date:20141014

[issue12067] Doc: remove errors about mixed-type comparisons.

2014-10-14 Thread Andy Maier


Andy Maier added the comment:

I have addressed the comments by Jim Jewett, Martin Panter and of myself in a 
new version v11, which got posted.

For the expression.rst doc file, this version of the patch has its diff 
sections in a logical order, so that the original text and the patched text are 
close by each other.

Please review.

--
Added file: 
http://bugs.python.org/file36920/issue12067-expressions-py34_v11.diff

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue12067
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22237] sorted() docs should state that the sort is stable

2014-10-14 Thread Georg Brandl


Georg Brandl added the comment:

PyId_sort is not a function, it's a somewhat complicated way of getting a 
Python string sort (in this case, for looking up a method using 
PyObject_GetAttrId).  The string object is cached, with is faster than 
constructing one every time with PyObject_GetAttrString.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22237
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue21855] Fix decimal in unicodeless build

2014-10-14 Thread Serhiy Storchaka


Changes by Serhiy Storchaka storch...@gmail.com:


--
stage: commit review - resolved

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue21855
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue12067] Doc: remove errors about mixed-type comparisons.

2014-10-14 Thread Andy Maier


Andy Maier added the comment:

I also made sure in both files that the line length of any changed or new lines 
is max 80. Sorry if that creates extra changes when looking at deltas between 
change sets.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue12067
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22632] Official IDLE web page address is not valid

2014-10-14 Thread Serhiy Storchaka


New submission from Serhiy Storchaka:

WWW address (http://www.python.org/idle/) mentioned in About IDLE dialog 
window is no longer valid.

--
assignee: docs@python
components: Documentation, IDLE
messages: 229329
nosy: docs@python, eric.araujo, ezio.melotti, georg.brandl, kbk, roger.serwy, 
serhiy.storchaka, terry.reedy
priority: normal
severity: normal
status: open
title: Official IDLE web page address is not valid
type: behavior
versions: Python 2.7, Python 3.4, Python 3.5

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22632
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22633] Memory disclosure/buffer overread via bug in Py_FrozenMain

2014-10-14 Thread Guido


New submission from Guido:

Python/frozenmain.c:27 - 
https://hg.python.org/cpython/file/424fbf011176/Python/frozenmain.c#l27

Memory is allocated for sizeof(wchar_t*) * argc bytes. If argc is 0 (which is a 
possibility, see below), then 0 bytes are attempted to allocate.

Note that PyMem_RawMalloc typically calls _PyMem_RawMalloc, which ensures that 
a nonzero value is passed to malloc: 
https://hg.python.org/cpython/file/424fbf011176/Objects/obmalloc.c#l60

In the case of argc == 1, we have the guarantee that one byte is allocated.


Then, this: 
https://hg.python.org/cpython/file/424fbf011176/Python/frozenmain.c#l54 routine 
fills the argv_copy array with values. However, if argc == 0, this code is 
never reached.

https://hg.python.org/cpython/file/424fbf011176/Python/frozenmain.c#l71 then 
sets the program name to argv_copy[0] using Py_SetProgramName().

The issue here is is that because argv_copy[0] may be uninitialized, it may be 
a nonzero value, because, as far as I know, malloc doesn't give any guarantees 
as to the initial values of the allocated values (hence the existence of 
something like calloc).

If a pointer to a zero byte is passed to Py_SetProgramName(), the function 
doesn't change progname: 
https://hg.python.org/cpython/file/424fbf011176/Python/pythonrun.c#l884

But since there are no guarantees as to what argv_copy[0] is AND there are no 
guarantees about the memory region that follows, a rare and unlikely though 
theoretically possible situation may emerge where each time progname is 
referenced (for example indirectly by reading to sys.executable), a string is 
returned that contains bytes after argv_copy[0], resulting in a memory 
disclosure.

Here's an example of how to run a program with zero arguments (argc == 0):

// https://stackoverflow.com/questions/8113786/executing-a-process-with-argc-0

#include spawn.h
#include stdlib.h

int main(int argc, char** argv, char** envp)
{
pid_t pid;
char* zero_argv[] = {NULL};
posix_spawn(pid, ./hello, NULL, NULL, zero_argv, envp);

int status;
waitpid(pid, status, NULL);
return 0;
}

I propose the following patch:

--- frozenmain.c2014-10-14 19:56:27.144705062 +0200
+++ new_frozenmain.c2014-10-14 19:59:16.800704366 +0200
@@ -24,13 +24,15 @@
 /* We need a second copies, as Python might modify the first one. */
 wchar_t **argv_copy2 = NULL;
 
-argv_copy = PyMem_RawMalloc(sizeof(wchar_t*) * argc);
+argv_copy = PyMem_RawMalloc(sizeof(wchar_t*) * (argc ? argc : 1));
 argv_copy2 = PyMem_RawMalloc(sizeof(wchar_t*) * argc);
 if (!argv_copy || !argv_copy2) {
 fprintf(stderr, out of memory\n);
 goto error;
 }
 
+argv_copy[0] = '\0';
+
 Py_FrozenFlag = 1; /* Suppress errors from getpath.c */
 
 if ((p = Py_GETENV(PYTHONINSPECT))  *p != '\0')

By enforcing a minimal allocation of 1 byte in this file, we are guaranteed 
that malloc doesn't return a non-zero value after it is called with malloc(0) 
(this is possible, see man malloc) and we don't have to rely on the heap 
allocator to do this (in case it's not _PyMem_RawMalloc).

Setting argv_copy[0] to zero ensures a buffer overread will never occur.

Tested only for Python 3.4.

Guido

--
messages: 229330
nosy: Guido
priority: normal
severity: normal
status: open
title: Memory disclosure/buffer overread via bug in Py_FrozenMain
type: security
versions: Python 3.4

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22633
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22630] `concurrent.futures.Future.set_running_or_notify_cancel` does not notify cancel

2014-10-14 Thread Ned Deily


Changes by Ned Deily n...@acm.org:


--
nosy: +bquinlan

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22630
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22631] Feature Request CAN_RAW_FD_FRAME

2014-10-14 Thread Ned Deily


Changes by Ned Deily n...@acm.org:


--
nosy: +neologix

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22631
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue20981] ssl doesn't build anymore with OpenSSL 0.9.7 or older: X509_check_ca

2014-10-14 Thread David Bolen


David Bolen added the comment:

Both of my FreeBSD buildbots are quite ancient (particularly so with 
FreeBSD/6.4), and mostly still exist because of lack of pressure to change 
them, and at least for a while having an older, legacy FreeBSD buildbot was of 
some use.

I have no plans on upgrading though, but always assumed I'd just retire them if 
they became more hassle than they were worth.  Certainly I wouldn't worry too 
much about supporting 6.4 in ongoing development, so the writing might be on 
the wall now for that buildbot.

