summaryrefslogtreecommitdiff
path: root/Modules/_ssl.c
Commit message (Collapse)AuthorAgeFilesLines
...
* | Issue #17581: try to fix building on old OpenSSL versionsAntoine Pitrou2013-03-301-7/+27
| |
* | Issue #16692: The ssl module now supports TLS 1.1 and TLS 1.2. Initial ↵Antoine Pitrou2013-03-281-47/+77
| | | | | | | | patch by Michele Orrù.
* | Issue #16982: Fix --without-threads build failure.Stefan Krah2013-01-171-3/+9
| |
* | SSLContext.load_dh_params() now properly closes the input file.Antoine Pitrou2013-01-121-0/+1
|\ \ | |/
| * SSLContext.load_dh_params() now properly closes the input file.Antoine Pitrou2013-01-121-0/+1
| |
* | Fix returning uninitialized variable (issue #8109).Antoine Pitrou2013-01-061-1/+1
| | | | | | | | Found by Christian with Coverity.
* | Issue #8109: The ssl module now has support for server-side SNI, thanks to a ↵Antoine Pitrou2013-01-051-5/+248
|/ | | | | | :meth:`SSLContext.set_servername_callback` method. Patch by Daniel Black.
* Issue #15977: Fix memory leak in Modules/_ssl.c when the function ↵Christian Heimes2012-09-201-0/+7
| | | | _set_npn_protocols() is called multiple times
* MERGE: Closes #15793: Stack corruption in ssl.RAND_egd()Jesus Cea2012-09-111-1/+1
|\
| * Closes #15793: Stack corruption in ssl.RAND_egd()Jesus Cea2012-09-111-1/+1
| |
* | Issue #15604: Update uses of PyObject_IsTrue() to check for and handle ↵Antoine Pitrou2012-08-151-3/+3
|\ \ | |/ | | | | | | | | errors correctly. Patch by Serhiy Storchaka.
| * Issue #15604: Update uses of PyObject_IsTrue() to check for and handle ↵Antoine Pitrou2012-08-151-1/+5
| | | | | | | | | | | | errors correctly. Patch by Serhiy Storchaka.
* | Issue #14837: SSL errors now have `library` and `reason` attributes ↵Antoine Pitrou2012-06-221-63/+199
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | describing precisely what happened and in which OpenSSL submodule. The str() of a SSLError is also enhanced accordingly. NOTE: this commit creates a reference leak. The leak seems tied to the use of PyType_FromSpec() to create the SSLError type. The leak is on the type object when it is instantiated: >>> e = ssl.SSLError() >>> sys.getrefcount(ssl.SSLError) 35 >>> e = ssl.SSLError() >>> sys.getrefcount(ssl.SSLError) 36 >>> e = ssl.SSLError() >>> sys.getrefcount(ssl.SSLError) 37
* | Issue #14204: The ssl module now has support for the Next Protocol ↵Antoine Pitrou2012-03-221-0/+115
| | | | | | | | | | | | Negotiation extension, if available in the underlying OpenSSL library. Patch by Colin Marc.
* | Fix last remaining build issues of _ssl under old OpenSSLs. Patch by Vinay.Antoine Pitrou2012-02-191-0/+5
| |
* | Try to really fix compilation failures of the _ssl module under very old ↵Antoine Pitrou2012-02-171-0/+6
| | | | | | | | OpenSSLs.
* | Fix compilation when SSL_OP_SINGLE_ECDH_USE isn't definedAntoine Pitrou2012-02-171-0/+2
| |
* | Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert().Antoine Pitrou2012-02-151-9/+14
|\ \ | |/
| * Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert().Antoine Pitrou2012-02-151-9/+14
| |
* | Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV ↵Antoine Pitrou2012-01-271-2/+4
|\ \ | |/ | | | | attack countermeasure.
| * Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV ↵Antoine Pitrou2012-01-271-2/+4
| |\ | | | | | | | | | attack countermeasure.
| | * Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV ↵Antoine Pitrou2012-01-271-1/+2
| | | | | | | | | | | | attack countermeasure.
