| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SSLContext.post_handshake_auth = True no longer sets
SSL_VERIFY_POST_HANDSHAKE verify flag for client connections. Although the
option is documented as ignored for clients, OpenSSL implicitly enables cert
chain validation when the flag is set.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue37428
(cherry picked from commit f0f5930ac88482ef896283db5be9b8d508d077db)
Co-authored-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue37428
|
| | |
|
| |
|
|
|
|
| |
Add a function to collect certificates from several certificate stores into one certificate collection store that is then enumerated. This ensures we load as many certificates as we can access.
(cherry picked from commit d93fbbf88e4abdd24a0a55e3ddf85b8420c62052)
Co-authored-by: kctherookie <48805853+kctherookie@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
(GH-12322)
(cherry picked from commit d53fe5f407ff4b529628b01a1bcbf21a6aad5c3a)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue35746
(cherry picked from commit a37f52436f9aa4b9292878b72f3ff1480e2606c3)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
| |
(GH-11175)
(cherry picked from commit 842acaab1376c5c84fd5966bb6070e289880e1ca)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
| |
(GH-11015) (GH-11020)
(cherry picked from commit 4c49da0cb7434c676d70b9ccf38aca82ac0d64a9)
|
| |
|
|
|
|
|
|
|
| |
On failure, _PyBytes_Resize() will deallocate the bytes object and set
"result" to NULL.
https://bugs.python.org/issue34824
(cherry picked from commit 365ad2ead5bbaf7a3b18648ffa36e819559d3f75)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 07fbbfde1b300369b4f8d1cfb80045fbb23b7091)
Co-authored-by: Stéphane Wirtel <stephane@wirtel.be>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add SSLContext.post_handshake_auth and
SSLSocket.verify_client_post_handshake for TLS 1.3 post-handshake
authentication.
Signed-off-by: Christian Heimes <christian@python.org>q
https://bugs.python.org/issue34670.
(cherry picked from commit 9fb051f032c36b9f6086b79086b4d6b7755a3d70)
Co-authored-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue34670
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL follows the convention that whenever you call a function, it
returns an error indicator value; and if this value is negative, then
you need to go look at the actual error code to see what happened.
Commit c6fd1c1c3a introduced a small mistake in
_ssl__SSLSocket_shutdown_impl: instead of checking whether the error
indicator was negative, it started checking whether the actual error
code was negative, and it turns out that the error codes are never
negative. So the effect was that 'unwrap()' lost the ability to raise
SSL errors.
https://bugs.python.org/issue34759
(cherry picked from commit c0da582b227f311126e278b5553a7fa89c79b054)
Co-authored-by: Nathaniel J. Smith <njs@pobox.com>
|
| |
|
|
|
| |
(cherry picked from commit c6fd1c1c3a65217958b68df3a4991e4f306e9b7d)
Co-authored-by: Steve Dower <steve.dower@microsoft.com>
|
| |
|
|
|
|
|
|
| |
Include ``openssl/dh.h`` header file to fix implicit function declaration of ``DH_free()``.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit b3a271fc0ce3e13e427be8914decfc205a220ca8)
Co-authored-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
|
|
|
| |
(GH-7651)
(cherry picked from commit 4531ec74c4a9c8e15ee2bdec11b12796ce000f6f)
Co-authored-by: Ned Deily <nad@python.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The documentation for CERT_NONE, CERT_OPTIONAL, and CERT_REQUIRED were
misleading and partly wrong. It fails to explain that OpenSSL behaves
differently in client and server mode. Also OpenSSL does validate the
cert chain everytime. With SSL_VERIFY_NONE a validation error is not
fatal in client mode and does not request a client cert in server mode.
Also discourage people from using CERT_OPTIONAL in client mode.
(cherry picked from commit ef24b6c54d40e7820456873a6eab6ef57d2bd0db)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The ssl module now contains OP_NO_RENEGOTIATION constant, available with
OpenSSL 1.1.0h or 1.1.1.
Note, OpenSSL 1.1.0h hasn't been released yet.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 67c48016638aac9a15afe6fd6754d53d2bdd6b76)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
| |
(cherry picked from commit 00717a46a120dd8c8c74970fd75d201a5f42ab18)
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit f04224210d93212bd9ad17d67ef5e1c70171a13e)
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Harden ssl module against LibreSSL CVE-2018-8970.
