Łukasz Langa [Thu, 24 Aug 2023 10:08:43 +0000 (12:08 +0200)]
[3.12] gh-108342: Make ssl TestPreHandshakeClose more reliable (GH-108370) (#108404)
* In preauth tests of test_ssl, explicitly break reference cycles
invoving SingleConnectionTestServerThread to make sure that the
thread is deleted. Otherwise, the test marks the environment as
altered because the threading module sees a "dangling thread"
(SingleConnectionTestServerThread). This test leak was introduced
by the test added for the fix of issue gh-108310.
* Use support.SHORT_TIMEOUT instead of hardcoded 1.0 or 2.0 seconds
timeout.
* SingleConnectionTestServerThread.run() catchs TimeoutError
* Fix a race condition (missing synchronization) in
test_preauth_data_to_tls_client(): the server now waits until the
client connect() completed in call_after_accept().
* test_https_client_non_tls_response_ignored() calls server.join()
explicitly.
* Replace "localhost" with server.listener.getsockname()[0].
(cherry picked from commit 592bacb6fc0833336c0453e818e9b95016e9fd47)
Co-authored-by: Victor Stinner <vstinner@python.org>
Currently, test_asyncio package is only splitted into sub-tests when
using command "./python -m test". With this change, it's also
splitted when passing it on the command line:
"./python -m test test_asyncio".
Remove the concept of "STDTESTS". Python is now mature enough to not
have to bother with that anymore. Removing STDTESTS simplify the
code.
(cherry picked from commit 174e9da0836844a2138cc8915dd305cb2cd7a583)
Co-authored-by: Victor Stinner <vstinner@python.org>
Changed "__setattr__" to "object.__setattr__" in a section that was specifically supposed to refer to the __setattr__ method of the object class. Also suppressed the link to the data model docs for __setattr__, since we're talking about a specific __setattr__ implementation, not __setattr__ methods in general.
(cherry picked from commit 79fdacc0059a3959074d2d9d054653eae1dcfe06)
[3.12] gh-105776: Fix test_cppext when CC contains -std=c11 option (GH-108343) (#108345)
gh-105776: Fix test_cppext when CC contains -std=c11 option (GH-108343)
Fix test_cppext when the C compiler command has the "-std=c11" option.
Remove "-std=" options from the compiler command.
(cherry picked from commit 9173b2bbe13aeccc075b571da05c653a2a91de1b)
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.12] gh-108342: Break ref cycle in SSLSocket._create() exc (GH-108344) (#108348)
Explicitly break a reference cycle when SSLSocket._create() raises an
exception. Clear the variable storing the exception, since the
exception traceback contains the variables and so creates a reference
cycle.
* Move test_cppext to its own directory
* Rename setup_testcppext.py to setup.py
* Rename _testcppext.cpp to extension.cpp
* The source (extension.cpp) is now also copied by the test.
(cherry picked from commit 21dda09600848ac280481f7c64f8d9516dc69bb2)
Co-authored-by: Victor Stinner <vstinner@python.org>
* Move Python scripts related to test_module to this new directory:
good_getattr.py and bad_getattrX.py scripts.
* Move Lib/test/test_module.py to Lib/test/test_module/__init__.py.
Łukasz Langa [Tue, 22 Aug 2023 19:03:20 +0000 (21:03 +0200)]
[3.12] gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw (#108316)
Instances of `ssl.SSLSocket` were vulnerable to a bypass of the TLS handshake
and included protections (like certificate verification) and treating sent
unencrypted data as if it were post-handshake TLS encrypted data.
The vulnerability is caused when a socket is connected, data is sent by the
malicious peer and stored in a buffer, and then the malicious peer closes the
socket within a small timing window before the other peers’ TLS handshake can
begin. After this sequence of events the closed socket will not immediately
attempt a TLS handshake due to not being connected but will also allow the
buffered data to be read as if a successful TLS handshake had occurred.