* | | Issue #13626: Add support for SSL Diffie-Hellman key exchange, through theAntoine Pitrou2011-12-221-0/+35
| | | | | | | | | | | | SSLContext.load_dh_params() method and the ssl.OP_SINGLE_DH_USE option.
* | | Fix ssl module compilation if ECDH support was disabled in the OpenSSL build.Antoine Pitrou2011-12-211-0/+12
| | | | | | | | | | | | (followup to issue #13627)
* | | Issue #13634: Add support for querying and disabling SSL compression.Antoine Pitrou2011-12-201-0/+24
| | |
* | | Issue #13627: Add support for SSL Elliptic Curve-based Diffie-HellmanAntoine Pitrou2011-12-191-0/+30
| | | | | | | | | | | | | | | key exchange, through the SSLContext.set_ecdh_curve() method and the ssl.OP_SINGLE_ECDH_USE option.
* | | Issue #13635: Add ssl.OP_CIPHER_SERVER_PREFERENCE, so that SSL serversAntoine Pitrou2011-12-191-0/+2
| | | | | | | | | | | | | | | choose the cipher based on their own preferences, rather than on the client's.
* | | Issue #13458: Fix a memory leak in the ssl module when decoding a ↵Antoine Pitrou2011-11-231-0/+1
|\ \ \ | |/ / | | | | | | | | | | | | certificate with a subjectAltName. Patch by Robert Xiao.
| * | Issue #13458: Fix a memory leak in the ssl module when decoding a ↵Antoine Pitrou2011-11-231-0/+1
| | | | | | | | | | | | | | | | | | certificate with a subjectAltName. Patch by Robert Xiao.
* | | Issue #11183: Add finer-grained exceptions to the ssl module, so thatAntoine Pitrou2011-10-271-3/+57
| | | | | | | | | | | | you don't have to inspect the exception's attributes in the common case.
* | | Add a docstring to SSLErrorAntoine Pitrou2011-10-221-3/+8
| | |
* | | Use PyExc_OSError directly instead of grabbing it from the socket module APIAntoine Pitrou2011-10-221-1/+1
| | |
* | | Issue #13034: When decoding some SSL certificates, the subjectAltName ↵Antoine Pitrou2011-10-011-1/+1
|\ \ \ | |/ / | | | | | | extension could be unreported.
| * | Issue #13034: When decoding some SSL certificates, the subjectAltName ↵Antoine Pitrou2011-10-011-1/+1
| | | | | | | | | | | | extension could be unreported.
* | | Issue #12287: Fix a stack corruption in ossaudiodev module when the FD isCharles-François Natali2011-08-281-3/+1
|\ \ \ | |/ / | | | | | | greater than FD_SETSIZE.
| * | Issue #12287: Fix a stack corruption in ossaudiodev module when the FD isCharles-François Natali2011-08-281-3/+1
| | | | | | | | | | | | greater than FD_SETSIZE.
* | | Issue #12803: SSLContext.load_cert_chain() now accepts a password argumentAntoine Pitrou2011-08-251-21/+149
| | | | | | | | | | | | to be used if the private key is encrypted. Patch by Adam Simpkins.
* | | Issue #12551: Provide a get_channel_binding() method on SSL sockets so asAntoine Pitrou2011-07-211-0/+60
| | | | | | | | | | | | | | | | | | | | | | | | to get channel binding data for the current SSL session (only the "tls-unique" channel binding is implemented). This allows the implementation of certain authentication mechanisms such as SCRAM-SHA-1-PLUS. Patch by Jacek Konieczny.