-- David

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue20981
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22632] Official IDLE web page address is not valid

2014-10-14 Thread Ned Deily


Ned Deily added the comment:

For the record, on the legacy web site, that URI (which you can still see as 
http://legacy.python.org/idle/) redirected to the Python 2 IDLE page in the 
Standard Library docs:  https://docs.python.org/2/library/idle.html.

--
nosy: +ned.deily

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22632
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22632] Official IDLE web page address is not valid

2014-10-14 Thread Georg Brandl


Georg Brandl added the comment:

I guess a redirect could be added again.

--
nosy: +benjamin.peterson

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22632
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22632] Official IDLE web page address is not valid

2014-10-14 Thread Ned Deily


Ned Deily added the comment:

It could but to which page, e.g. which version of the docs?

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22632
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22632] Official IDLE web page address is not valid

2014-10-14 Thread Serhiy Storchaka


Serhiy Storchaka added the comment:

Should we add /idle3/ redirection for 3.x?

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22632
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22632] Official IDLE web page address is not valid

2014-10-14 Thread Ned Deily


Ned Deily added the comment:

The URI in About IDLE is redundant in that the same information on the doc 
page is also available in text format in the IDLE Help menu and there is also a 
link there to the full HTML docs.  Perhaps the URI should just be removed from 
About IDLE going forward; we could still add a redirect for the benefit of 
IDLEs already released.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22632
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue21189] Broken link to patch

2014-10-14 Thread Barry A. Warsaw


Barry A. Warsaw added the comment:

I changed the link to point here: https://docs.python.org/devguide/patch.html

--
resolution:  - fixed
status: open - closed

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue21189
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue7442] _localemodule.c: str2uni() with different LC_NUMERIC and LC_CTYPE

2014-10-14 Thread STINNER Victor


STINNER Victor added the comment:

The issue has a workaround: use LC_NUMERIC and LC_CTYPE locales which use the 
same encoding. To avoid issues, it's probably safer to only use UTF-8 locales, 
which are now available on modern Linux distro.

I don't like the idea of calling setlocale() just for this corner case, because 
it changes the locale for all threads. Even if Python is protected by the GIL, 
Python can be embedded or modules written in C may spawn threads which don't 
care of the GIL. Usually, if it can fail, it will fail :-)

I see that various people contributed to the issue, but it looks like the only 
user asking for the request is Stefan Krah. I prefer to close the issue and 
wait until more users ask for it before considering again the patch, or find a 
different way to implement the feature (support LC_NUMERIC and LC_CTYPE locales 
using a different encoding).

To be clear, I'm closing the issue right now.

--
resolution:  - wont fix
status: open - closed

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue7442
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22631] Feature Request CAN_RAW_FD_FRAME

2014-10-14 Thread Charles-François Natali


Charles-François Natali added the comment:

Annoying.
I thought CAN_RAW_FD_FRAME would be a macro, which would have made conditional 
compilation easy, but it's apparently a enum value, which means we have to add 
a configure-time check...

--
components: +Library (Lib) -IO

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22631
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue3068] IDLE - Add an extension configuration dialog

2014-10-14 Thread Terry J. Reedy


Terry J. Reedy added the comment:

Referring to previous item numbers, this new patch, relative to -2,

1. adds padx to gridding of entry widgets.  (Note, editor text area runs 
against scroll bar in same way as these did, but without breaks, it looks 
fine.) Padding border looks better to me.

2. changes shortcuts to _I and _E.

3. deletes '...'.
---

With respect to

4. Save_all_changed_configs is supposed to only save if 'changes', and 
set_user_value is supposed to removed 'changes' same as default.  I want to 
review these functions after uploading the changes above, along with addition 
of title and use of _htest in .__init__.

5. Reuse of create_action_buttons requires that action handlers have matching 
names in both dialogs.  Since this does not affect dialog behavior, I want to 
defer this.

6. I intend to uncomment before pushing, but this does not affect dialog use.

--
Added file: http://bugs.python.org/file36921/cfg-ext-34-3.diff

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue3068
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue20981] ssl doesn't build anymore with OpenSSL 0.9.7 or older: X509_check_ca

2014-10-14 Thread STINNER Victor


STINNER Victor added the comment:

If we drop support of FreeBSD older than 8.x for example, we should
make it official. Mention it at least in the What's New in Python 3.5
and/or the PEP 11. What do you think?

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue20981
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22634] importing _ctypes failed: undefined symbol: ffi_call_win32

2014-10-14 Thread STINNER Victor


STINNER Victor added the comment:

Similar issue on old FreeBSD versions: issuee #22521.

--
nosy: +haypo

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22634
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.

2014-10-14 Thread Christopher Lee


Christopher Lee added the comment:

Hi Antoine, thanks for taking a look.

I should explain further. This code is for an introspection tool[1] that 
provides an interface to write tests in python against an application.

This code is a workaround for using large timestamps[2] (i.e. larger than 32bit 
time_t) the original suggested code (from SO, using timedelta) has an 
inconsistancy with the hour in some cases (this example in the NZ timezone):
 datetime.datetime.fromtimestamp(2047570047)
datetime.datetime(2034, 11, 19, 17, 27, 27)

 datetime.datetime.fromtimestamp(0) + datetime.timedelta(seconds=2047570047)
datetime.datetime(2034, 11, 19, 18, 27, 27)

The code you see here in my example, creating a timezone aware object, is a 
result of 'fixing' this behaviour I've seen.
The reason for then removing the tzinfo is because currently our API states 
that dates returned from the introspected objects are naive.


[1] https://launchpad.net/autopilot
[2] https://bugs.launchpad.net/autopilot/+bug/1328600

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22627
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue20981] ssl doesn't build anymore with OpenSSL 0.9.7 or older: X509_check_ca

2014-10-14 Thread David Bolen


David Bolen added the comment:

I suppose it depends on what the current policy (if any) is.  Not sure how far 
back we would officially claim to support even today.  We have a 6.4 buildbot 
due to history, but it's never made the stable list, and is probably in a 
failing state as much or more as passing.  Certainly in the FreeBSD world, I 
expect the overlap between anyone still using FreeBSD 6 and yet wanting to use 
the latest and greatest python is awfully small.

With respect to PEP 11 though, noting that we no longer support OpenSSL  0.9.8 
as of some release seems a reasonable point.  Not sure I'd specifically target 
FreeBSD 6.4 as much as OpenSSL.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue20981
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22634] importing _ctypes failed: undefined symbol: ffi_call_win32

2014-10-14 Thread Georg Brandl


Georg Brandl added the comment:

This appears to be caused by the update to libffi version 3.1 in 3.4.2.

