | Properly initialize all fields of a SSL object after allocation.Antoine Pitrou2013-09-291-0/+1
|\ \ | |/
| * Properly initialize all fields of a SSL object after allocation.Antoine Pitrou2013-09-291-0/+1
| |
* | Issue #19095: SSLSocket.getpeercert() now raises ValueError when the SSL ↵Antoine Pitrou2013-09-291-1/+9
| | | | | | | | handshake hasn't been done.
* | Issue #18709: GCC 4.6 complains that 'v' may be used uninitialized in ↵Christian Heimes2013-09-051-1/+1
|\ \ | |/ | | | | GEN_EMAIL/GEN_URI/GEN_DNS case
| * Issue #18709: GCC 4.6 complains that 'v' may be used uninitialized in ↵Christian Heimes2013-09-051-1/+1
| | | | | | | | GEN_EMAIL/GEN_URI/GEN_DNS case
* | Issue #18571: Implementation of the PEP 446: file descriptors and file handlesVictor Stinner2013-08-271-1/+1
| | | | | | | | | | are now created non-inheritable; add functions os.get/set_inheritable(), os.get/set_handle_inheritable() and socket.socket.get/set_inheritable().
* | Issue #18747: Fix spelling errors in my commit message and comments,Christian Heimes2013-08-251-2/+2
|\ \ | |/ | | | | thanks to Vajrasky Kok for proof-reading.
| * Issue #18747: Fix spelling errors in my commit message and comments,Christian Heimes2013-08-251-2/+2
| | | | | | | | thanks to Vajrasky Kok for proof-reading.
* | Fix compiler warning on Windows.Richard Oudkerk2013-08-241-1/+1
| |
* | Issue #18747: Use a parent atfork handler instead of a child atfork handler.Christian Heimes2013-08-221-12/+9
|\ \ | |/ | | | | fork() is suppose to be async-signal safe but the handler calls unsafe functions. A parent handler mitigates the issue.
| * Issue #18747: Use a parent atfork handler instead of a child atfork handler.Christian Heimes2013-08-221-12/+9
| | | | | | | | fork() is suppose to be async-signal safe but the handler calls unsafe functions. A parent handler mitigates the issue.
* | Issue #18747: Re-seed OpenSSL's pseudo-random number generator after fork.Christian Heimes2013-08-211-0/+72
|\ \ | |/ | | | | | | A pthread_atfork() child handler is used to seeded the PRNG with pid, time and some stack data.
| * Issue #18747: Re-seed OpenSSL's pseudo-random number generator after fork.Christian Heimes2013-08-211-0/+72
| | | | | | | | | | A pthread_atfork() child handler is used to seeded the PRNG with pid, time and some stack data.
* | Issue #18777: The ssl module now uses the new CRYPTO_THREADID API ofChristian Heimes2013-08-191-1/+17
|\ \ | |/ | | | | OpenSSL 1.0.0+ instead of the deprecated CRYPTO id callback function.
| * Issue #18777: The ssl module now uses the new CRYPTO_THREADID API ofChristian Heimes2013-08-191-1/+17
| | | | | | | | OpenSSL 1.0.0+ instead of the deprecated CRYPTO id callback function.
* | Issue 18768: Correct doc string of RAND_edg(). Patch by Vajrasky Kok.Christian Heimes2013-08-171-1/+1
|\ \ | |/
| * Issue 18768: Correct doc string of RAND_edg(). Patch by Vajrasky Kok.Christian Heimes2013-08-171-1/+1
| |
* | Issue #18768: coding style nitpick. Thanks to Vajrasky KokChristian Heimes2013-08-171-1/+1
|\ \ | |/
| * Issue #18768: coding style nitpick. Thanks to Vajrasky KokChristian Heimes2013-08-171-1/+1
| |
* | #18466: merge with 3.3.Ezio Melotti2013-08-171-1/+1
|\ \ | |/
generated by cgit v0.12 at 2024-12-04 19:14:38 (GMT)