[issue12067] Doc: remove errors about mixed-type comparisons.
Andy Maier added the comment: I have addressed the comments by Jim Jewett, Martin Panter and of myself in a new version v11, which got posted. For the expression.rst doc file, this version of the patch has its diff sections in a logical order, so that the original text and the patched text are close by each other. Please review. -- Added file: http://bugs.python.org/file36920/issue12067-expressions-py34_v11.diff ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue12067 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22237] sorted() docs should state that the sort is stable
Georg Brandl added the comment: PyId_sort is not a function, it's a somewhat complicated way of getting a Python string sort (in this case, for looking up a method using PyObject_GetAttrId). The string object is cached, with is faster than constructing one every time with PyObject_GetAttrString. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22237 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue21855] Fix decimal in unicodeless build
Changes by Serhiy Storchaka storch...@gmail.com: -- stage: commit review - resolved ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue21855 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue12067] Doc: remove errors about mixed-type comparisons.
Andy Maier added the comment: I also made sure in both files that the line length of any changed or new lines is max 80. Sorry if that creates extra changes when looking at deltas between change sets. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue12067 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22632] Official IDLE web page address is not valid
New submission from Serhiy Storchaka: WWW address (http://www.python.org/idle/) mentioned in About IDLE dialog window is no longer valid. -- assignee: docs@python components: Documentation, IDLE messages: 229329 nosy: docs@python, eric.araujo, ezio.melotti, georg.brandl, kbk, roger.serwy, serhiy.storchaka, terry.reedy priority: normal severity: normal status: open title: Official IDLE web page address is not valid type: behavior versions: Python 2.7, Python 3.4, Python 3.5 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22632 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22633] Memory disclosure/buffer overread via bug in Py_FrozenMain
New submission from Guido: Python/frozenmain.c:27 - https://hg.python.org/cpython/file/424fbf011176/Python/frozenmain.c#l27 Memory is allocated for sizeof(wchar_t*) * argc bytes. If argc is 0 (which is a possibility, see below), then 0 bytes are attempted to allocate. Note that PyMem_RawMalloc typically calls _PyMem_RawMalloc, which ensures that a nonzero value is passed to malloc: https://hg.python.org/cpython/file/424fbf011176/Objects/obmalloc.c#l60 In the case of argc == 1, we have the guarantee that one byte is allocated. Then, this: https://hg.python.org/cpython/file/424fbf011176/Python/frozenmain.c#l54 routine fills the argv_copy array with values. However, if argc == 0, this code is never reached. https://hg.python.org/cpython/file/424fbf011176/Python/frozenmain.c#l71 then sets the program name to argv_copy[0] using Py_SetProgramName(). The issue here is is that because argv_copy[0] may be uninitialized, it may be a nonzero value, because, as far as I know, malloc doesn't give any guarantees as to the initial values of the allocated values (hence the existence of something like calloc). If a pointer to a zero byte is passed to Py_SetProgramName(), the function doesn't change progname: https://hg.python.org/cpython/file/424fbf011176/Python/pythonrun.c#l884 But since there are no guarantees as to what argv_copy[0] is AND there are no guarantees about the memory region that follows, a rare and unlikely though theoretically possible situation may emerge where each time progname is referenced (for example indirectly by reading to sys.executable), a string is returned that contains bytes after argv_copy[0], resulting in a memory disclosure. Here's an example of how to run a program with zero arguments (argc == 0): // https://stackoverflow.com/questions/8113786/executing-a-process-with-argc-0 #include spawn.h #include stdlib.h int main(int argc, char** argv, char** envp) { pid_t pid; char* zero_argv[] = {NULL}; posix_spawn(pid, ./hello, NULL, NULL, zero_argv, envp); int status; waitpid(pid, status, NULL); return 0; } I propose the following patch: --- frozenmain.c2014-10-14 19:56:27.144705062 +0200 +++ new_frozenmain.c2014-10-14 19:59:16.800704366 +0200 @@ -24,13 +24,15 @@ /* We need a second copies, as Python might modify the first one. */ wchar_t **argv_copy2 = NULL; -argv_copy = PyMem_RawMalloc(sizeof(wchar_t*) * argc); +argv_copy = PyMem_RawMalloc(sizeof(wchar_t*) * (argc ? argc : 1)); argv_copy2 = PyMem_RawMalloc(sizeof(wchar_t*) * argc); if (!argv_copy || !argv_copy2) { fprintf(stderr, out of memory\n); goto error; } +argv_copy[0] = '\0'; + Py_FrozenFlag = 1; /* Suppress errors from getpath.c */ if ((p = Py_GETENV(PYTHONINSPECT)) *p != '\0') By enforcing a minimal allocation of 1 byte in this file, we are guaranteed that malloc doesn't return a non-zero value after it is called with malloc(0) (this is possible, see man malloc) and we don't have to rely on the heap allocator to do this (in case it's not _PyMem_RawMalloc). Setting argv_copy[0] to zero ensures a buffer overread will never occur. Tested only for Python 3.4. Guido -- messages: 229330 nosy: Guido priority: normal severity: normal status: open title: Memory disclosure/buffer overread via bug in Py_FrozenMain type: security versions: Python 3.4 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22633 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22630] `concurrent.futures.Future.set_running_or_notify_cancel` does not notify cancel
Changes by Ned Deily n...@acm.org: -- nosy: +bquinlan ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22630 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22631] Feature Request CAN_RAW_FD_FRAME
Changes by Ned Deily n...@acm.org: -- nosy: +neologix ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22631 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue20981] ssl doesn't build anymore with OpenSSL 0.9.7 or older: X509_check_ca
David Bolen added the comment: Both of my FreeBSD buildbots are quite ancient (particularly so with FreeBSD/6.4), and mostly still exist because of lack of pressure to change them, and at least for a while having an older, legacy FreeBSD buildbot was of some use. I have no plans on upgrading though, but always assumed I'd just retire them if they became more hassle than they were worth. Certainly I wouldn't worry too much about supporting 6.4 in ongoing development, so the writing might be on the wall now for that buildbot. -- David -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue20981 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22632] Official IDLE web page address is not valid
Ned Deily added the comment: For the record, on the legacy web site, that URI (which you can still see as http://legacy.python.org/idle/) redirected to the Python 2 IDLE page in the Standard Library docs: https://docs.python.org/2/library/idle.html. -- nosy: +ned.deily ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22632 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22632] Official IDLE web page address is not valid
Georg Brandl added the comment: I guess a redirect could be added again. -- nosy: +benjamin.peterson ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22632 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22632] Official IDLE web page address is not valid