X509_VERIFY_PARAM_set1_host() is called with an explicit namelen. A new test
ensures that NULL bytes are not allowed.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit d02ac25ab0879f1a6de6937573bf00a16b7bd22e)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
LibreSSL 2.7 introduced OpenSSL 1.1.0 API. The ssl module now detects
LibreSSL 2.7 and only provides API shims for OpenSSL < 1.1.0 and
LibreSSL < 2.7.
Documentation updates and fixes for failing tests will be provided in
another patch set.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 4ca0739c9d97ac7cd45499e0d31be68dc659d0e1)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 1.1 has introduced a new API to set the minimum and maximum
supported protocol version. The API is easier to use than the old
OP_NO_TLS1 option flags, too.
Since OpenSSL has no call to set minimum version to highest supported,
the implementation emulate maximum_version = MINIMUM_SUPPORTED and
minimum_version = MAXIMUM_SUPPORTED by figuring out the minumum and
maximum supported version at compile time.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 698dde16f60729d9e3f53c23a4ddb8e5ffe818bf)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes
Misc fixes and workarounds for compatibility with OpenSSL 1.1.1-pre1 and
TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by
default. Some test cases only apply to TLS 1.2. Other tests currently
fail because the threaded or async test servers stop after failure.
I'm going to address these issues when OpenSSL 1.1.1 reaches beta.
OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS
1.3. The feature is enabled by default for maximum compatibility with
broken middle boxes. Users should be able to disable the hack and CPython's test suite needs
it to verify default options.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 05d9fe32a1245b9a798e49e0c1eb91f110935b69)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
| |
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 29eab55309b9f78b79074d26db16a44e7841c639)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
| |
The ssl module now detects missing NPN support in LibreSSL.
Co-Authored-By: Bernard Spil <brnrd@FreeBSD.org>
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 6cdb7954b0a578d899e4b78b868ea59eef08480a)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* The SSLSocket is no longer implemented on top of SSLObject to
avoid an extra level of indirection.
* Owner and session are now handled in the internal constructor.
* _ssl._SSLSocket now uses the same method names as SSLSocket and
SSLObject.
* Channel binding type check is now handled in C code. Channel binding
is always available.
The patch also changes the signature of SSLObject.__init__(). In my
opinion it's fine. A SSLObject is not a user-constructable object.
SSLContext.wrap_bio() is the only valid factory.
(cherry picked from commit 141c5e8c2437a9fed95a04c81e400ef725592a17)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the ssl module stored international domain names (IDNs)
as U-labels. This is problematic for a number of reasons -- for
example, it made it impossible for users to use a different version
of IDNA than the one built into Python.
After this change, we always convert to A-labels as soon as possible,
and use them for all internal processing. In particular, server_hostname
attribute is now an A-label, and on the server side there's a new
sni_callback that receives the SNI servername as an A-label rather than
a U-label.
(cherry picked from commit 11a1493bc4198f1def5e572049485779cf54dc57)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Until now Python used a hard coded white list of default TLS cipher
suites. The old approach has multiple downsides. OpenSSL's default
selection was completely overruled. Python did neither benefit from new
cipher suites (ChaCha20, TLS 1.3 suites) nor blacklisted cipher suites.
For example we used to re-enable 3DES.
Python now defaults to OpenSSL DEFAULT cipher suite selection and black
lists all unwanted ciphers. Downstream vendors can override the default
cipher list with --with-ssl-default-suites.
Signed-off-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bpo-31399: Let OpenSSL verify hostname and IP
The ssl module now uses OpenSSL's X509_VERIFY_PARAM_set1_host() and
X509_VERIFY_PARAM_set1_ip() API to verify hostname and IP addresses.
* Remove match_hostname calls
* Check for libssl with set1_host, libssl must provide X509_VERIFY_PARAM_set1_host()
* Add documentation for OpenSSL 1.0.2 requirement
* Don't support OpenSSL special mode with a leading dot, e.g. ".example.org" matches "www.example.org". It's not standard conform.
* Add hostname_checks_common_name
Signed-off-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add https://www.gnu.org/software/autoconf-archive/ax_check_openssl.html
to auto-detect compiler flags, linker flags and libraries to compile
OpenSSL extensions. The M4 macro uses pkg-config and falls back to
manual detection.
Add autoconf magic to detect usable X509_VERIFY_PARAM_set1_host()
and related functions.
Refactor setup.py to use new config vars to compile _ssl and _hashlib
modules.
