Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-10-31 13:41:24 +00:00
Code Issues Projects Releases Packages Wiki Activity
105305 commits 7 branches 633 tags 3.7 GiB
Commit graph

473 commits

Author SHA1 Message Date
Martin Panter
40b97ec57a Issue #25940: Update new SSL tests for self-signed.pythontest.net 
Removed SSL_ERROR_SYSCALL checking from ssl_io_loop() so that the loop can
terminate when unwrap() raises that error.
 2016-01-14 13:05:46 +00:00
Martin Panter
17cbee49d6 Issue #25940: Merge self-signed.pythontest.net testing from 3.4 into 3.5 2016-01-14 13:22:29 +00:00
Martin Panter
b55f8b79af Issue #25940: Update new SSL tests for self-signed.pythontest.net 2016-01-14 12:53:56 +00:00
Martin Panter
514bb0711f Issue #25940: Merge self-signed.pythontest.net testing from 3.3 into 3.4 2016-01-14 12:46:49 +00:00
Martin Panter
73f55076f6 Issue #25940: Merge self-signed.pythontest.net testing from 3.2 into 3.3 2016-01-14 12:21:02 +00:00
Martin Panter
3d81d93f34 Issue #25940: Use self-signed.pythontest.net in SSL tests 
This is instead of svn.python.org, whose certificate recently expired, and
whose new certificate uses a different root certificate.

The certificate used at the pythontest server was modifed to set the "basic
constraints" CA flag. This flag seems to be required for test_get_ca_certs_
capath() to work (in Python 3.4+).

Added the new self-signed certificate to capath with the following commands:

cp Lib/test/{selfsigned_pythontestdotnet.pem,capath/}
c_rehash -v Lib/test/capath/
c_rehash -v -old Lib/test/capath/
# Note the generated file names
cp Lib/test/capath/{selfsigned_pythontestdotnet.pem,0e4015b9.0}
mv Lib/test/capath/{selfsigned_pythontestdotnet.pem,ce7b8643.0}