Ned Deily added the comment: It could but to which page, e.g. which version of the docs? -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22632 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22632] Official IDLE web page address is not valid
Serhiy Storchaka added the comment: Should we add /idle3/ redirection for 3.x? -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22632 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22632] Official IDLE web page address is not valid
Ned Deily added the comment: The URI in About IDLE is redundant in that the same information on the doc page is also available in text format in the IDLE Help menu and there is also a link there to the full HTML docs. Perhaps the URI should just be removed from About IDLE going forward; we could still add a redirect for the benefit of IDLEs already released. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22632 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue21189] Broken link to patch
Barry A. Warsaw added the comment: I changed the link to point here: https://docs.python.org/devguide/patch.html -- resolution: - fixed status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue21189 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue7442] _localemodule.c: str2uni() with different LC_NUMERIC and LC_CTYPE
STINNER Victor added the comment: The issue has a workaround: use LC_NUMERIC and LC_CTYPE locales which use the same encoding. To avoid issues, it's probably safer to only use UTF-8 locales, which are now available on modern Linux distro. I don't like the idea of calling setlocale() just for this corner case, because it changes the locale for all threads. Even if Python is protected by the GIL, Python can be embedded or modules written in C may spawn threads which don't care of the GIL. Usually, if it can fail, it will fail :-) I see that various people contributed to the issue, but it looks like the only user asking for the request is Stefan Krah. I prefer to close the issue and wait until more users ask for it before considering again the patch, or find a different way to implement the feature (support LC_NUMERIC and LC_CTYPE locales using a different encoding). To be clear, I'm closing the issue right now. -- resolution: - wont fix status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue7442 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22631] Feature Request CAN_RAW_FD_FRAME
Charles-François Natali added the comment: Annoying. I thought CAN_RAW_FD_FRAME would be a macro, which would have made conditional compilation easy, but it's apparently a enum value, which means we have to add a configure-time check... -- components: +Library (Lib) -IO ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22631 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue3068] IDLE - Add an extension configuration dialog
Terry J. Reedy added the comment: Referring to previous item numbers, this new patch, relative to -2, 1. adds padx to gridding of entry widgets. (Note, editor text area runs against scroll bar in same way as these did, but without breaks, it looks fine.) Padding border looks better to me. 2. changes shortcuts to _I and _E. 3. deletes '...'. --- With respect to 4. Save_all_changed_configs is supposed to only save if 'changes', and set_user_value is supposed to removed 'changes' same as default. I want to review these functions after uploading the changes above, along with addition of title and use of _htest in .__init__. 5. Reuse of create_action_buttons requires that action handlers have matching names in both dialogs. Since this does not affect dialog behavior, I want to defer this. 6. I intend to uncomment before pushing, but this does not affect dialog use. -- Added file: http://bugs.python.org/file36921/cfg-ext-34-3.diff ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue3068 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue20981] ssl doesn't build anymore with OpenSSL 0.9.7 or older: X509_check_ca
STINNER Victor added the comment: If we drop support of FreeBSD older than 8.x for example, we should make it official. Mention it at least in the What's New in Python 3.5 and/or the PEP 11. What do you think? -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue20981 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22634] importing _ctypes failed: undefined symbol: ffi_call_win32
STINNER Victor added the comment: Similar issue on old FreeBSD versions: issuee #22521. -- nosy: +haypo ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22634 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.
Christopher Lee added the comment: Hi Antoine, thanks for taking a look. I should explain further. This code is for an introspection tool[1] that provides an interface to write tests in python against an application. This code is a workaround for using large timestamps[2] (i.e. larger than 32bit time_t) the original suggested code (from SO, using timedelta) has an inconsistancy with the hour in some cases (this example in the NZ timezone): datetime.datetime.fromtimestamp(2047570047) datetime.datetime(2034, 11, 19, 17, 27, 27) datetime.datetime.fromtimestamp(0) + datetime.timedelta(seconds=2047570047) datetime.datetime(2034, 11, 19, 18, 27, 27) The code you see here in my example, creating a timezone aware object, is a result of 'fixing' this behaviour I've seen. The reason for then removing the tzinfo is because currently our API states that dates returned from the introspected objects are naive. [1] https://launchpad.net/autopilot [2] https://bugs.launchpad.net/autopilot/+bug/1328600 -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22627 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue20981] ssl doesn't build anymore with OpenSSL 0.9.7 or older: X509_check_ca
David Bolen added the comment: I suppose it depends on what the current policy (if any) is. Not sure how far back we would officially claim to support even today. We have a 6.4 buildbot due to history, but it's never made the stable list, and is probably in a failing state as much or more as passing. Certainly in the FreeBSD world, I expect the overlap between anyone still using FreeBSD 6 and yet wanting to use the latest and greatest python is awfully small. With respect to PEP 11 though, noting that we no longer support OpenSSL 0.9.8 as of some release seems a reasonable point. Not sure I'd specifically target FreeBSD 6.4 as much as OpenSSL. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue20981 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22634] importing _ctypes failed: undefined symbol: ffi_call_win32
Georg Brandl added the comment: This appears to be caused by the update to libffi version 3.1 in 3.4.2. -- keywords: +3.4regression nosy: +doko, georg.brandl ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22634 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18643] add a fallback socketpair() implementation in test.support
Roundup Robot added the comment: New changeset 6098141155f9 by Charles-François Natali in branch 'default': Issue #18643: Add socket.socketpair() on Windows. https://hg.python.org/cpython/rev/6098141155f9 -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18643 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue16200] Setting .posix=True for shlex object causes infinite loop in __next__
Claudiu Popa added the comment: Here's a refreshed patch, which applies cleanly on tip. Also, I added a test for the code that generates an infinite loop. -- nosy: +Claudiu.Popa versions: +Python 3.5 -Python 3.2, Python 3.3, Python 3.4 Added file: http://bugs.python.org/file36922/issue16200.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16200 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22632] Official IDLE web page address is not valid