--
keywords: +3.4regression
nosy: +doko, georg.brandl

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22634
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue18643] add a fallback socketpair() implementation in test.support

2014-10-14 Thread Roundup Robot


Roundup Robot added the comment:

New changeset 6098141155f9 by Charles-François Natali in branch 'default':
Issue #18643: Add socket.socketpair() on Windows.
https://hg.python.org/cpython/rev/6098141155f9

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue18643
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue16200] Setting .posix=True for shlex object causes infinite loop in next

2014-10-14 Thread Claudiu Popa


Claudiu Popa added the comment:

Here's a refreshed patch, which applies cleanly on tip. Also, I added a test 
for the code that generates an infinite loop.

--
nosy: +Claudiu.Popa
versions: +Python 3.5 -Python 3.2, Python 3.3, Python 3.4
Added file: http://bugs.python.org/file36922/issue16200.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16200
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22632] Official IDLE web page address is not valid

2014-10-14 Thread Terry J. Reedy


Terry J. Reedy added the comment:

Idle's Help system needs a thorough review.  Current issues include 
16893, 21995, 17583, and a few more in my head, including revising About.

In the meanwhile, I am replacing the dead link with 
'https://docs.python.org/' + sys.version[:3] + '/library/idle.html'
(It cannot be copied to be pasted; making it clickable would be part of 
revising About.)

I suggest redirecting the current dead link http://www.python.org/idle/ to 
https://docs.python.org/3/library/idle.html.  People can always select a 
different version from there.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22632
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22632] Official IDLE web page address is not valid

2014-10-14 Thread Ned Deily


Ned Deily added the comment:

OK, the redirect should now be in place.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22632
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22632] Official IDLE web page address is not valid

2014-10-14 Thread Roundup Robot


Roundup Robot added the comment:

New changeset d411dff4e3d4 by Terry Jan Reedy in branch '2.7':
Issue #22632: replace dead link with version-specific doc link.
https://hg.python.org/cpython/rev/d411dff4e3d4

New changeset db5e431125b1 by Terry Jan Reedy in branch '3.4':
Issue #22632: replace dead link with version-specific doc link.
https://hg.python.org/cpython/rev/db5e431125b1

--
nosy: +python-dev

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22632
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22632] Official IDLE web page address is not valid

2014-10-14 Thread Terry J. Reedy


Terry J. Reedy added the comment:

verified

--
resolution:  - fixed
stage:  - resolved
status: open - closed

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22632
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue18643] add a fallback socketpair() implementation in test.support

2014-10-14 Thread Roundup Robot


Roundup Robot added the comment:

New changeset 03d3f2664930 by Victor Stinner in branch '3.4':
Issue #18643: asyncio.windows_utils now reuse socket.socketpair() on Windows if
https://hg.python.org/cpython/rev/03d3f2664930

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue18643
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)

2014-10-14 Thread Josh Rosenberg


New submission from Josh Rosenberg:

(U) The examples for the function still show the return code in the form 
os.popen would produce (a program exiting with status 1 would return 256 as the 
status), but the new code from #10197 makes the status 1, not 256.

(U) This is a breaking change for code relying on what was already a legacy 
interface. Either the docs should call out the change, or the code needs to 
restore the previous behavior.

(U) Ultra simple repro:

 subprocess.getstatusoutput('python -c exit(1)')
Expected:
(256, '')
Actual:
(1, '')

--
messages: 229354
nosy: josh.rosenberg
priority: normal
severity: normal
status: open
title: subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)
type: behavior
versions: Python 3.3, Python 3.4, Python 3.5

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22635
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)

2014-10-14 Thread STINNER Victor


STINNER Victor added the comment:

It probably comes from this change:
---
changeset:   86879:c34e163c0086
branch:  3.3
parent:  86870:dbff708e393f
user:Tim Golden m...@timgolden.me.uk
date:Sun Nov 03 12:53:17 2013 +
files:   Lib/subprocess.py Lib/test/test_subprocess.py Misc/NEWS
description:
Issue #10197 Rework subprocess.get[status]output to use subprocess 
functionality and thus to work on Windows. Patch by Nick Coghlan.
---

 (U) This is a breaking change for code relying on what was already a legacy 
 interface.

CommandTests.test_getoutput() only checks that an error returns a non-zero 
status :-/ It doens't check for the exact status. We should use a small Python 
program using a specific exit code (ex: sys.exit(5)) to check the status.

--
nosy: +haypo, ncoghlan, tim.golden

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22635
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)

2014-10-14 Thread STINNER Victor


STINNER Victor added the comment:

Oh, I now understand why I feel guilty, I proposed a patch rewriting 
getstatusoutput() in the issue #10197. My patch ends with:

+if os.name != 'nt':
+# convert status to be interpreted according to the wait() rules
+sts = sts  8

This fix is that simple, but it means that depending on the Python version, you 
will get a different status...

Python 3.3 doesn't accept bugfixes anymore and so cannot be changed.

--
versions:  -Python 3.3

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22635
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)

2014-10-14 Thread Josh Rosenberg


Josh Rosenberg added the comment:

Ah blech. Can someone with privileges edit my original message to remove the 
junk at the beginning of each paragraph? Habit from an old job. Wish I could 
just edit the message.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22635
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)

2014-10-14 Thread STINNER Victor


STINNER Victor added the comment:

 Can someone with privileges edit my original message to remove the junk at 
 the beginning of each paragraph?

It's not possible to edit a message, only to remove it. I don't like removing 
the initial message of an issue.

Don't worry, (U) looks a bullet, it can read it ;-)

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22635
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)

2014-10-14 Thread R. David Murray


R. David Murray added the comment:

You are right, it did change in 3.3.4 (see issue 10197).  That change should 
not have been applied to 3.3, and obviously there was a missing test concerning 
the return code format.

At this point I think we are stuck with changing the documentation.  The new 
return code is both more convenient and more consistent with the rest of the 
subprocess module.  It is very unfortunate that it did not follow our normal 
backward compatibility rules, but we are stuck with the mistake now.

--
assignee:  - docs@python
components: +Documentation
nosy: +docs@python, r.david.murray

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22635
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue18643] add a fallback socketpair() implementation to the socket module

2014-10-14 Thread Charles-François Natali


Changes by Charles-François Natali cf.nat...@gmail.com:


--
resolution:  - fixed
stage: patch review - resolved
status: open - closed
title: add a fallback socketpair() implementation in test.support - add a 
fallback socketpair() implementation to the socket module

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue18643
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)

2014-10-14 Thread STINNER Victor


STINNER Victor added the comment:

 You are right, it did change in 3.3.4 (see issue 10197).  That change should 
 not have been applied to 3.3, ...

