summaryrefslogtreecommitdiffstats
path: root/Tools/ssl
Commit message (Collapse)AuthorAgeFilesLines
* [3.9] gh-100454: Fix running SSL tests with OpenSSL 3.1+ (GH-100456) (GH-125186)Miss Islington (bot)2024-10-091-4/+4
| | | | | | | | This fixes Ubuntu pipeline with OpenSSL 3.1+ (cherry picked from commit 333c7dccd87c637d0b15cf81f9bbec28e39664fd) Co-authored-by: Dimitri John Ledkov <19779+xnox@users.noreply.github.com> Co-authored-by: Illia Volochii <illia.volochii@gmail.com>
* [3.9] gh-109991: Update GitHub CI workflows to use OpenSSL 3.0.11 and ↵Ned Deily2024-01-171-2/+2
| | | | | multissltests to use 1.1.1w and 3.0.11. (GH-110008) (cherry picked from commit c88037d137a98d7c399c7bd74d5117b5bcae1543)
* [3.9] gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL ↵Ned Deily2023-08-221-2/+2
| | | | | | | 1.1.1v, 3.0.10, and 3.1.2. (#108123) [3.9] gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL 1.1.1v, 3.0.10, and 3.1.2. (cherry picked from commit 441797d4ffb12acda257370b9e5e19ed8d6e8a71)
* [3.9] gh-103142: Upgrade binary builds and CI to OpenSSL 1.1.1u (GH-105174) ↵Gregory P. Smith2023-06-051-2/+2
| | | | | | | | | | | | | | | (GH-105200) (#105205) Upgrade builds to OpenSSL 1.1.1u. Also updates _ssl_data_111.h from OpenSSL 1.1.1u, _ssl_data_300.h from 3.0.9. Manual edits to the _ssl_data_300.h file prevent it from removing any existing definitions in case those exist in some peoples builds and were important (avoiding regressions during backporting). (cherry picked from commit ede89af) Co-authored-by: Ned Deily <nad@python.org>
* [3.9] gh-101726: Update the OpenSSL version to 1.1.1t (GH-101727) (GH-101751)Steve Dower2023-03-071-2/+2
| | | | | | | Fixes CVE-2023-0286 (High) and a couple of Medium security issues. https://www.openssl.org/news/secadv/20230207.txt Co-authored-by: Gregory P. Smith <greg@krypto.org> Co-authored-by: Ned Deily <nad@python.org>
* [3.9] bpo-47024: Update OpenSSL to 1.1.1n (GH-31895) (#31917)Christian Heimes2022-03-151-2/+2
| | | | | Co-authored-by: Zachary Ware <zachary.ware@gmail.com>. Co-authored-by: Christian Heimes <christian@python.org>. Co-authored-by: Christian Heimes <christian@python.org>
* bpo-46106: Update OpenSSL to 1.1.1m (GH-30211) (GH-30225)Ned Deily2021-12-221-1/+1
| | | | Co-authored-by: Ned Deily <nad@python.org> Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
* [3.9] bpo-46114: Fix OpenSSL version check for 3.0.1 (GH-30170) (GH-30173)Christian Heimes2021-12-171-1/+1
| | | Co-authored-by: Christian Heimes <christian@python.org>
* [3.9] bpo-38820: Test with OpenSSL 3.0.0 final (GH-28205) (GH-28217)Łukasz Langa2021-09-081-1/+5
| | | | | | Signed-off-by: Christian Heimes <christian@python.org>. (cherry picked from commit cc7c6801945c6a7373553b78bd899ce09681ec0a) Co-authored-by: Christian Heimes <christian@python.org>
* [3.9] bpo-45007: Update multissl to openssl 1.1.1l as well (GH-28044) (GH-28062)Christian Heimes2021-08-301-2/+2
| | | | | | This was missed while upgrading CI.. (cherry picked from commit d6cb5dd9e19210f5963ff8beadde7ca2fda71574) Co-authored-by: Łukasz Langa <lukasz@langa.pl>
* [3.9] bpo-38820: Test with OpenSSL 3.0.0-alpha16 (GH-25942) (#25944)Christian Heimes2021-07-121-44/+11