Terry J. Reedy added the comment: Idle's Help system needs a thorough review. Current issues include 16893, 21995, 17583, and a few more in my head, including revising About. In the meanwhile, I am replacing the dead link with 'https://docs.python.org/' + sys.version[:3] + '/library/idle.html' (It cannot be copied to be pasted; making it clickable would be part of revising About.) I suggest redirecting the current dead link http://www.python.org/idle/ to https://docs.python.org/3/library/idle.html. People can always select a different version from there. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22632 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22632] Official IDLE web page address is not valid
Ned Deily added the comment: OK, the redirect should now be in place. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22632 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22632] Official IDLE web page address is not valid
Roundup Robot added the comment: New changeset d411dff4e3d4 by Terry Jan Reedy in branch '2.7': Issue #22632: replace dead link with version-specific doc link. https://hg.python.org/cpython/rev/d411dff4e3d4 New changeset db5e431125b1 by Terry Jan Reedy in branch '3.4': Issue #22632: replace dead link with version-specific doc link. https://hg.python.org/cpython/rev/db5e431125b1 -- nosy: +python-dev ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22632 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22632] Official IDLE web page address is not valid
Terry J. Reedy added the comment: verified -- resolution: - fixed stage: - resolved status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22632 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18643] add a fallback socketpair() implementation in test.support
Roundup Robot added the comment: New changeset 03d3f2664930 by Victor Stinner in branch '3.4': Issue #18643: asyncio.windows_utils now reuse socket.socketpair() on Windows if https://hg.python.org/cpython/rev/03d3f2664930 -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18643 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)
New submission from Josh Rosenberg: (U) The examples for the function still show the return code in the form os.popen would produce (a program exiting with status 1 would return 256 as the status), but the new code from #10197 makes the status 1, not 256. (U) This is a breaking change for code relying on what was already a legacy interface. Either the docs should call out the change, or the code needs to restore the previous behavior. (U) Ultra simple repro: subprocess.getstatusoutput('python -c exit(1)') Expected: (256, '') Actual: (1, '') -- messages: 229354 nosy: josh.rosenberg priority: normal severity: normal status: open title: subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?) type: behavior versions: Python 3.3, Python 3.4, Python 3.5 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22635 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)
STINNER Victor added the comment: It probably comes from this change: --- changeset: 86879:c34e163c0086 branch: 3.3 parent: 86870:dbff708e393f user:Tim Golden m...@timgolden.me.uk date:Sun Nov 03 12:53:17 2013 + files: Lib/subprocess.py Lib/test/test_subprocess.py Misc/NEWS description: Issue #10197 Rework subprocess.get[status]output to use subprocess functionality and thus to work on Windows. Patch by Nick Coghlan. --- (U) This is a breaking change for code relying on what was already a legacy interface. CommandTests.test_getoutput() only checks that an error returns a non-zero status :-/ It doens't check for the exact status. We should use a small Python program using a specific exit code (ex: sys.exit(5)) to check the status. -- nosy: +haypo, ncoghlan, tim.golden ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22635 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)
STINNER Victor added the comment: Oh, I now understand why I feel guilty, I proposed a patch rewriting getstatusoutput() in the issue #10197. My patch ends with: +if os.name != 'nt': +# convert status to be interpreted according to the wait() rules +sts = sts 8 This fix is that simple, but it means that depending on the Python version, you will get a different status... Python 3.3 doesn't accept bugfixes anymore and so cannot be changed. -- versions: -Python 3.3 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22635 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)
Josh Rosenberg added the comment: Ah blech. Can someone with privileges edit my original message to remove the junk at the beginning of each paragraph? Habit from an old job. Wish I could just edit the message. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22635 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)
STINNER Victor added the comment: Can someone with privileges edit my original message to remove the junk at the beginning of each paragraph? It's not possible to edit a message, only to remove it. I don't like removing the initial message of an issue. Don't worry, (U) looks a bullet, it can read it ;-) -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22635 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)
R. David Murray added the comment: You are right, it did change in 3.3.4 (see issue 10197). That change should not have been applied to 3.3, and obviously there was a missing test concerning the return code format. At this point I think we are stuck with changing the documentation. The new return code is both more convenient and more consistent with the rest of the subprocess module. It is very unfortunate that it did not follow our normal backward compatibility rules, but we are stuck with the mistake now. -- assignee: - docs@python components: +Documentation nosy: +docs@python, r.david.murray ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22635 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue18643] add a fallback socketpair() implementation to the socket module
Changes by Charles-François Natali cf.nat...@gmail.com: -- resolution: - fixed stage: patch review - resolved status: open - closed title: add a fallback socketpair() implementation in test.support - add a fallback socketpair() implementation to the socket module ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18643 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)
STINNER Victor added the comment: You are right, it did change in 3.3.4 (see issue 10197). That change should not have been applied to 3.3, ... The purpose of the issue #10197 was to fix a bug on Windows: getoutput() didn't work. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22635 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)
R. David Murray added the comment: But it was also a feature addition: getoutput had not been *intended* to work on Windows. I understand why the mistake was made (the argument that it was a bug has weight), but the fact that a versionchanged was needed mentioning 3.3.4 indicates it wasn't really a bug fix. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22635 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue20152] Derby #15: Convert 50 sites to Argument Clinic across 9 files
Roundup Robot added the comment: New changeset 5e8b94397f81 by Brett Cannon in branch 'default': Issue #20152: Convert the cmath module to Argument Clinic. https://hg.python.org/cpython/rev/5e8b94397f81 -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue20152 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22636] avoid using a shell in ctypes.util: replace os.popen with subprocess
