ada/cpython
0
0
Fork 0
mirror of https://github.com/AdaCore/cpython.git synced 2026-02-12 12:57:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
77,983 Commits 66 Branches 323 Tags
2ce98f8c869a6745f2499bc9bca666135c8ed4e5
Commit Graph

105 Commits

Author SHA1 Message Date
Antoine Pitrou
3b2afbbf88 Issue #20207: Always disable SSLv2 except when PROTOCOL_SSLv2 is explicitly asked for. 2014-01-09 19:52:12 +01:00
Christian Heimes
41a7d5ee17 Issue #19227 / Issue #18747: Remove pthread_atfork() handler to remove OpenSSL re-seeding 
It is causing trouble like e.g. hanging processes.
 2013-10-29 20:50:01 +01:00
Antoine Pitrou
87c99a0d37 Properly initialize all fields of a SSL object after allocation. 2013-09-29 19:52:45 +02:00
Christian Heimes
5eb6e3b40d Issue #18709: GCC 4.6 complains that 'v' may be used uninitialized in GEN_EMAIL/GEN_URI/GEN_DNS case 2013-09-05 16:05:50 +02:00
Christian Heimes
ed9884b2d0 Issue #18709: GCC 4.6 complains that 'v' may be used uninitialized in GEN_EMAIL/GEN_URI/GEN_DNS case 2013-09-05 16:04:35 +02:00
Christian Heimes
8ee5ffddf5 Issue #18747: Fix spelling errors in my commit message and comments, 
thanks to Vajrasky Kok for proof-reading.
 2013-08-25 14:19:16 +02:00
Barry Warsaw
82f8828317 - Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes 
inside subjectAltName correctly. Formerly the module has used OpenSSL's
  GENERAL_NAME_print() function to get the string represention of ASN.1
  strings for `rfc822Name` (email), `dNSName` (DNS) and
  `uniformResourceIdentifier` (URI).
 2013-08-23 13:26:49 -04:00
Christian Heimes
1d0f73d20f Issue #18747: Use a parent atfork handler instead of a child atfork handler. 
fork() is suppose to be async-signal safe but the handler calls unsafe functions. A parent handler mitigates the issue.
 2013-08-22 13:19:48 +02:00
Christian Heimes
0d604cf65e Issue #18747: Re-seed OpenSSL's pseudo-random number generator after fork. 
A pthread_atfork() child handler is used to seeded the PRNG with pid, time
and some stack data.
 2013-08-21 13:26:05 +02:00
Christian Heimes
10107813ac Issue #18777: The ssl module now uses the new CRYPTO_THREADID API of 
OpenSSL 1.0.0+ instead of the deprecated CRYPTO id callback function.
 2013-08-19 17:36:29 +02:00
Christian Heimes
b4ec842f39 Issue 18768: Correct doc string of RAND_edg(). Patch by Vajrasky Kok. 2013-08-17 17:25:18 +02:00
Christian Heimes
f1bd47ae14 Issue #18768: coding style nitpick. Thanks to Vajrasky Kok 2013-08-17 17:18:56 +02:00
Ezio Melotti
419e23cbb0 #18466: fix more typos. Patch by Févry Thibault. 2013-08-17 16:56:09 +03:00
Christian Heimes
88b174c977 Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes 
inside subjectAltName correctly. Formerly the module has used OpenSSL's
GENERAL_NAME_print() function to get the string represention of ASN.1
strings for rfc822Name (email), dNSName (DNS) and
uniformResourceIdentifier (URI).
 2013-08-17 00:54:47 +02:00
Victor Stinner
c1a44269da Issue #18135: ssl.SSLSocket.write() now raises an OverflowError if the input 
string in longer than 2 gigabytes. The ssl module does not support partial
write.
 2013-06-25 00:48:02 +02:00
Victor Stinner
4807df41ad Issue #18135: Fix a possible integer overflow in ssl.SSLSocket.write() 
for strings longer than 2 gigabytes.
 2013-06-23 15:15:10 +02:00
Antoine Pitrou
c5bef75c77 Issue #15604: Update uses of PyObject_IsTrue() to check for and handle errors correctly. 
Patch by Serhiy Storchaka.
 2012-08-15 23:16:51 +02:00
Antoine Pitrou
d358e0554b Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure. 2012-01-27 09:42:45 +01:00
Antoine Pitrou
dd7e071b23 Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert(). 2012-02-15 22:25:27 +01:00
Antoine Pitrou
374b4ea9da Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure. 2012-01-27 09:44:08 +01:00
Antoine Pitrou
aa1c967f93 Issue #13458: Fix a memory leak in the ssl module when decoding a certificate with a subjectAltName. 
Patch by Robert Xiao.
 2011-11-23 01:39:19 +01:00
Antoine Pitrou
f06eb46918 Issue #13034: When decoding some SSL certificates, the subjectAltName extension could be unreported. 2011-10-01 19:30:58 +02:00
Charles-François Natali
fda7b379ac Issue #12287: Fix a stack corruption in ossaudiodev module when the FD is 
greater than FD_SETSIZE.
 2011-08-28 16:22:33 +02:00
Victor Stinner
b1241f9619 (Merge 3.1) Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional 
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.

Optimize also ssl.get_protocol_name(): speed does matter!
 2011-05-10 01:52:03 +02:00
Hirokazu Yamamoto
a9b1689a89 Merged revisions 87140 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r87140 | hirokazu.yamamoto | 2010-12-09 19:49:00 +0900 (木, 09 12 2010) | 2 lines

  Should call Py_INCREF for Py_None (Modules/_ssl.c: PySSL_cipher)
........
 2010-12-09 12:12:42 +00:00