summaryrefslogtreecommitdiffstats
path: root/Modules/_ssl.c
Commit message (Collapse)AuthorAgeFilesLines
* bpo-35746: Fix segfault in ssl's cert parser (GH-11569) (GH-11573)Miss Islington (bot)2019-01-161-0/+4
| | | | | | | | | | | | Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746 (cherry picked from commit a37f52436f9aa4b9292878b72f3ff1480e2606c3) Co-authored-by: Christian Heimes <christian@python.org>
* bpo-35436: Add missing PyErr_NoMemory() calls and other minor bug fixes. ↵Serhiy Storchaka2018-12-071-0/+13
| | | | | | | | | (GH-11015) (GH-11020) (GH-11026) (cherry picked from commit 4c49da0cb7434c676d70b9ccf38aca82ac0d64a9) (cherry picked from commit 602d307ac5e8a2da38a193dca3bdfef5994dfe67) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* bpo-34824: Fix a possible NULL pointer dereference in _ssl.c (GH-9606) (GH-9744)Miss Islington (bot)2018-10-191-2/+7
| | | | | | | | | On failure, _PyBytes_Resize() will deallocate the bytes object and set "result" to NULL. https://bugs.python.org/issue34824 (cherry picked from commit 365ad2ead5bbaf7a3b18648ffa36e819559d3f75) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* [3.6] bpo-34670: Add TLS 1.3 post handshake auth (GH-9460) (GH-9507)Christian Heimes2018-09-231-7/+90
| | | | | | | | | | | | | | | | Add SSLContext.post_handshake_auth and SSLSocket.verify_client_post_handshake for TLS 1.3 post-handshake authentication. Signed-off-by: Christian Heimes <christian@python.org>q https://bugs.python.org/issue34670. (cherry picked from commit 9fb051f032c36b9f6086b79086b4d6b7755a3d70) Co-authored-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue34670
* [3.6] bpo-34759: Fix error handling in ssl 'unwrap()' (GH-9468) (GH-9492)Christian Heimes2018-09-221-2/+2
| | | | | | | | | | | | | | | | | | | | | OpenSSL follows the convention that whenever you call a function, it returns an error indicator value; and if this value is negative, then you need to go look at the actual error code to see what happened. Commit c6fd1c1c3a introduced a small mistake in _ssl__SSLSocket_shutdown_impl: instead of checking whether the error indicator was negative, it started checking whether the actual error code was negative, and it turns out that the error codes are never negative. So the effect was that 'unwrap()' lost the ability to raise SSL errors. https://bugs.python.org/issue34759. (cherry picked from commit c0da582b227f311126e278b5553a7fa89c79b054) Co-authored-by: Nathaniel J. Smith <njs@pobox.com> https://bugs.python.org/issue34759
* bpo-32533: Fixed thread-safety of error handling in _ssl. (GH-7158)Steve Dower2018-09-171-59/+67
|
* bpo-34710: fix SSL module build (GH-9347)Miss Islington (bot)2018-09-171-0/+1
| | | | | | | | Include ``openssl/dh.h`` header file to fix implicit function declaration of ``DH_free()``. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com> (cherry picked from commit b3a271fc0ce3e13e427be8914decfc205a220ca8) Co-authored-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* bpo-32947: Fixes for TLS 1.3 and OpenSSL 1.1.1 (GH-8761)Christian Heimes2018-08-141-0/+4
| | | | | | | | | | | | | | Backport of TLS 1.3 related fixes from 3.7. Misc fixes and workarounds for compatibility with OpenSSL 1.1.1 from git master and TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by default. Some test cases only apply to TLS 1.2. OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS 1.3. The feature is enabled by default for maximum compatibility with broken middle boxes. Users should be able to disable the hack and CPython's test suite needs it to verify default options Signed-off-by: Christian Heimes <christian@python.org>
* [3.6] bpo-33127: Compatibility patch for LibreSSL 2.7.0 (GH-6210) (GH-6214)Christian Heimes2018-03-241-8/+16
| | | | | | | | | | | | | LibreSSL 2.7 introduced OpenSSL 1.1.0 API. The ssl module now detects LibreSSL 2.7 and only provides API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7. Documentation updates and fixes for failing tests will be provided in another patch set. Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit 4ca0739c9d97ac7cd45499e0d31be68dc659d0e1) Co-authored-by: Christian Heimes <christian@python.org>