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
[3.12] Docs: align the param spec of sqlite3.Connection methods with the implementation (GH-108285) (#108287)
Docs: align the param spec of sqlite3.Connection methods with the implementation (GH-108285)
- no parameters of create_aggregate() are positional-only
- all parameters of create_collation() are positional-only
(cherry picked from commit 893215a4e7f59eabb8ccdf188c4b9b1de5bd8966)
Co-authored-by: Erlend E. Aasland <erlend@python.org>
Previously, depending on existing filters, the test
could modify the warnings and so fail as "env changed".
(cherry picked from commit 531930f47f6b2a548d31e62cb4ad3e215a24bf53)
Co-authored-by: Victor Stinner <vstinner@python.org>
(Spawning subprocesses does not require the event loop to run in the main thread -- only signal handling does.)
(cherry picked from commit 1cc391d9e2ea24ca750005335507b52933fc0b52)
[3.12] gh-107396: tarfiles: set self.exception before _init_read_gz() (GH-107485) (#108207)
gh-107396: tarfiles: set self.exception before _init_read_gz() (GH-107485)
In the stack call of: _init_read_gz()
```
_read, tarfile.py:548
read, tarfile.py:526
_init_read_gz, tarfile.py:491
```
a try;except exists that uses `self.exception`, so it needs to be set before
calling _init_read_gz().
(cherry picked from commit 37135d25e269ede92bc7da363bebfa574782e59a)
[3.12] gh-107916: Save the error code before decoding the filename in PyErr_SetFromErrnoWithFilename() etc (GH-107929) (#108205)
gh-107916: Save the error code before decoding the filename in PyErr_SetFromErrnoWithFilename() etc (GH-107929)
(cherry picked from commit 80bdebdd8593f007a2232ec04a7729bba6ebf12c)
[3.12] Improve references in the tutorial (GH-108069) (#108203)
Improve references in the tutorial (GH-108069)
* Use full qualified names for references (even if they do not work now,
they will work in future).
* Silence references to examples.
(cherry picked from commit 622ddc41674c2566062af82f7b079aa01d2aae8c)
[3.12] gh-107895: Fix test_asyncio.test_runners when run it in CPython's "development mode" (GH-108168) (#108196)
gh-107895: Fix test_asyncio.test_runners when run it in CPython's "development mode" (GH-108168)
(cherry picked from commit 014a5b71e7538926ae1c03c8c5ea13c96e741be3)
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com> Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com> Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
- Mark up named tuple attributes as attributes
- Remove links for external functions
- io.BufferedIOBase has no 'buffer' attribute;
remove the link and mark up using :attr:`!buffer`
- (Re)format some tables as bullet lists:
- sys._emscripten_info
- sys.hash_info
- sys.int_info
- sys.thread_info
- In the paragraphs mentioning 'f_trace_lines' and 'f_trace_opcodes',
add links to the frame objects reference.
Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
[3.12] gh-107915: Handle errors in C API functions PyErr_Set*() and PyErr_Format() (GH-107918) (#108134)
* gh-107915: Handle errors in C API functions PyErr_Set*() and PyErr_Format() (GH-107918)
Such C API functions as PyErr_SetString(), PyErr_Format(),
PyErr_SetFromErrnoWithFilename() and many others no longer crash or
ignore errors if it failed to format the error message or decode the
filename. Instead, they keep a corresponding error.