New submission from STINNER Victor: Attached patch modifies the ctypes.util module to not use a shell: it replaces os.open() with subprocess.Popen on Linux. Running a shell is slower and is more vulnerable to code injection. I only modified code path on Linux right now. They are still calls to os.popen() on sunos5, freebsd, openbsd and dragonfly. -- files: ctypes_util_popen.patch keywords: patch messages: 229363 nosy: haypo priority: normal severity: normal status: open title: avoid using a shell in ctypes.util: replace os.popen with subprocess type: enhancement versions: Python 3.5 Added file: http://bugs.python.org/file36923/ctypes_util_popen.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22636 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22637] avoid using a shell in uuid: replce os.popen with subprocess.Popen
New submission from STINNER Victor: Attached patch modifies the uuid module to not use a shell: it replaces os.popen() with subprocess.Popen on UNIX. Running a shell is slower and is more vulnerable to code injection. I only modified code path on UNIX right now. They is still a call to os.popen() on Windows. Note: The patch works on bytes string instead of Unicode. -- files: uuid_popen.patch keywords: patch messages: 229364 nosy: haypo priority: normal severity: normal status: open title: avoid using a shell in uuid: replce os.popen with subprocess.Popen type: enhancement versions: Python 3.5 Added file: http://bugs.python.org/file36924/uuid_popen.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22637 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22599] traceback: errors in the linecache module at exit
STINNER Victor added the comment: There is one downside of my solution. For now the code uses current builtin open() which can be overloaded (to handle reading from ZIP archive for example, or to check permissions). Oh, does anyone really modify the builtin open() for that? If you already monkey-patch Python builtin, you are probably able to monkey-patch also tokenize._builtin_open. I don't think that monkey-patching builtins is promoted nor well supported. They are probably other places where a local references to builtins functions are kept. The importlib module provides the get_source() function which is the best way to retrieve the source code from any kind of module, including ZIP files. But tokenize.open() really expects a clear text .py file. With my solution it uses builtin open() at the time of import. I don't see how your solution is different than mine. But your solution is probably enough to tokenize needs (it only requires the builtin open funciton) and it's shorter. I don't know insofar current behavior is intentional. We should take a decision of yet one core developer. Since I wrote tokenize.open(), I can explain why I chose to import builtins :-) It's just one option to handle two functions with the same name: (builtins.)open and (tokenize.)open. _open = open is another common option to handle this issue. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22599 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22599] traceback: errors in the linecache module at exit
STINNER Victor added the comment: traceback_at_exit-2.patch: Updated patch to remove import builtins from tokenize.py, it's no more needed. -- Added file: http://bugs.python.org/file36925/traceback_at_exit-2.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22599 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue3068] IDLE - Add an extension configuration dialog
Roundup Robot added the comment: New changeset 7ba47bbfe38d by Terry Jan Reedy in branch '2.7': Issue #3068: Change 0/1 to False/True so that extension configure dialog can https://hg.python.org/cpython/rev/7ba47bbfe38d New changeset 94f8d65371b7 by Terry Jan Reedy in branch '3.4': Issue #3068: Change 0/1 to False/True so that extension configure dialog can https://hg.python.org/cpython/rev/94f8d65371b7 New changeset 111d535b52e8 by Terry Jan Reedy in branch 'default': Merge with 3.4 #3068 https://hg.python.org/cpython/rev/111d535b52e8 -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue3068 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
New submission from STINNER Victor: Copy of Donald Stuff email sent to python-dev: A big security breach of SSL 3.0 just dropped a little while ago (named POODLE). With this there is now no ability to securely connect via SSL 3.0. I believe that we should disable SSL 3.0 in Python similarly to how SSL 2.0 is disabled, where it is disabled by default unless the user has explicitly re-enabled it. The new attack essentially allows reading the sensitive data from within a SSL 3.0 connection stream. It takes roughly 256 requests to break a single byte so the attack is very practical. You can read more about the attack here at the google announcement [1] or the whitepaper [2]. [1] http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html [2] https://www.openssl.org/~bodo/ssl-poodle.pdf -- messages: 229368 nosy: haypo priority: normal severity: normal status: open title: ssl module: the SSLv3 protocol is vulnerable (POODLE attack) type: security versions: Python 2.7, Python 3.1, Python 3.2, Python 3.3, Python 3.4, Python 3.5 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22637] avoid using a shell in uuid: replce os.popen with subprocess.Popen
Changes by Josh Rosenberg shadowranger+pyt...@gmail.com: -- nosy: +josh.r ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22637 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Changes by Alex Gaynor alex.gay...@gmail.com: -- nosy: +christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Alex Gaynor added the comment: This patch disables SSLv3 by default for Python. Uesrs can get it back by specifiying SSL_PROTOCOLv3 explicitly. -- keywords: +needs review, patch nosy: +alex Added file: http://bugs.python.org/file36926/issue22638.diff ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Antoine Pitrou added the comment: Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient to mitigate this issue, but presents significant compatibility problems, even today. Therefore our recommended response is to support TLS_FALLBACK_SCSV. This is a mechanism that solves the problems caused by retrying failed connections and thus prevents attackers from inducing browsers to use SSL 3.0. It also prevents downgrades from TLS 1.2 to 1.1 or 1.0 and so may help prevent future attacks. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Antoine Pitrou added the comment: IOW, I think it may be ok to disable SSLv3 in create_default_context(), but not necessarily in other contexts. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Alex Gaynor added the comment: create_default_context already disables SSLv3! (Good work everybody :-)) FWIW many vendors are already moving to disable SSLv3, e.g. cloudflare already did. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Antoine Pitrou added the comment: How many times will it have to be repeated that SSL is used for other things than HTTPS-on-the-Web? -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Donald Stufft added the comment: I think it's fine to disable it all together. Google is planning/hoping to kill SSL 3.0 completely from their clients in the next couple of months. They just don't want to release a patch that disables SSL 3.0 right today. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Donald Stufft added the comment: I don't know, how many times will it have to be repeated that secure defaults matter? SSL 3.0 can be turned back on easily enough, it isn't a hard shut off. It changes the default just like what was done with SSLv2.0. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Antoine Pitrou added the comment: The difference is that SSLv2 had been dead for long already. We don't have any statistic about SSLv3 servers in the wild, but I'd be surprised if they had turned entirely negligible. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Alex Gaynor added the comment: CloudFlare published some statistics: https://blog.cloudflare.com/sslv3-support-disabled-by-default-due-to-vulnerability/ -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Donald Stufft added the comment: There's also https://www.trustworthyinternet.org/ssl-pulse/ -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Alex Gaynor added the comment: Debian is also considering this, and link some statistics on IE6 specifically (one of the, if not the single, largest SSLv3 users): https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765347 -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Antoine Pitrou added the comment: On the Web, there is indeed a good reaction time to security issues (especially in large providers). That may not be the case for all the other SSL services out there. Since TLS_FALLBACK_SCSV is the recommended solution (not to mention it will work against other attacks), do you know if it's being implemented in OpenSSL? I would be surprised if nobody did it. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Alex Gaynor added the comment: It's been implemented in boringssl: https://boringssl.googlesource.com/boringssl/+/2970779684c6f164a0e261e96a3d59f331123320 I don't believe it's in OpenSSL though. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Antoine Pitrou added the comment: Note the Debian issue is specifically for Apache, not the OpenSSL package. If Debian decides to disable SSLv3 in its OpenSSL package, then it will be a pretty good hint that we can do so as well :-) -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Donald Stufft added the comment: OpenSSL generally doesn't have bad options disabled until they are years old. OpenSSL takes the stance that it's up to the consumers of the OpenSSL API to properly configure themselves. Also it's important to note that TLS_FALLBACK_SCSV isn't actually a work around for the SSL 3.0 problem. There is no work around for that, you can only disable SSL 3.0. TLS_FALLBACK_SCSV is completely unrelated to Python because it's a work around for the fact that browsers will re-attempt a TLS connection if the first one fails with a lower protocol verison which means a MITM can force your connection back to SSL 3.0 even if both the client and the server support TLS 1.2. I'm not 100% sure but I don't believe Python has such a dance so TLS_FALLBACK_SCSV does nothing for us. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue3068] IDLE - Add an extension configuration dialog
Terry J. Reedy added the comment: The reason for the apparent writing of unchanged values is that '0' != 'False' and '1' !- 'True'. With all booleans writen as 'False' or 'True', non-enable boolean items can be recognized and non-changes not seen as changes. I will next revise the patch and retest. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue3068 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Antoine Pitrou added the comment: OpenSSL generally doesn't have bad options disabled until they are years old. OpenSSL takes the stance that it's up to the consumers of the OpenSSL API to properly configure themselves. The point is, if they start exposing it, we can enable it ourselves. I'm not 100% sure but I don't believe Python has such a dance so TLS_FALLBACK_SCSV does nothing for us. Well, the ssl module can also be used in server mode. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22635] subprocess.getstatusoutput changed behavior in 3.4 (maybe 3.3.4?)
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22635 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22636] avoid using a shell in ctypes.util: replace os.popen with subprocess
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22636 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22637] avoid using a shell in uuid: replce os.popen with subprocess.Popen
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22637 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22639] test test_bad_address fails on Python 3.4.2 under Linux Mint 13 Maya
New submission from Steve P: Looking in past bug reports, I suspect the test itself is problematic. When I paste the (erroneous) URL the tests is using into Firefox, I get a page back from my ISP with Sorry, the website sadflkjsasf.i.nvali.d cannot be found Here's the output of the test: @chimp:~/Downloads/Python-3.4.2 $ ./python -m test -v test_bad_address == CPython 3.4.2 (default, Oct 14 2014, 15:34:15) [GCC 4.6.3] == Linux-3.2.0-23-generic-i686-with-debian-wheezy-sid little-endian == hash algorithm: siphash24 32bit == /home/sp/Downloads/Python-3.4.2/build/test_python_11906 Testing with flags: sys.flags(debug=0, inspect=0, interactive=0, optimize=0, dont_write_bytecode=0, no_user_site=0, no_site=0, ignore_environment=0, verbose=0, bytes_warning=0, quiet=0, hash_randomization=1, isolated=0) [1/1] test_bad_address test test_bad_address crashed -- Traceback (most recent call last): File /home/sp/Downloads/Python-3.4.2/Lib/test/regrtest.py, line 1271, in runtest_inner the_module = importlib.import_module(abstest) File /home/sp/Downloads/Python-3.4.2/Lib/importlib/__init__.py, line 109, in import_module return _bootstrap._gcd_import(name[level:], package, level) File frozen importlib._bootstrap, line 2254, in _gcd_import File frozen importlib._bootstrap, line 2237, in _find_and_load File frozen importlib._bootstrap, line 2224, in _find_and_load_unlocked ImportError: No module named 'test.test_bad_address' 1 test failed: test_bad_address -- components: Tests messages: 229386 nosy: Steve.P priority: normal severity: normal status: open title: test test_bad_address fails on Python 3.4.2 under Linux Mint 13 Maya type: crash versions: Python 3.4 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22639 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22633] Memory disclosure/buffer overread via bug in Py_FrozenMain
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22633 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22335] Python 3: Segfault instead of MemoryError when bytearray too big
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22335 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue15994] memoryview to freed memory can cause segfault
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue15994 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22633] Memory disclosure/buffer overread via bug in Py_FrozenMain
Changes by Antoine Pitrou pit...@free.fr: -- nosy: +haypo ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22633 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22639] test test_bad_address fails on Python 3.4.2 under Linux Mint 13 Maya
Ned Deily added the comment: I'm not sure what you are trying to do but there is no test module named test_bad_address in the standard library, which is why you get that error. Doing a quick search of Lib/test shows three different cases of test_bad_address: in the test_ipaddress, test_urllib2_localnet, and test_urllibnet modules. If you want to just run those tests, you'd need to specify the module names. Plus two of them require network access so you'll need to enable the network test resource. Try something like: ./python -m test -v -u network test_ipaddress test_urllib2_localnet test_urllibnet -- nosy: +ned.deily ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22639 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22627 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22521] ctypes compilation fails on FreeBSD: Undefined symbol ffi_call_win32
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22521 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22634] importing _ctypes failed: undefined symbol: ffi_call_win32
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22634 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.