* bpo-30622: Fix backport of NPN fix (#6102)Christian Heimes2018-03-141-1/+1
| | | | | Fix backport a79591cf of bpo-30622 to 3.6 branch. Signed-off-by: Christian Heimes <christian@python.org>
* [3.6] bpo-30622: Fix NPN for OpenSSL 1.1.1-pre1 (GH-5876) (#5881)Christian Heimes2018-02-251-19/+24
| | | | | | Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit 29eab55309b9f78b79074d26db16a44e7841c639) Co-authored-by: Christian Heimes <christian@python.org>
* [3.6] bpo-30622: Improve NPN support detection (GH-5859) (#5861)Christian Heimes2018-02-251-8/+21
| | | | | | | | | The ssl module now detects missing NPN support in LibreSSL. Co-Authored-By: Bernard Spil <brnrd@FreeBSD.org> Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit 6cdb7954b0a578d899e4b78b868ea59eef08480a) Co-authored-by: Christian Heimes <christian@python.org>
* bpo-32185: Don't send IP in SNI TLS extension (#5865)Christian Heimes2018-02-251-2/+40
| | | | | | The SSL module no longer sends IP addresses in SNI TLS extension on platforms with OpenSSL 1.0.2+ or inet_pton. Signed-off-by: Christian Heimes <christian@python.org>
* [3.6] completly -> completely (GH-3999) (closes bpo-31788) (#4008)Miss Islington (bot)2017-10-151-1/+1
| | | (cherry picked from commit 1295e11d397c6138427296d5f9653a9e7dd69062)
* [3.6] _ssl_: Fix compiler warning (GH-3559) (#3569)Christian Heimes2017-09-141-0/+6
| | | | | | | | Cast Py_buffer.len (Py_ssize_t, signed) to size_t (unsigned) to prevent the following warning: Modules/_ssl.c:3089:21: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]. (cherry picked from commit 5a61559fb0776a9a0f08294ec9003cea13940430)
* [3.6] bpo-31400: Improve SSL error handling on Windows (GH-3463) (#3466)Christian Heimes2017-09-091-10/+47
| | | | | | * bpo-31392: Improve SSL error handling on Windows * Remove unnecessary Windows mention in NEWS. (cherry picked from commit e6eb48c10dc389d1d70657593de6a6cb3087d3d1)
* [3.6] bpo-29136: Add TLS 1.3 cipher suites and OP_NO_TLSv1_3 (GH-1363) (#3444)Christian Heimes2017-09-081-0/+13
| | | | | | | | | | | | | | | | * bpo-29136: Add TLS 1.3 support TLS 1.3 introduces a new, distinct set of cipher suites. The TLS 1.3 cipher suites don't overlap with cipher suites from TLS 1.2 and earlier. Since Python sets its own set of permitted ciphers, TLS 1.3 handshake will fail as soon as OpenSSL 1.1.1 is released. Let's enable the common AES-GCM and ChaCha20 suites. Additionally the flag OP_NO_TLSv1_3 is added. It defaults to 0 (no op) with OpenSSL prior to 1.1.1. This allows applications to opt-out from TLS 1.3 now. Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit cb5b68abdeb1b1d56c581d5b4d647018703d61e3)
* [3.6] bpo-28958: Improve SSLContext error reporting. (GH-3414) (#3432)Christian Heimes2017-09-071-2/+1
| | | | Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit 17c9ac9)
* [3.6] bpo-29781: Fix SSLObject.version before handshake (GH-3364) (#3381)Christian Heimes2017-09-061-0/+4
| | | | | | | SSLObject.version() now correctly returns None when handshake over BIO has not been performed yet. Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit 6877111)
* [3.6] bpo-29334: Fix ssl.getpeercert for auto-handshake (GH-1769) (#1778)Christian Heimes2017-09-051-21/+12
| | | | | | | | | | | | | Drop handshake_done and peer_cert members from PySSLSocket struct. The peer certificate can be acquired from *SSL directly. SSL_get_peer_certificate() does not trigger any network activity. Instead of manually tracking the handshake state, simply use SSL_is_init_finished(). In combination these changes fix auto-handshake for non-blocking MemoryBIO connections. Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit 66dc33b6822be93f85d84d24d3f9159ff568fbbb)
* [3.6] bpo-30502: Fix handling of long oids in ssl. (GH-2909) (#3321)Christian Heimes2017-09-051-43/+47
