(cherry picked from commit 8f3d09bf5d)
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw
Instances of `ssl.SSLSocket` were vulnerable to a bypass of the TLS handshake
and included protections (like certificate verification) and treating sent
unencrypted data as if it were post-handshake TLS encrypted data.
The vulnerability is caused when a socket is connected, data is sent by the
malicious peer and stored in a buffer, and then the malicious peer closes the
socket within a small timing window before the other peers’ TLS handshake can
begin. After this sequence of events the closed socket will not immediately
attempt a TLS handshake due to not being connected but will also allow the
buffered data to be read as if a successful TLS handshake had occurred.
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
gh-106016: Add Lib/test/test_module/ directory (GH-108293)
* Move Python scripts related to test_module to this new directory:
good_getattr.py and bad_getattrX.py scripts.
* Move Lib/test/test_module.py to Lib/test/test_module/__init__.py.
(cherry picked from commit adfc118fda)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-106242: Make ntpath.realpath errors consistent with abspath when there are embedded nulls (GH-108248)
---------
(cherry picked from commit de33b5c662)
Co-authored-by: Steve Dower <steve.dower@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
- no parameters of create_aggregate() are positional-only
- all parameters of create_collation() are positional-only
(cherry picked from commit 893215a4e7)
Co-authored-by: Erlend E. Aasland <erlend@python.org>
(cherry picked from commit 7f87ebbc3f)
Clearly document the supported seek() operations:
- Rewind to the start of the stream
- Restore a previous stream position (given by tell())
- Fast-forward to the end of the stream
(Spawning subprocesses does not require the event loop to run in the main thread -- only signal handling does.)
(cherry picked from commit 1cc391d9e2)
Co-authored-by: temach <tematibr@gmail.com>
gh-107396: tarfiles: set self.exception before _init_read_gz() (GH-107485)
In the stack call of: _init_read_gz()
```
_read, tarfile.py:548
read, tarfile.py:526
_init_read_gz, tarfile.py:491
```
a try;except exists that uses `self.exception`, so it needs to be set before
calling _init_read_gz().
(cherry picked from commit 37135d25e2)
Co-authored-by: balmeida-nokia <83089745+balmeida-nokia@users.noreply.github.com>
* Use full qualified names for references (even if they do not work now,
they will work in future).
* Silence references to examples.
(cherry picked from commit 622ddc4167)
(cherry picked from commit f904aa4e1f)
Authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Co-authored-by: Erlend E. Aasland <erlend@python.org>
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
Resolve reference warnings in faq/programming.rst (GH-108150)
(cherry picked from commit a390ec20f5)
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Docs: Fix Sphinx warnings in sys.rst (GH-108106)
- Mark up named tuple attributes as attributes
- Remove links for external functions
- io.BufferedIOBase has no 'buffer' attribute;
remove the link and mark up using :attr:`!buffer`
- (Re)format some tables as bullet lists:
- sys._emscripten_info
- sys.hash_info
- sys.int_info
- sys.thread_info
- In the paragraphs mentioning 'f_trace_lines' and 'f_trace_opcodes',
add links to the frame objects reference.
(cherry picked from commit 29fa7afef9)
Co-authored-by: Erlend E. Aasland <erlend@python.org>
Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
gh-107659: Improve wording of the description of `ctypes.pointer` and `ctypes.POINTER` (GH-107769)
(cherry picked from commit beffb30dc7)
Co-authored-by: Tomas R <tomas.roun8@gmail.com>
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Co-authored-by: Kumar Aditya <kumaraditya@python.org>
Fix misspellings in sysconfig docs (GH-108156)
(cherry picked from commit 1dc0c58d2b)
Co-authored-by: Rafael Fontenelle <rffontenelle@users.noreply.github.com>
(cherry picked from commit c31c61c04e)
Co-authored-by: Erlend E. Aasland <erlend@python.org>
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
- name the last parameter *whence*, like it is for seek() methods on
file objects
- add param docstrings
- structure the valid *whence* params
(cherry picked from commit dd4442c8f5)
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Such C API functions as PyErr_SetString(), PyErr_Format(),
PyErr_SetFromErrnoWithFilename() and many others no longer crash or
ignore errors if it failed to format the error message or decode the
filename. Instead, they keep a corresponding error.
(cherry picked from commit 633ea217a8)
Docs: format sys.float_info properly (GH-108107)
- Normalise capitalisation and punctuation
- Use attribute markup for named tuple attributes
- Use :c:macro: markup for C macros
- Use a list for the 'rounds' attribute values
- Use list-table, for better .rst readability
- Remove one unneeded sys.float_info.dig link
(cherry picked from commit ca0c6c1f1e)
Co-authored-by: Erlend E. Aasland <erlend@python.org>
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
- Mark up parameter and argument names properly
- If possible, link to docs for methods like `seek`, `tell`, `write`, `read`, etc.
(cherry picked from commit 5c76899dad)
Co-authored-by: Erlend E. Aasland <erlend@python.org>
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
(cherry picked from commit 8a19f225b9)
Co-authored-by: Erlend E. Aasland <erlend@python.org>
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Co-authored-by: Antoine Pitrou <antoine@python.org>
GH-92584: Redirect macOS package installation to the PPUG (GH-108044)
(cherry picked from commit 902864256c)
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Use a custom exception to prevent unintentional silence of actual errors.
(cherry picked from commit fd9d70a94d)
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
Miss Islington (bot)