Alexander Belopolsky added the comment: In general, you cannot expect datetime.fromtimestamp(0) + timedelta(seconds) to return the same value as datetime.fromtimestamp(seconds). This will only be true if you are lucky enough to live in an area where local government did not mess with timezones since 1970. In your particular case, I think what is happening is that you have DST in January, but you did not have that on January 1, 1970. $ zdump -v NZ | grep NZDT | head NZ Sat Nov 2 14:00:00 1974 UTC = Sun Nov 3 03:00:00 1974 NZDT isdst=1 NZ Sat Feb 22 13:59:59 1975 UTC = Sun Feb 23 02:59:59 1975 NZDT isdst=1 NZ Sat Oct 25 14:00:00 1975 UTC = Sun Oct 26 03:00:00 1975 NZDT isdst=1 NZ Sat Mar 6 13:59:59 1976 UTC = Sun Mar 7 02:59:59 1976 NZDT isdst=1 NZ Sat Oct 30 14:00:00 1976 UTC = Sun Oct 31 03:00:00 1976 NZDT isdst=1 NZ Sat Mar 5 13:59:59 1977 UTC = Sun Mar 6 02:59:59 1977 NZDT isdst=1 NZ Sat Oct 29 14:00:00 1977 UTC = Sun Oct 30 03:00:00 1977 NZDT isdst=1 NZ Sat Mar 4 13:59:59 1978 UTC = Sun Mar 5 02:59:59 1978 NZDT isdst=1 NZ Sat Oct 28 14:00:00 1978 UTC = Sun Oct 29 03:00:00 1978 NZDT isdst=1 NZ Sat Mar 3 13:59:59 1979 UTC = Sun Mar 4 02:59:59 1979 NZDT isdst=1 -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22627 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue1610654] cgi.py multipart/form-data
Rishi added the comment: I have recreated the patch(issue1610654_1.patch) and it performs more or less like the earlier patch Serhiy, I agree we cannot use handmade buffering here, without seeking ahead. I believe, we can make optimizations for streams which are buffered and non-seekable. Cgi modules default value for file object is the BufferedReader of sys.stdin, so the solution is fairly generic. I have removed handmade buffering. Neither do I create a Buffered* object. We rely on user to create the buffered object. The sys.stdin that cgi module has a decent buffer underneath that works well on apache. The patch attached does not seek, nor does it read ahead. It only looks ahead. As Antoine suggests, it peeks the buffer and determines through a fast lookup if the buffer has a bounary or not. It moves forward only if it is convinced that the current buffer is completely within the next boundary. The issue is that the current implementation deals with lines and not chunks. Even when a savy user wraps sys.stdin around a large BufferredReader there is little to no peformance improvement in the current implementation for large files in my observation. It does not solve the bug mentioned either. The difference in extreme cases like Chui's is 53s against 0.7s and even otherwise for larger files the patch is 3 times faster than the current implementation. I have tested this on Apache2 server where the sys.stdin is buffered. -- Added file: http://bugs.python.org/file36927/issue1610654_1.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue1610654 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.
Alexander Belopolsky added the comment: Antoine, I don't think the behavior that you have shown is a bug in strict sense. On my Mac, I get $ python mkbug.py breakme 1396702800.0 1396702800.0 but on Linux, $ python mkbug.py breakme 1396706400.0 1396702800.0 The problem here is that time.mktime((2014, 4, 6, 2, 0, 0, -1, -1, -1)) is undefined and both 1396706400 and 1396702800 timestamps are valid guesses for what 2014-04-06T02 was in NZ: $ TZ=NZ date -d @1396706400 Sun Apr 6 02:00:00 NZST 2014 $ TZ=NZ date -d @1396702800 Sun Apr 6 02:00:00 NZDT 2014 It is unfortunate that Linux C library (glibc?) makes different guess at different time, but I don't think this violates any applicable standards. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22627 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.
Christopher Lee added the comment: Alexander, Ah ok thanks for clarifying that. Am I wrong then to think that this code[1] should work as I think it should (i.e. datetime_from_large_timestamp(example_ts) == datetime.fromtimestamp(example_ts)) I'm trying to be able to handle timestamps larger than the 32bit time_t limit, which is why I'm doing these gymnastic steps. [1] http://paste.ubuntu.com/8562027/ -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22627 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue2943] Distutils should generate a better error message when the SDK is not installed
John added the comment: error message should contain more details about what went wrong and why -- nosy: +lambda ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue2943 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.