| | | | | | Also use new make target to install FIPS provider.. (cherry picked from commit e8525567dd325527e00b3c4ce7c4ce31ff3f1a8c) Co-authored-by: Christian Heimes <christian@python.org>
* [3.9] bpo-38820: Old OpenSSL 3.0.0 releases are in /old/3.0/ (GH-25624) ↵Miss Islington (bot)2021-04-261-10/+14
| | | | | | | | | | | (GH-25626) Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit 3c586ca500854476e6eff06713236faff233d035) Co-authored-by: Christian Heimes <christian@python.org> Automerge-Triggered-By: GH:tiran
* [3.9] bpo-43788: Generate version specific _ssl_data.h (GH-25300) (GH-25310)Christian Heimes2021-04-092-81/+115
| | | | | (cherry picked from commit 150af7543214e1541fa582374502ac1cd70e8eb4) Co-authored-by: Christian Heimes <christian@python.org>
* [3.9] bpo-43631: Update to OpenSSL 1.1.1k (GH-25024) (GH-25088)Christian Heimes2021-03-301-2/+2
| | | | | | | | Signed-off-by: Christian Heimes <christian@python.org> Automerge-Triggered-By: GH:tiran. (cherry picked from commit a54fc683f237d8f0b6e999a63aa9b8c0a45b7fef) Co-authored-by: Christian Heimes <christian@python.org>
* [3.9] bpo-41043: Escape literal part of the path for glob(). (GH-20994). ↵Serhiy Storchaka2020-07-021-1/+1
| | | | | (GH-21275) (cherry picked from commit 935586845815f5b4c7814794413f6a812d4bd45f)
* bpo-30008: Fix OpenSSL no-deprecated compilation (GH-20397)Miss Islington (bot)2020-06-011-0/+1
| | | | | | | | | | | | Fix :mod:`ssl`` code to be compatible with OpenSSL 1.1.x builds that use ``no-deprecated`` and ``--api=1.1.0``. Note: Tests assume full OpenSSL API and fail with limited API. Signed-off-by: Christian Heimes <christian@python.org> Co-authored-by: Mark Wright <gienah@gentoo.org> (cherry picked from commit a871f692b4a2e6c7d45579693e787edc0af1a02c) Co-authored-by: Christian Heimes <christian@python.org>
* bpo-40457: Support OpenSSL without TLS 1.0/1.1 (GH-19862)Christian Heimes2020-05-161-4/+5
| | | | | | | | | | | OpenSSL can be build without support for TLS 1.0 and 1.1. The ssl module now correctly adheres to OPENSSL_NO_TLS1 and OPENSSL_NO_TLS1_1 flags. Also update multissltest to test with latest OpenSSL and LibreSSL releases. Signed-off-by: Christian Heimes <christian@python.org> Automerge-Triggered-By: @tiran
* bpo-40163: Fix multissltest download of old OpenSSL (GH-19329)Christian Heimes2020-05-151-11/+41
|
* bpo-40479: Test with latest OpenSSL versions (GH-20108)Christian Heimes2020-05-151-3/+58
| | | | | | | | | | | | | * 1.0.2u (EOL) * 1.1.0l (EOL) * 1.1.1g * 3.0.0-alpha2 (disabled for now) Build the FIPS provider and create a FIPS configuration file for OpenSSL 3.0.0. Signed-off-by: Christian Heimes <christian@python.org> Automerge-Triggered-By: @tiran
* closes bpo-40266, closes bpo-39953: Use numeric lib code if compiling ↵Benjamin Peterson2020-04-141-4/+8
| | | | against old OpenSSL. (GH-19506)
* closes bpo-39953: Generate ifdefs around library code definitions. (GH-19490)Benjamin Peterson2020-04-121-0/+2
|
* closes bpo-39953: Update OpenSSL error codes table. (GH-19082)Benjamin Peterson2020-04-111-9/+16
| | | I updated the error codes using the OpenSSL 1.1.1f source tree.
