Add support for getting and setting groups used for key agreement.
* `ssl.SSLSocket.group()` returns the name of the group used
for the key agreement of the current session establishment.
This feature requires Python to be built with OpenSSL 3.2 or later.
* `ssl.SSLContext.get_groups()` returns the list of names of groups
that are compatible with the TLS version of the current context.
This feature requires Python to be built with OpenSSL 3.5 or later.
* `ssl.SSLContext.set_groups()` sets the groups allowed for key agreement
for sockets created with this context. This feature is always supported.
_testclinic.c mocks out PY_VERSION_HEX to 3.8 before including
_testclinic_depr.c.h to avoid the errors the preprocessor would
otherwise throw due to the deprecation feature it is testing.
Also partially revert 74e2acddf6:
this restores Modules/_testclinic.c to match the same file in the 3.14
branch.
Basic support for pyrepl in Emscripten. Limitations:
* requires JSPI
* no signal handling implemented
As followup work, it would be nice to implement a webworker variant
for when JSPI is not available and proper signal handling.
Because it requires JSPI, it doesn't work in Safari. Firefox requires
setting an experimental flag. All the Chromiums have full support since
May. Until we make it work without JSPI, let's keep the original web_example
around.
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
Co-authored-by: Éric <merwok@netwok.org>
Make the pwd module functions getpwuid(), getpwnam(), and getpwall() thread-safe. These changes apply to scenarios where the GIL is disabled or in subinterpreter use cases.
For unsigned integer formats in the PyArg_Parse* functions,
accepting Python integers with value that is larger than
the maximal value the corresponding C type or less than
the minimal value for the corresponding signed integer type
is now deprecated.
Passing a negative digest length to `_hashilb.HASHXOF.[hex]digest()` now
raises a ValueError instead of a MemoryError or a SystemError. This makes
the behavior consistent with that of `_sha3.shake_{128,256}.[hex]digest`.
Use critical sections to make heapq methods that update the heap thread-safe when the GIL is disabled.
---------
Co-authored-by: mpage <mpage@meta.com>
OpenSSL and HACL*-based hash functions constructors now support both `data` and `string` parameters.
Previously these constructor functions inconsistently supported sometimes `data` and sometimes `string`,
while the documentation expected `data` to be given in all cases.
Some curses module-level functions and window methods now raise
a `curses.error` when a call to a C curses function fails:
- Module-level functions: assume_default_colors, baudrate, cbreak,
echo, longname, initscr, nl, raw, termattrs, termname, and unctrl.
- Window methods: addch, addnstr, addstr, border, box, chgat,
getbkgd, inch, insstr, and insnstr.
In addition, `curses.window.refresh` and `curses.window.noutrefresh`
now raise a `TypeError` instead of a `curses.error` when called with an
incorrect number of arguments for pads.
See also ee36db5500 for similar
changes.
Rename components related to `_hashlib.{HASH,HASHXOF}` objects.
- The `EVPobject` structure is renamed `HASHobject`.
- Non-clinic `HASH` methods are now prefixed by `_hashlib_HASH_*`.
A similar change is made for non-clinic `HASHXOF` methods.
- Functions extracting information from `EVP_MD` objects and functions
constructing `EVP_MD` objects now include `openssl_evp_md` in their name.
This change allows us to avoid future ambiguities between the `EVP_MD`
and the `EVP_MAC` APIs (currently, we only use `EVP_MD` for hash functions
and rely on the legacy interface for HMAC instead of using `EVP_MAC`).
Completely refactor Modules/_remote_debugging_module.c with improved
code organization, replacing scattered reference counting and error
handling with centralized goto error paths. This cleanup improves
maintainability and reduces code duplication throughout the module while
preserving the same external API.
Implement memory page caching optimization in Python/remote_debug.h to
avoid repeated reads of the same memory regions during debugging
operations. The cache stores previously read memory pages and reuses
them for subsequent reads, significantly reducing system calls and
improving performance.
Add code object caching mechanism with a new code_object_generation
field in the interpreter state that tracks when code object caches need
invalidation. This allows efficient reuse of parsed code object metadata
and eliminates redundant processing of the same code objects across
debugging sessions.
Optimize memory operations by replacing multiple individual structure
copies with single bulk reads for the same data structures. This reduces
the number of memory operations and system calls required to gather
debugging information from the target process.
Update Makefile.pre.in to include Python/remote_debug.h in the headers
list, ensuring that changes to the remote debugging header force proper
recompilation of dependent modules and maintain build consistency across
the codebase.
Also, make the module compatible with the free threading build as an extra :)
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
Followup to 942673ed19 (GH-133588)
* Update configure for Python 3.15
* Update magic number for 3.15
* Remove deprecated 'check_home' argument from sysconfig.is_python_build
* Add warningignore entries for Modules/_sqlite/clinic/connection.c.h
* Work around c-analyzer complaints about _testclinic deprecation tests
---------
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
This fixes os.link() on platforms (like Linux and OpenIndiana) where the
system link() function does not follow symlinks.
* On Linux, it now follows symlinks by default and if
follow_symlinks=True is specified.
* On Windows, it now raises error if follow_symlinks=True is passed.
* On macOS, it now raises error if follow_symlinks=False is passed and
the system linkat() function is not available at runtime.
* On other platforms, it now raises error if follow_symlinks is passed
with a value that does not match the system link() function behavior
if if the behavior is not known.
Co-authored-by: Joachim Henke <37883863+jo-he@users.noreply.github.com>
Co-authored-by: Thomas Kluyver <takowl@gmail.com>
ntohl(), htonl(), if_indextoname(), getaddrinfo() now use __index__() if
available.
Also fix the Argument Clinic names for module-level functions (although
this does not affect the user).
The `test_load_global_module()` test consumes a lot of dict key versions.
Skip the test if we have consumed half of the available versions that can be
used for the "load global" cache.
* Support arbitrary bytes-like objects, not only bytes, in fcntl().
* The fcntl() buffer argument is now null-terminated.
* Automatically retry an ioctl() system calls failing with EINTR.
* Release the GIL for an ioctl() system call even for large bytes-like object.
* Do not silence arbitrary errors whet try to get a buffer.
* Optimize argument parsing, check the argument type before trying to get
a buffer or convert it to integer.
* Fix some error messages.
Make `warnings.catch_warnings()` use a context variable for holding
the warning filtering state if the `sys.flags.context_aware_warnings`
flag is set to true. This makes using the context manager thread-safe in
multi-threaded programs.
Add the `sys.flags.thread_inherit_context` flag. If true, starting a new
thread with `threading.Thread` will use a copy of the context
from the caller of `Thread.start()`.
Both these flags are set to true by default for the free-threaded build
and false for the default build.
Move the Python implementation of warnings.py into _py_warnings.py.
Make _contextvars a builtin module.
Co-authored-by: Kumar Aditya <kumaraditya@python.org>
A new extension module, `_hmac`, now exposes the HACL* HMAC (formally verified) implementation.
The HACL* implementation is used as a fallback implementation when the OpenSSL implementation of HMAC
is not available or disabled. For now, only named hash algorithms are recognized and SIMD support provided
by HACL* for the BLAKE2 hash functions is not yet used.