The purpose of the issue #10197 was to fix a bug on Windows: getoutput() didn't 
work.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22635
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)

2014-10-14 Thread R. David Murray


R. David Murray added the comment:

But it was also a feature addition: getoutput had not been *intended* to work 
on Windows.  I understand why the mistake was made (the argument that it was a 
bug has weight), but the fact that a versionchanged was needed mentioning 3.3.4 
indicates it wasn't really a bug fix.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22635
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue20152] Derby #15: Convert 50 sites to Argument Clinic across 9 files

2014-10-14 Thread Roundup Robot


Roundup Robot added the comment:

New changeset 5e8b94397f81 by Brett Cannon in branch 'default':
Issue #20152: Convert the cmath module to Argument Clinic.
https://hg.python.org/cpython/rev/5e8b94397f81

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue20152
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22636] avoid using a shell in ctypes.util: replace os.popen with subprocess

2014-10-14 Thread STINNER Victor


New submission from STINNER Victor:

Attached patch modifies the ctypes.util module to not use a shell: it replaces 
os.open() with subprocess.Popen on Linux.

Running a shell is slower and is more vulnerable to code injection.

I only modified code path on Linux right now. They are still calls to 
os.popen() on sunos5, freebsd, openbsd and dragonfly.

--
files: ctypes_util_popen.patch
keywords: patch
messages: 229363
nosy: haypo
priority: normal
severity: normal
status: open
title: avoid using a shell in ctypes.util: replace os.popen with subprocess
type: enhancement
versions: Python 3.5
Added file: http://bugs.python.org/file36923/ctypes_util_popen.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22636
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22637] avoid using a shell in uuid: replce os.popen with subprocess.Popen

2014-10-14 Thread STINNER Victor


New submission from STINNER Victor:

Attached patch modifies the uuid module to not use a shell: it replaces 
os.popen() with subprocess.Popen on UNIX.

Running a shell is slower and is more vulnerable to code injection.

I only modified code path on UNIX right now. They is still a call to os.popen() 
on Windows.

Note: The patch works on bytes string instead of Unicode.

--
files: uuid_popen.patch
keywords: patch
messages: 229364
nosy: haypo
priority: normal
severity: normal
status: open
title: avoid using a shell in uuid: replce os.popen with subprocess.Popen
type: enhancement
versions: Python 3.5
Added file: http://bugs.python.org/file36924/uuid_popen.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22637
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22599] traceback: errors in the linecache module at exit

2014-10-14 Thread STINNER Victor


STINNER Victor added the comment:

 There is one downside of my solution. For now the code uses current builtin 
 open() which can be overloaded (to handle reading from ZIP archive for 
 example, or to check permissions).

Oh, does anyone really modify the builtin open() for that? If you already 
monkey-patch Python builtin, you are probably able to monkey-patch also 
tokenize._builtin_open.

I don't think that monkey-patching builtins is promoted nor well supported. 
They are probably other places where a local references to builtins functions 
are kept.

The importlib module provides the get_source() function which is the best way 
to retrieve the source code from any kind of module, including ZIP files. But 
tokenize.open() really expects a clear text .py file.


 With my solution it uses builtin open() at the time of import.

I don't see how your solution is different than mine.

But your solution is probably enough to tokenize needs (it only requires the 
builtin open funciton) and it's shorter.


 I don't know insofar current behavior is intentional. We should take a 
 decision of yet one core developer.

Since I wrote tokenize.open(), I can explain why I chose to import builtins :-) 
It's just one option to handle two functions with the same name: 
(builtins.)open and (tokenize.)open.

_open = open is another common option to handle this issue.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22599
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22599] traceback: errors in the linecache module at exit

2014-10-14 Thread STINNER Victor


STINNER Victor added the comment:

traceback_at_exit-2.patch: Updated patch to remove import builtins from 
tokenize.py, it's no more needed.

--
Added file: http://bugs.python.org/file36925/traceback_at_exit-2.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22599
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue3068] IDLE - Add an extension configuration dialog

2014-10-14 Thread Roundup Robot


Roundup Robot added the comment:

New changeset 7ba47bbfe38d by Terry Jan Reedy in branch '2.7':
Issue #3068: Change 0/1 to False/True so that extension configure dialog can
https://hg.python.org/cpython/rev/7ba47bbfe38d

New changeset 94f8d65371b7 by Terry Jan Reedy in branch '3.4':
Issue #3068: Change 0/1 to False/True so that extension configure dialog can
https://hg.python.org/cpython/rev/94f8d65371b7

New changeset 111d535b52e8 by Terry Jan Reedy in branch 'default':
Merge with 3.4 #3068
https://hg.python.org/cpython/rev/111d535b52e8

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue3068
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread STINNER Victor


New submission from STINNER Victor:

Copy of Donald Stuff email sent to python-dev:

A big security breach of SSL 3.0 just dropped a little while ago (named POODLE).
With this there is now no ability to securely connect via SSL 3.0. I believe
that we should disable SSL 3.0 in Python similarly to how SSL 2.0 is disabled,
where it is disabled by default unless the user has explicitly re-enabled it.

The new attack essentially allows reading the sensitive data from within a SSL
3.0 connection stream. It takes roughly 256 requests to break a single byte so
the attack is very practical. You can read more about the attack here at the
google announcement [1] or the whitepaper [2].

[1] 
http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
[2] https://www.openssl.org/~bodo/ssl-poodle.pdf

--
messages: 229368
nosy: haypo
priority: normal
severity: normal
status: open
title: ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
type: security
versions: Python 2.7, Python 3.1, Python 3.2, Python 3.3, Python 3.4, Python 3.5

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22637] avoid using a shell in uuid: replce os.popen with subprocess.Popen

2014-10-14 Thread Josh Rosenberg


Changes by Josh Rosenberg shadowranger+pyt...@gmail.com:


--
nosy: +josh.r

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22637
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Alex Gaynor


Changes by Alex Gaynor alex.gay...@gmail.com:


--
nosy: +christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Alex Gaynor


Alex Gaynor added the comment:

This patch disables SSLv3 by default for Python. Uesrs can get it back by 
specifiying SSL_PROTOCOLv3 explicitly.

