From: Martin Panter Date: Thu, 14 Jan 2016 12:46:49 +0000 (+0000) Subject: Issue #25940: Merge self-signed.pythontest.net testing from 3.3 into 3.4 X-Git-Tag: v3.4.5rc1~25 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=514bb0711f81837ffa3a479ec17fa5ebd620cf47;p=python Issue #25940: Merge self-signed.pythontest.net testing from 3.3 into 3.4 --- 514bb0711f81837ffa3a479ec17fa5ebd620cf47 diff --cc Lib/test/test_ssl.py index a44054cc75,03d40b2255..07ff9eeef0 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@@ -43,19 -48,10 +43,20 @@@ ONLYKEY_PROTECTED = data_file("ssl_key. KEY_PASSWORD = "somepass" CAPATH = data_file("capath") BYTES_CAPATH = os.fsencode(CAPATH) +CAFILE_NEURONIO = data_file("capath", "4e1295a3.0") CAFILE_CACERT = data_file("capath", "5ed36f99.0") + +# empty CRL +CRLFILE = data_file("revocation.crl") + +# Two keys and certs signed by the same CA (for SNI tests) +SIGNED_CERTFILE = data_file("keycert3.pem") +SIGNED_CERTFILE2 = data_file("keycert4.pem") +SIGNING_CA = data_file("pycacert.pem") + - SVN_PYTHON_ORG_ROOT_CERT = data_file("https_svn_python_org_root.pem") + REMOTE_HOST = "self-signed.pythontest.net" + REMOTE_ROOT_CERT = data_file("selfsigned_pythontestdotnet.pem") EMPTYCERT = data_file("nullcert.pem") BADCERT = data_file("badcert.pem") @@@ -1281,9 -875,12 +1286,9 @@@ class NetworkedTests(unittest.TestCase) s.close() # Same with a server hostname s = ctx.wrap_socket(socket.socket(socket.AF_INET), - server_hostname="svn.python.org") - s.connect(("svn.python.org", 443)) + server_hostname=REMOTE_HOST) - if ssl.HAS_SNI: - s.connect((REMOTE_HOST, 443)) - s.close() - else: - self.assertRaises(ValueError, s.connect, (REMOTE_HOST, 443)) ++ s.connect((REMOTE_HOST, 443)) + s.close() # This should fail because we have no verification certs ctx.verify_mode = ssl.CERT_REQUIRED s = ctx.wrap_socket(socket.socket(socket.AF_INET)) @@@ -2906,16 -2155,10 +2911,16 @@@ def test_main(verbose=False) (ssl.OPENSSL_VERSION, ssl.OPENSSL_VERSION_INFO)) print(" under %s" % plat) print(" HAS_SNI = %r" % ssl.HAS_SNI) + print(" OP_ALL = 0x%8x" % ssl.OP_ALL) + try: + print(" OP_NO_TLSv1_1 = 0x%8x" % ssl.OP_NO_TLSv1_1) + except AttributeError: + pass for filename in [ - CERTFILE, SVN_PYTHON_ORG_ROOT_CERT, BYTES_CERTFILE, + CERTFILE, REMOTE_ROOT_CERT, BYTES_CERTFILE, ONLYCERT, ONLYKEY, BYTES_ONLYCERT, BYTES_ONLYKEY, + SIGNED_CERTFILE, SIGNED_CERTFILE2, SIGNING_CA, BADCERT, BADKEY, EMPTYCERT]: if not os.path.exists(filename): raise support.TestFailed("Can't read certificate file %r" % filename) diff --cc Misc/NEWS index a54067198f,183ddd0819..298d027564 --- a/Misc/NEWS +++ b/Misc/NEWS @@@ -13,42 -13,57 +13,48 @@@ Core and Builtin Library ------- -- Issue #24521: Fix possible integer overflows in the pickle module. - -- Issue #22931: Allow '[' and ']' in cookie values. +- Issue #22570: Add 'path' attribute to pathlib.Path objects, + returning the same as str(), to make it more similar to DirEntry. + Library code can now write getattr(p, 'path', p) to get the path as + a string from a Path, a DirEntry, or a plain string. This is + essentially a small one-off protocol. -- Issue #24094: Fix possible crash in json.encode with poorly behaved dict - subclasses. +- Issue #26012: Don't traverse into symlinks for ** pattern in + pathlib.Path.[r]glob(). -- Issue #23367: Fix possible overflows in the unicodedata module. +- Issue #24120: Ignore PermissionError when traversing a tree with + pathlib.Path.[r]glob(). Patch by Ulrich Petri. -- Issue #23361: Fix possible overflow in Windows subprocess creation code. +- Skip getaddrinfo if host is already resolved. + Patch by A. Jesse Jiryu Davis. -- Issue #23363: Fix possible overflow in itertools.permutations. +- Add asyncio.timeout() context manager. -- Issue #23364: Fix possible overflow in itertools.product. +- Issue #26050: Add asyncio.StreamReader.readuntil() method. + Patch by Марк Коренберг. -- Issue #23369: Fixed possible integer overflow in - _json.encode_basestring_ascii. ++Tests ++----- + -- Issue #23366: Fixed possible integer overflow in itertools.combinations. ++- Issue #25940: Changed test_ssl to use self-signed.pythontest.net. This ++ avoids relying on svn.python.org, which recently changed root certificate. + -- Issue #23365: Fixed possible integer overflow in - itertools.combinations_with_replacement. -C API ------ +What's New in Python 3.4.4? +=========================== -- Issue #23998: PyImport_ReInitLock() now checks for lock allocation error +Release date: 2015/12/20 -Tests ------ +Windows +------- -- Issue #25940: Changed test_ssl and test_httplib to use - self-signed.pythontest.net. This avoids relying on svn.python.org, which - recently changed root certificate. +- Issue #25844: Corrected =/== typo potentially leading to crash in launcher. -What's New in Python 3.3.6? -=========================== +What's New in Python 3.4.4rc1? +============================== -*Release date: 11-Oct-2014* +Release date: 2015/12/06 Core and Builtins -----------------