* closes bpo-40125: Update multissltests.py to use OpenSSL 1.1.1f. (GH-19248)Benjamin Peterson2020-03-311-1/+1
|
* bpo-38117: Test with OpenSSL 1.1.1d (GH-15983)Christian Heimes2019-09-111-5/+4
| | | Signed-off-by: Christian Heimes <christian@python.org>
* Fix typos in comments, docs and test names (#15018)Min ho Kim2019-07-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | * Fix typos in comments, docs and test names * Update test_pyparse.py account for change in string length * Apply suggestion: splitable -> splittable Co-Authored-By: Terry Jan Reedy <tjreedy@udel.edu> * Apply suggestion: splitable -> splittable Co-Authored-By: Terry Jan Reedy <tjreedy@udel.edu> * Apply suggestion: Dealloccte -> Deallocate Co-Authored-By: Terry Jan Reedy <tjreedy@udel.edu> * Update posixmodule checksum. * Reverse idlelib changes.
* bpo-34271: Fix compatibility with 1.0.2 (GH-13728)Christian Heimes2019-06-031-1/+2
| | | | | | Fix various compatibility issues with LibreSSL and OpenSSL 1.0.2 introduced by bpo-34271. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-37081: Test with OpenSSL 1.1.1c (GH-13631)Christian Heimes2019-06-031-3/+3
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-34670: Add TLS 1.3 post handshake auth (GH-9460)Christian Heimes2018-09-231-4/+4
| | | | | | | | | | Add SSLContext.post_handshake_auth and SSLSocket.verify_client_post_handshake for TLS 1.3 post-handshake authentication. Signed-off-by: Christian Heimes <christian@python.org>q https://bugs.python.org/issue34670
* bpo-33618: Enable TLS 1.3 in tests (GH-7079)Christian Heimes2018-05-231-8/+25
| | | | | | | | | | | | TLS 1.3 behaves slightly different than TLS 1.2. Session tickets and TLS client cert auth are now handled after the initialy handshake. Tests now either send/recv data to trigger session and client certs. Or tests ignore ConnectionResetError / BrokenPipeError on the server side to handle clients that force-close the socket fd. To test TLS 1.3, OpenSSL 1.1.1-pre7-dev (git master + OpenSSL PR https://github.com/openssl/openssl/pull/6340) is required. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-33570: TLS 1.3 ciphers for OpenSSL 1.1.1 (GH-6976)Christian Heimes2018-05-221-4/+4
| | | | | | | | | | Change TLS 1.3 cipher suite settings for compatibility with OpenSSL 1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by default. Also update multissltests and Travis config to test with latest OpenSSL. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-33522: Enable CI builds on Visual Studio Team Services (#6865)Steve Dower2018-05-161-2/+12
|
* bpo-33127: Compatibility patch for LibreSSL 2.7.0 (GH-6210)Christian Heimes2018-03-241-1/+1
| | | | | | | | | | LibreSSL 2.7 introduced OpenSSL 1.1.0 API. The ssl module now detects LibreSSL 2.7 and only provides API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7. Documentation updates and fixes for failing tests will be provided in another patch set. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes (#5663)Christian Heimes2018-02-271-9/+5
| | | | | | | | | | | | | | | | | | * bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes Misc fixes and workarounds for compatibility with OpenSSL 1.1.1-pre1 and TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by default. Some test cases only apply to TLS 1.2. Other tests currently fail because the threaded or async test servers stop after failure. I'm going to address these issues when OpenSSL 1.1.1 reaches beta. OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS 1.3. The feature is enabled by default for maximum compatibility with broken middle boxes. Users should be able to disable the hack and CPython's test suite needs it to verify default options. Signed-off-by: Christian Heimes <christian@python.org>
* bpo-32549: Compile OpenSSL 1.1.0 on Travis CI (#5180)Christian Heimes2018-01-161-52/+69
| | | | | | Use an improved version of multissl test helper to compile a local copy of OpenSSL 1.1.0g. Signed-off-by: Christian Heimes <christian@python.org>
* Update multissltests: 1.0.2m, 1.1.0g (#4232)Christian Heimes2017-11-021-3/+2
|
* bpo-31392: Update SSL build for 1.1.0 (#3448)Steve Dower2017-09-091-70/+0
|
* Update multissl test helper (#3349)Christian Heimes2017-09-072-241/+430
| | | Signed-off-by: Christian Heimes <christian@python.org>
* Closes #27904: Improved logging statements to defer formatting until needed.Vinay Sajip2016-08-311-3/+3
|
* Issue #23248: Update ssl error codes from latest OpenSSL git master.Antoine Pitrou2015-01-181-19/+38
|\
| * Issue #23248: Update ssl error codes from latest OpenSSL git master.Antoine Pitrou2015-01-181-19/+38
| |
* | Issue #22919: Windows build updated to support VC 14.0 (Visual Studio 2015), ↵Steve Dower2014-11-221-0/+70
|/ | | | which will be used for the official 3.5 release.