| | | (cherry picked from commit e503ca52889bf66ac502702569e726caa7970299)
* [3.6] bpo-30102: Call OPENSSL_add_all_algorithms_noconf (GH-3112) (#3342)Christian Heimes2017-09-051-1/+5
| | | | | | | | | The ssl and hashlib modules now call OPENSSL_add_all_algorithms_noconf() on OpenSSL < 1.1.0. The function detects CPU features and enables optimizations on some CPU architectures such as POWER8. Patch is based on research from Gustavo Serra Scalet. Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit c941e62)
* [3.6] bpo-30622: Change NPN detection: (GH-2079) (#3314)Christian Heimes2017-09-051-7/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Change NPN detection: Version breakdown, support disabled (pre-patch/post-patch): - pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False - 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False - 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and OPENSSL_NO_NEXTPROTONEG will be defined -> True/False Version breakdown support enabled (pre-patch/post-patch): - pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False - 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will be defined and OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True - 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True * Refine NPN guard: - If NPN is disabled, but ALPN is available we need our callback - Make clinic's ssl behave the same way This created a working ssl module for me, with NPN disabled and ALPN enabled for OpenSSL 1.1.0f. Concerns to address: The initial commit for NPN support into OpenSSL [1], had the OPENSSL_NPN_* variables defined inside the OPENSSL_NO_NEXTPROTONEG guard. The question is if that ever made it into a release. This would need an ugly hack, something like: GH-if defined(OPENSSL_NO_NEXTPROTONEG) && \ !defined(OPENSSL_NPN_NEGOTIATED) GH- define OPENSSL_NPN_UNSUPPORTED 0 GH- define OPENSSL_NPN_NEGOTIATED 1 GH- define OPENSSL_NPN_NO_OVERLAP 2 GH-endif [1] https://github.com/openssl/openssl/commit/68b33cc5c7 (cherry picked from commit b2d096b)
* bpo-31095: fix potential crash during GC (GH-3195)INADA Naoki2017-09-041-0/+3
| | | (cherry picked from commit a6296d34a478b4f697ea9db798146195075d496c)
* [3.6] Regenerate Argument Clinic code for bpo-19180. (GH-2073). (#2077)Serhiy Storchaka2017-06-101-1/+1
| | | | (cherry picked from commit 5f31d5cf6efa8c304d352e34f9f2a1ed0074298e)
* [3.6] bpo-19180: Updated references for RFC 1750, RFC 3280 & RFC 4366Nick Coghlan2017-06-091-1/+1
| | | | | | * RFC 1750 has been been obsoleted by RFC 4086. * RFC 3280 has been obsoleted by RFC 5280. * RFC 4366 has been obsoleted by RFC 6066. (cherry picked from commit 63c2c8ac17750ba2be2cfc4e339cae1f4edee54f)
* [3.6] bpo-30594: Fixed refcounting in newPySSLSocket (GH-1992) (#1994)Nathaniel J. Smith2017-06-081-2/+1
| | | | If pass a server_hostname= that fails IDNA decoding to SSLContext.wrap_socket or SSLContext.wrap_bio, then the SSLContext object had a spurious Py_DECREF called on it, eventually leading to segfaults. (cherry picked from commit 65ece7ca2366308fa91a39a8dfa255e6bdce3cca)
* [3.6] bpo-29738: Fix memory leak in _get_crl_dp (GH-526) (GH-1142)Mariatta2017-04-151-7/+1
| | | | | | | | | * Remove conditional on free of `dps`, since `dps` is now allocated for all versions of OpenSSL * Remove call to `x509_check_ca` since it was only used to cache the `crldp` field of the certificate CRL_DIST_POINTS_free is available in all supported versions of OpenSSL (recent 0.9.8+) and LibreSSL. (cherry picked from commit 2849cc34a8db93d448a62d69c462402347b50dcb)
* bpo-29697: Don't use OpenSSL <1.0.2 fallback on 1.1+ (#397)Donald Stufft2017-03-021-2/+2
|
* TypoChristian Heimes2016-09-241-1/+1
|
* Finish GC code for SSLSession and increase test coverageChristian Heimes2016-09-241-4/+9
|
* Issue #28188: Use PyMem_Calloc() to get rid of a type-limits warning and an ↵Christian Heimes2016-09-131-3/+2
| | | | extra memset() call in _ssl.c.
