Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork32.4k
gh-136306: Add support for SSL groups#136307
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Open
ronf wants to merge16 commits intopython:mainChoose a base branch
base:main
Could not load branches
Branch not found:{{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline, and old review comments may become outdated.
Uh oh!
There was an error while loading.Please reload this page.
Open
Changes from1 commit
Commits
Show all changes
16 commits Select commitHold shift + click to select a range
662d66e gh-136306: Initial cut at SSL groups support
ronf9acb2c3 Fix regen and lint issues
ronf03072c4 📜🤖 Added by blurb_it.
blurb-it[bot]187ff2e gh-136306: Address first round of comments
ronf452bdec gh-136306: Add back indentation of example
ronf9b4066b gh-136306: Handle another allocation failure in get_groups()
ronfa6ad433 gh-136306: Address additional review comments
ronfaecc96b gh-136306: Fix method references in whatsnew entry.
ronf05c75a5 gh-136306: Add missing documentation for SSLSocket.group()
ronf304c223 gh-136306: Address additional review comments
ronfb516200 gh-136306: Minor doc updates
ronfe0fdd25 gh-136306: Missed one
ronf35a3ae0 gh-136306: Address additional review comments
ronfe0baf56 Add checks that cipher() and group() return None on handshake failure
ronfc5a1146 Merge branch 'main' into ssl-group-support
ronf5e626a6 gh-136306: Regenerate clinic signature to fix missing end fo line
ronfFile filter
Filter by extension
Conversations
Failed to load comments.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Jump to
Jump to file
Failed to load files.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Diff view
Diff view
gh-136306: Address additional review comments
- Loading branch information
Uh oh!
There was an error while loading.Please reload this page.
commit35a3ae0896dfd4cd4522aa3479ec32aa080308f5
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -964,22 +964,15 @@ def test_get_ciphers(self): | ||
| def test_set_groups(self): | ||
| ctx = ssl.create_default_context() | ||
| self.assertIsNone(ctx.set_groups('P-256:X25519')) | ||
picnixz marked this conversation as resolved. Show resolvedHide resolvedUh oh!There was an error while loading.Please reload this page. | ||
| self.assertRaises(ssl.SSLError, ctx.set_groups, 'P-256:xxx') | ||
| @unittest.skipUnless(CAN_GET_AVAILABLE_OPENSSL_GROUPS, | ||
| "OpenSSL version doesn't support getting groups") | ||
| def test_get_groups(self): | ||
| ctx = ssl.create_default_context() | ||
| # By default, only return official IANA names. | ||
| self.assertNotIn('P-256', ctx.get_groups()) | ||
picnixz marked this conversation as resolved. Show resolvedHide resolvedUh oh!There was an error while loading.Please reload this page. | ||
| self.assertIn('P-256', ctx.get_groups(include_aliases=True)) | ||
| def test_options(self): | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -3462,7 +3462,7 @@ _ssl__SSLContext_get_groups_impl(PySSLContext *self, int include_aliases) | ||
| #if OPENSSL_VERSION_NUMBER >= 0x30500000L | ||
| STACK_OF(OPENSSL_CSTRING) *groups = NULL; | ||
| const char *group; | ||
| int i, num; | ||
| PyObject *item, *result = NULL; | ||
| // This "groups" object is dynamically allocated, but the strings inside | ||
| @@ -3492,7 +3492,7 @@ _ssl__SSLContext_get_groups_impl(PySSLContext *self, int include_aliases) | ||
| // Group names are plain ASCII, so there's no chance of a decoding | ||
picnixz marked this conversation as resolved. Show resolvedHide resolvedUh oh!There was an error while loading.Please reload this page. | ||
| // error here. However, an allocation failure could occur when | ||
| // constructing the Unicode version of the names. | ||
| item =PyUnicode_DecodeASCII(group, strlen(group), "strict"); | ||
| if (item == NULL) { | ||
| _setSSLError(get_state_ctx(self), "Can't allocate group name", 0, __FILE__, __LINE__); | ||
| goto error; | ||
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.