* | | Issue #12440: When testing whether some bits in SSLContext.options can beAntoine Pitrou2011-07-081-9/+25
|\ \ \ | |/ / | | | | | | | | | reset, check the version of the OpenSSL headers Python was compiled against, rather than the runtime version of the OpenSSL library.
| * | Issue #12440: When testing whether some bits in SSLContext.options can beAntoine Pitrou2011-07-081-9/+25
| | | | | | | | | | | | | | | reset, check the version of the OpenSSL headers Python was compiled against, rather than the runtime version of the OpenSSL library.
| * | (Merge 3.1) Issue #12012: ssl.PROTOCOL_SSLv2 becomes optionalVictor Stinner2011-05-101-1/+7
| |\ \ | | |/ | | | | | | | | | | | | | | | OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2 protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid. Optimize also ssl.get_protocol_name(): speed does matter!
| | * Issue #12012: ssl.PROTOCOL_SSLv2 becomes optionalVictor Stinner2011-05-101-1/+7
| | | | | | | | | | | | | | | | | | | | | OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2 protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid. Optimize also ssl.get_protocol_name(): speed does matter!
| | * Merged revisions 87140 via svnmerge fromHirokazu Yamamoto2010-12-091-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r87140 | hirokazu.yamamoto | 2010-12-09 19:49:00 +0900 (木, 09 12 2010) | 2 lines Should call Py_INCREF for Py_None (Modules/_ssl.c: PySSL_cipher) ........
| | * Merged revisions 85432 via svnmerge fromBenjamin Peterson2010-10-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r85432 | benjamin.peterson | 2010-10-13 17:06:39 -0500 (Wed, 13 Oct 2010) | 1 line constify to appease compiler warnings ........
| | * Merged revisions 84464 via svnmerge fromAntoine Pitrou2010-09-031-29/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r84464 | antoine.pitrou | 2010-09-03 20:38:17 +0200 (ven., 03 sept. 2010) | 3 lines Issue #3805: clean up implementation of the _read method in _ssl.c. ........
| | * Merged revisions 83677 via svnmerge fromMark Dickinson2010-08-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r83677 | mark.dickinson | 2010-08-03 19:31:54 +0100 (Tue, 03 Aug 2010) | 1 line Fix memory leak in ssl module. ........
| | * Merged revisions 82211 via svnmerge fromAntoine Pitrou2010-06-251-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r82211 | antoine.pitrou | 2010-06-25 02:07:34 +0200 (ven., 25 juin 2010) | 10 lines Merged revisions 82210 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r82210 | antoine.pitrou | 2010-06-25 02:03:21 +0200 (ven., 25 juin 2010) | 4 lines Issue #9075: In the ssl module, remove the setting of a `debug` flag on an OpenSSL structure. ........ ................
| | * Merged revisions 82204 via svnmerge fromAntoine Pitrou2010-06-241-27/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r82204 | antoine.pitrou | 2010-06-25 00:34:04 +0200 (ven., 25 juin 2010) | 5 lines Issue #8682: The ssl module now temporary increments the reference count of a socket object got through `PyWeakref_GetObject`, so as to avoid possible deallocation while the object is still being used. ........
| | * Merged revisions 81242 via svnmerge fromAntoine Pitrou2010-05-161-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r81242 | antoine.pitrou | 2010-05-17 01:14:22 +0200 (lun., 17 mai 2010) | 10 lines Merged revisions 81241 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r81241 | antoine.pitrou | 2010-05-17 01:11:46 +0200 (lun., 17 mai 2010) | 4 lines Clear the OpenSSL error queue each time an error is signalled. When the error queue is not emptied, strange things can happen on the next SSL call, depending on the OpenSSL version. ........ ................
| | * Merged revisions 81116 via svnmerge fromAntoine Pitrou2010-05-121-33/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r81116 | antoine.pitrou | 2010-05-12 16:05:24 +0200 (mer., 12 mai 2010) | 9 lines Merged revisions 81115 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r81115 | antoine.pitrou | 2010-05-12 16:02:34 +0200 (mer., 12 mai 2010) | 3 lines Improve _ssl.c formatting ........ ................
View Lorry Controller Status