Alexander Belopolsky added the comment: Your code as good as your timezone library, but you should realize that by discarding tzinfo you are making your local_stamp ambiguous. I am not familiar with dateutil.tz, but pytz I believe uses some tricks to make sure astimezone() result remembers the isdst flag. If you API requires naive local datetime objects, you need to carry isdst flag separately if you want to disambiguate between 2014-04-06 02:00 NZST and 2014-04-06 02:00 NZDT. On top of that, you will not be able to use datetime.timestamp() method and will have to use time.mktime or whatever equivalent utility your timezone library provides. Note that I was against adding datetime.timestamp() for this specific reason: it is supposed to be inverse of datetime.fromtimestamp(), but since the later is not monotonic, no such inverse exists in the strict mathematical sense. See msg133039 in issue 2736. BTW, if you open a feature request to add isdst=-1 optional argument to datetime.timestamp(), you will have my +1. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22627 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue20386] socket.SocketType enum overwrites import of _socket.SocketType
Roundup Robot added the comment: New changeset 613c30ffd344 by Ethan Furman in branch '3.4': Issue20386: SocketType is again socket.socket; the IntEnum SOCK constants are SocketKind https://hg.python.org/cpython/rev/613c30ffd344 New changeset ef24851f340f by Ethan Furman in branch 'default': Issue20386: SocketType is again socket.socket; the IntEnum SOCK constants are SocketKind https://hg.python.org/cpython/rev/ef24851f340f -- nosy: +python-dev ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue20386 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue20386] socket.SocketType enum overwrites import of _socket.SocketType
Changes by Ethan Furman et...@stoneleaf.us: -- resolution: - fixed stage: patch review - resolved status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue20386 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.
Akira Li added the comment: Christopher, About your script http://paste.ubuntu.com/8562027/ dateutil may break if the local timezone had different UTC offset in the past. You could use tzlocal module to get pytz timezone that can handle such timezones. To get the correct time for 1414274400 timezone in Europe/Moscow timezone, you need the latest tz database e.g., `pytz` works but fromtimestamp, dateutil that use the local tz database fail (2:00 instead of 1:00): import time import os os.environ['TZ'] = 'Europe/Moscow' time.tzset() from datetime import datetime, timezone from tzlocal import get_localzone datetime.fromtimestamp(1414274400, get_localzone()) datetime.datetime(2014, 10, 26, 1, 0, tzinfo=DstTzInfo 'Europe/Moscow' MSK+3:00:00 STD) datetime.utcfromtimestamp(1414274400).replace(tzinfo=timezone.utc).astimezone(get_localzone()) datetime.datetime(2014, 10, 26, 1, 0, tzinfo=DstTzInfo 'Europe/Moscow' MSK+3:00:00 STD) datetime.fromtimestamp(1414274400) # wrong datetime.datetime(2014, 10, 26, 2, 0) datetime.fromtimestamp(1414274400, timezone.utc).astimezone() # wrong datetime.datetime(2014, 10, 26, 2, 0, tzinfo=datetime.timezone(datetime.timedelta(0, 14400), 'MSK')) datetime.utcfromtimestamp(1414274400).replace(tzinfo=timezone.utc).astimezone() # wrong datetime.datetime(2014, 10, 26, 2, 0, tzinfo=datetime.timezone(datetime.timedelta(0, 14400), 'MSK')) from dateutil.tz import gettz, tzutc datetime.fromtimestamp(1414274400, gettz()) # wrong datetime.datetime(2014, 10, 26, 2, 0, tzinfo=tzfile('/usr/share/zoneinfo/Europe/Moscow')) datetime.fromtimestamp(1414274400, tzutc()).astimezone(gettz()) # wrong datetime.datetime(2014, 10, 26, 2, 0, tzinfo=tzfile('/usr/share/zoneinfo/Europe/Moscow')) datetime.utcfromtimestamp(1414274400).replace(tzinfo=tzutc()).astimezone(gettz()) # wrong datetime.datetime(2014, 10, 26, 2, 0, tzinfo=tzfile('/usr/share/zoneinfo/Europe/Moscow')) To avoid surprises, always use UTC time to perform date arithmetics: EPOCH = datetime(1970, 1,1, tzinfo=pytz.utc) utc_dt = EPOCH + timedelta(seconds=timestamp) should work for dates after 2038 too. To convert it to the local timezone: from tzlocal import get_localzone local_dt = utc_dt.astimezone(get_localzone()) ts = (local_dt - EPOCH) // timedelta(seconds=1) assert ts == timestamp # if timestamp is an integer Python stdlib assumes POSIX encoding for time.time() value (issue22356) therefore the formulae work on all platforms where Python works. -- nosy: +akira ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22627 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22639] test test_bad_address fails on Python 3.4.2 under Linux Mint 13 Maya
Steve P added the comment: I got test_bad_address from what was reported using make test. Perhaps at I read the log wrong, but it was clear I got a failure. At any rate, here's what I get with the correct test name: sp@chip:~/Downloads/Python-3.4.2 $ ./python -m test -v -u network test_urllib2_localnet == CPython 3.4.2 (default, Oct 14 2014, 15:34:15) [GCC 4.6.3] == Linux-3.2.0-23-generic-i686-with-debian-wheezy-sid little-endian == hash algorithm: siphash24 32bit == /home/sp/Downloads/Python-3.4.2/build/test_python_16076 Testing with flags: sys.flags(debug=0, inspect=0, interactive=0, optimize=0, dont_write_bytecode=0, no_user_site=0, no_site=0, ignore_environment=0, verbose=0, bytes_warning=0, quiet=0, hash_randomization=1, isolated=0) [1/1] test_urllib2_localnet test_basic_auth_httperror (test.test_urllib2_localnet.BasicAuthTests) ... ok test_basic_auth_success (test.test_urllib2_localnet.BasicAuthTests) ... ok test_proxy_qop_auth_int_works_or_throws_urlerror (test.test_urllib2_localnet.ProxyAuthTests) ... ok test_proxy_qop_auth_works (test.test_urllib2_localnet.ProxyAuthTests) ... ok test_proxy_with_bad_password_raises_httperror (test.test_urllib2_localnet.ProxyAuthTests) ... ok test_proxy_with_no_password_raises_httperror (test.test_urllib2_localnet.ProxyAuthTests) ... ok test_200 (test.test_urllib2_localnet.TestUrlopen) ... ok test_200_with_parameters (test.test_urllib2_localnet.TestUrlopen) ... ok test_404 (test.test_urllib2_localnet.TestUrlopen) ... ok test_bad_address (test.test_urllib2_localnet.TestUrlopen) ... FAIL test_basic (test.test_urllib2_localnet.TestUrlopen) ... ok test_chunked (test.test_urllib2_localnet.TestUrlopen) ... ok test_geturl (test.test_urllib2_localnet.TestUrlopen) ... ok test_https (test.test_urllib2_localnet.TestUrlopen) ... stopping HTTPS server joining HTTPS thread ok test_https_sni (test.test_urllib2_localnet.TestUrlopen) ... stopping HTTPS server