Signed-off-by: Christian Heimes <christian@python.org>
|
| | |
|
| |
|
| |
Signed-off-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
| |
Cast Py_buffer.len (Py_ssize_t, signed) to size_t (unsigned) to
prevent the following warning:
Modules/_ssl.c:3089:21: warning: comparison between signed and
unsigned integer expressions [-Wsign-compare]
|
| |
|
|
|
|
| |
* bpo-31392: Improve SSL error handling on Windows
* Remove unnecessary Windows mention in NEWS
|
| |
|
|
|
| |
b3ad0e5 broke backwards compatibility with OpenSSL < 1.0.2.
Signed-off-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
| |
The SSL module now raises SSLCertVerificationError when OpenSSL fails to
verify the peer's certificate. The exception contains more information about
the error.
Original patch by Chi Hsuan Yen
Signed-off-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* bpo-29136: Add TLS 1.3 support
TLS 1.3 introduces a new, distinct set of cipher suites. The TLS 1.3
cipher suites don't overlap with cipher suites from TLS 1.2 and earlier.
Since Python sets its own set of permitted ciphers, TLS 1.3 handshake
will fail as soon as OpenSSL 1.1.1 is released. Let's enable the common
AES-GCM and ChaCha20 suites.
Additionally the flag OP_NO_TLSv1_3 is added. It defaults to 0 (no op) with
OpenSSL prior to 1.1.1. This allows applications to opt-out from TLS 1.3
now.
Signed-off-by: Christian Heimes <christian@python.org>
|
| |
|
| |
Signed-off-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
| |
* Remove Setup.config
* Always define WITH_THREAD for compatibility.
|
| |
|
|
|
|
| |
SSLObject.version() now correctly returns None when handshake over BIO has
not been performed yet.
Signed-off-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
|
| |
The ssl and hashlib modules now call OPENSSL_add_all_algorithms_noconf() on
OpenSSL < 1.1.0. The function detects CPU features and enables optimizations
on some CPU architectures such as POWER8. Patch is based on research from
Gustavo Serra Scalet.
Signed-off-by: Christian Heimes <christian@python.org>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Change NPN detection:
Version breakdown, support disabled (pre-patch/post-patch):
- pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False
- 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will not be defined ->
False/False
- 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and
OPENSSL_NO_NEXTPROTONEG will be defined -> True/False
Version breakdown support enabled (pre-patch/post-patch):
- pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False
- 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will be defined and
OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True
- 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and
OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True
* Refine NPN guard:
- If NPN is disabled, but ALPN is available we need our callback
- Make clinic's ssl behave the same way
This created a working ssl module for me, with NPN disabled and ALPN
enabled for OpenSSL 1.1.0f.
Concerns to address:
The initial commit for NPN support into OpenSSL [1], had the
OPENSSL_NPN_* variables defined inside the OPENSSL_NO_NEXTPROTONEG
guard. The question is if that ever made it into a release.
This would need an ugly hack, something like:
#if defined(OPENSSL_NO_NEXTPROTONEG) && \
!defined(OPENSSL_NPN_NEGOTIATED)
# define OPENSSL_NPN_UNSUPPORTED 0
# define OPENSSL_NPN_NEGOTIATED 1
# define OPENSSL_NPN_NO_OVERLAP 2
#endif
[1] https://github.com/openssl/openssl/commit/68b33cc5c7
|
| | |
|
| |
|
|
|
|
|
|
| |
* bpo-9566: Fixed some _ssl warnings
* bpo-9566: _ssl: Fixup the fixes and also fix the remainings warnings
* Add a comment about the downcast
|
| |
|
| |
Updates ssl and tkinter projects to use pre-built externals
|
| | |
|
| |
|
|
|
| |
* RFC 1750 has been been obsoleted by RFC 4086.
* RFC 3280 has been obsoleted by RFC 5280.
* RFC 4366 has been obsoleted by RFC 6066.
|
| |
|
| |
If pass a server_hostname= that fails IDNA decoding to SSLContext.wrap_socket or SSLContext.wrap_bio, then the SSLContext object had a spurious Py_DECREF called on it, eventually leading to segfaults.
|
| |
|
|
|
|
|
|
| |
* Simplify X.509 extension handling code
The previous implementation had grown organically over time, as OpenSSL's API evolved.
* Delete even more code
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Drop handshake_done and peer_cert members from PySSLSocket struct. The
peer certificate can be acquired from *SSL directly.
SSL_get_peer_certificate() does not trigger any network activity.
Instead of manually tracking the handshake state, simply use
SSL_is_init_finished().
In combination these changes fix auto-handshake for non-blocking
MemoryBIO connections.
Signed-off-by: Christian Heimes <christian@python.org>
|
