and Zope 2.6 (which requires Python 2.1.x) isn't dead yet.
Duh. The do_EOF() implementation was bogus. Make it more like
do_quit() -- but print a blank line first.
urlparse.py. These were new features in 2.2, and shouldn't be added
to 2.1 this late in the game. There was one use of urlsplit() in
httplib.py (the urlparse.py change was done as part of a backport of a
bugfix to httplib.py); this use is replaced with a call to urlparse()
without changing the effect (only the returned netloc is used).
Address SF bug #577530: del __builtins__ breaks out of rexec
Using the suggestion there: add_module() forces __builtin__ back; this
fixes r_exec, r_eval, r_execfile.
This does not mean that rexec is now considered safe! But for those
willing to take the risk, it's safer than before. (Note that a safety
analysis of the code module would be wise if you plan to use the
interactive console for real -- I've only ever used it to play with
restricted mode.)
Fix for SF bug 601077 by Zack Weinberg.
The new execvpe code would sometimes do the wrong thing when a
non-executable file existed earlier in the path and an executable file
of the same name existed later in the path. This patch restores the
proper behavior (which is to execute the second file). When only a
non-executable file exists, the correct error is still reported.
1) Do not attempt to exec a file which does not exist
just to find out what error the operating system
returns. This is an exploitable race on all platforms
that support symbolic links.
2) Immediately re-raise the exception if we get an
error other than errno.ENOENT or errno.ENOTDIR. This
may need to be adapted for other platforms.
Change _begin() back to begin().
Fix for SF bug 579107.
Fix for SF bug #432621: httplib: multiple Set-Cookie headers
Fix SF bug #575360
Handle HTTP/0.9 responses.
# On a Linux with large file support (LFS) using a Python without LFS,
# stat() will raise EOVERFLOW. This unambiguously indicates that the
# file exists because it only occurs when the size of the file can't
# find into the stat struct.
This change is only needed for Python 2.1, because LFS is
automatically configured starting with Python 2.2.
SF bug 533625 (Armin Rigo). rexec: potential security hole
If a rexec instance allows writing in the current directory (a common
thing to do), there's a way to execute bogus bytecode. Fix this by
not allowing imports from .pyc files (in a way that allows a site to
configure things so that .pyc files *are* allowed, if writing is not
allowed).
fixed an old buglet that caused bdb to be unable to
continue in the botframe, after a breakpoint was set.
the key idea is not to set botframe to the bottom level frame,
but its f_back, which actually might be None.
Additional changes: migrated old exception trick to use
sys._getframe(), which exists both in 2.1 and 2.2 .
Note: I believe Mark Hammond needs to look over his code now.
F5 correctly starts up in the debugger, but later on doesn't stop at a given
breakpoint any longer.
kind regards - chris
Fix bug 544473 - "Queue module can deadlock".
Use try/finally to ensure all Queue locks remain stable.
Includes test case. Bugfix candidate.
Original patch(es):
python/dist/src/Lib/Queue.py:1.15
frameobject.c: make sure free and cell vars make it into locals, which
makes eval work.
bltinmodule.c & ceval.c: make sure a code object with free variables
that is passed to exec or eval raises an exception.
Also duplicate the current trunk test suite in the 2.1 branch, except
for certain necessary changes: different warnings raised by 2.1, need
for __future__.
SF bug #543318 (Frank J. Tobin).
In DatagramRequestHandler.setup(), the wfile initialization should be
StringIO.StringIO(), not StringIO.StringIO(slf.packet).
Bugfix candidate (all the way back to Python 1.5.2 :-).
Original patches were:
python/dist/src/Lib/SocketServer.py:1.31