joining HTTPS thread ok test_https_with_cadefault (test.test_urllib2_localnet.TestUrlopen) ... Got an error: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:600) stopping HTTPS server joining HTTPS thread ok test_https_with_cafile (test.test_urllib2_localnet.TestUrlopen) ... Got an error: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:600) stopping HTTPS server joining HTTPS thread stopping HTTPS server joining HTTPS thread ok test_info (test.test_urllib2_localnet.TestUrlopen) ... ok test_iteration (test.test_urllib2_localnet.TestUrlopen) ... ok test_line_iteration (test.test_urllib2_localnet.TestUrlopen) ... ok test_redirection (test.test_urllib2_localnet.TestUrlopen) ... ok test_sending_headers (test.test_urllib2_localnet.TestUrlopen) ... ok == FAIL: test_bad_address (test.test_urllib2_localnet.TestUrlopen) -- Traceback (most recent call last): File /home/sp/Downloads/Python-3.4.2/Lib/test/test_urllib2_localnet.py, line 655, in test_bad_address http://sadflkjsasf.i.nvali.d./;) AssertionError: OSError not raised by urlopen -- Ran 22 tests in 5.260s FAILED (failures=1) test test_urllib2_localnet failed 1 test failed: test_urllib2_localnet On Tue, Oct 14, 2014 at 4:56 PM, Ned Deily rep...@bugs.python.org wrote: Ned Deily added the comment: I'm not sure what you are trying to do but there is no test module named test_bad_address in the standard library, which is why you get that error. Doing a quick search of Lib/test shows three different cases of test_bad_address: in the test_ipaddress, test_urllib2_localnet, and test_urllibnet modules. If you want to just run those tests, you'd need to specify the module names. Plus two of them require network access so you'll need to enable the network test resource. Try something like: ./python -m test -v -u network test_ipaddress test_urllib2_localnet test_urllibnet -- nosy: +ned.deily ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22639 ___ -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22639 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue3068] IDLE - Add an extension configuration dialog
Terry J. Reedy added the comment: cfg-ext-34-4.diff: In this patch, default values are classified as bool, int, on other. An invalid user bool or int value is replaced by the corresponding default (which had to be a valid bool or int for the type to be set) and the invalid value is either removed or replaced by a valid value. To this extent, this dialog will repair a corrupted config-extensions.cfg. Int values get an entry box with validation. The validation allows blank strings for int entries (which, of course are also allowed for 'other'. All non-key options for default extensions must have a value. So in set_user_value, if there is a default, a blank value is treated the same as if it were the default, and the user config line removed if there is one. So blanking an entry is a way to set is to the default value. I think this is about ready to commit. It should first be tested with an added section in the user config for an added extension. I also think set_user_value should be able to use the already fetched and saved default value. S2: For patch 3, Rietveld shows all 5 files. It momentarily showed 5 for patch 2, then reverted to just 1. -- assignee: - terry.reedy stage: patch review - commit review Added file: http://bugs.python.org/file36928/cfg-ext-34-4.diff ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue3068 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17582] xml.etree.ElementTree does not preserve whitespaces in attributes
Colton Leekley-Winslow added the comment: Here is a patch. Please note that in your example \r is replaced by \n per 2.11: http://www.w3.org/TR/REC-xml/#sec-line-ends Also, the patch is only for ElementTree, I will investigate cElementTree but no promises. -- keywords: +patch nosy: +lwcolton Added file: http://bugs.python.org/file36929/17582-etree-whitespace.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17582 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17582] xml.etree.ElementTree does not preserve whitespaces in attributes
Colton Leekley-Winslow added the comment: I sort of realized, does this mean lxml.etree would now be the offender, for not following 2.11 and leaving the \r as-is? -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17582 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue7918] distutils always ignores byte compilation errors
Colton Leekley-Winslow added the comment: Also agree setup allowing broken code an be annoying, but it is necessary to maintain the existing behavior. Maybe we need an additional argument for setup that will in turn pass doraise to py_compile.compile, but retain the default behavior in all other cases? As a work-around to your problem, try pylint -E before you build your package, we require it as a part of our build process. -- nosy: +lwcolton ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue7918 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22627] Calling timestamp() on a datetime object modifies the timestamp of a different datetime object.
Christopher Lee added the comment: Thanks Akira, everyone for all the info. It looks like I've highjacked this bug comments to trying to solve my first problem (i.e. datetime objects for large timestamps) instead of the bug at hand, I feel should move that conversation elsewhere. It appears from Alexander's comment that it might not be a bug. I need to figure out if I need to work around this or use some other mechanism. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22627 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22639] test test_bad_address fails on Python 3.4.2 under Linux Mint 13 Maya
Ned Deily added the comment: Thanks for the additional information. It appears this is a duplicate of Issue17564 with the root cause being the ISP not properly rejecting an undefined host name as expected by the test case. See the discussion there for more information. -- resolution: - duplicate stage: - resolved status: open - closed superseder: - test_urllib2_localnet fails type: crash - ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22639 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue22638] ssl module: the SSLv3 protocol is vulnerable (POODLE attack)
Donald Stufft added the comment: Firefox is planning to disable SSL 3.0 as well - https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/ SSLv3 will be disabled by default in Firefox 34, which will be released on Nov 25. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue22638 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com