The new server responds with "No route to host" when connecting to port 444.
 2016-01-14 09:36:00 +00:00
Benjamin Peterson
45bde5d2ee merge 3.4 (#25530) 2015-11-11 22:45:22 -08:00
Benjamin Peterson
a9dcdabccb always set OP_NO_SSLv3 by default (closes #25530) 2015-11-11 22:38:41 -08:00
Berker Peksag
9e7990ae21 Issue #24210: Silence more PendingDeprecationWarning warnings in tests. 2015-05-16 23:21:26 +03:00
Benjamin Peterson
4b9df0d33b merge 3.4 (#23844) 2015-04-02 00:08:10 -04:00
Benjamin Peterson
a7eaf56a6d replace 512 bit dh key with a 2014 bit one (closes #23844) 
Patch by Cédric Krier.
 2015-04-02 00:04:06 -04:00
Serhiy Storchaka
8490f5acfe Issue #23001: Few functions in modules mmap, ossaudiodev, socket, ssl, and 
codecs, that accepted only read-only bytes-like object now accept writable
bytes-like object too.
 2015-03-20 09:00:36 +02:00
Berker Peksag
18987a11ce Issue #20617: Remove unused import in test_ssl. 
Patch by Mark Lawrence.
 2015-03-12 18:50:49 +02:00
Berker Peksag
4a0e14730b Issue #20617: Remove unused import in test_ssl. 
Patch by Mark Lawrence.
 2015-03-12 18:51:16 +02:00
Benjamin Peterson
3e2500d6db merge 3.4 2015-03-04 23:20:23 -05:00
Benjamin Peterson
c3d9c5ca0a adjust test_crl_check for trusted first being default 2015-03-04 23:18:48 -05:00
Benjamin Peterson
de8eca4638 merge 3.4 2015-03-04 22:50:25 -05:00
Benjamin Peterson
990fcaac3c expose X509_V_FLAG_TRUSTED_FIRST 2015-03-04 22:49:41 -05:00
Antoine Pitrou
c481bfb3f6 Issue #23239: ssl.match_hostname() now supports matching of IP addresses. 2015-02-15 18:12:20 +01:00
Ned Deily
7aa4428835 Issue #23345: merge from 3.4 2015-02-05 17:24:00 +11:00
Ned Deily
05784a706e Issue #23345: Prevent test_ssl failures with large OpenSSL patch level 
values (like 0.9.8zc).
 2015-02-05 17:20:13 +11:00
Benjamin Peterson
8861502e07 prefer server alpn ordering over the client's 2015-01-23 17:30:26 -05:00
Benjamin Peterson
cca2732a82 add support for ALPN (closes #20188) 2015-01-23 16:35:37 -05:00
Benjamin Peterson
15042921ad enable cert validation in test 2015-01-07 22:12:43 -06:00
Benjamin Peterson
23ef9fac16 trying again 2015-01-07 21:21:34 -06:00
Benjamin Peterson
e6838e08ef reorder cipher prefs 2015-01-07 20:52:40 -06:00
Benjamin Peterson
44c77791ab drop 256 2015-01-07 20:30:59 -06:00
Benjamin Peterson
359f2982f4 try using AES256 2015-01-07 20:03:27 -06:00
Benjamin Peterson
8791d697e0 fix assertions after ciphers were changed 2015-01-07 14:29:45 -06:00
Benjamin Peterson
f78b78aed4 rc4 is a long time favorite 2015-01-07 14:21:22 -06:00
Benjamin Peterson
438a8db763 everyone should support AES ciphers 2015-01-07 13:28:40 -06:00
Benjamin Peterson
9f6eceab46 include some more ciphers 2015-01-07 12:59:20 -06:00
Benjamin Peterson
aacd524118 force test server to speak tlsv1 2015-01-07 11:42:38 -06:00
Benjamin Peterson
e27a421354 remove apparently wrong assertion about des bit size 2015-01-07 11:33:51 -06:00
Benjamin Peterson
4cb17812d9 expose the client's cipher suites from the handshake (closes #23186) 2015-01-07 11:14:26 -06:00
Victor Stinner
fcfed19913 Issue #21356: Make ssl.RAND_egd() optional to support LibreSSL. The 
availability of the function is checked during the compilation. Patch written
by Bernard Spil.
 2015-01-06 13:54:58 +01:00
Victor Stinner
789b805700 test_ssl: add more debug to investigate test_openssl_version() failure on 
OpenBSD with LibreSSL.
 2015-01-06 11:51:06 +01:00
Victor Stinner
3f7e064b2b Issue #22935: Fix test_ssl when the SSLv3 protocol is not supported 2014-12-12 12:27:08 +01:00
Benjamin Peterson
e32467cf6a allow ssl module to compile if openssl doesn't support SSL 3 (closes #22935) 
Patch by Kurt Roeckx.
 2014-12-05 21:59:35 -05:00
Benjamin Peterson
7243b574e5 don't require OpenSSL SNI to pass hostname to ssl functions (#22921) 
Patch by Donald Stufft.
 2014-11-23 17:04:34 -06:00
Victor Stinner
648b862017 Issue #22935: Fix test_ssl when the SSLv3 protocol is not supported 2014-12-12 12:23:59 +01:00
Benjamin Peterson
22293df016 merge 3.4 (#22935) 2014-12-05 22:11:33 -05:00
Victor Stinner
beeb512fe1 Issue #21356: Make ssl.RAND_egd() optional to support LibreSSL. The 
availability of the function is checked during the compilation.

Patch written by Bernard Spil.
 2014-11-28 13:28:25 +01:00
Benjamin Peterson
f9284ae8ed merge 3.4 (#22921) 2014-11-23 17:06:39 -06:00
Benjamin Peterson
98e1b9158c merge 3.4 2014-11-03 21:06:07 -05:00
Benjamin Peterson
1ea070e561 test that keyfile can be None 2014-11-03 21:05:01 -05:00
Benjamin Peterson
1cca273669 merge 3.4 (#22417) 2014-11-03 14:36:48 -05:00
Benjamin Peterson
4ffb075271 PEP 476: enable HTTPS certificate verification by default (#22417) 
Patch by Alex Gaynor with some modifications by me.
 2014-11-03 14:29:33 -05:00
Antoine Pitrou
b1fdf47ff5 Issue #21965: Add support for in-memory SSL to the ssl module. 
Patch by Geert Jansen.
 2014-10-05 20:41:53 +02:00
Benjamin Peterson
91b62c4a8a merge 3.4 2014-10-03 18:17:30 -04:00