(cherry picked from commit 633ea217a85f6b6ba5bdbc73094254d5811b3485)
[3.12] gh-107659: Improve wording of the description of `ctypes.pointer` and `ctypes.POINTER` (GH-107769) (#108163)
gh-107659: Improve wording of the description of `ctypes.pointer` and `ctypes.POINTER` (GH-107769)
(cherry picked from commit beffb30dc7a07044f4198245d049ddda1f4b24db)
Co-authored-by: Tomas R <tomas.roun8@gmail.com> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com> Co-authored-by: Kumar Aditya <kumaraditya@python.org>
[3.12] gh-108083: Don't ignore exceptions in sqlite3.Connection.__init__() and .close() (#108084) (#108141)
- Add explanatory comments
- Add return value to connection_close() for propagating errors
- Always check the return value of connection_exec_stmt()
- Assert pre/post state in remove_callbacks()
- Don't log unraisable exceptions in case of interpreter shutdown
- Make sure we're not initialized if reinit fails
- Try to close the database even if ROLLBACK fails
[3.12] Docs: format sys.float_info properly (GH-108107) (#108130)
Docs: format sys.float_info properly (GH-108107)
- Normalise capitalisation and punctuation
- Use attribute markup for named tuple attributes
- Use :c:macro: markup for C macros
- Use a list for the 'rounds' attribute values
- Use list-table, for better .rst readability
- Remove one unneeded sys.float_info.dig link
[3.12] gh-101100: Only show GitHub check annotations on changed doc paragraphs (GH-108065) (#108127)
gh-101100: Only show GitHub check annotations on changed doc paragraphs (GH-108065)
* Only show GitHub check annotations on changed doc paragraphs
* Improve check-warnings script arg parsing following Hugo's suggestions
* Factor filtering warnings by modified diffs into helper function
* Build docs on unmerged branch so warning lines match & avoid deep clone
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM> Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Co-authored-by: Erlend E. Aasland <erlend@python.org> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com> Co-authored-by: T. Wouters <thomas@python.org>
Co-authored-by: Erlend E. Aasland <erlend@python.org> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com> Co-authored-by: Antoine Pitrou <antoine@python.org>
[3.12] gh-100814: Fix exception for invalid callable value of Tkinter image option (GH-107692) (#107722)
gh-100814: Fix exception for invalid callable value of Tkinter image option (GH-107692)
Passing a callable object as an option value to a Tkinter image now raises
the expected TclError instead of an AttributeError.
(cherry picked from commit 50e3cc9748eb2103eb7ed6cc5a74d177df3cfb13)
[3.12] gh-107715: Escape class name in regular expression (GH-107716) (#107726)
* gh-107715: Escape class name in regular expression (GH-107716)
This patch escapes the class name before embedding it in the regular expression
for `pat` in `doctest.DocTestFinder._find_lineno`. While class names do not
ordinarily contain special characters, it is possible to encounter these when a
class is created dynamically. Escaping the name will correctly return `None` in
this scenario, rather than potentially matching a different class or raising
`re.error` depending on the symbols used.
(cherry picked from commit 85793278793708ad6b7132a54ac9fb4b2c5bcac1)
Co-authored-by: Gertjan van Zwieten <git@gjvz.nl>
* Update 2023-08-07-14-12-07.gh-issue-107715.238r2f.rst
---------
Co-authored-by: Gertjan van Zwieten <git@gjvz.nl> Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Restore following CPython <= 3.10.5 behavior of shutil.make_archive()
that went away as part of gh-93160:
Do not create an empty archive if root_dir is not a directory, and, in
that case, raise FileNotFoundError or NotADirectoryError regardless
of format choice. Beyond the brought-back behavior, the function may
now also raise these exceptions in dry_run mode.
(cherry picked from commit a86df298df5b02e2d69ea6879e9ed10a7adb85d0)
Serhiy Storchaka [Wed, 16 Aug 2023 10:10:42 +0000 (13:10 +0300)]
[3.12] gh-106844: Fix issues in _winapi.LCMapStringEx (GH-107832) (#107874)
* Strings with length from 2**31-1 to 2**32-2 always caused MemoryError,
it doesn't matter how much memory is available.
* Strings with length exactly 2**32-1 caused OSError.
* Strings longer than 2**32-1 characters were truncated due to integer overflow bug.
* Strings containing the null character were truncated at the first null character.
Now strings longer than 2**31-1 characters caused OverflowError and the null character is allowed..
(cherry picked from commit 04cc01453db2f0af72a06440831637f8bf512daf)
projects / thirdparty / Python / cpython.git / log