--
keywords: +needs review, patch
nosy: +alex
Added file: http://bugs.python.org/file36926/issue22638.diff

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Antoine Pitrou


Antoine Pitrou added the comment:

Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient 
to mitigate this issue, but presents significant compatibility problems, even 
today. Therefore our recommended response is to support TLS_FALLBACK_SCSV. This 
is a mechanism that solves the problems caused by retrying failed connections 
and thus prevents attackers from inducing browsers to use SSL 3.0. It also 
prevents downgrades from TLS 1.2 to 1.1 or 1.0 and so may help prevent future 
attacks.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Antoine Pitrou


Antoine Pitrou added the comment:

IOW, I think it may be ok to disable SSLv3 in create_default_context(), but not 
necessarily in other contexts.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Alex Gaynor


Alex Gaynor added the comment:

create_default_context already disables SSLv3! (Good work everybody :-))

FWIW many vendors are already moving to disable SSLv3, e.g. cloudflare already 
did.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Antoine Pitrou


Antoine Pitrou added the comment:

How many times will it have to be repeated that SSL is used for other things 
than HTTPS-on-the-Web?

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Donald Stufft


Donald Stufft added the comment:

I think it's fine to disable it all together. Google is planning/hoping to kill 
SSL 3.0 completely from their clients in the next couple of months. They just 
don't want to release a patch that disables SSL 3.0 right today.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Donald Stufft


Donald Stufft added the comment:

I don't know, how many times will it have to be repeated that secure defaults 
matter?

SSL 3.0 can be turned back on easily enough, it isn't a hard shut off. It 
changes the default just like what was done with SSLv2.0.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Antoine Pitrou


Antoine Pitrou added the comment:

The difference is that SSLv2 had been dead for long already. We don't have any 
statistic about SSLv3 servers in the wild, but I'd be surprised if they had 
turned entirely negligible.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Alex Gaynor


Alex Gaynor added the comment:

CloudFlare published some statistics: 
https://blog.cloudflare.com/sslv3-support-disabled-by-default-due-to-vulnerability/

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Donald Stufft


Donald Stufft added the comment:

There's also https://www.trustworthyinternet.org/ssl-pulse/

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Alex Gaynor


Alex Gaynor added the comment:

Debian is also considering this, and link some statistics on IE6 specifically 
(one of the, if not the single, largest SSLv3 users): 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765347

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Antoine Pitrou


Antoine Pitrou added the comment:

On the Web, there is indeed a good reaction time to security issues (especially 
in large providers). That may not be the case for all the other SSL services 
out there.

Since TLS_FALLBACK_SCSV is the recommended solution (not to mention it will 
work against other attacks), do you know if it's being implemented in OpenSSL? 
I would be surprised if nobody did it.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Alex Gaynor


Alex Gaynor added the comment:

It's been implemented in boringssl: 
https://boringssl.googlesource.com/boringssl/+/2970779684c6f164a0e261e96a3d59f331123320

I don't believe it's in OpenSSL though.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Antoine Pitrou


Antoine Pitrou added the comment:

Note the Debian issue is specifically for Apache, not the OpenSSL package.
If Debian decides to disable SSLv3 in its OpenSSL package, then it will be a 
pretty good hint that we can do so as well :-)

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Donald Stufft


Donald Stufft added the comment:

OpenSSL generally doesn't have bad options disabled until they are years old. 
OpenSSL takes the stance that it's up to the consumers of the OpenSSL API to 
properly configure themselves.

Also it's important to note that TLS_FALLBACK_SCSV isn't actually a work around 
for the SSL 3.0 problem. There is no work around for that, you can only disable 
SSL 3.0. TLS_FALLBACK_SCSV is completely unrelated to Python because it's a 
work around for the fact that browsers will re-attempt a TLS connection if the 
first one fails with a lower protocol verison which means a MITM can force your 
connection back to SSL 3.0 even if both the client and the server support TLS 
1.2. I'm not 100% sure but I don't believe Python has such a dance so 
TLS_FALLBACK_SCSV does nothing for us.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue3068] IDLE - Add an extension configuration dialog

2014-10-14 Thread Terry J. Reedy


Terry J. Reedy added the comment:

The reason for the apparent writing of unchanged values is that '0' != 'False' 
and '1' !- 'True'.  With all booleans writen as 'False' or 'True', non-enable 
boolean items can be recognized and non-changes not seen as changes.  I will 
next revise the patch and retest.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue3068
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Antoine Pitrou


Antoine Pitrou added the comment:

 OpenSSL generally doesn't have bad options disabled until they are years old. 
 OpenSSL takes the stance that it's up to the consumers of the OpenSSL API to 
 properly configure themselves.

The point is, if they start exposing it, we can enable it ourselves.

 I'm not 100% sure but I don't believe Python has such a dance so 
 TLS_FALLBACK_SCSV does nothing for us.

Well, the ssl module can also be used in server mode.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)

2014-10-14 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22635
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22636] avoid using a shell in ctypes.util: replace os.popen with subprocess

2014-10-14 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22636
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22637] avoid using a shell in uuid: replce os.popen with subprocess.Popen

2014-10-14 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22637
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22639] test test_bad_address fails on Python 3.4.2 under Linux Mint 13 Maya

2014-10-14 Thread Steve P


New submission from Steve P:

Looking in past bug reports, I suspect the test itself is problematic. When I 
paste the (erroneous) URL the tests is using into Firefox, I get a page back 
from my ISP with Sorry, the website sadflkjsasf.i.nvali.d cannot be found

Here's the output of the test:

@chimp:~/Downloads/Python-3.4.2 $ ./python -m test -v test_bad_address
== CPython 3.4.2 (default, Oct 14 2014, 15:34:15) [GCC 4.6.3]
==   Linux-3.2.0-23-generic-i686-with-debian-wheezy-sid little-endian
==   hash algorithm: siphash24 32bit
==   /home/sp/Downloads/Python-3.4.2/build/test_python_11906
Testing with flags: sys.flags(debug=0, inspect=0, interactive=0, optimize=0, 
dont_write_bytecode=0, no_user_site=0, no_site=0, ignore_environment=0, 
verbose=0, bytes_warning=0, quiet=0, hash_randomization=1, isolated=0)
[1/1] test_bad_address
test test_bad_address crashed -- Traceback (most recent call last):
  File /home/sp/Downloads/Python-3.4.2/Lib/test/regrtest.py, line 1271, in 
runtest_inner
the_module = importlib.import_module(abstest)
  File /home/sp/Downloads/Python-3.4.2/Lib/importlib/__init__.py, line 109, 
in import_module
return _bootstrap._gcd_import(name[level:], package, level)
  File frozen importlib._bootstrap, line 2254, in _gcd_import
  File frozen importlib._bootstrap, line 2237, in _find_and_load
  File frozen importlib._bootstrap, line 2224, in _find_and_load_unlocked
ImportError: No module named 'test.test_bad_address'

1 test failed:
test_bad_address

--
components: Tests
messages: 229386
nosy: Steve.P
priority: normal
severity: normal
status: open
title: test test_bad_address fails on Python 3.4.2 under Linux Mint 13 Maya
type: crash
versions: Python 3.4

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22639
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22633] Memory disclosure/buffer overread via bug in Py_FrozenMain