* Issue #19936: Added executable bits or shebang lines to Python scripts whichSerhiy Storchaka2014-01-161-0/+0
|\ | | | | | | | | | | | | requires them. Disable executable bits and shebang lines in test and benchmark files in order to prevent using a random system python, and in source files of modules which don't provide command line interface. Fixed shebang lines in the unittestgui and checkpip scripts.
| * Issue #19936: Added executable bits or shebang lines to Python scripts whichSerhiy Storchaka2014-01-161-0/+0
| | | | | | | | | | | | | | requires them. Disable executable bits and shebang lines in test and benchmark files in order to prevent using a random system python, and in source files of modules which don't provide command line interface. Fixed shebang line to use python3 executable in the unittestgui script.
* | Issue #18215: Add script Tools/ssl/test_multiple_versions.py to compile andChristian Heimes2013-12-161-0/+241
|/ | | | run Python's unit tests with multiple versions of OpenSSL.
* Add a docstring at the top of Tools/ssl/make_ssl_data.pyAntoine Pitrou2012-06-221-0/+11
|
* Add forgotten files for #14837.Antoine Pitrou2012-06-221-0/+57
|
* Clean up tools: remove "world" and "framer", move single SSL script to scripts/.Georg Brandl2010-12-301-83/+0
|
* Fix bytes/str issues in get-remote-certificate.py.Georg Brandl2010-10-281-7/+11
|
* convert shebang lines: python -> python3Benjamin Peterson2010-03-111-1/+1
|
* Merged revisions 60990-61002 via svnmerge fromChristian Heimes2008-02-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/trunk ........ r60990 | eric.smith | 2008-02-23 17:05:26 +0100 (Sat, 23 Feb 2008) | 1 line Removed duplicate Py_CHARMASK define. It's already defined in Python.h. ........ r60991 | andrew.kuchling | 2008-02-23 17:23:05 +0100 (Sat, 23 Feb 2008) | 4 lines #1330538: Improve comparison of xmlrpclib.DateTime and datetime instances. Remove automatic handling of datetime.date and datetime.time. This breaks backward compatibility, but python-dev discussion was strongly against this automatic conversion; see the bug for a link. ........ r60994 | andrew.kuchling | 2008-02-23 17:39:43 +0100 (Sat, 23 Feb 2008) | 1 line #835521: Add index entries for various pickle-protocol methods and attributes ........ r60995 | andrew.kuchling | 2008-02-23 18:10:46 +0100 (Sat, 23 Feb 2008) | 2 lines #1433694: minidom's .normalize() failed to set .nextSibling for last element. Fix by Malte Helmert ........ r61000 | christian.heimes | 2008-02-23 18:40:11 +0100 (Sat, 23 Feb 2008) | 1 line Patch #2167 from calvin: Remove unused imports ........ r61001 | christian.heimes | 2008-02-23 18:42:31 +0100 (Sat, 23 Feb 2008) | 1 line Patch #1957: syslogmodule: Release GIL when calling syslog(3) ........ r61002 | christian.heimes | 2008-02-23 18:52:07 +0100 (Sat, 23 Feb 2008) | 2 lines Issue #2051 and patch from Alexander Belopolsky: Permission for pyc and pyo files are inherited from the py file. ........
generated by cgit v0.12 at 2026-01-04 15:44:22 (GMT)