* Issue #27866: Fix refleak in cipher_to_dict()Victor Stinner2016-09-121-12/+1
|
* Issue #28085: Add PROTOCOL_TLS_CLIENT and PROTOCOL_TLS_SERVER for SSLContextChristian Heimes2016-09-111-21/+59
|
* Issue #19500: Add client-side SSL session resumption to the ssl module.Christian Heimes2016-09-101-2/+370
|
* Issue 28043: SSLContext has improved default settingsChristian Heimes2016-09-101-0/+31
| | | | The options OP_NO_COMPRESSION, OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE, OP_NO_SSLv2 (except for PROTOCOL_SSLv2), and OP_NO_SSLv3 (except for PROTOCOL_SSLv3) are set by default. The initial cipher suite list contains only HIGH ciphers, no NULL ciphers and MD5 ciphers (except for PROTOCOL_SSLv2).
* Issue #27691: Fix ssl module's parsing of GEN_RID subject alternative name ↵Christian Heimes2016-09-061-1/+34
|\ | | | | | | fields in X.509 certs.
| * Issue #27691: Fix ssl module's parsing of GEN_RID subject alternative name ↵Christian Heimes2016-09-061-1/+34
| | | | | | | | fields in X.509 certs.
* | Issue #26470: Use short name rather than name for compression name to fix ↵Christian Heimes2016-09-051-6/+1
|\ \ | |/ | | | | #27958.
| * Issue #26470: Use short name rather than name for compression name to fix ↵Christian Heimes2016-09-051-6/+1
| | | | | | | | #27958.
* | Issue #27866: Add SSLContext.get_ciphers() method to get a list of all ↵Christian Heimes2016-09-051-0/+117
| | | | | | | | enabled ciphers.
* | Issue #26470: Port ssl and hashlib module to OpenSSL 1.1.0.Christian Heimes2016-09-051-45/+136
|\ \ | |/
| * Issue #26470: Port ssl and hashlib module to OpenSSL 1.1.0.Christian Heimes2016-09-051-45/+136
| |
* | merge 3.5 (#27773)Benjamin Peterson2016-08-161-6/+4
|\ \ | |/
| * fix corner cases in the management of server_hostname (closes #27773)Benjamin Peterson2016-08-161-6/+4
| |
* | Merge 3.5 (INVALID_SOCKET)Victor Stinner2016-07-221-2/+6
|\ \ | |/
| * socket: use INVALID_SOCKETVictor Stinner2016-07-221-2/+6
| | | | | | | | | | | | | | | | * Replace "fd = -1" with "fd = INVALID_SOCKET" * Replace "fd < 0" with "fd == INVALID_SOCKET": SOCKET_T is unsigned on Windows Bug found by Pavel Belikov ("Fragment N1"): http://www.viva64.com/en/b/0414/#ID0ECDAE
* | Issue #23804: Merge SSL recv() fix from 3.5Martin Panter2016-07-111-0/+8
|\ \ | |/
| * Issue #23804: Fix SSL zero-length recv() calls to not block and raise EOFMartin Panter2016-07-111-0/+8
| |
* | - Issue #27332: Fixed the type of the first argument of module-level functionsSerhiy Storchaka2016-07-071-22/+22
|\ \ | |/ | | | | generated by Argument Clinic. Patch by Petr Viktorin.
generated by cgit v0.12 at 2026-01-04 15:16:25 (GMT)