2014-10-14 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22633
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22335] Python 3: Segfault instead of MemoryError when bytearray too big

2014-10-14 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22335
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue15994] memoryview to freed memory can cause segfault

2014-10-14 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15994
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22633] Memory disclosure/buffer overread via bug in Py_FrozenMain

2014-10-14 Thread Antoine Pitrou


Changes by Antoine Pitrou pit...@free.fr:


--
nosy: +haypo

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22633
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22639] test test_bad_address fails on Python 3.4.2 under Linux Mint 13 Maya

2014-10-14 Thread Ned Deily


Ned Deily added the comment:

I'm not sure what you are trying to do but there is no test module named 
test_bad_address in the standard library, which is why you get that error.  
Doing a quick search of Lib/test shows three different cases of 
test_bad_address: in the test_ipaddress, test_urllib2_localnet, and 
test_urllibnet modules.  If you want to just run those tests, you'd need to 
specify the module names.  Plus two of them require network access so you'll 
need to enable the network test resource.  Try something like:

./python -m test -v -u network test_ipaddress test_urllib2_localnet 
test_urllibnet

--
nosy: +ned.deily

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22639
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.

2014-10-14 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22627
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22521] ctypes compilation fails on FreeBSD: Undefined symbol ffi_call_win32

2014-10-14 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22521
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22634] importing _ctypes failed: undefined symbol: ffi_call_win32

2014-10-14 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22634
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.

2014-10-14 Thread Alexander Belopolsky


Alexander Belopolsky added the comment:

In general, you cannot expect datetime.fromtimestamp(0) + timedelta(seconds) to 
return the same value as datetime.fromtimestamp(seconds).  This will only be 
true if you are lucky enough to live in an area where local government did not 
mess with timezones since 1970.  In your particular case, I think what is 
happening is that you have DST in January, but you did not have that on January 
1, 1970.

$ zdump -v NZ | grep NZDT | head
NZ  Sat Nov  2 14:00:00 1974 UTC = Sun Nov  3 03:00:00 1974 NZDT isdst=1
NZ  Sat Feb 22 13:59:59 1975 UTC = Sun Feb 23 02:59:59 1975 NZDT isdst=1
NZ  Sat Oct 25 14:00:00 1975 UTC = Sun Oct 26 03:00:00 1975 NZDT isdst=1
NZ  Sat Mar  6 13:59:59 1976 UTC = Sun Mar  7 02:59:59 1976 NZDT isdst=1
NZ  Sat Oct 30 14:00:00 1976 UTC = Sun Oct 31 03:00:00 1976 NZDT isdst=1
NZ  Sat Mar  5 13:59:59 1977 UTC = Sun Mar  6 02:59:59 1977 NZDT isdst=1
NZ  Sat Oct 29 14:00:00 1977 UTC = Sun Oct 30 03:00:00 1977 NZDT isdst=1
NZ  Sat Mar  4 13:59:59 1978 UTC = Sun Mar  5 02:59:59 1978 NZDT isdst=1
NZ  Sat Oct 28 14:00:00 1978 UTC = Sun Oct 29 03:00:00 1978 NZDT isdst=1
NZ  Sat Mar  3 13:59:59 1979 UTC = Sun Mar  4 02:59:59 1979 NZDT isdst=1

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22627
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1610654] cgi.py multipart/form-data

2014-10-14 Thread Rishi


Rishi added the comment:

I have recreated the patch(issue1610654_1.patch) and it performs more or less 
like the earlier patch

Serhiy,
I agree we cannot use handmade buffering here, without seeking ahead.
I believe, we can make optimizations for streams which are buffered and 
non-seekable.
Cgi modules default value for file object is the BufferedReader of sys.stdin, 
so the solution is fairly generic.

I have removed handmade buffering. Neither do I create a Buffered* object.
We rely on user to create the buffered object. The sys.stdin that cgi module 
has a decent buffer underneath that
works well on apache.

The patch attached does not seek, nor does it read ahead. It only looks ahead.
As Antoine suggests, it peeks the buffer and determines through a fast lookup 
if the buffer has a bounary or not.
It moves forward only if it is convinced that the current buffer is completely 
within the next boundary.


The issue is that the current implementation deals with lines and not chunks.
Even when a savy user wraps sys.stdin around a large BufferredReader there is 
little to no peformance improvement in 
the current implementation for large files in my observation. It does not solve 
the bug mentioned either.
The difference in extreme cases like Chui's is 53s against 0.7s and even 
otherwise for larger files the patch
is 3 times faster than the current implementation.
I have tested this on Apache2 server where the sys.stdin is buffered.

--
Added file: http://bugs.python.org/file36927/issue1610654_1.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1610654
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.

2014-10-14 Thread Alexander Belopolsky


Alexander Belopolsky added the comment:

Antoine,

I don't think the behavior that you have shown is a bug in strict sense.

On my Mac, I get

$ python mkbug.py breakme
1396702800.0
1396702800.0

but on Linux,

$ python mkbug.py breakme
1396706400.0
1396702800.0

The problem here is that time.mktime((2014, 4, 6, 2, 0, 0, -1, -1, -1))
is undefined  and both 1396706400 and 1396702800 timestamps are valid guesses 
for what 2014-04-06T02 was in NZ: 

$ TZ=NZ date -d @1396706400
Sun Apr  6 02:00:00 NZST 2014
$ TZ=NZ date -d @1396702800
Sun Apr  6 02:00:00 NZDT 2014

It is unfortunate that Linux C library (glibc?) makes different guess at 
different time, but I don't think this violates any applicable standards.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22627
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.

2014-10-14 Thread Christopher Lee


Christopher Lee added the comment:

Alexander,

Ah ok thanks for clarifying that. Am I wrong then to think that this code[1] 
should work as I think it should (i.e. 
datetime_from_large_timestamp(example_ts) == datetime.fromtimestamp(example_ts))

I'm trying to be able to handle timestamps larger than the 32bit time_t limit, 
which is why I'm doing these gymnastic steps.

[1] http://paste.ubuntu.com/8562027/

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22627
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue2943] Distutils should generate a better error message when the SDK is not installed

2014-10-14 Thread John


John added the comment:

error message should contain more details about what went wrong and why

--
nosy: +lambda

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue2943
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.

2014-10-14 Thread Alexander Belopolsky


Alexander Belopolsky added the comment:

Your code as good as your timezone library, but you should realize that by 
discarding tzinfo you are making your local_stamp ambiguous.

I am not familiar with dateutil.tz, but pytz I believe uses some tricks to make 
sure astimezone() result remembers the isdst flag.

If you API requires naive local datetime objects, you need to carry isdst flag 
separately if you want to disambiguate between  2014-04-06 02:00 NZST and 
2014-04-06 02:00 NZDT.  On top of that, you will not be able to use 
datetime.timestamp() method and will have to use time.mktime or whatever 
equivalent utility your timezone library provides.

Note that I was against adding datetime.timestamp() for this specific reason: 
it is supposed to be inverse of datetime.fromtimestamp(), but since the later 
is not monotonic, no such inverse exists in the strict mathematical sense.  See 
msg133039 in issue 2736.

BTW, if you open a feature request to add isdst=-1 optional argument to 
datetime.timestamp(), you will have my +1.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22627
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue20386] socket.SocketType enum overwrites import of _socket.SocketType

2014-10-14 Thread Roundup Robot


Roundup Robot added the comment:

New changeset 613c30ffd344 by Ethan Furman in branch '3.4':
Issue20386: SocketType is again socket.socket; the IntEnum SOCK constants are 
SocketKind
https://hg.python.org/cpython/rev/613c30ffd344

New changeset ef24851f340f by Ethan Furman in branch 'default':
Issue20386: SocketType is again socket.socket; the IntEnum SOCK constants are 
SocketKind
https://hg.python.org/cpython/rev/ef24851f340f

--
nosy: +python-dev

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue20386
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue20386] socket.SocketType enum overwrites import of _socket.SocketType

2014-10-14 Thread Ethan Furman


Changes by Ethan Furman et...@stoneleaf.us:


--
resolution:  - fixed
stage: patch review - resolved
status: open - closed

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue20386
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.

2014-10-14 Thread Akira Li


Akira Li added the comment:

Christopher, 

About your script http://paste.ubuntu.com/8562027/

dateutil may break if the local timezone had different UTC offset in the past.
You could  use tzlocal module to get pytz timezone that can handle such 
timezones. 

To get the correct time for 1414274400 timezone in Europe/Moscow timezone,
you need the latest tz database e.g., `pytz` works but fromtimestamp, dateutil
that use the local tz database fail (2:00 instead of 1:00):

   import time
   import os
   os.environ['TZ'] = 'Europe/Moscow'
   time.tzset()
   from datetime import datetime, timezone
   from tzlocal import get_localzone 
   datetime.fromtimestamp(1414274400, get_localzone())
  datetime.datetime(2014, 10, 26, 1, 0, tzinfo=DstTzInfo 'Europe/Moscow' 
MSK+3:00:00 STD)
   
datetime.utcfromtimestamp(1414274400).replace(tzinfo=timezone.utc).astimezone(get_localzone())
  datetime.datetime(2014, 10, 26, 1, 0, tzinfo=DstTzInfo 'Europe/Moscow' 
MSK+3:00:00 STD)
   datetime.fromtimestamp(1414274400) # wrong
  datetime.datetime(2014, 10, 26, 2, 0)
   datetime.fromtimestamp(1414274400, timezone.utc).astimezone() # wrong
  datetime.datetime(2014, 10, 26, 2, 0, 
tzinfo=datetime.timezone(datetime.timedelta(0, 14400), 'MSK'))
   
datetime.utcfromtimestamp(1414274400).replace(tzinfo=timezone.utc).astimezone() 
# wrong
  datetime.datetime(2014, 10, 26, 2, 0, 
tzinfo=datetime.timezone(datetime.timedelta(0, 14400), 'MSK'))
   from dateutil.tz import gettz, tzutc
   datetime.fromtimestamp(1414274400, gettz()) # wrong
  datetime.datetime(2014, 10, 26, 2, 0, 
tzinfo=tzfile('/usr/share/zoneinfo/Europe/Moscow'))
   datetime.fromtimestamp(1414274400, tzutc()).astimezone(gettz()) # wrong
  datetime.datetime(2014, 10, 26, 2, 0, 
tzinfo=tzfile('/usr/share/zoneinfo/Europe/Moscow'))
   
datetime.utcfromtimestamp(1414274400).replace(tzinfo=tzutc()).astimezone(gettz())
 # wrong
  datetime.datetime(2014, 10, 26, 2, 0, 
tzinfo=tzfile('/usr/share/zoneinfo/Europe/Moscow'))


To avoid surprises, always use UTC time to perform date arithmetics:

  EPOCH = datetime(1970, 1,1, tzinfo=pytz.utc)
  utc_dt = EPOCH + timedelta(seconds=timestamp)

should work for dates after 2038 too.

To convert it to the local timezone:

  from tzlocal import get_localzone

  local_dt = utc_dt.astimezone(get_localzone())
  ts = (local_dt - EPOCH) // timedelta(seconds=1)
  assert ts == timestamp # if timestamp is an integer

Python stdlib assumes POSIX encoding for time.time() value (issue22356)  
therefore the formulae work on all platforms where Python works.

--
nosy: +akira

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22627
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22639] test test_bad_address fails on Python 3.4.2 under Linux Mint 13 Maya

2014-10-14 Thread Steve P


Steve P added the comment:

I got test_bad_address from what was reported using make test.  Perhaps
at I read the log wrong, but it was clear I got a failure.  At any rate,
here's what I get with the correct test name:

sp@chip:~/Downloads/Python-3.4.2 $ ./python -m test -v -u network
 test_urllib2_localnet
 == CPython 3.4.2 (default, Oct 14 2014, 15:34:15) [GCC 4.6.3]
 ==   Linux-3.2.0-23-generic-i686-with-debian-wheezy-sid little-endian
 ==   hash algorithm: siphash24 32bit
 ==   /home/sp/Downloads/Python-3.4.2/build/test_python_16076
 Testing with flags: sys.flags(debug=0, inspect=0, interactive=0,
 optimize=0, dont_write_bytecode=0, no_user_site=0, no_site=0,
 ignore_environment=0, verbose=0, bytes_warning=0, quiet=0,
 hash_randomization=1, isolated=0)
 [1/1] test_urllib2_localnet
 test_basic_auth_httperror (test.test_urllib2_localnet.BasicAuthTests) ...
 ok
 test_basic_auth_success (test.test_urllib2_localnet.BasicAuthTests) ... ok
 test_proxy_qop_auth_int_works_or_throws_urlerror
 (test.test_urllib2_localnet.ProxyAuthTests) ... ok
 test_proxy_qop_auth_works (test.test_urllib2_localnet.ProxyAuthTests) ...
 ok
 test_proxy_with_bad_password_raises_httperror
 (test.test_urllib2_localnet.ProxyAuthTests) ... ok
 test_proxy_with_no_password_raises_httperror
 (test.test_urllib2_localnet.ProxyAuthTests) ... ok
 test_200 (test.test_urllib2_localnet.TestUrlopen) ... ok
 test_200_with_parameters (test.test_urllib2_localnet.TestUrlopen) ... ok
 test_404 (test.test_urllib2_localnet.TestUrlopen) ... ok
 test_bad_address (test.test_urllib2_localnet.TestUrlopen) ... FAIL
 test_basic (test.test_urllib2_localnet.TestUrlopen) ... ok
 test_chunked (test.test_urllib2_localnet.TestUrlopen) ... ok
 test_geturl (test.test_urllib2_localnet.TestUrlopen) ... ok
 test_https (test.test_urllib2_localnet.TestUrlopen) ... stopping HTTPS
 server
 joining HTTPS thread
 ok
 test_https_sni (test.test_urllib2_localnet.TestUrlopen) ... stopping HTTPS
 server
 joining HTTPS thread
 ok
 test_https_with_cadefault (test.test_urllib2_localnet.TestUrlopen) ... Got
 an error:
 [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:600)
 stopping HTTPS server
 joining HTTPS thread
 ok
 test_https_with_cafile (test.test_urllib2_localnet.TestUrlopen) ... Got an
 error:
 [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:600)
 stopping HTTPS server
 joining HTTPS thread
 stopping HTTPS server
 joining HTTPS thread
 ok
 test_info (test.test_urllib2_localnet.TestUrlopen) ... ok
 test_iteration (test.test_urllib2_localnet.TestUrlopen) ... ok
 test_line_iteration (test.test_urllib2_localnet.TestUrlopen) ... ok
 test_redirection (test.test_urllib2_localnet.TestUrlopen) ... ok
 test_sending_headers (test.test_urllib2_localnet.TestUrlopen) ... ok

 ==
 FAIL: test_bad_address (test.test_urllib2_localnet.TestUrlopen)
 --
 Traceback (most recent call last):
   File
 /home/sp/Downloads/Python-3.4.2/Lib/test/test_urllib2_localnet.py, line
 655, in test_bad_address
 http://sadflkjsasf.i.nvali.d./;)
 AssertionError: OSError not raised by urlopen

 --
 Ran 22 tests in 5.260s

 FAILED (failures=1)
 test test_urllib2_localnet failed
 1 test failed:
 test_urllib2_localnet


On Tue, Oct 14, 2014 at 4:56 PM, Ned Deily rep...@bugs.python.org wrote:


 Ned Deily added the comment:

 I'm not sure what you are trying to do but there is no test module named
 test_bad_address in the standard library, which is why you get that error.
 Doing a quick search of Lib/test shows three different cases of
 test_bad_address: in the test_ipaddress, test_urllib2_localnet, and
 test_urllibnet modules.  If you want to just run those tests, you'd need to
 specify the module names.  Plus two of them require network access so
 you'll need to enable the network test resource.  Try something like:

 ./python -m test -v -u network test_ipaddress test_urllib2_localnet
 test_urllibnet

 --
 nosy: +ned.deily

 ___
 Python tracker rep...@bugs.python.org
 http://bugs.python.org/issue22639
 ___


--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22639
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue3068] IDLE - Add an extension configuration dialog

2014-10-14 Thread Terry J. Reedy


Terry J. Reedy added the comment:

cfg-ext-34-4.diff:  In this patch, default values are classified as bool, int, 
on other.  An invalid user bool or int value is replaced by the corresponding 
default (which had to be a valid bool or int for the type to be set) and the 
invalid value is either removed or replaced by a valid value.  To this extent, 
this dialog will repair a corrupted config-extensions.cfg.  Int values get an 
entry box with validation.

The validation allows blank strings for int entries (which, of course are also 
allowed for 'other'.  All non-key options for default extensions must have a 
value.  So in set_user_value, if there is a default, a blank value is treated 
the same as if it were the default, and the user config line removed if there 
is one.  So blanking an entry is a way to set is to the default value.

I think this is about ready to commit.  It should first be tested with an added 
section in the user config for an added extension.  I also think set_user_value 
should be able to use the already fetched and saved default value.

S2: For patch 3, Rietveld shows all 5 files.  It momentarily showed 5 for patch 
2, then reverted to just 1.

--
assignee:  - terry.reedy
stage: patch review - commit review
Added file: http://bugs.python.org/file36928/cfg-ext-34-4.diff

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue3068
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue17582] xml.etree.ElementTree does not preserve whitespaces in attributes

2014-10-14 Thread Colton Leekley-Winslow


Colton Leekley-Winslow added the comment:

Here is a patch.  Please note that in your example \r is replaced by \n per 
2.11: http://www.w3.org/TR/REC-xml/#sec-line-ends
Also, the patch is only for ElementTree, I will investigate cElementTree but no 
promises.

--
keywords: +patch
nosy: +lwcolton
Added file: http://bugs.python.org/file36929/17582-etree-whitespace.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17582
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue17582] xml.etree.ElementTree does not preserve whitespaces in attributes

2014-10-14 Thread Colton Leekley-Winslow


Colton Leekley-Winslow added the comment:

I sort of realized, does this mean lxml.etree would now be the offender, for 
not following 2.11 and leaving the \r as-is?

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue17582
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue7918] distutils always ignores byte compilation errors

2014-10-14 Thread Colton Leekley-Winslow


Colton Leekley-Winslow added the comment:

Also agree setup allowing broken code an be annoying, but it is necessary to 
maintain the existing behavior.  Maybe we need an additional argument for setup 
that will in turn pass doraise to py_compile.compile, but retain the default 
behavior in all other cases?  As a work-around to your problem, try pylint -E 
before you build your package, we require it as a part of our build process.

--
nosy: +lwcolton

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue7918
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.

2014-10-14 Thread Christopher Lee


Christopher Lee added the comment:

Thanks Akira, everyone for all the info.

It looks like I've highjacked this bug comments to trying to solve my first 
problem (i.e. datetime objects for large timestamps) instead of the bug at 
hand, I feel should move that conversation elsewhere.

It appears from Alexander's comment that it might not be a bug. I need to 
figure out if I need to work around this or use some other mechanism.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22627
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22639] test test_bad_address fails on Python 3.4.2 under Linux Mint 13 Maya

2014-10-14 Thread Ned Deily


Ned Deily added the comment:

Thanks for the additional information.  It appears this is a duplicate of 
Issue17564 with the root cause being the ISP not properly rejecting an 
undefined host name as expected by the test case.  See the discussion there for 
more information.

--
resolution:  - duplicate
stage:  - resolved
status: open - closed
superseder:  - test_urllib2_localnet fails
type: crash - 

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22639
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)

2014-10-14 Thread Donald Stufft


Donald Stufft added the comment:

Firefox is planning to disable SSL 3.0 as well - 
https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

SSLv3 will be disabled by default in Firefox 34, which will be released on Nov 
25. 

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22638
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

< 1 2 3

201 - 295 of 295 matches

Mail list logo